| ID | 25014 |
| Package Name | curl |
| Version | 8.11.1 |
| Release | 5.fc42 |
| Epoch | |
Draft | False |
| Source | git+https://src.fedoraproject.org/rpms/curl.git#d40689af0b15d6426f73d243b811599b995acb32 |
| Summary |
| Description |
| Built by | davidlt |
| State |
complete
|
| Volume |
DEFAULT |
| Started | Tue, 22 Jul 2025 07:59:47 UTC |
| Completed | Tue, 22 Jul 2025 08:47:41 UTC |
| Task | build (f42, /rpms/curl.git:d40689af0b15d6426f73d243b811599b995acb32) |
| Extra | {'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/curl.git#d40689af0b15d6426f73d243b811599b995acb32'}} |
| Tags |
|
| RPMs |
|
| Logs |
|
| Changelog |
* Thu Jun 19 2025 Jan Macku <jamacku@redhat.com> - 8.11.1-5
- properly parse 'type=' in -F command line arguments (#2373760)
* Fri Jan 31 2025 Jan Macku <jamacku@redhat.com> - 8.11.1-4
- TLS: check connection for SSL use, not handler (#2324130#c7)
* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 8.11.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Sun Dec 15 2024 Paul Howarth <paul@city-fan.org> - 8.11.1-2
- Fix crash with Unexpected error 9 on netlink descriptor 10 (rhbz#2332350)
- https://github.com/curl/curl/issues/15725
- https://github.com/curl/curl/pull/15727
* Wed Dec 11 2024 Jan Macku <jamacku@redhat.com> - 8.11.1-1
- new upstream release, which fixes the following vulnerabilities
CVE-2024-11053 - netrc and redirect credential leak
* Wed Nov 06 2024 Yaakov Selkowitz <yselkowi@redhat.com> - 8.11.0-2
- Disable engine support on RHEL 10+
* Wed Nov 06 2024 Jan Macku <jamacku@redhat.com> - 8.11.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2024-9681 - HSTS subdomain overwrites parent cache entry
* Tue Sep 24 2024 Jan Macku <jamacku@redhat.com> - 8.10.1-2
- Use tls-ca-bundle.pem instead of ca-bundle.crt (OpenSSL specific) (#2313564)
* Wed Sep 18 2024 Jan Macku <jamacku@redhat.com> - 8.10.1-1
- new upstream release
* Wed Sep 11 2024 Jan Macku <jamacku@redhat.com> - 8.10.0-1
- new upstream release
* Wed Aug 21 2024 Jacek Migacz <jmigacz@redhat.com> - 8.9.1-3
- Retire deprecated ntlm-wb configure option
* Mon Aug 05 2024 voidanix <voidanix@keyedlimepie.org> - 8.9.1-2
- Apply SIGPIPE-related patch due to upstream regression
* Wed Jul 24 2024 Jan Macku <jamacku@redhat.com> - 8.9.1-1
- new upstream release
* Wed Jul 24 2024 Jan Macku <jamacku@redhat.com> - 8.9.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2024-6874 - macidn punycode buffer overread
CVE-2024-6197 - freeing stack buffer in utf8asn1str
- drop upstreamed patches
* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 8.8.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jul 12 2024 Paul Howarth <paul@city-fan.org> - 8.8.0-2
- adapt for https://fedoraproject.org/wiki/Changes/OpensslDeprecateEngine
- added build condition for openssl_engine_support, true by default so as to
not change the resulting built package (yet)
- with openssl_engine_support true, BR: openssl-devel-engine
- with openssl_engine_support false, build with -DOPENSSL_NO_ENGINE
* Wed May 22 2024 Jan Macku <jamacku@redhat.com> - 8.8.0-1
- new upstream release
- drop upstreamed patches
* Wed Mar 27 2024 Jan Macku <jamacku@redhat.com> - 8.7.1-1
- new upstream release, which fixes the following vulnerabilities
CVE-2024-2004 - Usage of disabled protocol
CVE-2024-2379 - QUIC certificate check bypass with wolfSSL
CVE-2024-2398 - HTTP/2 push headers memory-leak
CVE-2024-2466 - TLS certificate check bypass with mbedTLS
- drop upstreamed patches
- reenable test 0313
- fix zsh completions, use --with-zsh-functions-dir
- apply upstream patches for 8.7.1 issues and regressions
* Mon Feb 19 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-7
- Fix: Leftovers after chunking should not be part of the curl buffer output (#2264220)
* Mon Feb 12 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-6
- revert "receive max buffer" + add test case
- temporarily disable test 0313
- remove suggests of libcurl-minimal in curl-full
* Mon Feb 12 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-5
- add Provides to curl-minimal
* Wed Feb 07 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-4
- drop curl-minimal subpackage in favor of curl-full (#2262096)
* Mon Feb 05 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-3
- ignore response body to HEAD requests
* Fri Feb 02 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-2
- don't build manual for curl-full - use man 1 curl instead (#2262373)
* Thu Feb 01 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2024-0853 - OCSP verification bypass with TLS session reuse
- drop 001-dist-add-tests-errorcodes.pl-to-the-tarball.patch (replaced by upstream fix)
- remove accidentally included mk-ca-bundle.1 man page (upstream bug #12843)
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 8.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Dec 06 2023 Jan Macku <jamacku@redhat.com> - 8.5.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2023-46218 - cookie mixed case PSL bypass
CVE-2023-46219 - HSTS long file name clears contents
* Wed Oct 11 2023 Jan Macku <jamacku@redhat.com> - 8.4.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2023-38545 - SOCKS5 heap buffer overflow
CVE-2023-38546 - cookie injection with none file
* Wed Sep 13 2023 Jan Macku <jamacku@redhat.com> - 8.3.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2023-38039 - HTTP headers eat all memory
* Wed Aug 02 2023 Jan Macku <jamacku@redhat.com> - 8.2.1-2
- enable websockets (#2224651)
* Wed Jul 26 2023 Lukáš Zaoral <lzaoral@redhat.com> - 8.2.1-1
- new upstream release (rhbz#2226659)
* Wed Jul 19 2023 Jan Macku <jamacku@redhat.com> - 8.2.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2023-32001 - fopen race condition
|
