Daniel Stenberg [Sat, 24 Nov 2018 22:20:19 +0000 (23:20 +0100)]
curl_easy_perform: fix timeout handling
curl_multi_wait() was erroneously used from within
curl_easy_perform(). It could lead to it believing there was no socket
to wait for and then instead sleep for a while instead of monitoring the
socket and then miss acting on that activity as swiftly as it should
(causing an up to 1000 ms delay).
Reported-by: Antoni Villalonga
Fixes #3305
Clodes #3306
Backported patch details:
https://github.com/curl/curl/commit/
d04cef9ce1d710902d90b62de01115b9bbe958bf.patch
Change-Id: I08d95e996dd9bab5d9fd7c7fe581fdb40c8a0de8
Signed-off-by: Niraj Kumar Goit <niraj.g@samsung.com>
cheoleun moon [Thu, 9 May 2019 09:21:00 +0000 (09:21 +0000)]
Merge "Use openssl-1.1" into tizen_base
Seonah Moon [Thu, 9 May 2019 02:27:13 +0000 (11:27 +0900)]
link missed library for DLP
Change-Id: I77ab3d84ffae5851d9a81a8f834dfce08b34bf6f
Seonah Moon [Thu, 9 May 2019 04:26:42 +0000 (13:26 +0900)]
Revert "link missed library for DLP"
This reverts commit
14bcc6b79f4f26ee7821f1809961bddc3a1ae63d.
Change-Id: I2fe882d909e8a4d0669ad4a5a63a856ebd0b6d53
Seonah Moon [Thu, 9 May 2019 02:27:13 +0000 (11:27 +0900)]
link missed library for DLP
Change-Id: If9719a2c13e7d2f37ed1d53b81f070fbfd5bc022
Cheoleun Moon [Tue, 7 May 2019 08:46:36 +0000 (17:46 +0900)]
Use openssl-1.1
Change-Id: I152d19a11c8bd12e63c3e573bba73668262099e8
Signed-off-by: Cheoleun Moon <chleun.moon@samsung.com>
Nishant Chaprana [Sat, 9 Mar 2019 06:51:06 +0000 (12:21 +0530)]
NTLM: fix size check condition for type2 received data
Bug: https://curl.haxx.se/docs/CVE-2018-16890.html
Reported-by: Wenxiang Qian
CVE-2018-16890
Backported patch details:-
Link: https://github.com/curl/curl/commit/b780b30d1377adb10bbe774835f49e9b237fb9bb.patch
Change-Id: I15fc8002280680a7cf194dd02a5d7751cc7dbc71
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
Nishant Chaprana [Sat, 9 Mar 2019 06:45:26 +0000 (12:15 +0530)]
ntlm: fix *_type3_message size check to avoid buffer overflow
Bug: https://curl.haxx.se/docs/CVE-2019-3822.html
Reported-by: Wenxiang Qian
CVE-2019-3822
Backported patch details:-
Link: https://github.com/curl/curl/commit/50c9484278c63b958655a717844f0721263939cc.patch
Change-Id: I40a37af26b81a4cefe4a26f19697e7a73b17eaf6
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
Nishant Chaprana [Sat, 9 Mar 2019 06:41:38 +0000 (12:11 +0530)]
smtp: avoid risk of buffer overflow in strtol
If the incoming len 5, but the buffer does not have a termination
after 5 bytes, the strtol() call may keep reading through the line
buffer until is exceeds its boundary. Fix by ensuring that we are
using a bounded read with a temporary buffer on the stack.
Bug: https://curl.haxx.se/docs/CVE-2019-3823.html
Reported-by: Brian Carpenter (Geeknik Labs)
CVE-2019-3823
Backported patch details:-
Link: https://github.com/curl/curl/commit/39df4073e5413fcdbb5a38da0c1ce6f1c0ceb484.patch
Change-Id: Ie00a759a464e51ded79d2288844053740db055b4
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
cheoleun moon [Tue, 4 Dec 2018 04:39:52 +0000 (04:39 +0000)]
Merge "Force to use getifaddrs() to get interface addresses" into tizen_base
Seonah Moon [Tue, 20 Nov 2018 08:08:13 +0000 (17:08 +0900)]
Force to use getifaddrs() to get interface addresses
Change-Id: I19edb6f0066af959de76d86e75eabfee29ea5c00
Seonah Moon [Thu, 8 Nov 2018 05:10:19 +0000 (14:10 +0900)]
Merge tag 'upstream/7.62.0' into tizen_base
Change-Id: I9fd8d310e211fdeb3b0e60097b6bd81fb8e78e9b
Seonah Moon [Thu, 8 Nov 2018 05:02:01 +0000 (14:02 +0900)]
Imported Upstream version 7.62.0
Change-Id: Ie916d8e445e0cc69e112cee470744a96a9c84799
Seonah Moon [Wed, 19 Sep 2018 04:09:40 +0000 (13:09 +0900)]
Set dns timeout and tries for TV
Change-Id: Id46d468d2dcf15ec39dabf45f5edf077a260f6f7
Seonah Moon [Mon, 17 Sep 2018 06:39:17 +0000 (15:39 +0900)]
Add cipher selection for TV
ipv6 option will be enabled next commit
Change-Id: Ie0e32617cf8140b6267b82548bc9b531de2f09d5
Seonah Moon [Fri, 14 Sep 2018 02:46:56 +0000 (11:46 +0900)]
Enable IPv6 for TV
Change-Id: I409747255d59b5e67716b606ce8c377b652fe72c
Seonah Moon [Fri, 14 Sep 2018 02:45:12 +0000 (11:45 +0900)]
Revert "Enable IPv6 for TV"
This reverts commit
5ca14f8d2be7326d956b3aa61f45102c472b0392.
Seonah Moon [Fri, 14 Sep 2018 02:34:24 +0000 (11:34 +0900)]
Enable IPv6 for TV
Change-Id: I53d34c6604be5cc01583f1b148c8fb4ad9db83e9
Seonah Moon [Mon, 2 Jul 2018 05:04:50 +0000 (14:04 +0900)]
pingpong: fix response cache memcpy overflow
Response data for a handle with a large buffer might be cached and then
used with the "closure" handle when it has a smaller buffer and then the
larger cache will be copied and overflow the new smaller heap based
buffer.
Reported-by: Dario Weisser
CVE: CVE-2018-
1000300
Bug: https://curl.haxx.se/docs/adv_2018-82c2.htm
Change-Id: I02d35b9494356aaec1ca1f8eab0353a58c849e11
Seonah Moon [Mon, 2 Jul 2018 04:54:24 +0000 (13:54 +0900)]
... leaving the k->str could lead to buffer over-reads later on.
CVE: CVE-2018-
1000301
Assisted-by: Max Dymond
Detected by OSS-Fuzz.
Bug: https://curl.haxx.se/docs/adv_2018-b138.html
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7105
Change-Id: I0bd3b891aef2bf08fdb485d135e695c2eeab86a7
chleun.moon [Fri, 27 Apr 2018 02:54:50 +0000 (11:54 +0900)]
Modify macro for tv profile
Change-Id: Idb324c07ce007d1949f790c75cf703ff269e342f
Signed-off-by: Cheoleun Moon <chleun.moon@samsung.com>
Seonah Moon [Wed, 18 Apr 2018 07:52:58 +0000 (16:52 +0900)]
Apply DLP feature
Change-Id: I5d53e6655bb57364d5008a1beab388b7ba53be66
Seonah Moon [Wed, 16 Aug 2017 09:21:40 +0000 (18:21 +0900)]
Use icu library for IDN feature
Change-Id: I13eaf3ca85d8b516dbc091acae9646e705a75f5e
Seonah Moon [Fri, 20 Apr 2018 06:42:40 +0000 (15:42 +0900)]
Update version to 7.59.0
Change-Id: I6be132aa9b0e2b3be821aae3cdac292525a7aa09
Seonah Moon [Thu, 12 Apr 2018 07:25:13 +0000 (16:25 +0900)]
Imported Upstream version 7.59.0
Change-Id: I06221d49da39082f95030ab57617a1e23fbda58b
Seonah Moon [Thu, 25 Jan 2018 05:47:22 +0000 (14:47 +0900)]
Disable the IDN feature temporary
This feature will be enabled after resolving build dependency issue
Change-Id: I6b7d8292015adbe5b488210176cf19c085b0aaf1
taesub kim [Wed, 24 Jan 2018 04:54:47 +0000 (04:54 +0000)]
Merge "Use icu library for IDN feature" into tizen
taesub kim [Wed, 24 Jan 2018 04:48:31 +0000 (04:48 +0000)]
Merge "Use icu library for IDN feature" into tizen
Seonah Moon [Wed, 16 Aug 2017 09:21:40 +0000 (18:21 +0900)]
Use icu library for IDN feature
Change-Id: Ie0cae521c7eacfcd788a32b90adc20ba19ec66da
Abhishek Sansanwal [Mon, 22 Jan 2018 09:27:02 +0000 (14:57 +0530)]
Added hardening compiler flags in the spec file.
Description: Enabled stack protector, relro, PIE,
fortify source and other flags
Change-Id: I2e569da65cec7120f8ed250a06808f5efb408eb9
Signed-off-by: Abhishek Sansanwal <abhishek.s94@samsung.com>
tizen [Wed, 1 Nov 2017 18:08:44 +0000 (16:08 -0200)]
Fix dlclose issue when calling DLP feature
Change-Id: Id84c9f70c250b3798b4c2b730a45f817b5341c2a
Signed-off-by: tizen <s.moraes@samsung.com>
jungkon.kim [Thu, 19 Oct 2017 09:36:59 +0000 (18:36 +0900)]
fix the handle_leak (Svace 302948 and 302613)
Change-Id: Id67c2f7b034ead0a74db4b652a4065dac8e8b4d9
tizen [Wed, 18 Oct 2017 17:08:53 +0000 (15:08 -0200)]
Adding integration with DLP feature from privacy-guard
Change-Id: I2959feebaecfc6acbd87ab483a4f017d48b65de1
Signed-off-by: tizen <s.moraes@samsung.com>
taesub kim [Tue, 17 Oct 2017 05:59:17 +0000 (05:59 +0000)]
Revert "Integration w/ DLP feature from privacy-guard"
This reverts commit
a6b689d7dfbfaab9138d32e148b08bf51b175703.
Change-Id: I7d32406cd7f4368e8ee60e3ad8b068c3d2d86c84
Saulo Moraes [Tue, 12 Sep 2017 21:08:31 +0000 (18:08 -0300)]
Integration w/ DLP feature from privacy-guard
Change-Id: I5ccf039d400dfd5ba0d7bcab7e75bc82aef5b6e8
Seonah Moon [Wed, 16 Aug 2017 09:21:40 +0000 (18:21 +0900)]
Use icu library for IDN feature
Change-Id: I4c00d1921e5ee15f3572af5e5a060049e7815a14
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Wed, 9 Aug 2017 08:19:56 +0000 (17:19 +0900)]
Apply ASLR to curl command tool
Change-Id: Iffcece4c6629c0521545a1e841fe1858687befad
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Tue, 1 Aug 2017 06:57:10 +0000 (15:57 +0900)]
Fixed build error
Change-Id: Ib87d1e5101f430bfdde69d8f1afaddbfefc6c61b
Seonah Moon [Fri, 21 Jul 2017 07:24:55 +0000 (16:24 +0900)]
Remove unnecessary configure file
Change-Id: I84ad19bc5aa63967edc68c7797d524823a962b23
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Fri, 21 Jul 2017 06:54:13 +0000 (15:54 +0900)]
Add glib2 dependency to support IDN
Change-Id: Ie330340da408b1cf57fca5c30c0f7dac88d85eb7
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Daniel Stenberg [Tue, 6 Jun 2017 22:21:04 +0000 (00:21 +0200)]
[CVE-2017-9502] url: fix buffer overwrite with file protocol
https://github.com/curl/curl/issues/1540
Change-Id: Ic0c511886a16d0655e416882ee9719d1ac120be6
Jay Satiro [Wed, 22 Mar 2017 05:59:49 +0000 (01:59 -0400)]
[CVE-2017-7468] TLS: Fix switching off SSL session id when client cert is used
- Move the sessionid flag to ssl_primary_config so that ssl and
proxy_ssl will each have their own sessionid flag.
Regression since HTTPS-Proxy support was added in
cb4e2be. Prior to that
this issue had been fixed in
247d890, CVE-2016-5419.
https://github.com/curl/curl/issues/1341
Change-Id: I3e6e176dafc6e6f103e5d9c077835f620783a3b1
Seonah Moon [Mon, 19 Jun 2017 01:15:46 +0000 (10:15 +0900)]
[CVE-2017-7407] --write-out out of buffer read
https://curl.haxx.se/docs/adv_20170403.html
Change-Id: I3cc866289e8929b52d31914f2f3164e18a2e1b5d
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
taesub kim [Fri, 9 Jun 2017 01:40:59 +0000 (01:40 +0000)]
Revert "Add dependency of nghttp2-devel"
This reverts commit
129a8fb222e334176769a51ab28cdc0923af4ece.
Change-Id: Icc2a618a477fec16c28256a2ea36dd8a10fe114c
Seonah Moon [Thu, 8 Jun 2017 06:15:47 +0000 (15:15 +0900)]
Add dependency of nghttp2-devel
Change-Id: Ib78ccd11318ed885fd19f3b809c1b47c94167b4f
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Tue, 28 Mar 2017 10:07:37 +0000 (19:07 +0900)]
Used %license macro
Change-Id: Ia5c38d98ea11d1e457014f7210913261a59f5b43
Seonah Moon [Thu, 23 Mar 2017 08:02:09 +0000 (17:02 +0900)]
Update version to 7.53.1
Change-Id: I1833883d4e258c60fb93020688eb7e3ff3e2eb47
taesub kim [Thu, 23 Mar 2017 07:45:32 +0000 (16:45 +0900)]
Imported Upstream version 7.53.1
Change-Id: Id0454e17b6cb083c803c5497d34964dd8fa0dbc6
taesub kim [Thu, 23 Mar 2017 07:38:33 +0000 (00:38 -0700)]
Revert "Imported Upstream version 7.53.1"
This reverts commit
e9bdad71c8277e20607fa1eaf0027d53a0dc1f37.
Change-Id: I4a4edd3ce2207a6f13162aaaf92467a7c1dffd72
taesub kim [Thu, 23 Mar 2017 07:35:59 +0000 (00:35 -0700)]
Revert "Changed the path of license by using '%license' macro"
This reverts commit
3487493aece049d88444f96dee3a2d3f4fdfbb9c.
Change-Id: I1e29fb50e16c45d649779de96404adbc184f1f5e
Seonah Moon [Wed, 22 Mar 2017 05:43:30 +0000 (14:43 +0900)]
Changed the path of license by using '%license' macro
Change-Id: I685efdeb2ab23b18d7935a95e42690d723db632c
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
taesub kim [Wed, 22 Mar 2017 05:21:38 +0000 (14:21 +0900)]
Imported Upstream version 7.53.1
Change-Id: I575eb99bf2face4938a57889412327e285116bf3
Daniel Stenberg [Tue, 7 Mar 2017 07:08:55 +0000 (08:08 +0100)]
ares: Curl_resolver_wait_resolv: clear *entry first in function
Change-Id: Ia55a6ca41ba2c75fedd114fcfb8aef8ddb968e4e
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
Daniel Stenberg [Mon, 6 Mar 2017 21:45:10 +0000 (22:45 +0100)]
ares: better error return on timeouts
Assisted-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2017-03/0009.html
Change-Id: I7779aa144996b539d7a706b776cee09eebae6dcb
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
Daniel Stenberg [Mon, 6 Mar 2017 08:21:01 +0000 (09:21 +0100)]
ares: return error at once if timed out before name resolve starts
Pointed-out-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2017-03/0004.html
Change-Id: I7c38e9dc6f386001692fa3b02f5bba00b59f4f45
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
Seonah Moon [Thu, 29 Dec 2016 10:18:45 +0000 (19:18 +0900)]
[P161227-02691, P161220-01444] Force ongoing connections to close in close_all_connections()
Bug: https://curl.haxx.se/mail/lib-2016-10/0011.html
Bug: https://curl.haxx.se/mail/lib-2016-10/0059.html
Change-Id: I6e015569958cc0da3bd9b03f17d4b32d475ebd0e
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Thu, 24 Nov 2016 08:27:17 +0000 (17:27 +0900)]
Remove dependency with ca-certificates
Change-Id: Ic4b50ae08734463d9d1a37f86ec60a8f2459e818
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Tue, 22 Nov 2016 07:53:24 +0000 (16:53 +0900)]
[CVE-2016-7167] curl escape and unescape integer overflows
Change-Id: Iffbaa7823c992cd93b8961ce69e7f6ac3f903e36
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Mon, 14 Nov 2016 06:50:11 +0000 (15:50 +0900)]
Add default CA bundle
Change-Id: Icc8dd83f8ab59cb18e6d9d6a7f732c6d1ba7cfa4
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Thu, 1 Oct 2015 04:27:10 +0000 (13:27 +0900)]
Add default cipher list for TV
Change-Id: Ibe293221f37388b85aed58ec40793baac2cccd14
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Tue, 4 Oct 2016 07:35:59 +0000 (16:35 +0900)]
openssl: fix bad memory free (regression)
The allocation could be made by OpenSSL so the free must be made with OPENSSL_free() to avoid problems.
(https://github.com/curl/curl/issues/1005)
Change-Id: I07527924fe20ed859cbd5d7ade356410c64d71c7
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Fri, 23 Sep 2016 05:12:16 +0000 (14:12 +0900)]
Update to 7.50.2
Change-Id: I1c5ba709c310e2c1735c12102e48f71d3413146b
Seonah Moon [Fri, 23 Sep 2016 04:49:53 +0000 (13:49 +0900)]
Imported Upstream version 7.50.2
Change-Id: I91c6040940a21b2bebab9d6cab11d50767b7bac4
Seonah Moon [Fri, 26 Aug 2016 05:29:23 +0000 (14:29 +0900)]
Change build macro for Tizen TV
This macro is ignored on build.tizen.org
It's only for Tizen TV build system
Change-Id: I0aa69505ddcfc1973d864f260d2b5e3f2fd87a3d
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Thu, 1 Oct 2015 04:27:10 +0000 (13:27 +0900)]
Add default cipher list for TV
Change-Id: I91579c36473a9619d00990c5897831006d89670f
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Wed, 22 Jun 2016 05:43:54 +0000 (14:43 +0900)]
[CVE-2016-4802] Windows DLL hijacking
Change-Id: I52bc7cb34ac493c20588876294d59039af03cbe1
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Wed, 22 Jun 2016 05:23:07 +0000 (14:23 +0900)]
[CVE-2016-3739] TLS certificate check bypass with mbedTLS/PolarSSL
Change-Id: I76d120f5c9e696ecd402a2099b94759cc22a51e2
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Tue, 26 Apr 2016 05:52:32 +0000 (14:52 +0900)]
Merge branch 'upstream' into tizen
Upgrade version 7.48.0
Change-Id: Ibb643307cb5add844a733bb23cb6051bc0fdb100
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
taesubkim [Mon, 25 Apr 2016 01:21:23 +0000 (10:21 +0900)]
Imported Upstream version 7.48.0
Change-Id: Ibca5368d95ef0b73c945bb0df8b7ef9fc3e3bd82
Signed-off-by: Taesub Kim <taesub.kim@samsung.com>
seonah moon [Mon, 11 Apr 2016 11:05:33 +0000 (04:05 -0700)]
Revert "Imported Upstream version 7.44.0"
This reverts commit
8a08705db260779441360e959b97b6c172f8acb0.
Change-Id: Ie319aab9015869b714a03b8aa890a67ccbc9233e
seonah moon [Thu, 7 Apr 2016 06:59:58 +0000 (23:59 -0700)]
Revert "Update to 7.44.0"
This reverts commit
2bc9d6bb53df44a0c5174767de734620c2cdfd9e.
Change-Id: I831001a99b6ad80dc062c84b3877208e1b40b80a
Seonah Moon [Thu, 7 Apr 2016 04:35:45 +0000 (13:35 +0900)]
Update to 7.44.0
Change-Id: I5b1e06765d1fe3c75597ff7db9831228ea0cad05
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Thu, 7 Apr 2016 02:41:57 +0000 (11:41 +0900)]
Imported Upstream version 7.44.0
Change-Id: I04e7fac0b620653ff8c174e87039756e98c4fb02
seonah moon [Thu, 7 Apr 2016 02:31:17 +0000 (19:31 -0700)]
Revert "Imported Upstream version 7.44.0"
This reverts commit
31368b6eac8092a307849518e912b4c475c0238a.
Change-Id: I3428294b4931a00ba9684528d3ffb326f92ed4e8
Seonah Moon [Thu, 7 Apr 2016 01:07:19 +0000 (10:07 +0900)]
Imported Upstream version 7.44.0
Change-Id: Iacb2e604edff0cb8e7687289419ad1908a7a9de6
Seonah Moon [Wed, 9 Dec 2015 00:58:55 +0000 (09:58 +0900)]
Replace 'tizen_profile_name' to 'profile' for Tizen 3.0
Change-Id: I92101758608b72134f28d38fc11d01c527d2f05e
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
taesub.kim [Mon, 16 Nov 2015 10:07:08 +0000 (19:07 +0900)]
Upgrade upstream version to 7.40.0
Change-Id: I60df9f32924246f842db1056534bb707e77b431e
taesub.kim [Mon, 16 Nov 2015 08:28:24 +0000 (17:28 +0900)]
Imported Upstream version 7.40.0
Change-Id: I744943f451cb7db8f796a53f10dd6f57c297287d
taesub.kim [Mon, 16 Nov 2015 08:23:25 +0000 (17:23 +0900)]
Base code merged to SPIN 2.4
Change-Id: I345fdf6d033fc695d6f3f3ea0c55e7c8b542e348
taesub kim [Wed, 11 Nov 2015 05:34:24 +0000 (21:34 -0800)]
Revert "Update to 7.40.1"
This reverts commit
32de14ae0782822e9c54c3fbb28cdefc1f4de969.
Change-Id: I955d8a59ce444eac32b74264d98272297ac51b9b
Seonah Moon [Mon, 9 Nov 2015 06:25:57 +0000 (15:25 +0900)]
Update to 7.40.1
Change-Id: I91d61adf7c97502bbc4370c6b095bbe39aa6cb60
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Kévin THIERRY [Thu, 30 Oct 2014 15:26:04 +0000 (16:26 +0100)]
Bump to version 7.37.1
Use upstream git instead of pristin-tar.
Also use "%__make" and "%make_install" rpm macros.
Bug-Tizen: TC-1807
Change-Id: If52b5604533d6e03826eae8ce35c01184cf208ab
Signed-off-by: Kévin THIERRY <kevin.thierry@open.eurogiciel.org>
Patrick McCarty [Wed, 4 Sep 2013 17:59:11 +0000 (10:59 -0700)]
Packaging cleanups
- Fix whitespace
- Package license for libcurl
- Fix RPM group tags
- Add the upstream URL
Change-Id: I101c1d0272da282dced66d439058d84ead13bd39
Patrick McCarty [Wed, 4 Sep 2013 17:45:38 +0000 (10:45 -0700)]
Update to 7.32.0
This update addresses the following CVEs:
- CVE-2011-2192
- CVE-2012-0036
- CVE-2013-1944
Change-Id: I58ed3c3561cbb670fb49ffc43a5e6b3be7c1a829
Alexandru Cornea [Fri, 28 Jun 2013 20:18:53 +0000 (23:18 +0300)]
resetting manifest requested domain to floor
Change-Id: Ib4fd617379bc46744c4a951b8232fabe30e7e4c1
Anas Nashif [Sat, 16 Feb 2013 06:37:24 +0000 (22:37 -0800)]
Add baselibs
Change-Id: I147e3da210e065be06ee455dd91c6d7548ed7492
Anas Nashif [Tue, 30 Oct 2012 22:51:57 +0000 (15:51 -0700)]
add packaging
Change-Id: Ia2b58e13b0000ced9c1e8c4895f0cdffb27cc877
Daniel Stenberg [Wed, 16 Jul 2014 14:29:02 +0000 (16:29 +0200)]
RELEASE-NOTES: synced with
4cb2521595
Daniel Stenberg [Tue, 15 Jul 2014 22:09:58 +0000 (00:09 +0200)]
test506: verify
aa6884845168
After the fixed cookie lock deadlock, this test now passes and it
detects double-locking and double-unlocking of mutexes.
Yousuke Kimoto [Mon, 14 Jul 2014 18:38:18 +0000 (20:38 +0200)]
cookie: avoid mutex deadlock
... by removing the extra mutex locks around th call to
Curl_flush_cookies() which takes care of the locking itself already.
Bug: http://curl.haxx.se/mail/lib-2014-02/0184.html
Daniel Stenberg [Tue, 15 Jul 2014 19:28:10 +0000 (21:28 +0200)]
gnutls: fix compiler warning
conversion to 'int' from 'long int' may alter its value
Dan Fandrich [Mon, 14 Jul 2014 23:01:39 +0000 (01:01 +0200)]
test320: strip off the actual negotiated cipher width
It's irrelevant to the test, and will change depending on which SSL
library is being used by libcurl.
Dan Fandrich [Mon, 14 Jul 2014 20:27:03 +0000 (22:27 +0200)]
gnutls: detect lack of SRP support in GnuTLS at run-time and try without
Reported-by: David Woodhouse
Michał Górny [Sun, 15 Jun 2014 10:42:30 +0000 (12:42 +0200)]
configure: respect host tool prefix for krb5-config
Use ${host_alias}-krb5-config if available. This improves cross-
compilation support and fixes multilib on Gentoo (at least).
David Woodhouse [Mon, 14 Jul 2014 18:04:55 +0000 (20:04 +0200)]
gnutls: handle IP address in cert name check
Before GnuTLS 3.3.6, the gnutls_x509_crt_check_hostname() function
didn't actually check IP addresses in SubjectAltName, even though it was
explicitly documented as doing so. So do it ourselves...
Dan Fandrich [Mon, 14 Jul 2014 08:40:33 +0000 (10:40 +0200)]
build: set _POSIX_PTHREAD_SEMANTICS on Solaris to get proper getpwuid_r
Daniel Stenberg [Mon, 14 Jul 2014 17:30:50 +0000 (19:30 +0200)]
RELEASE-NOTES: next one is called 7.37.1
Dan Fandrich [Sat, 12 Jul 2014 23:30:52 +0000 (01:30 +0200)]
gnutls: improved error message if setting cipher list fails
Reported-by: David Woodhouse
Dan Fandrich [Sat, 12 Jul 2014 22:18:40 +0000 (00:18 +0200)]
netrc: fixed thread safety problem by using getpwuid_r if available
The old way using getpwuid could cause problems in programs that enable
reading from netrc files simultaneously in multiple threads.
Reported-by: David Woodhouse
Dan Fandrich [Sat, 12 Jul 2014 21:39:22 +0000 (23:39 +0200)]
RELEASE-NOTES: add the reporter of the previous bug fix
projects / platform / upstream / curl.git / log