Revisions of curl
buildservice-autocommit
accepted
request 1163136
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 360)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 360)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1163135
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 359)
- Update to 8.7.1:
* Fixed empty tool_hugehelp.c file
- Update to 8.7.0:
* Security fixes:
- [bsc#1221665, CVE-2024-2004] Usage of disabled protocol
- [bsc#1221667, CVE-2024-2398] HTTP/2 push headers memory-leak
- [bsc#1221666, CVE-2024-2379] QUIC certificate check bypass with wolfSSL
- [bsc#1221668, CVE-2024-2466] TLS certificate check bypass with mbedTLS
* Changes:
- configure: add --disable-docs flag
- CURLINFO_USED_PROXY: return bool whether the proxy was used
- digest: support SHA-512/256
* Bugfixes:
- asyn-thread: use wakeup_close to close the read descriptor
- bufq: writing into a softlimit queue cannot be partial
- cmake: add USE_OPENSSL_QUIC support
- cookie: if psl fails, reject the cookie
- curl: exit on config file parser errors
- digest: add check for hashing error
- docs/libcurl: add TLS backend info for all TLS options
- file: use xfer buf for file:// transfers
- ftp: do lineend conversions in client writer
- ftp: fix socket wait activity in ftp_domore_getsock
- http2: memory errors in the push callbacks are fatal
- http2: push headers better cleanup
- libssh/libssh2: return error on too big range
- OpenSSL QUIC: adapt to v3.3.x
- setopt: fix check for CURLOPT_PROXY_TLSAUTH_TYPE value
- setopt: fix disabling all protocols
- sha512_256: add support for GnuTLS and OpenSSL
buildservice-autocommit
accepted
request 1157133
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 358)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 358)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1157132
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 357)
* Upstream commit: https://github.com/curl/curl/commit/744dcf22
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1157127
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 356)
- Remove the nghttp2 version requirement as a version guard around the nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation function was added in curl 8.0.1. * Upstream commit: https://github.com/bch/curl/commit/fb2472b9
buildservice-autocommit
accepted
request 1146113
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 355)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 355)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1145417
from
Fabian Vogt (favogt)
(revision 354)
- Add patch to fix various TLS related issues including FTP over SSL transmission timeouts: * 0001-vtls-revert-receive-max-buffer-add-test-case.patch - Switch to %autosetup Now with workaround for https://github.com/curl/curl/issues/12914.
buildservice-autocommit
accepted
request 1143014
from
David Anes (david.anes)
(revision 353)
David Anes (david.anes)
(revision 353)
baserev update by copy to link target
David Anes (david.anes)
accepted
request 1142991
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 352)
- Update to 8.6.0: [bsc#1219149, CVE-2024-0853]
* Security fixes:
- CVE-2024-0853: OCSP verification bypass with TLS session reuse
* Changes:
- add CURLE_TOO_LARGE, CURLINFO_QUEUE_TIME_T
* Bugfixes:
- altsvc: free 'as' when returning error
- asyn-ares: with modern c-ares, use its default timeout
- cf-socket: show errno in tcpkeepalive error messages
- cmdline-opts: update availability for the *-ca-native options
- configure: when enabling QUIC, check that TLS supports QUIC
- content_encoding: change return code to typedef'ed enum
- curl: show ipfs and ipns as supported "protocols"
- CURLINFO_REFERER.3: clarify that it is the *request* header
- dist: add tests/errorcodes.pl to the tarball
- gen.pl: support ## for doing .IP in table-like lists
- GHA: bump ngtcp2, gnutls, mod_h2, quiche
- hostip: return error immediately when Curl_ip2addr() fails
- http3/quiche: fix result code on a stream reset
- http3: initial support for OpenSSL 3.2 QUIC stack
- http: check for "Host:" case insensitively
- http: fix off-by-one error in request method length check
- http: only act on 101 responses when they are HTTP/1.1
- lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT
- lib: error out on multissl + http3
- lib: fix variable undeclared error caused by `infof` changes
- lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding
- lib: strndup/memdup instead of malloc, memcpy and null-terminate
- libssh2: use `libssh2_session_callback_set2()` with v1.11.1
- ngtcp2: put h3 at the front of alpn
buildservice-autocommit
accepted
request 1137519
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 351)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 351)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1137148
from
Michael Pujos (bobbie424242)
(revision 350)
Added curl-adjust-pollset-fix.patch to fix broken MPD http streaming: https://github.com/curl/curl/issues/12632
buildservice-autocommit
accepted
request 1131466
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 349)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 349)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1131465
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 348)
- Update to 8.5.0:
* Security fixes:
- [bsc#1217573, CVE-2023-46218] cookie mixed case PSL bypass
- [bsc#1217574, CVE-2023-46219] HSTS long file name clears contents
* Changes:
- gnutls: support CURLSSLOPT_NATIVE_CA
- HTTP3: ngtcp2 builds are no longer experimental
* Bugfixes:
- asyn-thread: use pipe instead of socketpair for IPC when available
- cmake: fix OpenSSL quic detection in quiche builds
- conncache: use the closure handle when disconnecting surplus connections
- content_encoding: make Curl_all_content_encodings allocless
- cookie: lowercase the domain names before PSL checks
- Curl_http_body: cleanup properly when Curl_getformdata errors
- CURLMOPT_MAX_CONCURRENT_STREAMS: make sure the set value is within range
- doh: provide better return code for responses w/o addresses
- doh: use PIPEWAIT when HTTP/2 is attempted
- duphandle: also free 'outcurl->cookies' in error path
- duphandle: make dupset() not return with pointers to old alloced data
- duphandle: use strdup to clone *COPYPOSTFIELDS if size is not set
- easy: in duphandle, init the cookies for the new handle
- easy_lock: add a pthread_mutex_t fallback
- fopen: create new file using old file's mode
- fopen: create short(er) temporary file name
- getenv: PlayStation doesn't have getenv()
- hostip: show the list of IPs when resolving is done
- hsts: skip single-dot hostname
- HTTP/2, HTTP/3: handle detach of onoing transfers
- http: allow longer HTTP/2 request method names
- hyper: temporarily remove HTTP/2 support
- IPFS: fix IPFS_PATH and file parsing
- multi: during ratelimit multi_getsock should return no sockets
- multi: use pipe instead of socketpair to *wakeup()
- ngtcp2: fix races in stream handling
- ntlm_wb: use pipe instead of socketpair when possible
- openssl: avoid BN_num_bits() NULL pointer derefs
- openssl: fix building with v3 `no-deprecated` + add CI test
- openssl: fix infof() to avoid compiler warning for %s with null
- openssl: identify the "quictls" backend correctly
- openssl: include SIG and KEM algorithms in verbose
- openssl: two multi pointer checks should probably rather be asserts
- openssl: when a session-ID is reused, skip OCSP stapling
- quic: make eyeballers connect retries stop at weird replies
- quic: manage connection idle timeouts
- setopt: check CURLOPT_TFTP_BLKSIZE range on set
- socks: better buffer size checks for socks4a user and hostname
- socks: make SOCKS5 use the CURLOPT_IPRESOLVE choice
- tool: fix --capath when proxy support is disabled
- tool_getparam: limit --rate to be smaller than number of ms
- transfer: abort pause send when connection is marked for closing
- transfer: avoid calling the read callback again after EOF
- transfer: only reset the FTP wildcard engine in CLEAR state
- url: don't touch the multi handle when closing internal handles
- urlapi: avoid null deref if setting blank host to url encode
- urlapi: skip appending NULL pointer query
- urlapi: when URL encoding the fragment, pass in the right length
- vtls: cleanup SSL config management
- vtls: consistently use typedef names for OpenSSL structs
- vtls: late clone of connection ssl config
- vtls: use ALPN "http/1.1" for HTTP/1.x, including HTTP/1.0
* Rebase curl-secure-getenv.patch
* Add curl-tests-errorcodes.patch
buildservice-autocommit
accepted
request 1116810
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 347)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 347)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1116809
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 346)
- Update to 8.4.0:
* Security fixes:
- SOCKS5 heap buffer overflow [bsc#1215888, CVE-2023-38545]
- cookie injection with none file [bsc#1215889, CVE-2023-38546]
* Changes:
- curl: add support for the IPFS protocols via HTTP gateway
- curl_multi_get_handles: get easy handles from a multi handle
- mingw: delete support for legacy mingw.org toolchain
* Bugfixes:
- base64: also build for curl
- cf-socket: simulate slow/blocked receives in debug
- configure: check for the capath by default
- connect: expire the timeout when trying next
- connect: only start the happy eyeballs timer when needed
- cookie: do not store the expire or max-age strings
- cookie: remove unnecessary struct fields
- cookie: set ->running in cookie_init even if data is NULL
- create-dirs.d: clarify it also uses --output-dirs
- http2: refused stream handling for retry
- http: h1/h2 proxy unification
- http: use per-request counter to check too large headers
- idn: if idn2_check_version returns NULL, return error
- lib: enable hmac for digest as well
- lib: let the max filesize option stop too big transfers too
- lib: move handling of 'data->req.writer_stack' into Curl_client_write()
- lib: provide and use Curl_hexencode
- lib: use wrapper for curl_mime_data fseek callback
- libssh2: fix error message on failed pubkey-from-file
- libssh: cap SFTP packet size sent
- MQTT: improve receive of ACKs
buildservice-autocommit
accepted
request 1110821
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 345)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 345)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1110820
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 344)
- Update to 8.3.0: [bsc#1215026, CVE-2023-38039]
* Changes:
- curl: make %output{} in -w specify a file to write to
- gskit: remove
- lib: --disable-bindlocal builds curl without local binding support
- nss: remove support for this TLS library
- tool: add "variable" support
- trace: make tracing available in non-debug builds
- url: change default value for CURLOPT_MAXREDIRS to 30
- urlapi: CURLU_PUNY2IDN - convert from punycode to IDN name
* Bugfixes:
- altsvc: accept and parse IPv6 addresses in response headers
- asyn-ares: reduce timeout to 2000ms
- aws-sigv4: canonicalize the query
- aws-sigv4: fix having date header twice in some cases
- aws-sigv4: handle no-value user header entries
- c-hyper: adjust the hyper to curlcode conversion
- c-hyper: fix memory leaks in `Curl_http`
- cf-haproxy: make CURLOPT_HAPROXY_CLIENT_IP set the *source* IP
- cf-socket: log successful interface bind
- cmake: add GnuTLS option
- cmake: add support for `CURL_DEFAULT_SSL_BACKEND`
- cmake: detect `SSL_set0_wbio` in OpenSSL
- configure: trust pkg-config when it's used for zlib
- configure: use the pkg-config --libs-only-l flag for libssh2
- connect: stop halving the remaining timeout when less than 600 ms left
- crypto: ensure crypto initialization works
- digest: Use hostname to generate spn instead of realm
- ftp: fix temp write of ipv6 address
- headers: accept leading whitespaces on first response header
buildservice-autocommit
accepted
request 1101173
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 343)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 343)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1101172
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 342)
- Update to 8.2.1:
* Bugfixes:
- cfilters: rename close/connect functions to avoid clashes
- ciphers.d: put URL in first column
- cmake: add 'libcurlu'/'libcurltool' for unit tests
- cmake: update ngtcp2 detection
- configure: check for nghttp2_session_get_stream_local_window_size
- docs: mark two TLS options for TLS, not SSL
- docs: provide more see also for cipher options
- hostip: return IPv6 first for localhost resolves
- http2: fix regression on upload EOF handling
- http: VLH, very large header test and fixes
- libcurl-errors.3: add CURLUE_OK
- os400: correct EXPECTED_STRING_LASTZEROTERMINATED
- quiche: fix lookup of transfer at multi
- quiche: fix segfault and other things
- rustls: update rustls-ffi 0.10.0
- socks: print ipv6 address within brackets
- src/mkhelp: strip off escape sequences
- tool: fix tool_seek_cb build when SIZEOF_CURL_OFF_T > SIZEOF_OFF_T
- transfer: do not clear the credentials on redirect to absolute URL
- unittest: remove unneeded *_LDADD
- websocket: rename arguments/variables to match docs
buildservice-autocommit
accepted
request 1099401
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 341)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 341)
baserev update by copy to link target
Displaying revisions 1 - 20 of 360
