[ol9_baseos_latest] libcurl-minimal-7.76.1-26.el9.aarch64

This is a replacement of the 'libcurl' package for minimal installations.  It
comes with a limited set of features compared to the 'libcurl' package.  On the
other hand, the package is smaller and requires fewer run-time dependencies to
be installed.

Changelog (Show File list) (Show related packages)

• Mon Jun 12 2023 Jacek Migacz <jmigacz@redhat.com> - 7.76.1-26

  - unify the upload/method handling (CVE-2023-28322)
  - fix host name wildcard checking (CVE-2023-28321)

• Wed Apr 12 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-25

  - adapt the fix of CVE-2023-27535 for RHEL 9 curl

• Fri Mar 24 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-24

  - fix SSH connection too eager reuse still (CVE-2023-27538)
  - fix GSS delegation too eager connection re-use (CVE-2023-27536)
  - fix FTP too eager connection reuse (CVE-2023-27535)
  - fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
  - fix TELNET option IAC injection (CVE-2023-27533)

• Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-23

  - fix HTTP multi-header compression denial of service (CVE-2023-23916)

• Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-22

  - smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552)

• Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-21

  - fix POST following PUT confusion (CVE-2022-32221)

• Fri Sep 02 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-20

  - control code in cookie denial of service (CVE-2022-35252)

• Wed Jun 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-19

  - fix unpreserved file permissions (CVE-2022-32207)
  - fix HTTP compression denial of service (CVE-2022-32206)
  - fix FTP-KRB bad message verification (CVE-2022-32208)

• Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-18

  - fix too eager reuse of TLS and SSH connections (CVE-2022-27782)

• Mon May 02 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-17

  - fix leak of SRP credentials in redirects (CVE-2022-27774)