| Name: | curl |
|---|---|
| Version: | 7.29.0 |
| Release: | 42.el7 |
| Architecture: | aarch64 |
| Group: | Applications/Internet |
| Size: | 585116 |
| License: | MIT |
| RPM: | curl-7.29.0-42.el7.aarch64.rpm |
| Source RPM: | curl-7.29.0-42.el7.src.rpm |
| Build Date: | Thu May 03 2018 |
| Build Host: | ca-buildarm01.us.oracle.com |
| Vendor: | Oracle America |
| URL: | http://curl.haxx.se/ |
| Summary: | A utility for getting files from remote servers (FTP, HTTP, and others) |
| Description: | curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks. |
- fix use of uninitialized variable detected by Covscan
- make FTPS work with --proxytunnel (#1420327)
- make FTPS work with --proxytunnel (#1420327)
- work around race condition in PK11_FindSlotByName() in NSS (#1404815)
- make FTPS work with --proxytunnel (#1420327)
- fix tight loop in non-blocking TLS handhsake over proxy (#1388162) - handle cookies with numerical IPv6 address (#1341503) - make libcurl recognize chacha20-poly1305 and SHA384 cipher-suites (#1374740) - curl -E: allow to escape ':' in cert nickname (#1376062) - run automake in %prep to avoid patching Makefile.in files from now on
- reject negative string lengths in curl_easy_[un]escape() (CVE-2016-7167)
- fix incorrect use of a previously loaded certificate from file (related to CVE-2016-5420)
- acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option (required by the fix for CVE-2016-5419)
- fix re-using connections with wrong client cert (CVE-2016-5420) - fix TLS session resumption client cert bypass (CVE-2016-5419)