Name: | libcurl |
---|---|
Version: | 7.29.0 |
Release: | 42.el7 |
Architecture: | aarch64 |
Group: | Development/Libraries |
Size: | 472048 |
License: | MIT |
RPM: | libcurl-7.29.0-42.el7.aarch64.rpm |
Source RPM: | curl-7.29.0-42.el7.src.rpm |
Build Date: | Thu May 03 2018 |
Build Host: | ca-buildarm01.us.oracle.com |
Vendor: | Oracle America |
URL: | http://curl.haxx.se/ |
Summary: | A library for getting files from web servers |
Description: | libcurl is a free and easy-to-use client-side URL transfer library, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, Kerberos4), file transfer resume, http proxy tunneling and more. |
- fix use of uninitialized variable detected by Covscan
- make FTPS work with --proxytunnel (#1420327)
- make FTPS work with --proxytunnel (#1420327)
- work around race condition in PK11_FindSlotByName() in NSS (#1404815)
- make FTPS work with --proxytunnel (#1420327)
- fix tight loop in non-blocking TLS handhsake over proxy (#1388162) - handle cookies with numerical IPv6 address (#1341503) - make libcurl recognize chacha20-poly1305 and SHA384 cipher-suites (#1374740) - curl -E: allow to escape ':' in cert nickname (#1376062) - run automake in %prep to avoid patching Makefile.in files from now on
- reject negative string lengths in curl_easy_[un]escape() (CVE-2016-7167)
- fix incorrect use of a previously loaded certificate from file (related to CVE-2016-5420)
- acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option (required by the fix for CVE-2016-5419)
- fix re-using connections with wrong client cert (CVE-2016-5420) - fix TLS session resumption client cert bypass (CVE-2016-5419)