./net/curl [get files from FTP, Gopher, HTTP or HTTPS servers]
[+] Add this package to your ports tracker

[ CVSweb ] [ Homepage ] [ RSS feed ]

Version: 7.57.0, Package name: curl-7.57.0
Maintained by: Christian Weisgerber
Master sites:
Description
curl is a command line tool for transferring data with URL syntax,
supporting DICT, FILE, FTP, FTPS, Gopher, HTTP, HTTPS, IMAP, IMAPS,
POP3, POP3S, RTSP, SMB, SMBS, SMTP, SMTPS, Telnet and TFTP. curl
supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
form based upload, proxies, cookies, user+password authentication
(Basic, Digest, NTLM, Negotiate, ...), file transfer resume, proxy
tunneling and a busload of other useful tricks.


Filesize: 2230.164 KB
Version History (View Complete History)
  • (2017-12-02) Updated to version: curl-7.57.0
  • (2017-10-26) Updated to version: curl-7.56.1
  • (2017-10-09) Updated to version: curl-7.56.0
  • (2017-09-01) Updated to version: curl-7.55.1
  • (2017-08-11) Updated to version: curl-7.55.0
  • (2017-06-28) Updated to version: curl-7.54.1
  • (2017-04-25) Updated to version: curl-7.54.0
  • (2017-02-25) Updated to version: curl-7.53.1
  • (2017-01-05) Updated to version: curl-7.52.1
  • (2016-11-04) Updated to version: curl-7.51.0
[show/hide] View available PLISTS (Can be a lot of data)

CVS Commit History:

   2017-08-31 13:34:16 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.55.1.
Note that this enables the multithreaded resolver by default and now
links with pthread.
   2017-08-31 13:34:16 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.55.1.
Note that this enables the multithreaded resolver by default and now
links with pthread.
   2017-08-31 13:34:16 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.55.1.
Note that this enables the multithreaded resolver by default and now
links with pthread.
   2017-08-31 13:34:16 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.55.1.
Note that this enables the multithreaded resolver by default and now
links with pthread.
   2017-08-11 09:17:25 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes:
* tftp: reject file name lengths that don't fit (CVE-2017-1000100)
* glob: do not parse after a strtoul() overflow range (CVE-2017-1000101)
   2017-08-11 09:17:25 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes:
* tftp: reject file name lengths that don't fit (CVE-2017-1000100)
* glob: do not parse after a strtoul() overflow range (CVE-2017-1000101)
   2017-08-11 09:17:00 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes:
* tftp: reject file name lengths that don't fit (CVE-2017-1000100)
* glob: do not parse after a strtoul() overflow range (CVE-2017-1000101)
   2017-08-11 09:17:00 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes:
* tftp: reject file name lengths that don't fit (CVE-2017-1000100)
* glob: do not parse after a strtoul() overflow range (CVE-2017-1000101)
   2017-08-10 13:46:26 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Security update to 7.55.0:
* file: output the correct buffer to the user (CVE-2017-1000099)
* tftp: reject file name lengths that don't fit (CVE-2017-1000100)
* glob: do not parse after a strtoul() overflow range (CVE-2017-1000101)
   2017-08-10 13:46:26 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Security update to 7.55.0:
* file: output the correct buffer to the user (CVE-2017-1000099)
* tftp: reject file name lengths that don't fit (CVE-2017-1000100)
* glob: do not parse after a strtoul() overflow range (CVE-2017-1000101)
   2017-08-10 13:46:26 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Security update to 7.55.0:
* file: output the correct buffer to the user (CVE-2017-1000099)
* tftp: reject file name lengths that don't fit (CVE-2017-1000100)
* glob: do not parse after a strtoul() overflow range (CVE-2017-1000101)
   2017-08-10 13:46:26 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Security update to 7.55.0:
* file: output the correct buffer to the user (CVE-2017-1000099)
* tftp: reject file name lengths that don't fit (CVE-2017-1000100)
* glob: do not parse after a strtoul() overflow range (CVE-2017-1000101)
   2017-06-27 13:16:40 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Maintenance update to 7.54.1.  The security fix does not affect us.
   2017-06-27 13:16:40 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Maintenance update to 7.54.1.  The security fix does not affect us.
   2017-06-27 13:16:40 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Maintenance update to 7.54.1.  The security fix does not affect us.
   2017-06-27 13:16:40 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Maintenance update to 7.54.1.  The security fix does not affect us.
   2017-04-25 13:00:13 by Christian Weisgerber | Files touched by this commit (2)
Log message:
CVE-2017-7468: TLS session resumption client cert bypass (again)
   2017-04-25 13:00:13 by Christian Weisgerber | Files touched by this commit (2)
Log message:
CVE-2017-7468: TLS session resumption client cert bypass (again)
   2017-04-25 10:51:23 by Christian Weisgerber | Files touched by this commit (2)
Log message:
CVE-2017-7468: TLS session resumption client cert bypass (again)
   2017-04-25 10:51:23 by Christian Weisgerber | Files touched by this commit (2)
Log message:
CVE-2017-7468: TLS session resumption client cert bypass (again)
   2017-04-24 14:33:58 by Christian Weisgerber | Files touched by this commit (5)
Log message:
Update to 7.54.0.  Includes fix for
CVE-2017-7468: TLS session resumption client cert bypass (again)
   2017-04-24 14:33:58 by Christian Weisgerber | Files touched by this commit (5)
Log message:
Update to 7.54.0.  Includes fix for
CVE-2017-7468: TLS session resumption client cert bypass (again)
   2017-04-24 14:33:58 by Christian Weisgerber | Files touched by this commit (5)
Log message:
Update to 7.54.0.  Includes fix for
CVE-2017-7468: TLS session resumption client cert bypass (again)
   2017-04-24 14:33:58 by Christian Weisgerber | Files touched by this commit (5)
Log message:
Update to 7.54.0.  Includes fix for
CVE-2017-7468: TLS session resumption client cert bypass (again)
   2017-04-24 14:33:58 by Christian Weisgerber | Files touched by this commit (5)
Log message:
Update to 7.54.0.  Includes fix for
CVE-2017-7468: TLS session resumption client cert bypass (again)
   2017-02-24 14:09:11 by Christian Weisgerber | Files touched by this commit (3)
Log message:
SECURITY update to 7.53.1:
CVE-2017-2629: make SSL_VERIFYSTATUS work again
   2017-02-24 14:09:11 by Christian Weisgerber | Files touched by this commit (3)
Log message:
SECURITY update to 7.53.1:
CVE-2017-2629: make SSL_VERIFYSTATUS work again
   2017-02-24 14:08:28 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY update to 7.53.1:
CVE-2017-2629: make SSL_VERIFYSTATUS work again
Also numerous other bug fixes.
   2017-02-24 14:08:28 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY update to 7.53.1:
CVE-2017-2629: make SSL_VERIFYSTATUS work again
Also numerous other bug fixes.
   2017-02-24 14:08:28 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY update to 7.53.1:
CVE-2017-2629: make SSL_VERIFYSTATUS work again
Also numerous other bug fixes.
   2017-02-24 14:08:28 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY update to 7.53.1:
CVE-2017-2629: make SSL_VERIFYSTATUS work again
Also numerous other bug fixes.
   2017-02-24 14:08:28 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY update to 7.53.1:
CVE-2017-2629: make SSL_VERIFYSTATUS work again
Also numerous other bug fixes.
   2017-01-09 16:27:20 by Christian Weisgerber | Files touched by this commit (1)
Log message:
upstream fix for regression tests 1060 and 1061, where the included test
server errored out on send(2) returning EAGAIN
   2017-01-05 14:10:17 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Upstream commit a7b38c9dc98481e4a5fc37e51a8690337c674dfb to fix a problem
that causes rtorrent to busy loop when announcing to the tracker.
   2017-01-05 14:10:17 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Upstream commit a7b38c9dc98481e4a5fc37e51a8690337c674dfb to fix a problem
that causes rtorrent to busy loop when announcing to the tracker.
   2017-01-05 13:46:00 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Upstream commit a7b38c9dc98481e4a5fc37e51a8690337c674dfb to fix a problem
that causes rtorrent to busy loop when announcing to the tracker.  ok tj@
   2017-01-05 13:46:00 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Upstream commit a7b38c9dc98481e4a5fc37e51a8690337c674dfb to fix a problem
that causes rtorrent to busy loop when announcing to the tracker.  ok tj@
   2017-01-04 13:57:54 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security update to 7.52.1:
CVE-2016-9586: printf floating point buffer overflow
   2017-01-04 13:28:56 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.52.1:
CVE-2016-9586: printf floating point buffer overflow
   2017-01-04 13:28:56 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.52.1:
CVE-2016-9586: printf floating point buffer overflow
   2017-01-04 13:28:56 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.52.1:
CVE-2016-9586: printf floating point buffer overflow
   2016-11-04 09:20:53 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.51.0.
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
Note that this drops support for internationalized domain names.
   2016-11-04 09:20:53 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.51.0.
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
Note that this drops support for internationalized domain names.
   2016-11-04 08:09:36 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.51.0.
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
Note that this drops support for internationalized domain names.
ok sthen@
   2016-11-04 08:09:36 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.51.0.
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
Note that this drops support for internationalized domain names.
ok sthen@
   2016-11-04 05:33:34 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.51.0.
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
Note that this drops support for internationalized domain names.
ok sthen@
   2016-11-04 05:33:34 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.51.0.
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
Note that this drops support for internationalized domain names.
ok sthen@
   2016-11-04 05:33:34 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.51.0.
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
Note that this drops support for internationalized domain names.
ok sthen@
   2016-09-17 15:39:18 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fix:
CVE-2016-7167: curl escape and unescape integer overflows
   2016-09-17 15:39:18 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fix:
CVE-2016-7167: curl escape and unescape integer overflows
   2016-09-17 15:39:05 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fix:
CVE-2016-7167: curl escape and unescape integer overflows
   2016-09-17 15:39:05 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fix:
CVE-2016-7167: curl escape and unescape integer overflows
   2016-09-17 13:34:35 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security update to 7.50.3:
CVE-2016-7167: curl escape and unescape integer overflows
   2016-09-17 13:34:35 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security update to 7.50.3:
CVE-2016-7167: curl escape and unescape integer overflows
   2016-08-04 04:48:03 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes:
CVE-2016-5419: TLS session resumption client cert bypass
CVE-2016-5420: Re-using connections with wrong client cert
CVE-2016-5421: use of connection struct after free
   2016-08-04 04:48:03 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes:
CVE-2016-5419: TLS session resumption client cert bypass
CVE-2016-5420: Re-using connections with wrong client cert
CVE-2016-5421: use of connection struct after free
   2016-08-03 16:04:40 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes:
CVE-2016-5419: TLS session resumption client cert bypass
CVE-2016-5420: Re-using connections with wrong client cert
CVE-2016-5421: use of connection struct after free
   2016-08-03 16:04:40 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes:
CVE-2016-5419: TLS session resumption client cert bypass
CVE-2016-5420: Re-using connections with wrong client cert
CVE-2016-5421: use of connection struct after free
   2016-08-03 14:44:08 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.50.1.
CVE-2016-5419: TLS session resumption client cert bypass
CVE-2016-5420: Re-using connections with wrong client cert
CVE-2016-5421: use of connection struct after free
   2016-08-03 14:44:08 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.50.1.
CVE-2016-5419: TLS session resumption client cert bypass
CVE-2016-5420: Re-using connections with wrong client cert
CVE-2016-5421: use of connection struct after free
   2016-08-03 14:44:08 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.50.1.
CVE-2016-5419: TLS session resumption client cert bypass
CVE-2016-5420: Re-using connections with wrong client cert
CVE-2016-5421: use of connection struct after free
   2016-05-28 14:05:21 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.49.0
   2016-05-28 14:05:21 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.49.0
   2016-05-28 14:05:21 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.49.0
   2016-05-28 14:05:21 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.49.0
   2016-04-05 13:33:21 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.48.0
   2016-04-05 13:33:21 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.48.0
   2016-04-05 13:33:21 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.48.0
   2016-04-05 13:33:21 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.48.0
   2016-04-05 13:33:21 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.48.0
   2016-03-11 13:28:34 by Christian Weisgerber | Files touched by this commit (247)
Log message:
garbage collect CONFIGURE_SHARED
   2016-02-27 14:55:52 by Christian Weisgerber | Files touched by this commit (1)
Log message:
update HOMEPAGE and MASTER_SITES
   2016-01-29 16:53:07 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fix for
CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
   2016-01-29 16:53:07 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fix for
CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
   2016-01-29 16:52:24 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.47.0.
Fixes CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
   2016-01-29 16:52:24 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.47.0.
Fixes CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
   2016-01-29 16:52:24 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.47.0.
Fixes CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
   2016-01-29 16:52:24 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.47.0.
Fixes CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
   2016-01-01 15:17:05 by Christian Weisgerber | Files touched by this commit (4)
Log message:
routine update to 7.46.0
   2016-01-01 15:17:05 by Christian Weisgerber | Files touched by this commit (4)
Log message:
routine update to 7.46.0
   2016-01-01 15:17:05 by Christian Weisgerber | Files touched by this commit (4)
Log message:
routine update to 7.46.0
   2016-01-01 15:17:05 by Christian Weisgerber | Files touched by this commit (4)
Log message:
routine update to 7.46.0
   2015-10-29 18:26:46 by Stuart Henderson | Files touched by this commit (1)
Log message:
curl picks up nghttp2 if present at build time; list it as an explicit
dependency, naddy@ agrees.
The nghttp2 port is careful to avoid additional dependencies that are
known not to build on some arch.
   2015-10-18 13:16:30 by Christian Weisgerber | Files touched by this commit (3)
Log message:
update to 7.45.0
   2015-10-18 13:16:30 by Christian Weisgerber | Files touched by this commit (3)
Log message:
update to 7.45.0
   2015-10-18 13:16:30 by Christian Weisgerber | Files touched by this commit (3)
Log message:
update to 7.45.0
   2015-08-19 11:08:48 by Christian Weisgerber | Files touched by this commit (3)
Log message:
maintenance update to 7.44.0
   2015-08-19 11:08:48 by Christian Weisgerber | Files touched by this commit (3)
Log message:
maintenance update to 7.44.0
   2015-08-19 11:08:48 by Christian Weisgerber | Files touched by this commit (3)
Log message:
maintenance update to 7.44.0
   2015-06-20 13:52:54 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security fixes:
CVE-2015-3236: lingering HTTP credentials in connection re-use
CVE-2015-3237: SMB send off unrelated memory contents
   2015-06-20 13:52:54 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security fixes:
CVE-2015-3236: lingering HTTP credentials in connection re-use
CVE-2015-3237: SMB send off unrelated memory contents
   2015-06-20 13:50:55 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.43.0.  Fixes:
CVE-2015-3236: lingering HTTP credentials in connection re-use
http://curl.haxx.se/docs/adv_20150617A.html
CVE-2015-3237: SMB send off unrelated memory contents
http://curl.haxx.se/docs/adv_20150617B.html
   2015-06-20 13:50:55 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.43.0.  Fixes:
CVE-2015-3236: lingering HTTP credentials in connection re-use
http://curl.haxx.se/docs/adv_20150617A.html
CVE-2015-3237: SMB send off unrelated memory contents
http://curl.haxx.se/docs/adv_20150617B.html
   2015-06-20 13:50:55 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.43.0.  Fixes:
CVE-2015-3236: lingering HTTP credentials in connection re-use
http://curl.haxx.se/docs/adv_20150617A.html
CVE-2015-3237: SMB send off unrelated memory contents
http://curl.haxx.se/docs/adv_20150617B.html
   2015-05-01 14:39:43 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security fixes:
CVE-2015-3143: Re-using authenticated connection when unauthenticated
CVE-2015-3144: host name out of boundary memory access
CVE-2015-3145: cookie parser out of boundary memory access
CVE-2015-3148: Negotiate not treated as connection-oriented
CVE-2015-3153: sensitive HTTP server headers also sent to proxies
Backport for CVE-2015-3148 from Ubuntu.
   2015-05-01 14:39:43 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security fixes:
CVE-2015-3143: Re-using authenticated connection when unauthenticated
CVE-2015-3144: host name out of boundary memory access
CVE-2015-3145: cookie parser out of boundary memory access
CVE-2015-3148: Negotiate not treated as connection-oriented
CVE-2015-3153: sensitive HTTP server headers also sent to proxies
Backport for CVE-2015-3148 from Ubuntu.
   2015-04-30 17:18:27 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes:
CVE-2015-3143: Re-using authenticated connection when unauthenticated
CVE-2015-3144: host name out of boundary memory access
CVE-2015-3145: cookie parser out of boundary memory access
CVE-2015-3148: Negotiate not treated as connection-oriented
CVE-2015-3153: sensitive HTTP server headers also sent to proxies
   2015-04-30 17:18:27 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes:
CVE-2015-3143: Re-using authenticated connection when unauthenticated
CVE-2015-3144: host name out of boundary memory access
CVE-2015-3145: cookie parser out of boundary memory access
CVE-2015-3148: Negotiate not treated as connection-oriented
CVE-2015-3153: sensitive HTTP server headers also sent to proxies
   2015-04-30 16:32:24 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.42.1.  Fixes:
CVE-2015-3153: sensitive HTTP server headers also sent to proxies
   2015-04-30 16:32:24 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.42.1.  Fixes:
CVE-2015-3153: sensitive HTTP server headers also sent to proxies
   2015-04-30 16:32:24 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security update to 7.42.1.  Fixes:
CVE-2015-3153: sensitive HTTP server headers also sent to proxies
   2015-04-28 13:26:36 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Security update to 7.42.0.  Fixes:
CVE-2015-3143: Re-using authenticated connection when unauthenticated
CVE-2015-3144: host name out of boundary memory access
CVE-2015-3145: cookie parser out of boundary memory access
CVE-2015-3148: Negotiate not treated as connection-oriented
   2015-04-28 13:26:36 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Security update to 7.42.0.  Fixes:
CVE-2015-3143: Re-using authenticated connection when unauthenticated
CVE-2015-3144: host name out of boundary memory access
CVE-2015-3145: cookie parser out of boundary memory access
CVE-2015-3148: Negotiate not treated as connection-oriented
   2015-04-28 13:26:36 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Security update to 7.42.0.  Fixes:
CVE-2015-3143: Re-using authenticated connection when unauthenticated
CVE-2015-3144: host name out of boundary memory access
CVE-2015-3145: cookie parser out of boundary memory access
CVE-2015-3148: Negotiate not treated as connection-oriented
   2015-04-28 13:26:36 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Security update to 7.42.0.  Fixes:
CVE-2015-3143: Re-using authenticated connection when unauthenticated
CVE-2015-3144: host name out of boundary memory access
CVE-2015-3145: cookie parser out of boundary memory access
CVE-2015-3148: Negotiate not treated as connection-oriented
   2015-03-17 16:47:02 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.41.0
   2015-03-17 16:47:02 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.41.0
   2015-03-17 16:47:02 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.41.0
   2015-03-17 16:47:02 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.41.0
   2015-01-11 19:17:10 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes for
CVE-2014-3707: libcurl duphandle read out of bounds
CVE-2014-8150: URL request injection
   2015-01-11 19:17:10 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security fixes for
CVE-2014-3707: libcurl duphandle read out of bounds
CVE-2014-8150: URL request injection
   2015-01-11 15:53:15 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security fixes for
CVE-2014-3707: libcurl duphandle read out of bounds
CVE-2014-8150: URL request injection
   2015-01-11 15:53:15 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Security fixes for
CVE-2014-3707: libcurl duphandle read out of bounds
CVE-2014-8150: URL request injection
   2015-01-11 05:58:41 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.40.0.
* Fix CVE-2014-8150 (URL request injection)
* Add initial support for the SMB/CIFS protocol
   2015-01-11 05:58:41 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.40.0.
* Fix CVE-2014-8150 (URL request injection)
* Add initial support for the SMB/CIFS protocol
   2015-01-11 05:58:41 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.40.0.
* Fix CVE-2014-8150 (URL request injection)
* Add initial support for the SMB/CIFS protocol
   2015-01-11 05:58:41 by Christian Weisgerber | Files touched by this commit (4)
Log message:
Update to 7.40.0.
* Fix CVE-2014-8150 (URL request injection)
* Add initial support for the SMB/CIFS protocol
   2014-11-30 09:44:04 by Ingo Schwarze | Files touched by this commit (1)
Log message:
Usually, ports Makefiles should not explicitly call mandoc or groff
but leave the formatting to pkg_create(1) if needed.  In the special
cases where they do need to call mandoc (for example, like in this
case, to include a formatted manual into a binary program) they
should pass the -Tascii option to avoid depending on the user's
locale, since mandoc -Tlocale will soon be the default.
In this case, it isn't strictly needed because the upstream Makefile
uses "env LC_ALL=C" when calling groff/mandoc.  But let's avoid the
fragility of depending on that, and let's avoid setting a bad example.
No package change, no bump.
ok naddy@ (MAINTAINER)
   2014-11-15 14:36:18 by Christian Weisgerber | Files touched by this commit (3)
Log message:
maintenance update to 7.39.0: SSLv3 is disabled by default
   2014-11-15 14:36:18 by Christian Weisgerber | Files touched by this commit (3)
Log message:
maintenance update to 7.39.0: SSLv3 is disabled by default
   2014-11-15 14:36:18 by Christian Weisgerber | Files touched by this commit (3)
Log message:
maintenance update to 7.39.0: SSLv3 is disabled by default
   2011-07-05 02:18:11 by Jasper Lievisse Adriaanse | Files touched by this commit (3)
Log message:
- update curl to 7.21.7
tested in a bulk and ok landry@, thanks
ok naddy@ (MAINTAINER)
   2011-07-05 02:18:11 by Jasper Lievisse Adriaanse | Files touched by this commit (3)
Log message:
- update curl to 7.21.7
tested in a bulk and ok landry@, thanks
ok naddy@ (MAINTAINER)
   2011-07-05 02:18:11 by Jasper Lievisse Adriaanse | Files touched by this commit (3)
Log message:
- update curl to 7.21.7
tested in a bulk and ok landry@, thanks
ok naddy@ (MAINTAINER)
   2011-03-24 15:09:07 by Christian Weisgerber | Files touched by this commit (3)
Log message:
* update to 7.21.4 for various minor bug fixes
* no need for groff anymore
   2011-03-24 15:09:07 by Christian Weisgerber | Files touched by this commit (3)
Log message:
* update to 7.21.4 for various minor bug fixes
* no need for groff anymore
   2011-03-24 15:09:07 by Christian Weisgerber | Files touched by this commit (3)
Log message:
* update to 7.21.4 for various minor bug fixes
* no need for groff anymore
   2010-11-19 15:31:39 by Marc Espie | Files touched by this commit (372)
Log message:
new depends
   2010-10-18 12:37:00 by Marc Espie | Files touched by this commit (357)
Log message:
USE_GROFF=Yes
   2010-10-14 13:44:27 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Update to 7.21.2, which brings back Gopher support.
The security fix announced for this release doesn't concern Unix.
   2010-10-14 13:44:27 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Update to 7.21.2, which brings back Gopher support.
The security fix announced for this release doesn't concern Unix.
   2010-10-14 13:44:27 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Update to 7.21.2, which brings back Gopher support.
The security fix announced for this release doesn't concern Unix.
   2010-09-26 07:40:12 by Christian Weisgerber | Files touched by this commit (25)
Log message:
remove -Lxxx/.libs workarounds required with GNU libtool
   2010-09-26 07:40:12 by Christian Weisgerber | Files touched by this commit (25)
Log message:
remove -Lxxx/.libs workarounds required with GNU libtool
   2010-09-26 07:40:12 by Christian Weisgerber | Files touched by this commit (25)
Log message:
remove -Lxxx/.libs workarounds required with GNU libtool
   2010-09-26 07:40:12 by Christian Weisgerber | Files touched by this commit (25)
Log message:
remove -Lxxx/.libs workarounds required with GNU libtool
   2010-09-19 10:30:26 by Christian Weisgerber | Files touched by this commit (6)
Log message:
keep up with upstream and update to 7.21.1; remove dead mirrors
   2010-09-19 10:30:26 by Christian Weisgerber | Files touched by this commit (6)
Log message:
keep up with upstream and update to 7.21.1; remove dead mirrors
   2010-09-19 10:30:26 by Christian Weisgerber | Files touched by this commit (6)
Log message:
keep up with upstream and update to 7.21.1; remove dead mirrors
   2010-09-19 10:30:26 by Christian Weisgerber | Files touched by this commit (6)
Log message:
keep up with upstream and update to 7.21.1; remove dead mirrors
   2010-09-19 10:30:26 by Christian Weisgerber | Files touched by this commit (6)
Log message:
keep up with upstream and update to 7.21.1; remove dead mirrors
   2010-09-19 10:30:26 by Christian Weisgerber | Files touched by this commit (6)
Log message:
keep up with upstream and update to 7.21.1; remove dead mirrors
   2010-03-21 12:43:37 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.20.0
   2010-03-21 12:43:37 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.20.0
   2010-03-21 12:43:37 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.20.0
   2010-03-21 12:43:37 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.20.0
   2010-03-21 12:43:37 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.20.0
   2010-02-12 21:00:57 by William Yodlowsky | Files touched by this commit (2)
Log message:
MFC:
SECURITY FIX
Resolves the libcurl data callback excessive length bug
ok naddy@ jasper@
   2010-02-12 21:00:57 by William Yodlowsky | Files touched by this commit (2)
Log message:
MFC:
SECURITY FIX
Resolves the libcurl data callback excessive length bug
ok naddy@ jasper@
   2010-02-10 09:27:32 by Christian Weisgerber | Files touched by this commit (2)
Log message:
SECURITY fix for libcurl data callback excessive length bug.
http://curl.haxx.se/docs/adv_20100209.html
ok ajacoutot@, jasper@
   2010-02-10 09:27:32 by Christian Weisgerber | Files touched by this commit (2)
Log message:
SECURITY fix for libcurl data callback excessive length bug.
http://curl.haxx.se/docs/adv_20100209.html
ok ajacoutot@, jasper@
   2009-11-10 12:13:49 by Christian Weisgerber | Files touched by this commit (4)
Log message:
update to 7.19.7
   2009-11-10 12:13:49 by Christian Weisgerber | Files touched by this commit (4)
Log message:
update to 7.19.7
   2009-11-10 12:13:49 by Christian Weisgerber | Files touched by this commit (4)
Log message:
update to 7.19.7
   2009-11-10 12:13:49 by Christian Weisgerber | Files touched by this commit (4)
Log message:
update to 7.19.7
   2009-11-05 18:42:18 by William Yodlowsky | Files touched by this commit (2)
Log message:
SECURITY FIX
Fixes libcurl embedded zero in cert name vulnerability, CVE-2009-2417.
ok naddy@
   2009-11-05 18:42:18 by William Yodlowsky | Files touched by this commit (2)
Log message:
SECURITY FIX
Fixes libcurl embedded zero in cert name vulnerability, CVE-2009-2417.
ok naddy@
   2009-09-14 20:34:56 by William Yodlowsky | Files touched by this commit (2)
Log message:
SECURITY FIX
Resolve CVE-2009-2417, from upstream
ok jasper@
   2009-09-14 20:34:56 by William Yodlowsky | Files touched by this commit (2)
Log message:
SECURITY FIX
Resolve CVE-2009-2417, from upstream
ok jasper@
   2009-08-16 11:54:21 by Christian Weisgerber | Files touched by this commit (3)
Log message:
SECURITY update to 7.19.6
Fixes libcurl embedded zero in cert name vulnerability, CVE-2009-2417.
   2009-08-16 11:54:21 by Christian Weisgerber | Files touched by this commit (3)
Log message:
SECURITY update to 7.19.6
Fixes libcurl embedded zero in cert name vulnerability, CVE-2009-2417.
   2009-08-16 11:54:21 by Christian Weisgerber | Files touched by this commit (3)
Log message:
SECURITY update to 7.19.6
Fixes libcurl embedded zero in cert name vulnerability, CVE-2009-2417.
   2009-07-14 20:52:09 by William Yodlowsky | Files touched by this commit (2)
Log message:
SECURITY FIX
Resolve CVE-2009-0037:
Rogue servers could trick curl into accessing local files
Patch adapted from debian
ok robert@
   2009-07-14 20:52:09 by William Yodlowsky | Files touched by this commit (2)
Log message:
SECURITY FIX
Resolve CVE-2009-0037:
Rogue servers could trick curl into accessing local files
Patch adapted from debian
ok robert@
   2009-05-21 13:58:02 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.19.5
   2009-05-21 13:58:02 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.19.5
   2009-05-21 13:58:02 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.19.5
   2009-05-21 13:58:02 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.19.5
   2009-05-21 13:58:02 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.19.5
   2009-03-06 08:04:12 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security update to 7.19.4.
Rogue servers could trick curl into accessing local files; CVE-2009-0037.
   2009-03-06 08:04:12 by Christian Weisgerber | Files touched by this commit (2)
Log message:
Security update to 7.19.4.
Rogue servers could trick curl into accessing local files; CVE-2009-0037.
   2009-01-21 14:17:27 by Christian Weisgerber | Files touched by this commit (6)
Log message:
maintenance update to 7.19.3
   2009-01-21 14:17:27 by Christian Weisgerber | Files touched by this commit (6)
Log message:
maintenance update to 7.19.3
   2009-01-21 14:17:27 by Christian Weisgerber | Files touched by this commit (6)
Log message:
maintenance update to 7.19.3
   2009-01-21 14:17:27 by Christian Weisgerber | Files touched by this commit (6)
Log message:
maintenance update to 7.19.3
   2009-01-21 14:17:27 by Christian Weisgerber | Files touched by this commit (6)
Log message:
maintenance update to 7.19.3
   2009-01-21 14:17:27 by Christian Weisgerber | Files touched by this commit (6)
Log message:
maintenance update to 7.19.3
   2008-11-20 12:49:40 by Christian Weisgerber | Files touched by this commit (6)
Log message:
update to 7.19.2, which has some bug fixes
   2008-11-20 12:49:40 by Christian Weisgerber | Files touched by this commit (6)
Log message:
update to 7.19.2, which has some bug fixes
   2008-11-20 12:49:40 by Christian Weisgerber | Files touched by this commit (6)
Log message:
update to 7.19.2, which has some bug fixes
   2008-11-20 12:49:40 by Christian Weisgerber | Files touched by this commit (6)
Log message:
update to 7.19.2, which has some bug fixes
   2008-11-20 12:49:40 by Christian Weisgerber | Files touched by this commit (6)
Log message:
update to 7.19.2, which has some bug fixes
   2008-11-20 12:49:40 by Christian Weisgerber | Files touched by this commit (6)
Log message:
update to 7.19.2, which has some bug fixes
   2008-10-15 13:36:43 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Update to 7.19.0.  Prodded by robert@.
   2008-10-15 13:36:43 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Update to 7.19.0.  Prodded by robert@.
   2008-10-15 13:36:43 by Christian Weisgerber | Files touched by this commit (3)
Log message:
Update to 7.19.0.  Prodded by robert@.
   2008-06-24 12:37:25 by Christian Weisgerber | Files touched by this commit (9)
Log message:
update to 7.18.2
   2008-06-24 12:37:25 by Christian Weisgerber | Files touched by this commit (9)
Log message:
update to 7.18.2
   2008-06-24 12:37:25 by Christian Weisgerber | Files touched by this commit (9)
Log message:
update to 7.18.2
   2008-06-24 12:37:25 by Christian Weisgerber | Files touched by this commit (9)
Log message:
update to 7.18.2
   2008-06-24 12:37:25 by Christian Weisgerber | Files touched by this commit (9)
Log message:
update to 7.18.2
   2008-06-24 12:37:25 by Christian Weisgerber | Files touched by this commit (9)
Log message:
update to 7.18.2
   2008-06-24 12:37:25 by Christian Weisgerber | Files touched by this commit (9)
Log message:
update to 7.18.2
   2008-06-24 12:37:25 by Christian Weisgerber | Files touched by this commit (9)
Log message:
update to 7.18.2
   2008-06-24 12:37:25 by Christian Weisgerber | Files touched by this commit (9)
Log message:
update to 7.18.2
   2008-06-09 15:00:57 by Christian Weisgerber | Files touched by this commit (5)
Log message:
Different workaround for link path ordering, keep build path out of
pkgconfig entry.  Problem reported by and ok landry@.
   2008-06-09 15:00:57 by Christian Weisgerber | Files touched by this commit (5)
Log message:
Different workaround for link path ordering, keep build path out of
pkgconfig entry.  Problem reported by and ok landry@.
   2008-06-09 15:00:57 by Christian Weisgerber | Files touched by this commit (5)
Log message:
Different workaround for link path ordering, keep build path out of
pkgconfig entry.  Problem reported by and ok landry@.
   2008-06-09 15:00:57 by Christian Weisgerber | Files touched by this commit (5)
Log message:
Different workaround for link path ordering, keep build path out of
pkgconfig entry.  Problem reported by and ok landry@.
   2008-06-09 15:00:57 by Christian Weisgerber | Files touched by this commit (5)
Log message:
Different workaround for link path ordering, keep build path out of
pkgconfig entry.  Problem reported by and ok landry@.
   2008-05-13 11:56:29 by Christian Weisgerber | Files touched by this commit (5)
Log message:
* Update to 7.18.1.
* A CA cert bundle is no longer included, so point to /etc/ssl/cert.pem.
* Compile examples during build rather than fake stage.
ok sthen@, additional testing by merdely@
   2008-05-13 11:56:29 by Christian Weisgerber | Files touched by this commit (5)
Log message:
* Update to 7.18.1.
* A CA cert bundle is no longer included, so point to /etc/ssl/cert.pem.
* Compile examples during build rather than fake stage.
ok sthen@, additional testing by merdely@
   2008-05-13 11:56:29 by Christian Weisgerber | Files touched by this commit (5)
Log message:
* Update to 7.18.1.
* A CA cert bundle is no longer included, so point to /etc/ssl/cert.pem.
* Compile examples during build rather than fake stage.
ok sthen@, additional testing by merdely@
   2008-05-13 11:56:29 by Christian Weisgerber | Files touched by this commit (5)
Log message:
* Update to 7.18.1.
* A CA cert bundle is no longer included, so point to /etc/ssl/cert.pem.
* Compile examples during build rather than fake stage.
ok sthen@, additional testing by merdely@
   2008-05-13 11:56:29 by Christian Weisgerber | Files touched by this commit (5)
Log message:
* Update to 7.18.1.
* A CA cert bundle is no longer included, so point to /etc/ssl/cert.pem.
* Compile examples during build rather than fake stage.
ok sthen@, additional testing by merdely@
   2007-11-14 12:38:58 by Christian Weisgerber | Files touched by this commit (2)
Log message:
- maintenance update to 7.17.1
- libidn pulls in a gettext dependency
- make sure we link against the correct libcurl
   2007-11-14 12:38:58 by Christian Weisgerber | Files touched by this commit (2)
Log message:
- maintenance update to 7.17.1
- libidn pulls in a gettext dependency
- make sure we link against the correct libcurl
   2007-10-02 10:52:41 by Christian Weisgerber | Files touched by this commit (2)
Log message:
maintenance update to 7.17.0
   2007-10-02 10:52:41 by Christian Weisgerber | Files touched by this commit (2)
Log message:
maintenance update to 7.17.0
   2007-09-15 16:37:00 by Michael Erdely | Files touched by this commit (333)
Log message:
Remove surrounding quotes in COMMENT*/PERMIT_*/BROKEN/ERRORS
Add $OpenBSD$ to p5-SNMP-Info/Makefile (ok kili@, simon@)
   2007-05-13 11:08:25 by Christian Weisgerber | Files touched by this commit (2)
Log message:
- update to 7.16.2
- enable IDN support


   2007-05-13 11:08:25 by Christian Weisgerber | Files touched by this commit (2)
Log message:
- update to 7.16.2
- enable IDN support


   2007-04-05 10:20:19 by Marc Espie | Files touched by this commit (912)
Log message:
base64 checksums.


   2006-11-10 08:34:11 by Christian Weisgerber | Files touched by this commit (2)
Log message:
update to 7.16.0
   2006-11-10 08:34:11 by Christian Weisgerber | Files touched by this commit (2)
Log message:
update to 7.16.0
   2006-09-19 08:33:13 by Christian Weisgerber | Files touched by this commit (3)
Log message:
update to 7.15.5: various bug fixes


   2006-09-19 08:33:13 by Christian Weisgerber | Files touched by this commit (3)
Log message:
update to 7.15.5: various bug fixes


   2006-09-19 08:33:13 by Christian Weisgerber | Files touched by this commit (3)
Log message:
update to 7.15.5: various bug fixes


   2006-06-20 11:37:42 by Christian Weisgerber | Files touched by this commit (3)
Log message:
maintenance update to 7.15.4


   2006-06-20 11:37:42 by Christian Weisgerber | Files touched by this commit (3)
Log message:
maintenance update to 7.15.4


   2006-06-20 11:37:42 by Christian Weisgerber | Files touched by this commit (3)
Log message:
maintenance update to 7.15.4


   2006-05-01 02:48:28 by Nikolay Sturm | Files touched by this commit (1)
Log message:
MFC:
SECURITY: Update to 7.15.3.
Fixes TFTP packet buffer overflow vulnerability. (CVE-2006-1061)


   2006-03-25 10:41:47 by Nikolay Sturm | Files touched by this commit (1)
Log message:
MFC:
SECURITY: Update to 7.15.3.
Fixes TFTP packet buffer overflow vulnerability. (CVE-2006-1061)


   2006-03-25 09:26:19 by Nikolay Sturm | Files touched by this commit (1)
Log message:
MFC:
SECURITY: Update to 7.15.3.
Fixes TFTP packet buffer overflow vulnerability. (CVE-2006-1061)


   2006-03-20 10:21:28 by Christian Weisgerber | Files touched by this commit (2)
Log message:
SECURITY: Update to 7.15.3.
Fixes TFTP packet buffer overflow vulnerability. (CVE-2006-1061)


   2006-03-20 10:21:28 by Christian Weisgerber | Files touched by this commit (2)
Log message:
SECURITY: Update to 7.15.3.
Fixes TFTP packet buffer overflow vulnerability. (CVE-2006-1061)


   2006-01-08 03:27:14 by Steven Mestdagh | Files touched by this commit (2)
Log message:
remove MODGNU_SHARED_LIBS and old -version-info patch


   2006-01-08 03:27:14 by Steven Mestdagh | Files touched by this commit (2)
Log message:
remove MODGNU_SHARED_LIBS and old -version-info patch


   2005-12-23 10:37:03 by Todd T. Fries | Files touched by this commit (2)
Log message:
SHARED_LIBS


   2005-12-23 10:37:03 by Todd T. Fries | Files touched by this commit (2)
Log message:
SHARED_LIBS


   2005-12-12 01:50:34 by Nikolay Sturm | Files touched by this commit (3)
Log message:
MFC:
SECURITY:
Update to 7.15.1, which fixes a local buffer overflow.
http://curl.haxx.se/docs/adv_20051207.html


   2005-12-12 01:48:35 by Nikolay Sturm | Files touched by this commit (3)
Log message:
MFC:
SECURITY:
Update to 7.15.1, which fixes a local buffer overflow.
http://curl.haxx.se/docs/adv_20051207.html


   2005-12-08 10:10:02 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY:
Update to 7.15.1, which fixes a local buffer overflow.
http://curl.haxx.se/docs/adv_20051207.html


   2005-12-08 10:10:02 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY:
Update to 7.15.1, which fixes a local buffer overflow.
http://curl.haxx.se/docs/adv_20051207.html


   2005-12-08 10:10:02 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY:
Update to 7.15.1, which fixes a local buffer overflow.
http://curl.haxx.se/docs/adv_20051207.html


   2005-12-08 10:10:02 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY:
Update to 7.15.1, which fixes a local buffer overflow.
http://curl.haxx.se/docs/adv_20051207.html


   2005-12-08 10:10:02 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY:
Update to 7.15.1, which fixes a local buffer overflow.
http://curl.haxx.se/docs/adv_20051207.html


   2005-11-01 04:20:12 by Nikolay Sturm | Files touched by this commit (4)
Log message:
MFC:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.
ok brad


   2005-11-01 04:20:12 by Nikolay Sturm | Files touched by this commit (4)
Log message:
MFC:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.
ok brad


   2005-11-01 04:20:12 by Nikolay Sturm | Files touched by this commit (4)
Log message:
MFC:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.
ok brad


   2005-10-22 00:42:22 by Nikolay Sturm | Files touched by this commit (4)
Log message:
MFC:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.
ok brad


   2005-10-22 00:42:22 by Nikolay Sturm | Files touched by this commit (4)
Log message:
MFC:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.
ok brad


   2005-10-22 00:42:22 by Nikolay Sturm | Files touched by this commit (4)
Log message:
MFC:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.
ok brad


   2005-10-22 00:41:40 by Nikolay Sturm | Files touched by this commit (4)
Log message:
MFC:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.
ok brad


   2005-10-22 00:41:40 by Nikolay Sturm | Files touched by this commit (4)
Log message:
MFC:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.
ok brad


   2005-10-22 00:41:40 by Nikolay Sturm | Files touched by this commit (4)
Log message:
MFC:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.
ok brad


   2005-10-16 09:31:39 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.


   2005-10-16 09:31:39 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.


   2005-10-16 09:31:39 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.


   2005-10-16 09:31:39 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.


   2005-10-16 09:31:39 by Christian Weisgerber | Files touched by this commit (5)
Log message:
SECURITY:
Update to 7.15.0.
libcurl's NTLM function could overflow a stack-based buffer if given
a too long user name or domain name.  CAN-2005-3185.


   2005-05-26 17:13:29 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.14.0 and take maintainer


   2005-05-26 17:13:29 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.14.0 and take maintainer


   2005-05-26 17:13:29 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.14.0 and take maintainer


   2005-05-26 17:13:29 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.14.0 and take maintainer


   2005-05-26 17:13:29 by Christian Weisgerber | Files touched by this commit (5)
Log message:
maintenance update to 7.14.0 and take maintainer


   2005-03-29 13:25:39 by Nikolay Sturm | Files touched by this commit (2)
Log message:
MFC:
Fix NT LAN Manager (NTLM) authentication handling. By sending a
specially crafted long NTLM reply packet, a remote attacker could
overflow the reply buffer.  This could lead to execution of arbitrary
attacker specified code with the privileges of the application using
the cURL library.  CAN-2005-0490.  From Ubuntu.
ok brad@


   2005-03-29 13:25:39 by Nikolay Sturm | Files touched by this commit (2)
Log message:
MFC:
Fix NT LAN Manager (NTLM) authentication handling. By sending a
specially crafted long NTLM reply packet, a remote attacker could
overflow the reply buffer.  This could lead to execution of arbitrary
attacker specified code with the privileges of the application using
the cURL library.  CAN-2005-0490.  From Ubuntu.
ok brad@


   2005-03-15 15:20:39 by Robert Nagy | Files touched by this commit (2)
Log message:
SECURITY:
Fix NT LAN Manager (NTLM) authentication handling. By sending a
specially crafted long NTLM reply packet, a remote attacker could
overflow the reply buffer.  This could lead to execution of arbitrary
attacker specified code with the privileges of the application using
the cURL library.
http://www.vuxml.org/openbsd/531c3456-94dc-11d9-a433-080020fe8945.html
ok brad@


   2005-03-15 15:20:39 by Robert Nagy | Files touched by this commit (2)
Log message:
SECURITY:
Fix NT LAN Manager (NTLM) authentication handling. By sending a
specially crafted long NTLM reply packet, a remote attacker could
overflow the reply buffer.  This could lead to execution of arbitrary
attacker specified code with the privileges of the application using
the cURL library.
http://www.vuxml.org/openbsd/531c3456-94dc-11d9-a433-080020fe8945.html
ok brad@


   2005-03-14 15:52:20 by Christian Weisgerber | Files touched by this commit (2)
Log message:
SECURITY:
Fix NT LAN Manager (NTLM) authentication handling. By sending a
specially crafted long NTLM reply packet, a remote attacker could
overflow the reply buffer.  This could lead to execution of arbitrary
attacker specified code with the privileges of the application using
the cURL library.  CAN-2005-0490.  From Ubuntu.
ok brad@, pval@


   2005-03-14 15:52:20 by Christian Weisgerber | Files touched by this commit (2)
Log message:
SECURITY:
Fix NT LAN Manager (NTLM) authentication handling. By sending a
specially crafted long NTLM reply packet, a remote attacker could
overflow the reply buffer.  This could lead to execution of arbitrary
attacker specified code with the privileges of the application using
the cURL library.  CAN-2005-0490.  From Ubuntu.
ok brad@, pval@


   2005-01-05 10:15:08 by Christian Weisgerber | Files touched by this commit (250)
Log message:
SIZE


   2004-12-15 17:31:27 by Aleksander Piotrowski | Files touched by this commit (179)
Log message:
Add WANTLIB markers


   2004-09-15 12:17:48 by Marc Espie | Files touched by this commit (262)
Log message:
new plists, kill a few INSTALL scripts.


   2004-09-15 12:17:48 by Marc Espie | Files touched by this commit (262)
Log message:
new plists, kill a few INSTALL scripts.


   2004-05-18 17:30:46 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.11.2


   2004-05-18 17:30:46 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.11.2


   2004-05-18 17:30:46 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.11.2


   2004-05-18 17:30:46 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.11.2


   2004-04-08 00:18:37 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.11.1


   2004-04-08 00:18:37 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.11.1


   2004-04-08 00:18:37 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.11.1


   2004-04-08 00:18:37 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.11.1


   2003-12-15 09:13:25 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.10.8; ok brad@


   2003-12-15 09:13:25 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.10.8; ok brad@


   2003-12-15 09:13:25 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.10.8; ok brad@


   2003-12-15 09:13:25 by Christian Weisgerber | Files touched by this commit (4)
Log message:
maintenance update to 7.10.8; ok brad@


   2003-06-01 15:43:49 by Brad Smith | Files touched by this commit (7)
Log message:
upgrade to cURL 7.10.5


   2003-06-01 15:43:49 by Brad Smith | Files touched by this commit (7)
Log message:
upgrade to cURL 7.10.5


   2003-06-01 15:43:49 by Brad Smith | Files touched by this commit (7)
Log message:
upgrade to cURL 7.10.5


   2003-06-01 15:43:49 by Brad Smith | Files touched by this commit (7)
Log message:
upgrade to cURL 7.10.5


   2003-06-01 15:43:49 by Brad Smith | Files touched by this commit (7)
Log message:
upgrade to cURL 7.10.5


   2003-06-01 15:43:49 by Brad Smith | Files touched by this commit (7)
Log message:
upgrade to cURL 7.10.5


   2003-06-01 15:43:49 by Brad Smith | Files touched by this commit (7)
Log message:
upgrade to cURL 7.10.5


   2003-05-27 08:35:13 by Brad Smith | Files touched by this commit (2)
Log message:
- bye bye Kerberos FLAVOR
- place curl-mode.el in emacs' site-lisp dir


   2003-05-27 08:35:13 by Brad Smith | Files touched by this commit (2)
Log message:
- bye bye Kerberos FLAVOR
- place curl-mode.el in emacs' site-lisp dir


   2003-02-13 19:38:15 by Brad Smith | Files touched by this commit (2)
Log message:
curl-config with cURL 7.10.3 does not output a header path with the
--cflags flag, revert this change for now.


   2003-02-13 19:38:15 by Brad Smith | Files touched by this commit (2)
Log message:
curl-config with cURL 7.10.3 does not output a header path with the
--cflags flag, revert this change for now.


   2003-02-06 20:40:25 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.10.3


   2003-02-06 20:40:25 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.10.3


   2003-02-06 20:40:25 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.10.3


   2003-02-06 20:40:25 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.10.3


   2002-11-23 20:40:08 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.10.2


   2002-11-23 20:40:08 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.10.2


   2002-11-23 20:40:08 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.10.2


   2002-11-23 20:40:08 by Brad Smith | Files touched by this commit (4)
Log message:
upgrade to cURL 7.10.2