[ol9_appstream] libcurl-devel-7.76.1-26.el9_3.2.aarch64

The libcurl-devel package includes header files and libraries necessary for
developing programs which use the libcurl library. It contains the API
documentation of the library, too.

Changelog (Show File list) (Show related packages)

• Thu Oct 12 2023 Jacek Migacz <jmigacz@redhat.com> - 7.76.1-26.el9_3.2

  - fix cookie injection with none file (CVE-2023-38546)

• Tue Oct 10 2023 Jacek Migacz <jmigacz@redhat.com> - 7.76.1-26.el9_3.1

  - socks: return error if hostname too long for remote resolve (CVE-2023-38545)

• Mon Jun 12 2023 Jacek Migacz <jmigacz@redhat.com> - 7.76.1-26

  - unify the upload/method handling (CVE-2023-28322)
  - fix host name wildcard checking (CVE-2023-28321)

• Wed Apr 12 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-25

  - adapt the fix of CVE-2023-27535 for RHEL 9 curl

• Fri Mar 24 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-24

  - fix SSH connection too eager reuse still (CVE-2023-27538)
  - fix GSS delegation too eager connection re-use (CVE-2023-27536)
  - fix FTP too eager connection reuse (CVE-2023-27535)
  - fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
  - fix TELNET option IAC injection (CVE-2023-27533)

• Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-23

  - fix HTTP multi-header compression denial of service (CVE-2023-23916)

• Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-22

  - smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552)

• Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-21

  - fix POST following PUT confusion (CVE-2022-32221)

• Fri Sep 02 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-20

  - control code in cookie denial of service (CVE-2022-35252)

• Wed Jun 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-19

  - fix unpreserved file permissions (CVE-2022-32207)
  - fix HTTP compression denial of service (CVE-2022-32206)
  - fix FTP-KRB bad message verification (CVE-2022-32208)