Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libcurl-debuginfo | Distribution: Fedora Project |
Version: 7.85.0 | Vendor: Fedora Project |
Release: 12.fc37 | Build date: Thu Oct 12 12:20:22 2023 |
Group: Development/Debug | Build host: buildvm-a64-37.iad2.fedoraproject.org |
Size: 3596408 | Source RPM: curl-7.85.0-12.fc37.src.rpm |
Packager: Fedora Project | |
Url: https://curl.se/ | |
Summary: Debug information for package libcurl |
This package provides debug information for package libcurl. Debug information is useful when developing applications that use this package or when debugging this package.
MIT
* Thu Oct 12 2023 Jan Macku <jamacku@redhat.com> - 7.85.0-12 - fix cookie injection with none file (CVE-2023-38546) - fix SOCKS5 heap buffer overflow (CVE-2023-38545) * Wed Sep 13 2023 Jan Macku <jamacku@redhat.com> - 7.85.0-11 - fix HTTP headers eat all memory (CVE-2023-38039) - temporarily disable test 678 on aarch64 (it suddently started crashing without any change in curl) * Thu Jul 20 2023 Jan Macku <jamacku@redhat.com> - 7.85.0-10 - fix fopen race condition (CVE-2023-32001) * Mon Jun 05 2023 Jan Macku <jamacku@redhat.com> - 7.85.0-9 - fix more POST-after-PUT confusion (CVE-2023-28322) - fix IDN wildcard match (CVE-2023-28321) * Fri Mar 24 2023 Kamil Dudka <kdudka@redhat.com> - 7.85.0-8 - fix SSH connection too eager reuse still (CVE-2023-27538) - fix HSTS double-free (CVE-2023-27537) - fix GSS delegation too eager connection re-use (CVE-2023-27536) - fix FTP too eager connection reuse (CVE-2023-27535) - fix SFTP path ~ resolving discrepancy (CVE-2023-27534) - fix TELNET option IAC injection (CVE-2023-27533) * Mon Feb 27 2023 Kamil Dudka <kdudka@redhat.com> - 7.85.0-7 - header: define public API functions as extern C (#2173299) * Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.85.0-6 - fix HTTP multi-header compression denial of service (CVE-2023-23916) - share HSTS between handles (CVE-2023-23915 CVE-2023-23914) * Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-5 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552) - http: use the IDN decoded name in HSTS checks (CVE-2022-43551) * Thu Nov 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-4 - enforce versioned libnghttp2 dependency for libcurl (#2144277) * Mon Nov 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-3 - http2: make nghttp2 less picky about field whitespace (#2144277) * Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-2 - url: use IDN decoded names for HSTS checks (CVE-2022-42916) - http_proxy: restore the protocol pointer on error (CVE-2022-42915) - netrc: replace fgets with Curl_get_line (CVE-2022-35260) - fix POST following PUT confusion (CVE-2022-32221) * Thu Sep 01 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-1 - new upstream release, which fixes the following vulnerability CVE-2022-35252 - control code in cookie denial of service * Thu Aug 25 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-3 - tests: fix http2 tests to use CRLF headers to make it work with nghttp2-1.49.0 * Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.84.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-32207 - Unpreserved file permissions CVE-2022-32205 - Set-Cookie denial of service CVE-2022-32206 - HTTP compression denial of service CVE-2022-32208 - FTP-KRB bad message verification * Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.1-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27782 - fix too eager reuse of TLS and SSH connections CVE-2022-27779 - do not accept cookies for TLD with trailing dot CVE-2022-27778 - do not remove wrong file on error CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names CVE-2022-27780 - reject percent-encoded path separator in URL host * Wed Apr 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27774 - curl credential leak on redirect CVE-2022-27776 - curl auth/cookie leak on redirect CVE-2022-27775 - curl bad local IPv6 connection reuse CVE-2022-22576 - curl OAUTH2 bearer bypass in connection re-use * Tue Mar 15 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-2 - openssl: fix incorrect CURLE_OUT_OF_MEMORY error on CN check failure * Sat Mar 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-1 - new upstream release * Thu Feb 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-4 - enable IDN support also in libcurl-minimal * Thu Feb 10 2022 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 7.81.0-3 - Suggest libcurl-minimal in curl-minimal * Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.81.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Wed Jan 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-1 - new upstream release * Sun Nov 14 2021 Paul Howarth <paul@city-fan.org> - 7.80.0-2 - sshserver.pl (used in test suite) now requires the Digest::SHA perl module * Wed Nov 10 2021 Kamil Dudka <kdudka@redhat.com> - 7.80.0-1 - new upstream release * Tue Oct 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-3 - re-enable HSTS in libcurl-minimal as a security feature (#2005874)
/usr/lib/debug /usr/lib/debug/.build-id /usr/lib/debug/.build-id/f1 /usr/lib/debug/.build-id/f1/76d97b126e1263f5fb35910fcfc7983eecca69 /usr/lib/debug/.build-id/f1/76d97b126e1263f5fb35910fcfc7983eecca69.debug /usr/lib/debug/usr /usr/lib/debug/usr/lib64 /usr/lib/debug/usr/lib64/libcurl.so.4.8.0-7.85.0-12.fc37.aarch64.debug
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu May 9 18:37:42 2024