[ol7_latest] libcurl-devel-7.29.0-51.0.1.el7.x86_64

Name:	libcurl-devel
Version:	7.29.0
Release:	51.0.1.el7
Architecture:	x86_64
Group:	Development/Libraries
Size:	638461
License:	MIT
RPM:	libcurl-devel-7.29.0-51.0.1.el7.x86_64.rpm
Source RPM:	curl-7.29.0-51.0.1.el7.src.rpm
Build Date:	Tue Dec 18 2018
Build Host:	x86-ol7-builder-03.us.oracle.com
Vendor:	Oracle America
URL:	http://curl.haxx.se/
Summary:	Files needed for building applications with libcurl
Description:	The libcurl-devel package includes header files and libraries necessary for developing programs which use the libcurl library. It contains the API documentation of the library, too.

Changelog (Show File list) (Show related packages)

Mon Dec 03 2018 Lans Hung <lans.hung@oracle.com> - 7.29.0-51.0.1

- Security Fixes [OraBug: 28939992]
- CVE-2016-8615 cookie injection for other servers (https://curl.haxx.se/docs/CVE-2016-8615.html)
- CVE-2016-8616 case insensitive password comparison (https://curl.haxx.se/docs/CVE-2016-8616.html)
- CVE-2016-8617 OOB write via unchecked multiplication (https://curl.haxx.se/docs/CVE-2016-8617.html)
- CVE-2016-8618 double-free in curl_maprintf (https://curl.haxx.se/docs/CVE-2016-8618.html)
- CVE-2016-8619 double-free in krb5 code (https://curl.haxx.se/docs/CVE-2016-8619.html)
- CVE-2016-8621 curl_getdate read out of bounds (https://curl.haxx.se/docs/CVE-2016-8621.html)
- CVE-2016-8622 URL unescape heap overflow via integer truncation (https://curl.haxx.se/docs/CVE-2016-8622.html)
- CVE-2016-8623 Use-after-free via shared cookies (https://curl.haxx.se/docs/CVE-2016-8623.html)
- CVE-2016-8624 invalid URL parsing with # (https://curl.haxx.se/docs/CVE-2016-8624.html)

Wed Aug 08 2018 Kamil Dudka <kdudka@redhat.com> - 7.29.0-51

- require a new enough version of nss-pem to avoid regression in yum (#1610998)

Thu Jun 07 2018 Kamil Dudka <kdudka@redhat.com> - 7.29.0-50

- remove dead code, detected by Coverity Analysis
- remove unused variable, detected by GCC and Clang

Wed Jun 06 2018 Kamil Dudka <kdudka@redhat.com> - 7.29.0-49
```
- make curl --speed-limit work with TFTP (#1584750)
```

Wed May 30 2018 Kamil Dudka <kdudka@redhat.com> - 7.29.0-48

- fix RTSP bad headers buffer over-read (CVE-2018-1000301)
- fix FTP path trickery leads to NIL byte out of bounds write (CVE-2018-1000120)
- fix LDAP NULL pointer dereference (CVE-2018-1000121)
- fix RTSP RTP buffer over-read (CVE-2018-1000122)
- http: prevent custom Authorization headers in redirects (CVE-2018-1000007)
- doc: --tlsauthtype works only if built with TLS-SRP support (#1542256)
- update certificates in the test-suite because they expire soon (#1572723)

Fri Mar 02 2018 Kamil Dudka <kdudka@redhat.com> - 7.29.0-47

- make NSS deallocate PKCS #11 objects early enough (#1510247)

Mon Dec 11 2017 Kamil Dudka <kdudka@redhat.com> - 7.29.0-46

- reset authentication state when HTTP transfer is done (#1511523)

Mon Oct 23 2017 Kamil Dudka <kdudka@redhat.com> - 7.29.0-45

- fix buffer overflow while processing IMAP FETCH response (CVE-2017-1000257)

Thu Sep 14 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-44

- drop 0109-curl-7.29.0-crl-valgrind.patch no longer needed (#1427883)

Wed Sep 13 2017 Kamil Dudka <kdudka@redhat.com> 7.29.0-43

- curl --socks5-{basic,gssapi}: control socks5 auth (#1409208)
- nss: fix a memory leak when CURLOPT_CRLFILE is used (#1427883)
- nss: do not leak PKCS #11 slot while loading a key (#1444860)
- nss: fix a possible use-after-free in SelectClientCert() (#1473158)