libcurl-7.87.0-7.fc38 RPM for aarch64

From Fedora 38 for aarch64 / l

libcurl is a free and easy-to-use client-side URL transfer library, supporting
FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,
SMTP, POP3 and RTSP. libcurl supports SSL certificates, HTTP POST, HTTP PUT,
FTP uploading, HTTP form based upload, proxies, cookies, user+password
authentication (Basic, Digest, NTLM, Negotiate, Kerberos4), file transfer
resume, http proxy tunneling and more.

Provides

• libcurl
• libcurl(aarch-64)
• libcurl-full
• libcurl-full(aarch-64)
• libcurl.so.4()(64bit)

Requires

• ld-linux-aarch64.so.1()(64bit)
• ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)
• libbrotlidec.so.1()(64bit)
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.17)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libgssapi_krb5.so.2()(64bit)
• libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit)
• libidn2.so.0()(64bit)
• libidn2.so.0(IDN2_0.0.0)(64bit)
• liblber.so.2()(64bit)
• liblber.so.2(OPENLDAP_2.200)(64bit)
• libldap.so.2()(64bit)
• libldap.so.2(OPENLDAP_2.200)(64bit)
• libnghttp2(aarch-64) >= 1.52.0
• libnghttp2.so.14()(64bit)
• libpsl(aarch-64) >= 0.21.2
• libpsl.so.5()(64bit)
• libssh(aarch-64) >= 0.10.4
• libssh.so.4()(64bit)
• libssh.so.4(LIBSSH_4_5_0)(64bit)
• libssh.so.4(LIBSSH_4_8_1)(64bit)
• libssl.so.3()(64bit)
• libssl.so.3(OPENSSL_3.0.0)(64bit)
• libz.so.1()(64bit)
• openssl-libs(aarch-64) >= 1:3.0.8
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)

License

MIT

Changelog

* Fri Mar 24 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-7
  - fix SSH connection too eager reuse still (CVE-2023-27538)
  - fix HSTS double-free (CVE-2023-27537)
  - fix GSS delegation too eager connection re-use (CVE-2023-27536)
  - fix FTP too eager connection reuse (CVE-2023-27535)
  - fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
  - fix TELNET option IAC injection (CVE-2023-27533)
* Wed Mar 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-6
  - tests: make sure gnuserv-tls has SRP support before using it
* Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-5
  - fix HTTP multi-header compression denial of service (CVE-2023-23916)
  - share HSTS between handles (CVE-2023-23915 CVE-2023-23914)
* Fri Jan 20 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-4
  - fix regression in a public header file (#2162716)
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 7.87.0-3
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jan 11 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-2
  - test3012: temporarily disable valgrind (#2143040)
* Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.87.0-1
  - new upstream release, which fixes the following vulnerabilities
      CVE-2022-43552 - HTTP Proxy deny use-after-free
      CVE-2022-43551 - Another HSTS bypass via IDN
* Tue Nov 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-4
  - noproxy: tailmatch like in 7.85.0 and earlier (#2149224)
* Thu Nov 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-3
  - enforce versioned libnghttp2 dependency for libcurl (#2144277)
* Mon Oct 31 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-2
  - fix regression in noproxy matching
* Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-1
  - new upstream release, which fixes the following vulnerabilities
      CVE-2022-42916 - HSTS bypass via IDN
      CVE-2022-42915 - HTTP proxy double-free
      CVE-2022-35260 - .netrc parser out-of-bounds access
      CVE-2022-32221 - POST following PUT confusion
* Thu Sep 01 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-1
  - new upstream release, which fixes the following vulnerability
      CVE-2022-35252 - control code in cookie denial of service
* Thu Aug 25 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-3
  - tests: fix http2 tests to use CRLF headers to make it work with nghttp2-1.49.0
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.84.0-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-1
  - new upstream release, which fixes the following vulnerabilities
      CVE-2022-32207 - Unpreserved file permissions
      CVE-2022-32205 - Set-Cookie denial of service
      CVE-2022-32206 - HTTP compression denial of service
      CVE-2022-32208 - FTP-KRB bad message verification
* Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.1-1
  - new upstream release, which fixes the following vulnerabilities
      CVE-2022-27782 - fix too eager reuse of TLS and SSH connections
      CVE-2022-27779 - do not accept cookies for TLD with trailing dot
      CVE-2022-27778 - do not remove wrong file on error
      CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names
      CVE-2022-27780 - reject percent-encoded path separator in URL host
* Wed Apr 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.0-1
  - new upstream release, which fixes the following vulnerabilities
      CVE-2022-27774 - curl credential leak on redirect
      CVE-2022-27776 - curl auth/cookie leak on redirect
      CVE-2022-27775 - curl bad local IPv6 connection reuse
      CVE-2022-22576 - curl OAUTH2 bearer bypass in connection re-use
* Tue Mar 15 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-2
  - openssl: fix incorrect CURLE_OUT_OF_MEMORY error on CN check failure
* Sat Mar 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-1
  - new upstream release
* Thu Feb 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-4
  - enable IDN support also in libcurl-minimal
* Thu Feb 10 2022 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 7.81.0-3
  - Suggest libcurl-minimal in curl-minimal
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.81.0-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jan 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-1
  - new upstream release
* Sun Nov 14 2021 Paul Howarth <paul@city-fan.org> - 7.80.0-2
  - sshserver.pl (used in test suite) now requires the Digest::SHA perl module
* Wed Nov 10 2021 Kamil Dudka <kdudka@redhat.com> - 7.80.0-1
  - new upstream release
* Tue Oct 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-3
  - re-enable HSTS in libcurl-minimal as a security feature (#2005874)
* Mon Oct 04 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-2
  - disable more protocols and features in libcurl-minimal (#2005874)
* Wed Sep 22 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-1
  - new upstream release
* Thu Sep 16 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.0-4
  - fix regression in http2 implementation introduced in the last release
* Thu Sep 16 2021 Sahana Prasad <sahana@redhat.com> - 7.79.0-3
  - Rebuilt with OpenSSL 3.0.0
* Thu Sep 16 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.0-2
  - make SCP/SFTP tests work with openssh-8.7p1
* Wed Sep 15 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.0-1
  - new upstream release, which fixes the following vulnerabilities
      CVE-2021-22947 - STARTTLS protocol injection via MITM
      CVE-2021-22946 - protocol downgrade required TLS bypassed
      CVE-2021-22945 - use-after-free and double-free in MQTT sending
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 7.78.0-4
  - Rebuilt with OpenSSL 3.0.0
* Fri Jul 23 2021 Kamil Dudka <kdudka@redhat.com> - 7.78.0-3
  - make explicit dependency on openssl work with alpha/beta builds of openssl
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 7.78.0-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Jul 21 2021 Kamil Dudka <kdudka@redhat.com> - 7.78.0-1
  - new upstream release, which fixes the following vulnerabilities
      CVE-2021-22925 - TELNET stack contents disclosure again
      CVE-2021-22924 - bad connection reuse due to flawed path name checks
      CVE-2021-22923 - metalink download sends credentials
      CVE-2021-22922 - wrong content via metalink not discarded
* Wed Jun 02 2021 Kamil Dudka <kdudka@redhat.com> - 7.77.0-2
  - build the curl tool without metalink support (#1967213)
* Wed May 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.77.0-1
  - new upstream release, which fixes the following vulnerabilities
      CVE-2021-22901 - TLS session caching disaster
      CVE-2021-22898 - TELNET stack contents disclosure
* Mon May 03 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-2
  - http2: fix resource leaks detected by Coverity
* Wed Apr 14 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-1
  - new upstream release
* Wed Mar 31 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.0-1
  - new upstream release, which fixes the following vulnerabilities
      CVE-2021-22890 - TLS 1.3 session ticket proxy host mixup
      CVE-2021-22876 - Automatic referer leaks credentials
* Wed Mar 24 2021 Kamil Dudka <kdudka@redhat.com> - 7.75.0-3
  - fix SIGSEGV upon disconnect of a ldaps:// transfer

Files

/usr/lib/.build-id
/usr/lib/.build-id/ee
/usr/lib/.build-id/ee/dfd46f2bafe5b1d027e587e6a4b5a1e3bd5135
/usr/lib64/libcurl.so.4
/usr/lib64/libcurl.so.4.8.0
/usr/share/licenses/libcurl
/usr/share/licenses/libcurl/COPYING

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Apr 9 22:47:55 2024