cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
110,309 Commits 1 Branch 0 Tags
Commit Graph

53 Commits

Author SHA1 Message Date
naddy
675973adbb maintenance update to 7.48.0 2016-04-05 19:33:21 +00:00
naddy
2f7aa7597e Update to 7.47.0. 
Fixes CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
 2016-01-29 23:52:24 +00:00
naddy
c61fc915c2 routine update to 7.46.0 2016-01-01 22:17:05 +00:00
naddy
b94d85eeef Security update to 7.42.0. Fixes: 
CVE-2015-3143: Re-using authenticated connection when unauthenticated
CVE-2015-3144: host name out of boundary memory access
CVE-2015-3145: cookie parser out of boundary memory access
CVE-2015-3148: Negotiate not treated as connection-oriented
 2015-04-28 19:26:36 +00:00
naddy
43718aa8e0 maintenance update to 7.41.0 2015-03-17 22:47:02 +00:00
naddy
70aea747ad maintenance update to 7.35.0 2014-03-10 22:43:38 +00:00
naddy
6fe45ff8b4 Security fix for CVE-2014-0015: re-use of wrong HTTP NTLM connection 
http://curl.haxx.se/docs/adv_20140129.html
From: Donovan Watteau
 2014-02-03 21:52:14 +00:00
naddy
35da062e4b maintenance update to 7.34.0 2014-01-02 22:01:24 +00:00
naddy
d428c829a3 use <sys/select.h> to get select() in a reliable, standards-compliant way 
pointed out by kirby@
 2013-12-04 15:23:55 +00:00
naddy
699bc4880a Update to 7.32.0. 
No revolutionary changes; see http://curl.haxx.se/changes.html for
the details.
 2013-10-09 17:25:39 +00:00
jasper
d3c8df5a14 Security fix for CVE-2013-2174, 
libcURL "curl_easy_unescape()" Buffer Overflow Vulnerability

ok naddy@ (MAINTAINER)
 2013-07-16 19:25:38 +00:00
jasper
ef222239f0 Security fix for CVE-2013-1944 curl: Cookie domain suffix match vulnerability 
ok naddy@ (MAINTAINER)
 2013-05-07 06:53:26 +00:00
jasper
d3be0ce8b6 Security fix for CVE-2013-0249, smtp_state_authdigest_resp() 
buffer overflow vulnerability.

Backported from upstream git.

ok naddy@ (MAINTAINER)
 2013-02-08 16:27:12 +00:00
naddy
bfc56fb001 security update to 7.24.0, fixes 
* URL sanitization vulnerability (CVE-2012-0036)
* SSL CBC IV vulnerability
 2012-01-26 20:09:08 +00:00
naddy
9b055313ad maintenance update to 7.23.1 2011-12-06 14:44:46 +00:00
naddy
cd1228bc9d maintenance update to 7.22.0 2011-09-19 10:25:01 +00:00
naddy
18ab75fd08 * update to 7.21.4 for various minor bug fixes 
* no need for groff anymore
 2011-03-24 21:09:07 +00:00
naddy
16490f0b2b Update to 7.21.2, which brings back Gopher support. 
The security fix announced for this release doesn't concern Unix.
 2010-10-14 19:44:26 +00:00
naddy
8d07663180 remove -Lxxx/.libs workarounds required with GNU libtool 2010-09-26 13:40:11 +00:00
naddy
4d115f4206 keep up with upstream and update to 7.21.1; remove dead mirrors 2010-09-19 16:30:26 +00:00
naddy
2aa0a728ed maintenance update to 7.20.0 2010-03-21 18:43:37 +00:00
naddy
3510a6604a SECURITY fix for libcurl data callback excessive length bug. 
http://curl.haxx.se/docs/adv_20100209.html

ok ajacoutot@, jasper@
 2010-02-10 16:27:32 +00:00
naddy
6b17b34739 update to 7.19.7 2009-11-10 19:13:49 +00:00
naddy
1c4a71ff17 SECURITY update to 7.19.6 
Fixes libcurl embedded zero in cert name vulnerability, CVE-2009-2417.
 2009-08-16 17:54:21 +00:00
naddy
ec1e0c8d9a maintenance update to 7.19.5 2009-05-21 19:58:02 +00:00
naddy
8a38b54d7e maintenance update to 7.19.3 2009-01-21 21:17:27 +00:00
naddy
920c641c14 update to 7.19.2, which has some bug fixes 2008-11-20 19:49:40 +00:00
naddy
bb4bb8c3dc update to 7.18.2 2008-06-24 18:37:25 +00:00
naddy
2356cf20d6 Different workaround for link path ordering, keep build path out of 
pkgconfig entry.  Problem reported by and ok landry@.
 2008-06-09 21:00:57 +00:00
naddy
59ec65981f * Update to 7.18.1. 
* A CA cert bundle is no longer included, so point to /etc/ssl/cert.pem.
* Compile examples during build rather than fake stage.

ok sthen@, additional testing by merdely@
 2008-05-13 17:56:29 +00:00
steven
f846aec63d remove MODGNU_SHARED_LIBS and old -version-info patch 2006-01-08 10:27:14 +00:00
naddy
1c84b1ff09 SECURITY: 
Update to 7.15.1, which fixes a local buffer overflow.
http://curl.haxx.se/docs/adv_20051207.html
 2005-12-08 17:10:02 +00:00
naddy
e7cffc11f6 SECURITY: 
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.
 2005-10-16 15:31:39 +00:00
naddy
3a235ae797 maintenance update to 7.14.0 and take maintainer 2005-05-26 23:13:28 +00:00
naddy
a21a706f32 SECURITY: 
Fix NT LAN Manager (NTLM) authentication handling. By sending a
specially crafted long NTLM reply packet, a remote attacker could
overflow the reply buffer.  This could lead to execution of arbitrary
attacker specified code with the privileges of the application using
the cURL library.  CAN-2005-0490.  From Ubuntu.

ok brad@, pval@
 2005-03-14 22:52:20 +00:00
brad
1fbff106fd upgrade to cURL 7.11.2 2004-05-18 23:30:45 +00:00
brad
68e17c1950 upgrade to cURL 7.11.1 2004-04-08 06:18:37 +00:00
brad
418c26cc59 upgrade to cURL 7.10.5 2003-06-01 21:43:49 +00:00
brad
b7e6bdb640 curl-config with cURL 7.10.3 does not output a header path with the 
--cflags flag, revert this change for now.
 2003-02-14 02:38:15 +00:00
brad
d26ea512a2 upgrade to cURL 7.10.3 2003-02-07 03:40:25 +00:00
brad
f84b63dfd2 upgrade to cURL 7.10.2 2002-11-24 03:40:08 +00:00
brad
7cb7310440 upgrade to cURL 7.9.8 2002-06-15 04:27:35 +00:00
brad
26c9fd1178 upgrade to cURL 7.9.7 + experimental patch to fix cURL with newer OpenSSL. 
--
Original patch from: Jacob Meuser <jakemsr@jakemsr.com>
This patch (which has been modified to also work
with older versions of OpenSSL) from: Daniel Stenberg <daniel@haxx.se>
 2002-06-09 18:36:38 +00:00
brad
b426272d44 upgrade to cURL 7.9.5 2002-03-07 14:27:03 +00:00
brad
259dfc2918 upgrade to cURL 7.9.2 2001-12-05 15:22:02 +00:00
brad
a6fb9e9061 fix incorrect return type for Curl_ftpsendf(), fix came from cURL CVS 
--
Problem on 64-bit archs pointed out by: Nikolay Sturm <Nikolay.Sturm@desy.de> and naddy@
 2001-11-23 20:35:49 +00:00
brad
80e9baef9f upgrade to cURL 7.9.1 2001-11-10 04:24:44 +00:00
brad
83782fefff upgrade to cURL 7.9 2001-09-25 15:00:00 +00:00
obecian
48f00f9355 upgrade to curl-7.6.1 (ok'd by brad@) 2001-02-18 21:49:36 +00:00
brad
3d01508b32 teach libtool about export_dynamic_flag_spec for ELF-based archs. 2001-01-19 18:23:49 +00:00