[ol7_latest_archive] libcurl-devel-7.29.0-42.el7.x86_64

The libcurl-devel package includes header files and libraries necessary for
developing programs which use the libcurl library. It contains the API
documentation of the library, too.

Changelog (Show File list) (Show related packages)

• Wed Mar 29 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-42

  - fix use of uninitialized variable detected by Covscan

• Wed Mar 29 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-41

  - make FTPS work with --proxytunnel (#1420327)

• Mon Mar 27 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-40

  - make FTPS work with --proxytunnel (#1420327)

• Wed Mar 01 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-39

  - work around race condition in PK11_FindSlotByName() in NSS (#1404815)

• Thu Feb 09 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-38

  - make FTPS work with --proxytunnel (#1420327)

• Thu Oct 06 2016 Kamil Dudka <kdudka@redhat.com> 7.29.0-37

  - fix tight loop in non-blocking TLS handhsake over proxy (#1388162)
  - handle cookies with numerical IPv6 address (#1341503)
  - make libcurl recognize chacha20-poly1305 and SHA384 cipher-suites (#1374740)
  - curl -E: allow to escape ':' in cert nickname (#1376062)
  - run automake in %prep to avoid patching Makefile.in files from now on

• Tue Sep 20 2016 Kamil Dudka <kdudka@redhat.com> 7.29.0-36

  - reject negative string lengths in curl_easy_[un]escape() (CVE-2016-7167)

• Fri Aug 26 2016 Kamil Dudka <kdudka@redhat.com> 7.29.0-35

  - fix incorrect use of a previously loaded certificate from file
    (related to CVE-2016-5420)

• Wed Aug 17 2016 Kamil Dudka <kdudka@redhat.com> 7.29.0-34

  - acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option
    (required by the fix for CVE-2016-5419)

• Thu Aug 11 2016 Kamil Dudka <kdudka@redhat.com> 7.29.0-33

  - fix re-using connections with wrong client cert (CVE-2016-5420)
  - fix TLS session resumption client cert bypass (CVE-2016-5419)