[ol8_baseos_latest] libcurl-devel-7.61.1-30.el8_8.2.x86_64

The libcurl-devel package includes header files and libraries necessary for
developing programs which use the libcurl library. It contains the API
documentation of the library, too.

Changelog (Show File list) (Show related packages)

• Thu Apr 20 2023 Kamil Dudka <kdudka@redhat.com> - 7.61.1-30.el8_8.2

  - sftp: do not specify O_APPEND when not in append mode (#2187717)

• Fri Mar 24 2023 Kamil Dudka <kdudka@redhat.com> - 7.61.1-30.el8_8.1

  - fix FTP too eager connection reuse (CVE-2023-27535)

• Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.61.1-30

  - fix HTTP multi-header compression denial of service (CVE-2023-23916)

• Tue Feb 07 2023 Kamil Dudka <kdudka@redhat.com> - 7.61.1-29

  - h2: lower initial window size to 32 MiB (#2166254)

• Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-28

  - smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552)

• Fri Nov 18 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-27

  - upon HTTP_1_1_REQUIRED, retry the request with HTTP/1.1 (#2139337)

• Fri Sep 02 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-26

  - control code in cookie denial of service (CVE-2022-35252)

• Wed Jun 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-25

  - setopt: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION (#2063703)
  - fix HTTP compression denial of service (CVE-2022-32206)
  - fix FTP-KRB bad message verification (CVE-2022-32208)

• Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-24

  - fix too eager reuse of TLS and SSH connections (CVE-2022-27782)
  - fix invalid type in printf() argument detected by Coverity

• Thu Apr 28 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-23

  - fix credential leak on redirect (CVE-2022-27774)
  - fix auth/cookie leak on redirect (CVE-2022-27776)
  - fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)