-
Mon Oct 23 2017 Kamil Dudka <kdudka@redhat.com> - 7.29.0-42.el7_4.1
- fix buffer overflow while processing IMAP FETCH response (CVE-2017-1000257)
-
Wed Mar 29 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-42
- fix use of uninitialized variable detected by Covscan
-
Wed Mar 29 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-41
- make FTPS work with --proxytunnel (#1420327)
-
Mon Mar 27 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-40
- make FTPS work with --proxytunnel (#1420327)
-
Wed Mar 01 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-39
- work around race condition in PK11_FindSlotByName() in NSS (#1404815)
-
Thu Feb 09 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-38
- make FTPS work with --proxytunnel (#1420327)
-
Thu Oct 06 2016 Kamil Dudka <kdudka@redhat.com> 7.29.0-37
- fix tight loop in non-blocking TLS handhsake over proxy (#1388162)
- handle cookies with numerical IPv6 address (#1341503)
- make libcurl recognize chacha20-poly1305 and SHA384 cipher-suites (#1374740)
- curl -E: allow to escape ':' in cert nickname (#1376062)
- run automake in %prep to avoid patching Makefile.in files from now on
-
Tue Sep 20 2016 Kamil Dudka <kdudka@redhat.com> 7.29.0-36
- reject negative string lengths in curl_easy_[un]escape() (CVE-2016-7167)
-
Fri Aug 26 2016 Kamil Dudka <kdudka@redhat.com> 7.29.0-35
- fix incorrect use of a previously loaded certificate from file
(related to CVE-2016-5420)
-
Wed Aug 17 2016 Kamil Dudka <kdudka@redhat.com> 7.29.0-34
- acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option
(required by the fix for CVE-2016-5419)