-
Mon Jul 21 2025 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-34.el8_10.8
- NTLM: force the connection to HTTP/1.1 (RHEL-73788)
-
Wed Jul 09 2025 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-34.el8_10.7
* crypto: ensure crypto initialization works (RHEL-102601)
-
Thu May 29 2025 Carlos Santos <casantos@redhat.com> - 7.61.1-34.el8_10.6
- libssh: Fix matching user-specified MD5 hex key (RHEL-94574)
-
Wed Jan 08 2025 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-34.el8_10.5
- asyn-thread: fix EBADF regression (RHEL-85602)
-
Wed Jan 08 2025 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-34.el8_10.4
- make up incomplete patch for host name wildcard checking (RHEL-5680)
- asyn-thread: issue CURL_POLL_REMOVE before closing socket (RHEL-85602)
-
Wed Oct 30 2024 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-34.el8_10.3
- asyn-thread: create a socketpair to wait on (RHEL-34906)
- fix crash, when talking to a NTLM proxy in FIPS mode (RHEL-32641)
-
Wed Aug 14 2024 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-34.el8_10.2
- provide common cleanup method for push headers (CVE-2024-2398)
-
Tue Jun 25 2024 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-34.el8_10.1
- fix incorrect backport of bz2229800 (RHEL-44684)
-
Tue Sep 19 2023 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-34
- when keyboard-interactive auth fails, try password (#2229800)
- cap SFTP packet size sent (RHEL-5311)
- unify the upload/method handling (CVE-2023-28322)
- fix cookie injection with none file (CVE-2023-38546)
- fix HTTP2 connection failure with HTTP2 framing layer (RHEL-5657)
- lowercase the domain names before PSL checks (CVE-2023-46218)
-
Tue Jun 27 2023 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-33
- fix host name wildcard checking (CVE-2023-28321)
- rebuild certs with 2048-bit RSA keys