libcurl-7.76.1-26.el9 RPM for x86_64

From CentOS Stream 9 BaseOS for x86_64

libcurl is a free and easy-to-use client-side URL transfer library, supporting
FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,
SMTP, POP3 and RTSP. libcurl supports SSL certificates, HTTP POST, HTTP PUT,
FTP uploading, HTTP form based upload, proxies, cookies, user+password
authentication (Basic, Digest, NTLM, Negotiate, Kerberos4), file transfer
resume, http proxy tunneling and more.

Provides

• libcurl
• libcurl(x86-64)
• libcurl-full
• libcurl-full(x86-64)
• libcurl.so.4()(64bit)

Requires

• libbrotlidec.so.1()(64bit)
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.15)(64bit)
• libc.so.6(GLIBC_2.17)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.7)(64bit)
• libcom_err.so.2()(64bit)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libgssapi_krb5.so.2()(64bit)
• libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit)
• libidn2.so.0()(64bit)
• libidn2.so.0(IDN2_0.0.0)(64bit)
• libk5crypto.so.3()(64bit)
• libkrb5.so.3()(64bit)
• liblber.so.2()(64bit)
• liblber.so.2(OPENLDAP_2.200)(64bit)
• libldap.so.2()(64bit)
• libldap.so.2(OPENLDAP_2.200)(64bit)
• libnghttp2.so.14()(64bit)
• libpsl(x86-64) >= 0.21.1
• libpsl.so.5()(64bit)
• libssh(x86-64) >= 0.10.4
• libssh.so.4()(64bit)
• libssh.so.4(LIBSSH_4_5_0)(64bit)
• libssh.so.4(LIBSSH_4_8_1)(64bit)
• libssl.so.3()(64bit)
• libssl.so.3(OPENSSL_3.0.0)(64bit)
• libz.so.1()(64bit)
• openssl-libs(x86-64) >= 1:3.0.7
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)

License

MIT

Changelog

* Mon Jun 12 2023 Jacek Migacz <jmigacz@redhat.com> - 7.76.1-26
  - unify the upload/method handling (CVE-2023-28322)
  - fix host name wildcard checking (CVE-2023-28321)
* Wed Apr 12 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-25
  - adapt the fix of CVE-2023-27535 for RHEL 9 curl
* Fri Mar 24 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-24
  - fix SSH connection too eager reuse still (CVE-2023-27538)
  - fix GSS delegation too eager connection re-use (CVE-2023-27536)
  - fix FTP too eager connection reuse (CVE-2023-27535)
  - fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
  - fix TELNET option IAC injection (CVE-2023-27533)
* Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-23
  - fix HTTP multi-header compression denial of service (CVE-2023-23916)
* Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-22
  - smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552)
* Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-21
  - fix POST following PUT confusion (CVE-2022-32221)
* Fri Sep 02 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-20
  - control code in cookie denial of service (CVE-2022-35252)
* Wed Jun 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-19
  - fix unpreserved file permissions (CVE-2022-32207)
  - fix HTTP compression denial of service (CVE-2022-32206)
  - fix FTP-KRB bad message verification (CVE-2022-32208)
* Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-18
  - fix too eager reuse of TLS and SSH connections (CVE-2022-27782)
* Mon May 02 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-17
  - fix leak of SRP credentials in redirects (CVE-2022-27774)
* Fri Apr 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-16
  - add missing tests to Makefile
* Thu Apr 28 2022 Kamil Dudka <kdudka@redhat.com> - 7.76.1-15
  - fix credential leak on redirect (CVE-2022-27774)
  - fix auth/cookie leak on redirect (CVE-2022-27776)
  - fix bad local IPv6 connection reuse (CVE-2022-27775)
  - fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
* Tue Oct 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-14
  - re-disable HSTS in libcurl as an experimental feature (#2005874)
* Mon Oct 04 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-13
  - disable more protocols and features in libcurl-minimal (#2005874)
* Fri Sep 17 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-12
  - fix STARTTLS protocol injection via MITM (CVE-2021-22947)
  - fix protocol downgrade required TLS bypass (CVE-2021-22946)
  - fix use-after-free and double-free in MQTT sending (CVE-2021-22945)
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 7.76.1-11
  - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
    Related: rhbz#1991688
* Wed Jul 28 2021 Florian Weimer <fweimer@redhat.com> - 7.76.1-10
  - Rebuild to pick up OpenSSL 3.0 Beta ABI (#1984097)
* Fri Jul 23 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-9
  - make explicit dependency on openssl work with alpha/beta builds of openssl
* Wed Jul 21 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-8
  - fix TELNET stack contents disclosure again (CVE-2021-22925)
  - fix bad connection reuse due to flawed path name checks (CVE-2021-22924)
* Tue Jun 15 2021 Mohan Boddu <mboddu@redhat.com> - 7.76.1-6
  - Rebuilt for RHEL 9 BETA for openssl 3.0 Related: rhbz#1971065

Files

/usr/lib/.build-id
/usr/lib/.build-id/4a
/usr/lib/.build-id/4a/a47ecbb8f2f8ce6814ed47b5b045649e1b2add
/usr/lib64/libcurl.so.4
/usr/lib64/libcurl.so.4.7.0
/usr/share/licenses/libcurl
/usr/share/licenses/libcurl/COPYING

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Apr 24 05:07:23 2024