Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: curl-minimal | Distribution: Fedora Project |
Version: 8.2.1 | Vendor: Fedora Project |
Release: 5.fc39 | Build date: Fri Apr 12 15:28:17 2024 |
Group: Unspecified | Build host: buildvm-a64-31.iad2.fedoraproject.org |
Size: 393637 | Source RPM: curl-8.2.1-5.fc39.src.rpm |
Packager: Fedora Project | |
Url: https://curl.se/ | |
Summary: Conservatively configured build of curl for minimal installations |
This is a replacement of the 'curl' package for minimal installations. It comes with a limited set of features compared to the 'curl' package. On the other hand, the package is smaller and requires fewer run-time dependencies to be installed.
curl
* Wed Apr 03 2024 Jan Macku <jamacku@redhat.com> - 8.2.1-5 - fix Usage of disabled protocol (CVE-2024-2004) - fix HTTP/2 push headers memory-leak (CVE-2024-2398) * Wed Dec 06 2023 Jan Macku <jamacku@redhat.com> - 8.2.1-4 - fix HSTS long file name clears contents (CVE-2023-46219) - fix cookie mixed case PSL bypass (CVE-2023-46218) * Wed Oct 11 2023 Jan Macku <jamacku@redhat.com> - 8.2.1-3 - fix cookie injection with none file (CVE-2023-38546) - fix SOCKS5 heap buffer overflow (CVE-2023-38545) * Wed Sep 13 2023 Jan Macku <jamacku@redhat.com> - 8.2.1-2 - fix HTTP headers eat all memory (CVE-2023-38039) * Wed Jul 26 2023 Lukáš Zaoral <lzaoral@redhat.com> - 8.2.1-1 - new upstream release (rhbz#2226659) * Wed Jul 19 2023 Jan Macku <jamacku@redhat.com> - 8.2.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-32001 - fopen race condition * Tue May 30 2023 Jan Macku <jamacku@redhat.com> - 8.1.2-1 - new upstream release, with small bugfixes and improvements * Tue May 23 2023 Jan Macku <jamacku@redhat.com> - 8.1.1-1 - new upstream release, with small bugfixes and improvements * Wed May 17 2023 Kamil Dudka <kdudka@redhat.com> - 8.1.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-28321 - IDN wildcard match CVE-2023-28322 - more POST-after-PUT confusion * Fri Apr 21 2023 Kamil Dudka <kdudka@redhat.com> - 8.0.1-3 - tests: re-enable temporarily disabled test-cases - tests: attempt to fix a conflict on port numbers - apply patches automatically * Tue Mar 21 2023 Lukáš Zaoral <lzaoral@redhat.com> - 8.0.1-2 - migrated to SPDX license * Mon Mar 20 2023 Kamil Dudka <kdudka@redhat.com> - 8.0.1-1 - new upstream release * Mon Mar 20 2023 Kamil Dudka <kdudka@redhat.com> - 8.0.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-27538 - SSH connection too eager reuse still CVE-2023-27537 - HSTS double-free CVE-2023-27536 - GSS delegation too eager connection re-use CVE-2023-27535 - FTP too eager connection reuse CVE-2023-27534 - SFTP path ~ resolving discrepancy CVE-2023-27533 - TELNET option IAC injection * Mon Feb 20 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.1-1 - new upstream release * Fri Feb 17 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.0-2 - http2: set drain on stream end * Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-23916 - HTTP multi-header compression denial of service CVE-2023-23915 - HSTS amnesia with --parallel CVE-2023-23914 - HSTS ignored on multiple requests * Fri Jan 20 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-4 - fix regression in a public header file (#2162716) * Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 7.87.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Wed Jan 11 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-2 - test3012: temporarily disable valgrind (#2143040) * Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.87.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-43552 - HTTP Proxy deny use-after-free CVE-2022-43551 - Another HSTS bypass via IDN * Tue Nov 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-4 - noproxy: tailmatch like in 7.85.0 and earlier (#2149224) * Thu Nov 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-3 - enforce versioned libnghttp2 dependency for libcurl (#2144277) * Mon Oct 31 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-2 - fix regression in noproxy matching * Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-42916 - HSTS bypass via IDN CVE-2022-42915 - HTTP proxy double-free CVE-2022-35260 - .netrc parser out-of-bounds access CVE-2022-32221 - POST following PUT confusion * Thu Sep 01 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-1 - new upstream release, which fixes the following vulnerability CVE-2022-35252 - control code in cookie denial of service * Thu Aug 25 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-3 - tests: fix http2 tests to use CRLF headers to make it work with nghttp2-1.49.0 * Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.84.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-32207 - Unpreserved file permissions CVE-2022-32205 - Set-Cookie denial of service CVE-2022-32206 - HTTP compression denial of service CVE-2022-32208 - FTP-KRB bad message verification * Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.1-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27782 - fix too eager reuse of TLS and SSH connections CVE-2022-27779 - do not accept cookies for TLD with trailing dot CVE-2022-27778 - do not remove wrong file on error CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names CVE-2022-27780 - reject percent-encoded path separator in URL host * Wed Apr 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27774 - curl credential leak on redirect CVE-2022-27776 - curl auth/cookie leak on redirect CVE-2022-27775 - curl bad local IPv6 connection reuse CVE-2022-22576 - curl OAUTH2 bearer bypass in connection re-use
/usr/bin/curl /usr/lib/.build-id /usr/lib/.build-id/f6 /usr/lib/.build-id/f6/740fdd36fe181fc297418c96332efd12373cbd /usr/share/man/man1/curl.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Nov 27 04:04:38 2024