Fedora Packages

curl-minimal-7.86.0-4.fc38 in Fedora Rawhide

↵ Return to the main page of curl-minimal
View build
Search for updates

Package Info (Data from x86_64 build)
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files

Changelog

Date Author Change
2022-11-29 Kamil Dudka <kdudka at redhat dot com> - 7.86.0-4 - noproxy: tailmatch like in 7.85.0 and earlier (#2149224)
2022-11-24 Kamil Dudka <kdudka at redhat dot com> - 7.86.0-3 - enforce versioned libnghttp2 dependency for libcurl (#2144277)
2022-10-31 Kamil Dudka <kdudka at redhat dot com> - 7.86.0-2 - fix regression in noproxy matching
2022-10-26 Kamil Dudka <kdudka at redhat dot com> - 7.86.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-42916 - HSTS bypass via IDN CVE-2022-42915 - HTTP proxy double-free CVE-2022-35260 - .netrc parser out-of-bounds access CVE-2022-32221 - POST following PUT confusion
2022-09-01 Kamil Dudka <kdudka at redhat dot com> - 7.85.0-1 - new upstream release, which fixes the following vulnerability CVE-2022-35252 - control code in cookie denial of service
2022-08-25 Kamil Dudka <kdudka at redhat dot com> - 7.84.0-3 - tests: fix http2 tests to use CRLF headers to make it work with nghttp2-1.49.0
2022-07-20 Fedora Release Engineering <releng at fedoraproject dot org> - 7.84.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
2022-06-27 Kamil Dudka <kdudka at redhat dot com> - 7.84.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-32207 - Unpreserved file permissions CVE-2022-32205 - Set-Cookie denial of service CVE-2022-32206 - HTTP compression denial of service CVE-2022-32208 - FTP-KRB bad message verification
2022-05-11 Kamil Dudka <kdudka at redhat dot com> - 7.83.1-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27782 - fix too eager reuse of TLS and SSH connections CVE-2022-27779 - do not accept cookies for TLD with trailing dot CVE-2022-27778 - do not remove wrong file on error CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names CVE-2022-27780 - reject percent-encoded path separator in URL host
2022-04-27 Kamil Dudka <kdudka at redhat dot com> - 7.83.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27774 - curl credential leak on redirect CVE-2022-27776 - curl auth/cookie leak on redirect CVE-2022-27775 - curl bad local IPv6 connection reuse CVE-2022-22576 - curl OAUTH2 bearer bypass in connection re-use

Dependencies

Provides

  • curl
  • curl-minimal
  • curl-minimal(x86-64)

Files


Sources on Pagure