Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libcurl4-7.83.1-1.2 RPM for aarch64

From OpenSuSE Ports Tumbleweed for aarch64

Name: libcurl4 Distribution: openSUSE Tumbleweed
Version: 7.83.1 Vendor: openSUSE
Release: 1.2 Build date: Wed Jun 15 09:15:11 2022
Group: Unspecified Build host: obs-arm-7
Size: 666304 Source RPM: curl-7.83.1-1.2.src.rpm
Packager: http://bugs.opensuse.org
Url: https://curl.se
Summary: Library for transferring data from URLs
The cURL shared library for accessing data using different
network protocols.

Provides

Requires

License

curl

Changelog

* Wed May 11 2022 David Anes <david.anes@suse.com>
  - Update to 7.83.1:
    * Security fixes:
    - (bsc#1199225, CVE-2022-30115) HSTS bypass via trailing dot
    - (bsc#1199224, CVE-2022-27782) TLS and SSH connection too eager reuse
    - (bsc#1199223, CVE-2022-27781) CERTINFO never-ending busy-loop
    - (bsc#1199222, CVE-2022-27780) percent-encoded path separator in URL host
    - (bsc#1199221, CVE-2022-27779) cookie for trailing dot TLD
    - (bsc#1199220, CVE-2022-27778) removes wrong file on error
    * Bugfixes:
    - altsvc: fix host name matching for trailing dots
    - cirrus: Update to FreeBSD 12.3
    - cirrus: Use pip for Python packages on FreeBSD
    - conn: fix typo 'connnection' -> 'connection' in two function names
    - cookies: make bad_domain() not consider a trailing dot fine
    - curl: free resource in error path
    - curl: guard against size_t wraparound in no-clobber code
    - CURLOPT_DOH_URL.3: mention the known bug
    - CURLOPT_HSTS*FUNCTION.3: document the involved structs as well
    - CURLOPT_SSH_AUTH_TYPES.3: fix the default
    - data/test376: set a proper name
    - GHA/mbedtls: enabled nghttp2 in the build
    - gha: build msh3
    - gskit: fixed bogus setsockopt calls
    - gskit: remove unused function set_callback
    - hsts: ignore trailing dots when comparing hosts names
    - HTTP-COOKIES: add missing CURLOPT_COOKIESESSION
    - http: move Curl_allow_auth_to_host()
    - http_proxy/hyper: handle closed connections
    - hyper: fix test 357
    - Makefile: fix "make ca-firefox"
    - mbedtls: bail out if rng init fails
    - mbedtls: fix compile when h2-enabled
    - mbedtls: fix some error messages
    - misc: use "autoreconf -fi" instead buildconf
    - msh3: get msh3 version from MsH3Version
    - msh3: print boolean value as text representation
    - msh3: psss remote_port to MsH3ConnectionOpen
    - ngtcp2: add ca-fallback support for OpenSSL backend
    - nss: return error if seemingly stuck in a cert loop
    - openssl: define HAVE_SSL_CTX_SET_EC_CURVES for libressl
    - post_per_transfer: remove the updated file name
    - sectransp: bail out if SSLSetPeerDomainName fails
    - tests/server: declare variable 'reqlogfile' static
    - tests: fix markdown formatting in README
    - test{898,974,976}: add 'HTTP proxy' keywords
    - tls: check more TLS details for connection reuse
    - url: check SSH config match on connection reuse
    - urlapi: address (harmless) UndefinedBehavior sanitizer warning
    - urlapi: reject percent-decoding host name into separator bytes
    - x509asn1: make do_pubkey handle EC public keys
* Fri Apr 22 2022 David Anes <david.anes@suse.com>
  - Patches rework:
    * Refreshed all patches as -p1.
    * Use autopatch macro.
    * Renamed:
    - dont-mess-with-rpmoptflags.diff -> dont-mess-with-rpmoptflags.patch
    * Removed (already upstream):
    - curl-fix-verifyhost.patch
  - Update to 7.83.0:
    * Security fixes:
    - (bsc#1198766, CVE-2022-27776) Auth/cookie leak on redirect
    - (bsc#1198723, CVE-2022-27775) Bad local IPv6 connection reuse
    - (bsc#1198608, CVE-2022-27774) Credential leak on redirect
    - (bsc#1198614, CVE-2022-22576) OAUTH2 bearer bypass in connection re-use
    * Changes:
    - curl: add %header{name} experimental support in -w handling
    - curl: add %{header_json} experimental support in -w handling
    - curl: add --no-clobber
    - curl: add --remove-on-error
    - header api: add curl_easy_header and curl_easy_nextheader
    - msh3: add support for QUIC and HTTP/3 using msh3
    * Bugfixes:
    - appveyor: add Cygwin build
    - appveyor: only add MSYS2 to PATH where required
    - BearSSL: add CURLOPT_SSL_CIPHER_LIST support
    - BearSSL: add CURLOPT_SSL_CTX_FUNCTION support
    - BINDINGS.md: add Hollywood binding
    - CI: Do not use buildconf. Instead, just use: autoreconf -fi
    - CI: install Python package impacket to run SMB test 1451
    - configure.ac: move -pthread CFLAGS setting back where it used to be
    - configure: bump the copyright year range int the generated output
    - conncache: include the zone id in the "bundle" hashkey
    - connecache: remove duplicate connc->closure_handle check
    - connect: make Curl_getconnectinfo work with conn cache from share handle
    - connect: use TCP_KEEPALIVE only if TCP_KEEPIDLE is not defined
    - cookie.d: clarify when cookies are sent
    - cookies: improve errorhandling for reading cookiefile
    - curl/system.h: update ifdef condition for MCST-LCC compiler
    - curl: error out if -T and -d are used for the same URL
    - curl: error out when options need features not present in libcurl
    - curl: escape '?' in generated --libcurl code
    - curl: fix segmentation fault for empty output file names.
    - curl_easy_header: fix typos in documentation
    - CURLINFO_PRIMARY_PORT.3: clarify which port this is
    - CURLOPT*TLSAUTH.3: they only work with OpenSSL or GnuTLS
    - CURLOPT_DISALLOW_USERNAME_IN_URL.3: use uppercase URL
    - CURLOPT_PREQUOTE.3: only works for FTP file transfers, not dirs
    - CURLOPT_PROGRESSFUNCTION.3: fix typo in example
    - CURLOPT_UNRESTRICTED_AUTH.3: extended explanation
    - CURLSHOPT_UNLOCKFUNC.3: fix the callback prototype
    - docs/HYPER.md: updated to reflect current hyper build needs
    - docs/opts: Mention Schannel client cert type is P12
    - docs: Fix missing semicolon in example code
    - docs: lots of minor language polish
    - English: use American spelling consistently
    - fail.d: tweak the description
    - firefox-db2pem.sh: make the shell script safer
    - ftp: fix error message for partial file upload
    - gen.pl: change wording for mutexed options
    - GHA: add openssl3 jobs moved over from zuul
    - GHA: build hyper with nightly rustc
    - GHA: move bearssl jobs over from zuul
    - gha: move the event-based test over from Zuul
    - gtls: fix build for disabled TLS-SRP
    - http2: handle DONE called for the paused stream
    - http2: RST the stream if we stop it on our own will
    - http: avoid auth/cookie on redirects same host diff port
    - http: close the stream (not connection) on time condition abort
    - http: reject header contents with nul bytes
    - http: return error on colon-less HTTP headers
    - http: streamclose "already downloaded"
    - hyper: fix status_line() return code
    - hyper: fix tests 580 and 581 for hyper
    - hyper: no h2c support
    - infof: consistent capitalization of warning messages
    - ipv4/6.d: clarify that they are about using IP addresses
    - json.d: fix typo (overriden -> overridden)
    - keepalive-time.d: It takes many probes to detect brokenness
    - lib/warnless.[ch]: only check for WIN32 and ignore _WIN32
    - lib670: avoid double check result
    - lib: #ifdef on USE_HTTP2 better
    - lib: fix some misuse of curlx_convert_wchar_to_UTF8
    - lib: remove exclamation marks
    - libssh2: compare sha256 strings case sensitively
    - libssh2: make the md5 comparison fail if wrong length
    - libssh: fix build with old libssh versions
    - libssh: fix double close
    - libssh: Improve fix for missing SSH_S_ stat macros
    - libssh: unstick SFTP transfers when done event-based
    - macos: set .plist version in autoconf
    - mbedtls: remove 'protocols' array from backend when ALPN is not used
    - mbedtls: remove server_fd from backend
    - mk-ca-bundle.pl: Use stricter logic to process the certificates
    - mk-ca-bundle.vbs: delete this script in favor of mk-ca-bundle.pl
    - mlc_config.json: add file to ignore known troublesome URLs
    - mqtt: better handling of TCP disconnect mid-message
    - ngtcp2: add client certificate authentication for OpenSSL
    - ngtcp2: avoid busy loop in low CWND situation
    - ngtcp2: deal with sub-millisecond timeout
    - ngtcp2: disconnect the QUIC connection proper
    - ngtcp2: enlarge H3_SEND_SIZE
    - ngtcp2: fix HTTP/3 upload stall and avoid busy loop
    - ngtcp2: fix memory leak
    - ngtcp2: fix QUIC_IDLE_TIMEOUT
    - ngtcp2: make curl 1ms faster
    - ngtcp2: remove remote_addr which is not used in a meaningful way
    - ngtcp2: update to work after recent ngtcp2 updates
    - ngtcp2: use token when detecting :status header field
    - nonblock: restore setsockopt method to curlx_nonblock
    - openssl: check SSL_get_peer_cert_chain return value
    - openssl: enable CURLOPT_SSL_EC_CURVES with BoringSSL
    - openssl: fix CN check error code
    - options: remove mistaken space before paren in prototype
    - perl: removed a double semicolon at end of line
    - pop3/smtp: return *WEIRD_SERVER_REPLY when not understood
    - projects/README: converted to markdown
    - projects: Update VC version names for VS2017, VS2022
    - rtsp: don't let CSeq error override earlier errors
    - runtests: add 'bearssl' as testable feature
    - runtests: make 'oldlibssh' be before 0.9.4
    - schannel: remove dead code that will never run
    - scripts/copyright.pl: ignore the new mlc_config.json file
    - scripts: move three scripts from lib/ to scripts/
    - test1135: sync with recent API updates
    - test1459: disable for oldlibssh
    - test375: fix line endings on Windows
    - test386: Fix an incorrect test markup tag
    - test718: edited slightly to return better HTTP
    - tests/server/util.h: align WIN32 condition with util.c
    - tests: refactor server/socksd.c to support --unix-socket
    - timediff.[ch]: add curlx helper functions for timeval conversions
    - tls: make mbedtls and NSS check for h2, not nghttp2
    - tool and tests: force flush of all buffers at end of program
    - tool_cb_hdr: Turn the Location: into a terminal hyperlink
    - tool_getparam: error out on missing -K file
    - tool_listhelp.c: uppercase URL
    - tool_operate: fix a scan-build warning
    - tool_paramhlp: use feof(3) to identify EOF correctly when using fread(3)
    - transfer: redirects to other protocols or ports clear auth
    - unit1620: call global_init before calling Curl_open
    - url: check sasl additional parameters for connection reuse.
    - vtls: provide a unified APLN-disagree string for all backends
    - vtls: use a backend standard message for "ALPN: offers %s"
    - vtls: use a generic "ALPN, server accepted" message
    - winbuild/README.md: fixup dead link
    - winbuild: Add a Visual Studio example to the README
    - wolfssl: fix compiler error without IPv6
* Fri Mar 11 2022 Pedro Monreal <pmonreal@suse.com>
  - Fix: openssl: fix CN check error code
    * Add curl-fix-verifyhost.patch
* Mon Mar 07 2022 Paolo Stivanin <info@paolostivanin.com>
  - Update to 7.82.0:
    * curl: add --json command line option
    * curl: make it so that sensitive command line arguments do not
      show as easily in the output of ps(1)
    * curl_multi_socket.3: remove callback and typical usage descriptions
    * ftp: provide error message for control bytes in path
    * ldap: return CURLE_URL_MALFORMAT for bad URL
    * lib: remove support for CURL_DOES_CONVERSIONS
    * mqtt: plug some memory leaks
    * multi: allow user callbacks to call curl_multi_assign
    * multi: remember connection_id before returning connection to pool
    * multi: set in_callback for multi interface callbacks
    * netware: remove support
    * ngtcp2: adapt to changed end of headers callback proto
    * openldap: implement SASL authentication
    * openssl: return error if TLS 1.3 is requested when not supported
    * sectransp: mark a 3DES cipher as weak
    * smb: pass socket for writing and reading data instead of FIRSTSOCKET
    * tool_getparam: DNS options that need c-ares now fail without it
    * TPF: drop support
    * url: given a user in the URL, find pwd for that user in netrc
    * url: keep trailing dot in host name
    * urlapi: handle "redirects" smarter
    * urldata: CONN_IS_PROXIED replaces bits.proxy when proxy can be disabled
    * urldata: remove conn->bits.user_passwd
* Sun Jan 09 2022 Dirk Müller <dmueller@suse.com>
  - update to 7.81.0:
    * mime: use percent-escaping for multipart form field and file names
    * asyn-ares: ares_getaddrinfo needs no happy eyeballs timer
    * azure: make the "w/o HTTP/SMTP/IMAP" build disable SSL proper
    * BINDINGS: add cURL client for PostgreSQL
    * BINDINGS: add one from Everything curl and update a link
    * checksrc: detect more kinds of NULL comparisons we avoid
    * CI: build examples for additional code verification
    * CI: bump job to use mbedtls 3.1.0
    * cmake: don't set _USRDLL on a static Windows build
    * cmake: prevent dev warning due to mismatched arg
    * cmake: private identifiers use CURL_ instead of CMAKE_ prefix
    * config.d: update documentation to match the path search
    * configure: add -lm to configure for rustls build.
    * configure: better diagnostics if hyper is built wrong
    * configure: don't enable TLS when --without-* flags are used
    * configure: fix runtime-lib detection on macOS
    * curl.1: require "see also" for every documented option
    * curl: improve error message for --head with -J
    * curl_easy_cleanup.3: remove from multi handle first
    * curl_easy_escape.3: call curl_easy_cleanup in example
    * curl_easy_unescape.3: call curl_easy_cleanup in example
    * curl_multi_init.3: fix EXAMPLE formatting
    * curl_multi_perform/socket_action.3: clarify what errors mean
    * curl_share_setopt.3: split out options into their own manpages
    * CURLOPT_STDERR.3: does not work with libcurl as a win32 DLL
    * digest: compute user:realm:pass digest w/o userhash
    * docs/checksrc: Add documentation for STRERROR
    * docs/cmdline-opts: do not say "protocols: all"
    * docs/examples: workaround broken -Wno-pedantic-ms-format
    * docs/HTTP3: describe how to setup a h3 reverse-proxy for testing
    * docs/INSTALL.md: typo fix : added missing "get" verb
    * docs/URL-SYNTAX.md: space is not fine in a given URL
    * docs: add known bugs list to HTTP3.md
    * docs: address proselint nits
    * docs: consistent manpage SYNOPSIS
    * docs: fix dead links, remove ECH.md
    * docs: fix typo in OpenSSL 3 build instructions
    * docs: Update the Reducing Size section
    * example/progressfunc: remove code for old libcurls
    * examples/multi-single.c: remove WAITMS()
    * FAQ: typo fix : "yout" ➤ "your"
    * ftp: disable warning 4706 in MSVC
    * gen.pl: improve example output format
    * github workflow: add wolfssl (removed from zuul)
    * github/workflows: add mbedtls and mbedtls-clang (removed from zuul)
    * gtls: check return code for gnutls_alpn_set_protocols
    * hash: lazy-alloc the table in Curl_hash_add()
    * http2:set_transfer_url() return early on OOM
    * HTTP3: update quiche build instructions
    * http: enable haproxy support for hyper backend
    * http: Fix CURLOPT_HTTP200ALIASES
    * http_proxy: don't close the socket (too early)
    * insecure.d: detail its use for SFTP and SCP as well
    * insecure.d: expand and clarify
    * libcurl-multi.3: "SOCKS proxy handshakes" are not blocking
    * libcurl-security.3: mention address and URL mitigations
    * libssh2: fix error message for sha256 mismatch
    * libtest: avoid "assignment within conditional expression"
    * lift: ignore is a deprecated config option, use ignoreRules
    * linkcheck.yml: add CI job that checks markdown links
    * m4/curl-compilers: tell clang -Wno-pointer-bool-conversion
    * Makefile.m32: rename -winssl option to -schannel and tidy up
    * mbedTLS: add support for CURLOPT_CAINFO_BLOB
    * mbedtls: fix CURLOPT_SSLCERT_BLOB
    * mbedtls: fix private member designations for v3.1.0
    * misc: remove unused doh flags when CURL_DISABLE_DOH is defined
    * misc: s/e-mail/email
    * multi: cleanup the socket hash when destroying it
    * multi: handle errors returned from socket/timer callbacks
    * multi: shut down CONNECT in Curl_detach_connnection
    * netrc.d: edit the .netrc example to look nicer
    * ngtcp2: verify the server cert on connect (quictls)
    * ngtcp2: verify the server certificate for the gnutls case
    * nss:set_cipher don't clobber the cipher list
    * openldap: implement STARTTLS
    * openldap: process search query response messages one by one
    * openldap: several minor improvements
    * openldap: simplify ldif generation code
    * openssl: check the return value of BIO_new()
    * openssl: define HAVE_OPENSSL_VERSION for OpenSSL 1.1.0+
    * openssl: remove `RSA_METHOD_FLAG_NO_CHECK` handling if unavailable
    * openssl: remove usage of deprecated `SSL_get_peer_certificate`
    * openssl: use non-deprecated API to read key parameters
    * page-footer: add a mention of how to report bugs to the man page
    * page-footer: document more environment variables
    * request.d: refer to 'method' rather than 'command'
    * retry-all-errors.d: make the example complete
    * runtests: make the SSH library a testable feature
    * rustls: read of zero bytes might be okay
    * rustls: remove comment about checking handshaking
    * rustls: remove incorrect EOF check
    * sha256/md5: return errors when init fails
    * socks5: use appropriate ATYP for numerical IP address host names
    * test1156: enable for hyper
    * test1156: fixup the stdout check for Windows
    * test1525: tweaked for hyper
    * test1526: enable for hyper
    * test1527: enable for hyper
    * test1528: enable for hyper
    * test1554: adjust for hyper
    * test1556: adjust for hyper
    * test302[12]: run only with the libssh2 backend
    * test661: enable for hyper
    * tests/CI.md: add more information on CI environments
    * tests/data/test302[12]: fix MSYS2 path conversion of hostpubsha256
    * tftp: mark protocol as not possible to do over CONNECT
    * tool_findfile: updated search for a file in the homedir
    * tool_operate: only set SSH related libcurl options for SSH URLs
    * tool_operate: warn if too many output arguments were found
    * url.c: fix the SIGPIPE comment for Curl_close
    * url: check ssl_config when re-use proxy connection
    * url: reduce ssl backend count for CURL_DISABLE_PROXY builds
    * urlapi: accept port number zero
    * urlapi: if possible, shorten given numerical IPv6 addresses
    * urlapi: provide more detailed return codes
    * urlapi: reject short file URLs
    * version_win32: Check build number and platform id
    * vtls/rustls: adapt to the updated rustls_version proto
    * writeout: fix %{http_version} for HTTP/3
    * x509asn1: return early on errors
    * zuul.d: update rustls-ffi to version 0.8.2
    * zuul: fix quiche build pointing to wrong Cargo
* Tue Nov 16 2021 Pedro Monreal <pmonreal@suse.com>
  - Update to 7.80.0:
    * Changes:
    - CURLOPT_MAXLIFETIME_CONN: maximum allowed lifetime for conn reuse
    - CURLOPT_PREREQFUNCTION: add new callback
    - libssh2: add SHA256 fingerprint support
    - urlapi: add curl_url_strerror()
    * Bugfixes:
    - aws-sigv4: make signature work when post data is binary
    - c-hyper: don't abort CONNECT responses early when auth-in-progress
    - c-hyper: make CURLOPT_SUPPRESS_CONNECT_HEADERS work
    - cmake: add CURL_ENABLE_SSL option
    - cmake: with OpenSSL, define OPENSSL_SUPPRESS_DEPRECATED
    - configure.ac: replace krb5-config with pkg-config
    - configure: when hyper is selected, deselect nghttp2
    - curl-confopts.m4: remove --enable/disable-hidden-symbols
    - curl-openssl.m4: modify library order for openssl linking
    - curl_ntlm_core: use OpenSSL only if DES is available
    - Curl_updateconninfo: store addresses for QUIC connections too
    - ftp: make the MKD retry to retry once per directory
    - http: fix Basic auth with empty name field in URL
    - http: reject HTTP response codes < 100
    - http: remove assert that breaks hyper
    - http: set content length earlier
    - imap: display quota information
    - libssh2: Get the version at runtime if possible
    - md5: fix compilation with OpenSSL 3.0 API
    - ngtcp2: advertise h3 as well as h3-29
    - ngtcp2: compile with the latest nghttp3
    - ngtcp2: use latest QUIC TLS RFC9001
    - NTLM: use DES_set_key_unchecked with OpenSSL
    - openssl: if verifypeer is not requested, skip the CA loading
    - openssl: with OpenSSL 1.1.0+ a failed RAND_status means goaway
    - schannel: fix memory leak due to failed SSL connection
    - sendf: accept zero-length data in Curl_client_write()
    - sha256: use high-level EVP interface for OpenSSL
    - sws: fix memory leak on exit
    - tool_operate: a failed etag save now only fails that transfer
    - url: check the return value of curl_url()
    - url: set "k->size" -1 at start of request
    - urlapi: skip a strlen(), pass in zero
    - urlapi: URL decode percent-encoded host names
    - vtls: Fix a memory leak if an SSL session cannot be added to the cache
    - wolfssl: use for SHA256, MD4, MD5, and setting DES odd parity
    * Use --with-openssl configure option, --with-ssl is now deprecated
* Wed Sep 22 2021 Pedro Monreal <pmonreal@suse.com>
  - Update to 7.79.1:
    * Bugfixes:
    - Curl_http2_setup: don't change connection data on repeat invokes
    - curl_multi_fdset: make FD_SET() not operate on sockets out of range
    - dist: provide lib/.checksrc in the tarball
    - FAQ: add GOPHERS + curl works on data, not files
    - hsts: CURLSTS_FAIL from hsts read callback should fail transfer
    - hsts: handle unlimited expiry
    - http: fix the broken >3 digit response code detection
    - strerror: use sys_errlist instead of strerror on Windows
    - test1184: disable: https://github.com/curl/curl/issues/7725
    - tests/sshserver.pl: make it work with openssh-8.7p1
* Wed Sep 15 2021 Pedro Monreal <pmonreal@suse.com>
  - Temporarily disable flaky test 1184
    * See https://github.com/curl/curl/issues/7725
* Wed Sep 15 2021 Pedro Monreal <pmonreal@suse.com>
  - Update to 7.79.0: [bsc#1190213, CVE-2021-22945]
    [bsc#1190373, CVE-2021-22946] [bsc#1190374, CVE-2021-22947]
    * Changes:
    - bearssl: support CURLOPT_CAINFO_BLOB
    - http: consider cookies over localhost to be secure
    - secure transport: support CURLINFO_CERTINFO
    * Bugfixes:
    - CVE-2021-22945: clear the leftovers pointer when sending succeeds
    - CVE-2021-22946: do not ignore --ssl-reqd
    - CVE-2021-22947: reject STARTTLS server response pipelining
    - auth: do not append zero-terminator to authorisation id in kerberos
    - auth: properly handle byte order in kerberos security message
    - auth: use sasl authzid option in kerberos
    - auth: we do not support a security layer after kerberos authentication
    - c-hyper: deal with Expect: 100-continue combined with POSTFIELDS
    - c-hyper: handle HTTP/1.1 => HTTP/1.0 downgrade on reused connection
    - c-hyper: initial step for 100-continue support
    - c-hyper: initial support for "dumping" 1xx HTTP responses
    - curl-openssl.m4: show correct output for OpenSSL v3
    - docs/MQTT: update state of username/password support
    - docs: the security list is reached at security at curl.se now
    - getparameter: fix the --local-port number parser
    - hostip: Make Curl_ipv6works function independent of getaddrinfo
    - http_proxy: fix the User-Agent inclusion in CONNECT
    - http_proxy: fix user-agent and custom headers for CONNECT with hyper
    - http_proxy: only wait for writable socket while sending request
    - mailing lists: move from cool.haxx.se to lists.haxx.se
    - mbedtls: avoid using a large buffer on the stack
    - mbedTLS: initial 3.0.0 support
    - ngtcp2: remove the acked_crypto_offset struct field init
    - ngtcp2: replace deprecated functions with nghttp3_conn_shutdown_stream_read
    - ngtcp2: reset the oustanding send buffer again when drained
    - ngtcp2: rework the return value handling of ngtcp2_conn_writev_stream
    - ngtcp2: stop buffering crypto data
    - ngtcp2: utilize crypto API functions to simplify
    - openssl: when creating a new context, there cannot be an old one
    - scripts: invoke interpreters through /usr/bin/env
    - tests/runtests.pl: cleanup copy&paste mistakes and unused code
    - tests: be explicit about using 'python3' instead of 'python'
    - tool/tests: fix potential year 2038 issues
    - tool_operate: Fix --fail-early with parallel transfers
    - x509asn1: fix heap over-read when parsing x509 certificates
    * Rebase libcurl-ocloexec.patch
* Wed Jul 21 2021 Pedro Monreal <pmonreal@suse.com>
  - Update to 7.78.0:
    [bsc#1188217, CVE-2021-22922][bsc#1188218, CVE-2021-22923]
    [bsc#1188219, CVE-2021-22924][bsc#1188220, CVE-2021-22925]
    * Changes:
    - curl_url_set: reject spaces in URLs w/o CURLU_ALLOW_SPACE
    - CURLE_SETOPT_OPTION_SYNTAX: new error name for wrong setopt syntax
    - hostip: make 'localhost' return fixed values
    - mbedtls: add support for cert and key blob options
    - metalink: remove all support for it
    - mqtt: add support for username and password
    * Bugfixes:
    - ares: always store IPv6 addresses first
    - c-hyper: abort CONNECT response reading early on non 2xx responses
    - c-hyper: add support for transfer-encoding in the request
    - c-hyper: bail on too long response headers
    - c-hyper: clear NTLM auth buffer when request is issued
    - c-hyper: fix NTLM on closed connection tested with test159
    - conncache: lowercase the hash key for better match
    - curl_multibyte: Remove local encoding fallbacks
    - Curl_ntlm_core_mk_nt_hash: fix OOM in error path
    - Curl_ssl_getsessionid: fail if no session cache exists
    - easy: during upkeep, attach Curl_easy to connections in the cache
    - gnutls: set the preferred TLS versions in correct order
    - hsts: ignore numberical IP address hosts
    - HSTS: not experimental anymore
    - http2: init recvbuf struct for pushed streams
    - http: fix crash in rate-limited upload
    - http: make the haproxy support work with unix domain sockets
    - http_proxy: deal with non-200 CONNECT response with Hyper
    - lib: don't compare fd to FD_SETSIZE when using poll
    - lib: fix compiler warnings with CURL_DISABLE_NETRC
    - lib: fix type of len passed to *printf's %*s
    - lib: more %u for port and int for %*s fixes
    - lib: use %u instead of %ld for port number printf
    - libssh2: limit time a disconnect can take to 1 second
    - mqtt: detect illegal and too large file size
    - msnprintf: return number of printed characters excluding null byte
    - multi: add scan-build-6 work-around in curl_multi_fdset
    - multi: alter transfer timeout ordering
    - multi: do not switch off connect_only flag when closing
    - multi: fix crash in curl_multi_wait / curl_multi_poll
    - ngtcp2: disable TLSv1.3 compatible mode when using GnuTLS
    - openssl: avoid static variable for seed flag
    - openssl: don't remove session id entry in disassociate
    - socketpair: fix potential hangs
    - socks4: scan for the IPv4 address in resolve results
    - ssl: read pending close notify alert before closing the connection
    - telnet: fix option parser to not send uninitialized contents
    - TLS: prevent shutdown loops to get stuck
    - vtls: exit addsessionid if no cache is inited
    - vtls: fix connection reuse checks for issuer cert and case sensitivity
* Wed May 26 2021 Pedro Monreal <pmonreal@suse.com>
  - Update to 7.77.0: [bsc#1186114, CVE-2021-22898]
    [bsc#1186115, bsc#1185579, CVE-2021-22901]
    * Security fixes:
    - CVE-2021-22297: schannel cipher selection surprise
    - CVE-2021-22298: TELNET stack contents disclosure
    - CVE-2021-22901: TLS session caching disaster
    * Changes:
    - configure: make the TLS library choice(s) explicit
    - curl: ignore options asking for SSLv2 or SSLv3
    - hsts: enable by default
    - SSL: support in-memory CA certs for some backends
    - vtls: refuse setting any SSL version
    * Bugfixes:
    - configure: provide --with-openssl, deprecate --with-ssl
    - cookie: CURLOPT_COOKIEFILE set to NULL switches off cookies
    - curl: include libmetalink version in --version output
    - data_pending: check only SECONDARY socket for FTP(S) transfers
    - gnutls: don't allow TLS 1.3 for versions that don't support it
    - gnutls: make setting only the MAX TLS allowed version work
    - http2: fix resource leaks in set_transfer_url() and push_promise()
    - http: limit the initial send amount to used upload buffer size
    - rustls: only return CURLE_AGAIN when TLS session is fully drained
    - rustls: use ALPN
    - schannel: Disable auto credentials; add an option to enable it
    - schannel: Support strong crypto option
    - sectransp: allow cipher name to be specified
    - sockfilt: avoid getting stuck waiting for writable socket
* Sun Apr 25 2021 Dirk Müller <dmueller@suse.com>
  - update to 7.76.1:
    - ngtcp2: Use ALPN h3-29 for now
    - TODO: remove 18.22 --fail-with-body
* Wed Mar 31 2021 Pedro Monreal <pmonreal@suse.com>
  - Update to 7.76.0
    * Security fixes:
    - [bsc#1183933, CVE-2021-22876]: strip credentials from the
    auto-referer header field
    - [bsc#1183934, CVE-2021-22890]: add 'isproxy' argument to
    Curl_ssl_get/addsessionid()
    * Changes:
    - cookies: Support multiple -b parameters
    - curl: add --fail-with-body
    - doh: add options to disable ssl verification
    - http: add support to read and store the referrer header
    - sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl
    - vtls: initial implementation of rustls backend
    * Bugfixes:
    - CVE-2021-22876: strip credentials from the auto-referer header field
    - CVE-2021-22890: add 'isproxy' argument to Curl_ssl_get/addsessionid()
    - c-hyper: support automatic content-encoding
    - configure: only add OpenSSL paths if they are defined
    - configure: provide Largefile feature for curl-config
    - curl: set CURLOPT_NEW_FILE_PERMS if requested
    - doh: Fix sharing user's resolve list with DOH handles
    - doh: Inherit CURLOPT_STDERR from user's easy handle
    - dynbuf: bump the max HTTP request to 1MB
    - ftp: add 'list_only' to the transfer state struct
    - ftp: add 'prefer_ascii' to the transfer state struct
    - ftp: allow SIZE to fail when doing (resumed) upload
    - ftp: avoid SIZE when asking for a TYPE A file
    - ftp: fix memory leak in ftp_done
    - ftp: never set data->set.ftp_append outside setopt
    - gnutls: assume nettle crypto support
    - http2: don't set KEEP_SEND when there's no more data to be sent
    - http2: fail if connection terminated without END_STREAM
    - http: do not add a referrer header with empty value
    - http: strip default port from URL sent to proxy
    - http: use credentials from transfer, not connection
    - lib: remove 'conn->data' completely
    - multi: close the connection when h2=>h1 downgrading
    - multi: do once-per-transfer inits in before_perform in DID state
    - multi: rename the multi transfer states
    - multi: update pending list when removing handle
    - ngtcp2: adapt to the new recv_datagram callback
    - ngtcp2: clarify calculation precedence
    - ngtcp2: sync with recent API updates
    - openssl: adapt to v3's new const for a few API calls
    - openssl: ensure to check SSL_CTX_set_alpn_protos return values
    - openssl: remove get_ssl_version_txt in favor of SSL_get_version
    - parse_proxy: fix a memory leak in the OOM path
    - url: fix memory leak if OOM in the HSTS handling
    - url: fix possible use-after-free in default protocol
    - urldata: don't touch data->set.httpversion at run-time
    - urldata: merge "struct DynamicStatic" into "struct UrlState"
    - urldata: remove the 'rtspversion' field
    - urldata: remove the _ORIG suffix from string names
    - wolfssl: don't store a NULL sessionid
* Thu Mar 04 2021 Cristian Rodríguez <crrodriguez@opensuse.org>
  - Harden build, enable full RELRO
  - Never allow undefined symbols anywhere.
* Thu Feb 04 2021 Pedro Monreal <pmonreal@suse.com>
  - Update to 7.75.0
    * Changes:
    - curl: add --create-file-mode [mode]
    - curl: add new variables to --write-out
    - dns: extend CURLOPT_RESOLVE syntax for adding non-permanent entries
    - gopher: implement secure gopher protocol
    - http: add Hyper as new optional HTTP backend
    - http: introduce AWS HTTP v4 Signature support
    * Bugfixes:
    - cmake: Add an option to disable libidn2
    - cmake: enable gophers correctly in curl-config
    - cmake: expose CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
    - digest_sspi: Show InitializeSecurityContext errors in verbose mode
    - getinfo: build with disabled HTTP support
    - http: get CURLOPT_REQUEST_TARGET working with a HTTP proxy
    - http_proxy: Fix CONNECT chunked encoding race condition
    - httpauth: make multi-request auth work with custom port
    - lib: pass in 'struct Curl_easy *' to most functions
    - lib: remove Curl_ prefix from many static functions
    - lib: save a bit of space with some structure packing
    - libssh: avoid plain free() of libssh-memory
    - mime: make sure setting MIMEPOST to NULL resets properly
    - multi_runsingle: bail out early on data->conn == NULL
    - ngtcp2: Fix http3 upload stall
    - ngtcp2: Fix stack buffer overflow
    - openssl: lowercase the hostname before using it for SNI
    - socks: use the download buffer instead
    - speedcheck: exclude paused transfers
    - tooĺ_writeout: fix the -w time output units
    - url: if IDNA conversion fails, fallback to Transitional
  - Refresh libcurl-ocloexec.patch
* Fri Dec 18 2020 Cristian Rodríguez <crrodriguez@opensuse.org>
  - Enable zstd and brotli support
* Mon Dec 14 2020 Pedro Monreal <pmonreal@suse.com>
  - Update to 7.74.0
    * Changes:
      hsts: add experimental support for Strict-Transport-Security
    * Bugfixes:
    - Inferior OCSP verification  [bsc#1179593, CVE-2020-8286]
    - FTP wildcard stack overflow [bsc#1179399, CVE-2020-8285]
    - trusting FTP PASV responses [bsc#1179398, CVE-2020-8284]
    - Revert "multi: implement wait using winsock events"
    - openssl: free mem_buf in error path
    - ntlm: avoid malloc(0) on zero length user and domain
    - ngtcp2: use the minimal version of QUIC supported by ngtcp2
    - ngtcp2: advertise h3 ALPN unconditionally
    - file: avoid duplicated code sequence
    - openssl: guard against OOM on context creation
    - docs: document the 8MB input string limit for curl_easy_escape
      and curl_easy_setopt()
    - hsts: add read/write callbacks
    - hsts: add support for Strict-Transport-Security
    - alt-svc: enable by default
    - checksrc: warn on empty line before open brace
    - connect: repair build without ipv6 availability
    - curl.se: new home
    - ftp: retry getpeername for FTP with TCP_FASTOPEN
    - gnutls: fix memory leaks (certfields memory wasn't released)
    - http: pass correct header size to debug callback for chunked post
    - libssh2: fix transport over HTTPS proxy
    - openssl: guard against OOM on context creation
    - openssl: use OPENSSL_init_ssl() with >= 1.1.0
    - Revert "multi: implement wait using winsock events"
    - socks: check for DNS entries with the right port number
    - tool_operate: --retry for HTTP 408 responses too
    - tool_operate: bail out proper on errors during parallel transfers
    - urlapi: don't accept blank port number field without scheme
    - urlapi: URL encode a '+' in the query part
    - vquic/ngtcp2.h: define local_addr as sockaddr_storage
  - Update check section:
    * runtests now supports dynamically base64 encoded sections in tests
    * Replace env interpreter for perl and python3
  - Remove curl-use_OPENSSL_config.patch since the OpenSSL initialization
    has been updated to use OPENSSL_init_ssl() with >= 1.1.0
* Tue Oct 20 2020 Pedro Monreal <pmonreal@suse.com>
  - Update patches to fix compiling warnings:
    * curl-disabled-redirect-protocol-message.patch
    * libcurl-ocloexec.patch
  - Enable test 1165
* Wed Oct 14 2020 Pedro Monreal <pmonreal@suse.com>
  - Update to 7.73.0
    * Changes:
    - curl: add --output-dir
    - curl: support XDG_CONFIG_HOME to find .curlrc
    - curl: update --help with categories
    - curl_easy_option_*: new API for meta-data about easy options
    - CURLE_PROXY: new error code
    - mqtt: enable by default
    - sftp: add new quote commands 'atime' and 'mtime'
    - ssh: add the option CURLKHSTAT_FINE_REPLACE
    - tls: add CURLOPT_SSL_EC_CURVES and --curves
    * Bugfixes:
    - base64: also build for smtp, pop3 and imap
    - cleanups: avoid curl_ on local variables
    - configure: let --enable-debug set -Wenum-conversion with gcc >= 10
    - conn: check for connection being dead before reuse
    - curl: in retry output don't call all problems "transient"
    - curl: make checkpasswd, file2memory, file2string and
      glob_match_url use dynbuf
    - curl: retry delays in parallel mode no longer sleeps blocking
    - curl: use curlx_dynbuf for realloc when loading config files
    - curl:parallel_transfers: make sure retry readds the transfer
    - curl_get_line: build only if cookies or alt-svc are enabled
    - Curl_pgrsTime - return new time to avoid timeout integer overflow
    - Curl_send: return error when pre_receive_plain can't malloc
    - dynbuf: make sure Curl_dyn_tail() zero terminates
    - etag: save and use the full received contents
    - ftp: a 550 response to SIZE returns CURLE_REMOTE_FILE_NOT_FOUND
    - ftp: avoid risk of reading uninitialized integers
    - ftp: get rid of the PPSENDF macro
    - ftp: make a 552 response return CURLE_REMOTE_DISK_FULL
    - ftp: separate FTPS from FTP over "HTTPS proxy"
    - HTTP/3: update to OpenSSL_1_1_1g-quic-draft-29
    - http: consolidate nghttp2_session_mem_recv() call paths
    - http_proxy: do not count proxy headers in the header bytecount
    - http_proxy: do not crash with HTTPS_PROXY and NO_PROXY set
    - imap: make imap_send use dynbuf for the send buffer management
    - imap: set cselect_bits to CURL_CSELECT_IN initially
    - lib1560: verify "redirect" to double-slash leading URL
    - lib: make Curl_gethostname accept a const pointer
    - libssh2: handle the SSH protocols done over HTTPS proxy
    - libssh2: pass on the error from ssh_force_knownhost_key_type
    - memdebug: remove 9 year old unused debug function
    - multi: expand pre-check for socket readiness
    - ngtcp2: adapt to new NGTCP2_PROTO_VER_MAX define
    - ngtcp2: adapt to the new pkt_info arguments
    - openssl: avoid error conditions when importing native CA
    - openssl: consider ALERT_CERTIFICATE_EXPIRED a failed verification
    - parsedate: tune the date to epoch conversion
    - pause: only trigger a reread if the unpause sticks
    - pingpong: use a dynbuf for the *_pp_sendf() function
    - runtests: allow creating files without newlines
    - runtests: allow generating a binary sequence from hex
    - runtests: clear pid variables when failing to start a server
    - schannel: fix memory leak when using get_cert_location
    - schannel: return CURLE_PEER_FAILED_VERIFICATION for untrusted root
    - sectransp: make it build with --disable-proxy
    - select.h: make socket validation macros test for INVALID_SOCKET
    - select: align poll emulation to return all relevant events
    - select: fix poll-based check not detecting connect failure
    - select: simplify return code handling for poll and select
    - setopt: if the buffer exists, refuse the new BUFFERSIZE
    - setopt: return CURLE_BAD_FUNCTION_ARGUMENT on bad argument
    - socketpair: allow CURL_DISABLE_SOCKETPAIR
    - sockfilt: handle FD_CLOSE winsock event on write socket
    - symbian: drop support
    - tests: remove pipelining tests
    - tls: fix SRP detection by using the proper #ifdefs
    - tls: provide the CApath verbose log on its own line
    - tool_setopt: escape binary data to hex, not octal
    - url: use blank credentials when using proxy w/o username and password
    - urlapi: use more Curl_safefree
    - vtls: deduplicate client certificates in ssl_config_data
* Wed Aug 19 2020 Pedro Monreal Gonzalez <pmonreal@suse.com>
  - Update to 7.72.0 [bsc#1175109, CVE-2020-8231]
    * Changes:
    - content_encoding: add zstd decoding support
    - CURL_PUSH_ERROROUT: allow the push callback to fail the parent stream
    - CURLINFO_EFFECTIVE_METHOD: added
    * Bugfixes:
    - CVE-2020-8231: libcurl: wrong connect-only connection
    - curl-config: ignore REQUIRE_LIB_DEPS in --libs output
    - curl: improve the existing file check with -J
    - curl_multi_setopt: fix compiler warning "result is always false"
    - curl_version_info.3: CURL_VERSION_KERBEROS4 is deprecated
    - docs: Add video link to docs/CONTRIBUTE.md
    - docs: clarify MAX_SEND/RECV_SPEED functionality
    - ftp: don't do ssl_shutdown instead of ssl_close
    - ftpserver: don't verify SMTP MAIL FROM names
    - getinfo: reset retry-after value in initinfo
    - gnutls: repair the build with 'CURL_DISABLE_PROXY'
    - gtls: survive not being able to get name/issuer
    - h2: repair trailer handling
    - http2: close the http2 connection when no more requests may be sent
    - http2: fix nghttp2_strerror -> nghttp2_http2_strerror in debug messages
    - libssh2: s/ssherr/sftperr/
    - mprintf: Fix dollar string handling
    - mprintf: Fix stack overflows
    - multi_remove_handle: close unused connect-only connections
    - ngtcp2: adapt to error code rename
    - ngtcp2: adjust to recent sockaddr updates
    - ngtcp2: update to modified qlog callback prototype
    - ntlm: free target_info before (re-)malloc
    - page-header: provide protocol details in the curl.1 man page
    - quiche: handle calling disconnect twice
    - setopt: unset NOBODY switches to GET if still HEAD
    - smtp_parse_address: handle blank input string properly
    - socks: use size_t for size variable
    - tls-max.d: this option is only for TLS-using connections
    - tlsv1.3.d. only for TLS-using connections
    - tool_getparam: make --krb option work again
    - transfer: fix data_pending for builds with both h2 and h3 enabled
    - transfer: fix memory-leak with CURLOPT_CURLU in a duped handle
    - transfer: move retrycount from connect struct to easy handle
    - url: fix CURLU and location following
* Wed Jul 01 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.71.1
    * Bugfixes:
    - Curl_inet_ntop: always check the return code
    - CURLOPT_READFUNCTION.3: provide the upload data size up front
    - escape: make the URL decode able to reject only %00-bytes
    - escape: zero length input should return a zero length output
    - examples/multithread.c: call curl_global_cleanup()
    - http2: set the correct URL in pushed transfers
    - http: fix proxy auth with blank password
    - mbedtls: fix build with disabled proxy support
    - ngtcp2: sync with current master
    - Revert "multi: implement wait using winsock events"
    - sendf: improve the message on client write errors
    - terminology: call them null-terminated strings
    - tool_cb_hdr: Fix etag warning output and return code
    - url: allow user + password to contain "control codes" for HTTP(S)
    - vtls: compare cert blob when finding a connection to reuse
* Wed Jun 24 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.71.0 [bsc#1173026, CVE-2020-8169][bsc#1173027, CVE-2020-8177]
    * Changes:
    - CURLOPT_SSL_OPTIONS: optional use of Windows' CA store (with openssl)
    - setopt: add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherency
    - setopt: support certificate options in memory with struct curl_blob
    - tool: Add option --retry-all-errors to retry on any error
    * Bugfixes:
    - *_sspi: fix bad uses of CURLE_NOT_BUILT_IN
    - altsvc: bump to h3-29
    - altsvc: fix 'dsthost' may be used uninitialized in this function
    - altsvc: fix parser for lines ending with CRLF
    - altsvc: remove the num field from the altsvc struct
    - asyn-*: remove support for never-used NULL entry pointers
    - azure: use matrix strategy to avoid configuration redundancy
    - build: disable more code/data when built without proxy support
    - buildconf: remove -print from the find command that removes files
    - checksrc: enhance the ASTERISKSPACE and update code accordingly
    - cirrus: disable SFTP and SCP tests
    - CMake: add ENABLE_ALT_SVC option
    - CMake: add HTTP/3 support (ngtcp2+nghttp3, quiche)
    - CMake: add libssh build support
    - configure: fix pthread check with static boringssl
    - configure: for wolfSSL, check for the DES func needed for NTLM
    - configure: only strip first -L from LDFLAGS
    - configure: repair the check if argv can be written to
    - configure: the wolfssh backend does not provide SCP
    - connect: improve happy eyeballs handling
    - connect: make happy eyeballs work for QUIC (again)
    - curl: remove -J "informational" written on stdout
    - Curl_addrinfo: use one malloc instead of three
    - dynbuf: introduce internal generic dynamic buffer functions
    - easy: fix dangling pointer on easy_perform fail
    - examples/ephiperfifo: turn off interval when setting timerfd
    - examples/http2-down/upload: add error checks
    - FILEFORMAT: add more features that tests can depend on
    - FILEFORMAT: describe verify/stderr
    - ftp: make domore_getsock() return the secondary socket properly
    - ftp: mark return-ignoring calls to Curl_GetFTPResponse with (void)
    - ftp: shut down the secondary connection properly when SSL is used
    - GnuTLS: Backend support for CURLINFO_SSL_VERIFYRESULT
    - hostip: make Curl_printable_address not return anything
    - http2: keep trying to send pending frames after req.upload_done
    - http2: simplify and clean up trailer handling
    - http: move header storage to Curl_easy from connectdata
    - libssh2: improved error output for wrong quote syntax
    - libssh2: keep sftp errors as 'unsigned long'
    - libssh2: set the expected total size in SCP upload init
    - multi: add defensive check on data->multi->num_alive
    - multi: implement wait using winsock events
    - ngtcp2: cleanup memory when failing to connect
    - ngtcp2: fix build with current ngtcp2 master implementing draft 28
    - ngtcp2: fix happy eyeballs quic connect crash
    - ngtcp2: introduce qlog support
    - ngtcp2: never call fprintf() in lib code in release version
    - ngtcp2: update with recent API changes
    - ntlm: enable NTLM support with wolfSSL
    - OpenSSL: have CURLOPT_CRLFILE imply CURLSSLOPT_NO_PARTIALCHAIN
    - openssl: set FLAG_TRUSTED_FIRST unconditionally
    - projects: Add crypt32.lib to dependencies for all OpenSSL configs
    - quiche: clean up memory properly when failing to connect
    - quiche: enable qlog output
    - quiche: update SSLKEYLOGFILE support
    - Revert "ssh: ignore timeouts during disconnect"
    - select: fix overflow protection in Curl_socket_check
    - sendf: make failf() use the mvsnprintf() return code
    - server/sws: fix asan warning on use of uninitialized variable
    - server/util: fix logmsg format using curl_off_t argument
    - sha256: fixed potentially uninitialized variable
    - share: don not set the share flag it something fails
    - sockfilt: make select_ws stop waiting on exit signal event
    - socks: detect connection close during handshake
    - socks: fix expected length of SOCKS5 reply
    - socks: remove unreachable breaks in socks.c and mime.c
    - source cleanup: remove all custom typedef structs
    - timeouts: change millisecond timeouts to timediff_t from time_t
    - timeouts: move ms timeouts to timediff_t from int and long
    - tool_cfgable: free login_options at exit
    - tool_getparam: -i is not OK if -J is used
    - tool_getparam: fix memory leak in parse_args
    - tool_operate: fixed potentially uninitialized variables
    - tool_paramhlp: fixed potentially uninitialized strtol() variable
    - transfer: close connection after excess data has been read
    - typecheck-gcc.h: CURLINFO_PRIVATE does not need a 'char *'
    - unit1604.c: fix implicit conv from 'SANITIZEcode' to 'CURLcode'
    - url: accept "any length" credentials for proxy auth
    - url: alloc the download buffer at transfer start
    - url: make the updated credentials URL-encoded in the URL
    - url: reject too long input when parsing credentials
    - url: sort the protocol schemes in rough popularity order
    - urlapi: accept :: as a valid IPv6 address
    - urldata: leave the HTTP method untouched in the set.* struct
    - urlglob: treat literal IPv6 addresses with zone IDs as a host name
    - user-agent.d: spell out what happens given a blank argument
    - vauth/cleartext: fix theoretical integer overflow
    - version.d: expanded and alpha-sorted
    - vtls: Extract and simplify key log file handling from OpenSSL
    - wolfssl: add SSLKEYLOGFILE support
    - wording: avoid blacklist/whitelist stereotypes
    - write-out.d: added "response_code"
* Fri Jun 12 2020 Dominique Leuenberger <dimstar@opensuse.org>
  - Change with-gssapi configure parameter: krb5 is changing location
    in the future: ask krb5-config about the correct prefix values.
* Wed Apr 29 2020 Paolo Stivanin <info@paolostivanin.com>
  - Update to 7.70.0
    * Changes:
    - curl: add --ssl-revoke-best-effort to allow a "best effort" revocation check
    - mqtt: add new experimental protocol
    - schannel: add "best effort" revocation check option: CURLSSLOPT_REVOKE_BEST_EFFORT
    - writeout: support to generate JSON output with '%{json}'
    * Bugfixes:
    - gnutls: Don't skip really long certificate fields
    - gnutls: ensure TLS 1.3 when SRP isn't requested
    - lib: never define CURL_CA_BUNDLE with a getenv
    - libcurl-multi.3: added missing full stop
    - libssh: avoid options override by configuration files
    - libssh: Use new ECDSA key types to check known hosts
    - tons of other fixes
* Thu Mar 12 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.69.1
    * Bugfixes:
    - ares: store dns parameters for duphandle
    - cirrus-ci: disable the FreeBSD 13 builds
    - curl_share_setopt.3: Note sharing cookies doesn't enable the engine
    - lib1564: reduce number of mid-wait wakeup calls
    - libssh: Fix matching user-specified MD5 hex key
    - MANUAL: update a dict-using command line
    - mime: do not perform more than one read in a row
    - mime: fix the binary encoder to handle large data properly
    - mime: latch last read callback status
    - multi: skip EINTR check on wakeup socket if it was closed
    - pause: bail out on bad input
    - pause: force a connection recheck after unpausing (take 2)
    - pause: return early for calls that don't change pause state
    - runtests.1: rephrase how to specify what tests to run
    - runtests: fix missing use of exe_ext helper function
    - seek: fix fall back for missing ftruncate on Windows
    - sftp: fix segfault regression introduced by #4747 in 7.69.0
    - sha256: Added SecureTransport implementation
    - sha256: Added WinCrypt implementation
    - socks4: fix host resolve regression
    - socks5: host name resolv regression fix
    - tests/server: fix missing use of exe_ext helper function
    - tests: fix static ip:port instead of dynamic values being used
    - tests: make sleeping portable by avoiding select
    - unit1612: fix the inclusion and compilation of the HMAC unit test
    - urldata: remove the 'stream_was_rewound' connectdata struct member
    - version: make curl_version* thread-safe without using global context
* Mon Mar 09 2020 Andreas Schwab <schwab@suse.de>
  - ignore_runtests_failure.patch: remove, no longer needed
* Wed Mar 04 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.69.0
    * Changes:
    - polarssl: removed
    - smtp: add CURLOPT_MAIL_RCPT_ALLLOWFAILS and --mail-rcpt-allowfails
    - wolfSSH: new SSH backend
    * Bugfixes:
    - altsvc: improved header parser
    - altsvc: keep a copy of the file name to survive handle reset
    - altsvc: make saving the cache an atomic operation
    - altsvc: use h3-27
    - azure: disable brotli on the macos debug-builds
    - build: remove all HAVE_OPENSSL_ENGINE_H defines
    - cleanup: fix several comment typos
    - cleanup: fix typos and wording in docs and comments
    - cmake: add support for CMAKE_LTO option
    - cmake: clean up and improve build procedures
    - cmake: Show HTTPS-proxy in the features output
    - cmake: use check_symbol_exists also for inet_pton
    - configure.ac: fix comments about --with-quiche
    - configure: disable metalink if mbedTLS is specified
    - configure: disable metalink support for incompatible SSL/TLS
    - conn: do not reuse connection if SOCKS proxy credentials differ
    - conncache: removed unused Curl_conncache_bundle_size()
    - connect: remove some spurious infof() calls
    - connection reuse: respect the max_concurrent_streams limits
    - cookie: check __Secure- and __Host- case sensitively
    - cookies: make saving atomic with a rename
    - create-dirs.d: mention the mode
    - curl: avoid using strlen for testing if a string is empty
    - curl: error on --alt-svc use w/o support
    - curl: let -D merge headers in one file again
    - curl: make #0 not output the full URL
    - curl: make the -# spaceship bar not wrap the line
    - curl: remove 'config' field from OutStruct
    - curl:progressbarinit: ignore column width from terminals < 20
    - curl_escape.3: add a link to curl_free
    - curl_getenv.3: fix the memory handling description
    - curl_global_init: assume the EINTR bit by default
    - curl_global_init: move the IPv6 works status bool to multi handle
    - CURLINFO_COOKIELIST.3: Fix example
    - CURLOPT_ALTSVC_CTRL.3: fix the DEFAULT wording
    - CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3
    - CURLOPT_REDIR_PROTOCOLS.3: update the DEFAULT section
    - data.d: remove "Multiple files can also be specified"
    - digest: do not quote algorithm in HTTP authorisation
    - docs/HTTP3: add --enable-alt-svc to curl's configure
    - docs/HTTP3: update the OpenSSL branch to use for ngtcp2
    - docs: fix typo on CURLINFO_RETRY_AFTER
    - easy: remove dead code
    - form.d: fix two minor typos
    - ftp: convert 'sock_accepted' to a plain boolean
    - ftp: remove superfluous checking for crlf in user or pwd
    - ftp: shrink temp buffers used for PORT
    - github: Instructions to post "uname -a" on Unix systems in issues
    - GnuTLS: always send client cert
    - gtls: fixed compilation when using GnuTLS < 3.5.0
    - hostip: move code to resolve IP address literals to 'Curl_resolv'
    - HTTP-COOKIES: describe the cookie file format
    - HTTP-COOKIES: mention that a trailing newline is required
    - http2: make pausing/unpausing set/clear local stream window
    - http2: now requires nghttp2 >= 1.12.0
    - http: added 417 response treatment
    - http: increase EXPECT_100_THRESHOLD to 1Mb
    - http: mark POSTs with no body as "upload done" from the start
    - http: move "oauth_bearer" from connectdata to Curl_easy
    - include: remove non-curl prefixed defines
    - KNOWN_BUGS: Multiple methods in a single WWW-Authenticate: header
    - libssh2: add support for forcing a hostkey type
    - libssh2: fix variable type
    - libssh: improve known hosts handling
    - llist: removed unused Curl_llist_move()
    - location.d: the method change is from POST to GET only
    - md4: fixed compilation issues when using GNU TLS gcrypt
    - md4: use init/update/final functions in Secure Transport
    - md5: added implementation for mbedTLS
    - mk-ca-bundle: add support for CKA_NSS_SERVER_DISTRUST_AFTER
    - multi: change curl_multi_wait/poll to error on negative timeout
    - multi: fix outdated comment
    - multi: if Curl_readwrite sets 'comeback' use expire, not loop
    - multi_done: if multiplexed, make conn->data point to another transfer
    - multi_wait: stop loop when sread() returns zero
    - ngtcp2: add error code for QUIC connection errors
    - ngtcp2: fixed to only use AF_INET6 when ENABLE_IPV6
    - ngtcp2: update to git master and its draft-25 support
    - ntlm: removed the dependency on the TLS libaries when using MD5
    - ntlm_wb: use Curl_socketpair() for greater portability
    - oauth2-bearer.d: works for HTTP too
    - openssl: make CURLINFO_CERTINFO not truncate x509v3 fields
    - openssl: remove redundant assignment
    - os400: fixed the build
    - pause: force-drain the transfer on unpause
    - quiche: update to draft-25
    - README: mention that the docs is in docs/
    - runtests: make random seed fixed for a month
    - runtests: restore the command log
    - schannel_verify: Fix alt names manual verify for UNICODE builds
    - sha256: use crypto implementations when available
    - singleuse.pl: support new API functions, fix curl_dbg_ handling
    - smtp: support the SMTPUTF8 extension
    - smtp: support UTF-8 based host names in MAIL FROM
    - SOCKS: make the connect phase non-blocking
    - strcase: turn Curl_raw_tolower into static
    - strerror: increase STRERROR_LEN 128 -> 256
    - test1323: added missing 'unit test' feature requirement
    - tests: add a unit test for MD4 digest generation
    - tests: add a unit test for SHA256 digest generation
    - tests: add a unit test for the HMAC hash generation
    - tests: deduce the tool name from the test case for unit tests
    - tests: fix Python 3 compatibility of smbserver.py
    - tool_dirhie: allow directory traversal during creation
    - tool_homedir: change GetEnv() to use libcurl's curl_getenv()
    - url: include the failure reason when curl_win32_idn_to_ascii() fails
    - urlapi: guess scheme properly with credentials given
    - urldata: do string enums without #ifdefs for build scripts
    - vtls: refactor Curl_multissl_version to make the code clearer
  - Refresh patches:
    * curl-secure-getenv.patch
    * libcurl-ocloexec.patch
* Tue Feb 18 2020 Dominique Leuenberger <dimstar@opensuse.org>
  - Eliminate curl-mini: The reason for this to exist was that cmake
    pulled in curl into too many places, causing build cycles. A new
    cmake-mini was generated, eliminating that need.
* Wed Jan 08 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.68.0
    * Changes:
    - TLS: add BearSSL vtls implementation
    - XFERINFOFUNCTION: support CURL_PROGRESSFUNC_CONTINUE
    - curl: add --etag-compare and --etag-save
    - curl: add --parallel-immediate
    - multi: add curl_multi_wakeup()
    - openssl: CURLSSLOPT_NO_PARTIALCHAIN can disable partial cert chains
    * Bugfixes:
    - CVE-2019-15601: file: on Windows, refuse paths that start with \\
    - Azure Pipelines: add several builds
    - CMake: add support for building with the NSS vtls backend
    - CURL-DISABLE: initial docs for the CURL_DISABLE_* defines
    - CURLOPT_HEADERFUNCTION.3: Document that size is always 1
    - CURLOPT_QUOTE.3: fix typos
    - CURLOPT_READFUNCTION.3: fix the example
    - CURLOPT_URL.3: "curl supports SMB version 1 (only)"
    - CURLOPT_VERBOSE.3: see also ERRORBUFFER
    - HISTORY: added cmake, HTTP/3 and parallel downloads with curl
    - HISTORY: the SMB(S) support landed in 2014
    - INSTALL.md: provide Android build instructions
    - KNOWN_BUGS: Connection information when using TCP Fast Open
    - KNOWN_BUGS: LDAP on Windows doesn't work correctly
    - KNOWN_BUGS: TLS session cache doesn't work with TFO
    - OPENSOCKETFUNCTION.3: correct the purpose description
    - TrackMemory tests: always remove CR before LF
    - altsvc: bump to h3-24
    - altsvc: make the save function ignore NULL filenames
    - build: Disable Visual Studio warning "conditional expression is constant"
    - build: fix for CURL_DISABLE_DOH
    - checksrc.bat: Add a check for vquic and vssh directories
    - checksrc: repair the copyrightyear check
    - cirrus-ci: enable clang sanitizers on freebsd 13
    - cirrus: Drop the FreeBSD 10.4 build
    - config-win32: cpu-machine-OS for Windows on ARM
    - configure: avoid unportable `==' test(1) operator
    - configure: enable IPv6 support without `getaddrinfo`
    - configure: fix typo in help text
    - conncache: CONNECT_ONLY connections assumed always in-use
    - conncache: fix multi-thread use of shared connection cache
    - copyrights: fix copyright year range
    - create_conn: prefer multiplexing to using new connections
    - curl -w: handle a blank input file correctly
    - curl.h: add two missing defines for "pre ISO C" compilers
    - curl/parseconfig: fix mem-leak
    - curl/parseconfig: use curl_free() to free memory allocated by libcurl
    - curl: cleanup multi handle on failure
    - curl: fix --upload-file . hangs if delay in STDIN
    - curl: fix -T globbing
    - curl: improved cleanup in upload error path
    - curl: make a few char pointers point to const char instead
    - curl: properly free mimepost data
    - curl: show better error message when no homedir is found
    - curl: show error for --http3 if libcurl lacks support
    - curl_setup_once: consistently use WHILE_FALSE in macros
    - define: remove HAVE_ENGINE_LOAD_BUILTIN_ENGINES, not used anymore
    - docs: Change 'experiemental' to 'experimental'
    - docs: TLS SRP doesn't work with TLS 1.3
    - docs: fix several typos
    - docs: mention CURL_MAX_INPUT_LENGTH restrictions
    - doh: improved both encoding and decoding
    - doh: make it behave when built without proxy support
    - examples/postinmemory.c: Call curl_global_cleanup always
    - examples/url2file.c: corrected erroneous comment
    - examples: add multi-poll.c
    - global_init: undo the "intialized" bump in case of failure
    - hostip: suppress compiler warning
    - http_ntlm: Remove duplicate NSS initialisation
    - lib: Move lib/ssh.h -> lib/vssh/ssh.h
    - lib: fix compiler warnings with `CURL_DISABLE_VERBOSE_STRINGS`
    - lib: fix warnings found when porting to NuttX
    - lib: remove ASSIGNWITHINCONDITION exceptions, use our code style
    - lib: remove erroneous +x file permission on some c files
    - libssh2: add support for ECDSA and ed25519 knownhost keys
    - multi.h: remove INITIAL_MAX_CONCURRENT_STREAMS from public header
    - multi: free sockhash on OOM
    - multi_poll: avoid busy-loop when called without easy handles attached
    - ngtcp2: Support the latest update key callback type
    - ngtcp2: fix thread-safety bug in error-handling
    - ngtcp2: free used resources on disconnect
    - ngtcp2: handle key updates as ngtcp2 master branch tells us
    - ngtcp2: increase QUIC window size when data is consumed
    - ngtcp2: use overflow buffer for extra HTTP/3 data
    - ntlm: USE_WIN32_CRYPTO check removed to get USE_NTLM2SESSION set
    - ntlm_wb: fix double-free in OOM
    - openssl: Revert to less sensitivity for SYSCALL errors
    - openssl: improve error message for SYSCALL during connect
    - openssl: prevent recursive function calls from ctx callbacks
    - openssl: retrieve reported LibreSSL version at runtime
    - openssl: set X509_V_FLAG_PARTIAL_CHAIN by default
    - parsedate: offer a getdate_capped() alternative
    - pause: avoid updating socket if done was already called
    - projects: Fix Visual Studio projects SSH builds
    - projects: Fix Visual Studio wolfSSL configurations
    - quiche: reject HTTP/3 headers in the wrong order
    - remove_handle: clear expire timers after multi_done()
    - runtests: --repeat=[num] to repeat tests
    - runtests: introduce --shallow to reduce huge torture tests
    - schannel: fix --tls-max for when min is --tlsv1 or default
    - setopt: Fix ALPN / NPN user option when built without HTTP2
    - strerror: Add Curl_winapi_strerror for Win API specific errors
    - strerror: Fix an error looking up some Windows error strings
    - strerror: Fix compiler warning "empty expression"
    - system.h: fix for MCST lcc compiler
    - test/sws: search for "Testno:" header unconditionally if no testno
    - test1175: verify symbols-in-versions and libcurl-errors.3 in sync
    - test1270: a basic -w redirect_url test
    - test1456: remove the use of a fixed local port number
    - test1558: use double slash after file:
    - test1560: require IPv6 for IPv6 aware URL parsing
    - tests/lib1557: fix mem-leak in OOM
    - tests/lib1559: fix mem-leak in OOM
    - tests/lib1591: free memory properly on OOM, in the trailers callback
    - tests/unit1607: fix mem-leak in OOM
    - tests/unit1609: fix mem-leak in OOM
    - tests/unit1620: fix bad free in OOM
    - tests: Change NTLM tests to require SSL
    - tests: Fix bounce requests with truncated writes
    - tests: fix build with `CURL_DISABLE_DOH`
    - tests: fix permissions of ssh keys in WSL
    - tests: make it possible to set executable extensions
    - tests: make sure checksrc runs on header files too
    - tests: set LC_ALL=en_US.UTF-8 instead of blank in several tests
    - tests: use DoH feature for DoH tests
    - tests: use \r\n for log messages in WSL
    - tool_operate: fix mem leak when failed config parse
    - travis: Fix error detection
    - travis: abandon coveralls, it is not reliable
    - travis: build ngtcp2 with --enable-lib-only
    - travis: export the CC/CXX variables when set
    - vtls: make BearSSL possible to set with CURL_SSL_BACKEND
    - winbuild: Define CARES_STATICLIB when WITH_CARES=static
    - winbuild: Document CURL_STATICLIB requirement for static libcurl
  - Remove curl-expire-clear.patch
* Thu Nov 14 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Fix segfault in zypper ref: [bsc#1156481]
    * remove_handle: clear expire timers after multi_done()
    * Add patch curl-expire-clear.patch
* Wed Nov 06 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update spec file with spec-cleaner
* Wed Nov 06 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.67.0
    * Changes:
    - curl: added --no-progress-meter
    - setopt: CURLMOPT_MAX_CONCURRENT_STREAMS is new
    - urlapi: CURLU_NO_AUTHORITY allows empty authority/host part
    * Bugfixes:
    - BINDINGS: five new bindings addded
    - CURLOPT_TIMEOUT.3: Clarify transfer timeout time includes queue time
    - CURLOPT_TIMEOUT.3: remove the mention of "minutes"
    - ESNI: initial build/setup support
    - FTP: FTPFILE_NOCWD: avoid redundant CWDs
    - FTP: allow "rubbish" prepended to the SIZE response
    - FTP: remove trailing slash from path for LIST/MLSD
    - FTP: skip CWD to entry dir when target is absolute
    - FTP: url-decode path before evaluation
    - HTTP3.md: move -p for mkdir, remove -j for make
    - HTTP3: fix invalid use of sendto for connected UDP socket
    - HTTP3: fix prefix parameter for ngtcp2 build
    - HTTP3: show an --alt-svc using example too
    - INSTALL: add missing space for configure commands
    - INSTALL: add vcpkg installation instructions
    - altsvc: accept quoted ma and persist values
    - altsvc: both backends run h3-23 now
    - appveyor: Add MSVC ARM64 build
    - appveyor: Use two parallel compilation on appveyor with CMake
    - appveyor: add --disable-proxy autotools build
    - appveyor: publish artifacts on appveyor
    - appveyor: upgrade VS2017 to VS2019
    - asyn-thread: make use of Curl_socketpair() where available
    - asyn-thread: s/AF_LOCAL/AF_UNIX for Solaris
    - build: Remove unused HAVE_LIBSSL and HAVE_LIBCRYPTO defines
    - checksrc: fix uninitialized variable warning
    - chunked-encoding: stop hiding the CURLE_BAD_CONTENT_ENCODING error
    - cirrus: Switch the FreeBSD 11.x build to 11.3 and add a 13.0 build
    - cirrus: switch off blackhole status on the freebsd CI machines
    - cleanups: 21 various PVS-Studio warnings
    - configure: only say ipv6 enabled when the variable is set
    - configure: remove all cyassl references
    - conn-reuse: requests wanting NTLM can reuse non-NTLM connections
    - connect: return CURLE_OPERATION_TIMEDOUT for errno == ETIMEDOUT
    - connect: silence sign-compare warning
    - cookie: avoid harmless use after free
    - cookie: pass in the correct cookie amount to qsort()
    - cookies: change argument type for Curl_flush_cookies
    - cookies: using a share with cookies shouldn't enable the cookie engine
    - copyrights: update copyright notices to 2019
    - curl: create easy handles on-demand and not ahead of time
    - curl: ensure HTTP 429 triggers --retry
    - curl: exit the create_transfers loop on errors
    - curl: fix memory leaked by parse_metalink()
    - curl: load large files with -d @ much faster
    - docs/HTTP3: fix `--with-ssl` ngtcp2 configure flag
    - docs: added multi-event.c example
    - docs: disambiguate CURLUPART_HOST is for host name (ie no port)
    - docs: note on failed handles not being counted by curl_multi_perform
    - doh: allow only http and https in debug mode
    - doh: avoid truncating DNS QTYPE to lower octet
    - doh: clean up dangling DOH memory on easy close
    - doh: fix (harmless) buffer overrun
    - doh: fix undefined behaviour and open up for gcc and clang optimization
    - doh: return early if there is no time left
    - examples/sslbackend: fix -Wchar-subscripts warning
    - gnutls: make gnutls_bye() not wait for response on shutdown
    - http2: expire a timeout at end of stream
    - http2: prevent dup'ed handles to send dummy PRIORITY frames
    - http2: relax verification of :authority in push promise requests
    - http2_recv: a closed stream trumps pause state
    - http: lowercase headernames for HTTP/2 and HTTP/3
    - ldap: Stop using wide char version of ldapp_err2string
    - ldap: fix OOM error on missing query string
    - mbedtls: add error message for cert validity starting in the future
    - mime: when disabled, avoid C99 macro
    - ngtcp2: adapt to API change
    - ngtcp2: compile with latest ngtcp2 + nghttp3 draft-23
    - ngtcp2: remove fprintf() calls
    - openssl: close_notify on the FTP data connection doesn't mean closure
    - openssl: use strerror on SSL_ERROR_SYSCALL
    - os400: getpeername() and getsockname() return ebcdic AF_UNIX sockaddr
    - parsedate: fix date parsing disabled builds
    - quiche: don't close connection at end of stream
    - quiche: persist connection details (fixes -I with --http3)
    - quiche: set 'drain' when returning without having drained the queues
    - quiche: update HTTP/3 config creation to new API
    - redirect: handle redirects to absolute URLs containing spaces
    - runtests: get textaware info from curl instead of perl
    - schannel: reverse the order of certinfo insertions
    - schannel_verify: Fix concurrent openings of CA file
    - security: silence conversion warning
    - setopt: handle ALTSVC set to NULL
    - setopt: make it easier to add new enum values
    - setopt: store CURLOPT_RTSP_SERVER_CSEQ correctly
    - smb: check for full size message before reading message details
    - smbserver: fix Python 3 compatibility
    - socks: Fix destination host shown on SOCKS5 error
    - test1162: disable MSYS2's POSIX path conversion
    - test1591: fix spelling of http feature
    - tests: add 'connect to non-listen' keywords
    - tests: fix narrowing conversion warnings
    - tests: fix the test 3001 cert failures
    - tests: makes tests succeed when using --disable-proxy
    - tests: use %FILE_PWD for file:// URLs
    - tests: use port 2 instead of 60000 for a safer non-listening port
    - tool_operate: Fix retry sleep time shown to user when Retry-After
    - url: Curl_free_request_state() should also free doh handles
    - url: don't set appconnect time for non-ssl/non-ssh connections
    - url: fix the NULL hostname compiler warning
    - url: normalize CURLINFO_EFFECTIVE_URL
    - url: only reuse TLS connections with matching pinning
    - urlapi: avoid index underflow for short ipv6 hostnames
    - urlapi: fix URL encoding when setting a full URL
    - urlapi: question mark within fragment is still fragment
    - urldata: use 'bool' for the bit type on MSVC compilers
    - vtls: fix narrowing conversion warnings
* Wed Sep 11 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.66.0 [bsc#1149496, CVE-2019-5482][bsc#1149495, CVE-2019-5481]
    * Changes:
    - CURLINFO_RETRY_AFTER: parse the Retry-After header value
    - HTTP3: initial (experimental still not working) support
    - curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool
    - curl: support parallel transfers with -Z
    - curl_multi_poll: a sister to curl_multi_wait() that waits more
    - sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID
    * Bugfixes:
    - CVE-2019-5481: FTP-KRB double-free
    - CVE-2019-5482: TFTP small blocksize heap buffer overflow
    - CMake: remove needless newlines at end of gss variables
    - CMake: use platform dependent name for dlopen() library
    - CURLINFO docs: mention that in redirects times are added
    - CURLOPT_ALTSVC.3: use a "" file name to not load from a file
    - CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED
    - CURLOPT_HEADERFUNCTION.3: clarify
    - CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly
    - CURLOPT_READFUNCTION.3: provide inline example
    - CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2
    - Curl_addr2string: take an addrlen argument too
    - Curl_fillreadbuffer: avoid double-free trailer buf on error
    - HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown
    - alt-svc: add protocol version selection masking
    - alt-svc: fix removal of expired cache entry
    - alt-svc: make it use h3-22 with ngtcp2 as well
    - alt-svc: more liberal ALPN name parsing
    - alt-svc: send Alt-Used: in redirected requests
    - alt-svc: with quiche, use the quiche h3 alpn string
    - asyn-thread: create a socketpair to wait on
    - cleanup: move functions out of url.c and make them static
    - cleanup: remove the 'numsocks' argument used in many places
    - configure: avoid undefined check_for_ca_bundle
    - curl.h: add CURL_HTTP_VERSION_3 to the version enum
    - curl: cap the maximum allowed values for retry time arguments
    - curl: handle a libcurl build without netrc support
    - curl: make use of CURLINFO_RETRY_AFTER when retrying
    - curl: use CURLINFO_PROTOCOL to check for HTTP(s)
    - curl_global_init_mem.3: mention it was added in 7.12.0
    - curl_version: bump string buffer size to 250
    - curl_version_info.3: mentioned ALTSVC and HTTP3
    - curl_version_info: offer quic (and h3) library info
    - curl_version_info: provide nghttp2 details
    - defines: avoid underscore-prefixed defines
    - docs/ALTSVC: remove what works and the experimental explanation
    - docs/EXPERIMENTAL: explain what it means and what's experimental now
    - docs/MANUAL.md: converted to markdown from plain text
    - docs/examples/curlx: fix errors
    - docs: s/curl_debug/curl_dbg_debug in comments and docs
    - easy: resize receive buffer on easy handle reset
    - examples: Avoid reserved names in hiperfifo examples
    - examples: add http3.c, altsvc.c and http3-present.c
    - http09: disable HTTP/0.9 by default in both tool and library
    - http2: when marked for closure and wanted to close == OK
    - http2_recv: trigger another read when the last data is returned
    - http: fix use of credentials from URL when using HTTP proxy
    - http_negotiate: improve handling of gss_init_sec_context() failures
    - md4: Use our own MD4 when no crypto libraries are available
    - multi: call detach_connection before Curl_disconnect
    - nss: use TLSv1.3 as default if supported
    - openssl: build warning free with boringssl
    - openssl: use SSL_CTX_set__proto_version() when available
    - plan9: add support for running on Plan 9
    - progress: reset download/uploaded counter between transfers
    - readwrite_data: repair setting the TIMER_STARTTRANSFER stamp
    - scp: fix directory name length used in memcpy
    - smb: init *msg to NULL in smb_send_and_recv()
    - smtp: check for and bail out on too short EHLO response
    - source: remove names from source comments
    - spnego_sspi: add typecast to fix build warning
    - src/makefile: fix uncompressed hugehelp.c generation
    - ssh-libssh: do not specify O_APPEND when not in append mode
    - ssh: move code into vssh for SSH backends
    - sspi: fix memory leaks
    - tests: Replace outdated test case numbering documentation
    - tftp: return error when packet is too small for options
    - timediff: make it 64 bit (if possible) even with 32 bit time_t
    - travis: reduce number of torture tests in 'coverage'
    - url: make use of new HTTP version if alt-svc has one
    - urlapi: verify the IPv6 numerical address
    - urldata: avoid 'generic', use dedicated pointers
    - vauth: Use CURLE_AUTH_ERROR for auth function errors
* Fri Jul 19 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.65.3
    * progress: make the progress meter appear again
* Wed Jul 17 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.65.2
    * Bugfixes:
    - CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH
    - CMake: Fix finding Brotli on case-sensitive file systems
    - CURLOPT_RANGE.3: Caution against using it for HTTP PUT
    - CURLOPT_SEEKDATA.3: fix variable name
    - bindlocal: detect and avoid IP version mismatches in bind()
    - build: fix Codacy warnings
    - c-ares: honor port numbers in CURLOPT_DNS_SERVERS
    - config-os400: add getpeername and getsockname defines
    - configure: --disable-progress-meter
    - configure: fix --disable-code-coverage
    - configure: more --disable switches to toggle off individual features
    - configure: remove CURL_DISABLE_TLS_SRP
    - conn_maxage: move the check to prune_dead_connections()
    - curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy builds
    - docs: Explain behavior change in --tlsv1. options since 7.54
    - docs: Fix links to OpenSSL docs
    - docs: fix string suggesting HTTP/2 is not the default
    - headers: Remove no longer exported functions
    - http2: call done_sending on end of upload
    - http2: don't call stream-close on already closed streams
    - http2: remove CURL_DISABLE_TYPECHECK define
    - http: allow overriding timecond with custom header
    - http: clarify header buffer size calculation
    - krb5: fix compiler warning
    - lib: Use UTF-8 encoding in comments
    - libcurl: Restrict redirect schemes to HTTP, HTTPS, FTP and FTPS
    - multi: enable multiplexing by default (again)
    - multi: fix the transfer hashes in the socket hash entries
    - multi: make sure 'data' can present in several sockhash entries
    - netrc: Return the correct error code when out of memory
    - nss: don't set unused parameter
    - nss: inspect returnvalue of token check
    - nss: only cache valid CRL entries
    - openssl: define HAVE_SSL_GET_SHUTDOWN based on version number
    - openssl: disable engine if OPENSSL_NO_UI_CONSOLE is defined
    - openssl: fix pubkey/signature algorithm detection in certinfo
    - os400: make vsetopt() non-static as Curl_vsetopt() for os400 support
    - quote.d: asterisk prefix works for SFTP as well
    - runtests: keep logfiles around by default
    - runtests: report single test time + total duration
    - test1165: verify that CURL_DISABLE_ symbols are in sync
    - test1521: adapt to SLISTPOINT
    - test1523: test CURLOPT_LOW_SPEED_LIMIT
    - test153: fix content-length to avoid occasional hang
    - test188/189: fix Content-Length
    - tests: have runtests figure out disabled features
    - tests: support non-localhost HOSTIP for dict/smb servers
    - tests: update fixed IP for hostip/clientip split
    - tool_cb_prg: Fix integer overflow in progress bar
    - typecheck: CURLOPT_CONNECT_TO takes an slist too
    - typecheck: add 3 missing strings and a callback data pointer
    - unit1654: cleanup on memory failure
    - unpause: trigger a timeout for event-based transfers
    - url: Fix CURLOPT_MAXAGE_CONN time comparison
  - Rebased patch curl-use_OPENSSL_config.patch
  - Disable new added failing test1165
* Wed Jun 05 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.65.1
    * Bugfixes:
    - CURLOPT_LOW_SPEED_* repaired
    - NTLM: reset proxy "multipass" state when CONNECT request is done
    - PolarSSL: deprecate support step 1. Removed from configure
    - cmake: check for if_nametoindex()
    - cmake: support CMAKE_OSX_ARCHITECTURES when detecting SIZEOF variables
    - conncache: Remove the DEBUGASSERT on length check
    - conncache: make "bundles" per host name when doing proxy tunnels
    - curl_share_setopt.3: improve wording
    - dump-header.d: spell out that no headers == empty file
    - example/http2-download: fix format specifier
    - examples: cleanups and compiler warning fixes
    - http2: Stop drain from being permanently set
    - http: don't parse body-related headers in bodyless responses
    - md4: build correctly with openssl without MD4
    - md4: include the mbedtls config.h to get the MD4 info
    - multi: track users of a socket better
    - nss: allow to specify TLS 1.3 ciphers if supported by NSS
    - parse_proxy: make sure portptr is initialized
    - parse_proxy: use the IPv6 zone id if given
    - sectransp: handle errSSLPeerAuthCompleted from SSLRead()
    - singlesocket: use separate variable for inner loop
    - ssl: Update outdated "openssl-only" comments for supported backends
    - tests: add HAProxy keywords
    - tests: make test 1420 and 1406 work with rtsp-disabled libcurl
    - tls13-docs: mention it is only for OpenSSL >= 1.1.1
    - tool_setopt: for builds with disabled-proxy, skip all proxy setopts()
    - url: fix bad feature-disable #ifdef
    - url: use correct port in ConnectionExists()
* Wed May 22 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to 7.65.0 [bsc#1135176, CVE-2019-5435][bsc#1135170, CVE-2019-5436]
    * Changes:
    - CURLOPT_DNS_USE_GLOBAL_CACHE: removed
    - CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse
    - pipelining: removed
    * Bugfixes:
    - CVE-2019-5435: Integer overflows in curl_url_set
    - CVE-2019-5436: tftp: use the current blksize for recvfrom()
    - --config: clarify that initial : and = might need quoting
    - CURLMOPT_TIMERFUNCTION.3: warn about the recursive risk
    - CURLOPT_ADDRESS_SCOPE: fix range check and more
    - CURLOPT_CHUNK_BGN_FUNCTION.3: document the struct and time value
    - CURLOPT_READFUNCTION.3: see also CURLOPT_UPLOAD_BUFFERSIZE
    - CURL_MAX_INPUT_LENGTH: largest acceptable string input size
    - Curl_disconnect: treat all CONNECT_ONLY connections as "dead"
    - OS400/ccsidcurl: replace use of Curl_vsetopt
    - OpenSSL: Report -fips in version if OpenSSL is built with FIPS
    - WRITEFUNCTION: add missing set_in_callback around callback
    - altsvc: Fix building with cookies disabled
    - auth: Rename the various authentication clean up functions
    - base64: build conditionally if there are users
    - cmake: avoid linking executable for some tests with cmake 3.6+
    - cmake: clear CMAKE_REQUIRED_LIBRARIES after each use
    - cmake: set SSL_BACKENDS
    - configure: avoid unportable '==' test(1) operator
    - configure: error out if OpenSSL wasn't detected when asked for
    - configure: fix default location for fish completions
    - cookie: Guard against possible NULL ptr deref
    - curl: make code work with protocol-disabled libcurl
    - curl: report error for "--no-" on non-boolean options
    - curlver.h: use parenthesis in CURL_VERSION_BITS macro
    - docs/INSTALL: fix broken link
    - doh: acknowledge CURL_DISABLE_DOH
    - doh: disable DOH for the cases it doesn't work
    - examples: remove unused variables
    - ftplistparser: fix LGTM alert "Empty block without comment"
    - hostip: acknowledge CURL_DISABLE_SHUFFLE_DNS
    - http: Ignore HTTP/2 prior knowledge setting for HTTP proxies
    - http: acknowledge CURL_DISABLE_HTTP_AUTH
    - http: mark bundle as not for multiuse on < HTTP/2 response
    - http_digest: Don't expose functions when HTTP and Crypto Auth are disabled
    - http_negotiate: do not treat failure of gss_init_sec_context() as fatal
    - http_ntlm: Corrected the name of the include guard
    - http_ntlm_wb: Handle auth for only a single request
    - http_ntlm_wb: Return the correct error on receiving an empty auth message
    - lib509: add missing include for strdup
    - lib557: initialize variables
    - mbedtls: enable use of EC keys
    - mime: acknowledge CURL_DISABLE_MIME
    - multi: improved HTTP_1_1_REQUIRED handling
    - netrc: acknowledge CURL_DISABLE_NETRC
    - nss: allow fifos and character devices for certificates
    - nss: provide more specific error messages on failed init
    - ntlm: Fix misaligned function comments for Curl_auth_ntlm_cleanup
    - ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4
    - openssl: mark connection for close on TLS close_notify
    - openvms: Remove pre-processor for SecureTransport
    - parse_proxy: use the URL parser API
    - parsedate: disabled on CURL_DISABLE_PARSEDATE
    - pingpong: disable more when no pingpong protocols are enabled
    - polarssl_threadlock: remove conditionally unused code
    - progress: acknowledge CURL_DISABLE_PROGRESS_METER
    - proxy: acknowledge DISABLE_PROXY more
    - resolve: apply Happy Eyeballs philosophy to parallel c-ares queries
    - revert "multi: support verbose conncache closure handle"
    - sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616
    - sasl: only enable if there's a protocol enabled using it
    - singleipconnect: show port in the verbose "Trying ..." message
    - socks5: user name and passwords must be shorter than 256
    - socks: fix error message
    - socksd: new SOCKS 4+5 server for tests
    - spnego_gssapi: fix return code on gss_init_sec_context() failure
    - ssh-libssh: remove unused variable
    - ssh: define USE_SSH if SSH is enabled (any backend)
    - ssh: move variable declaration to where it's used
    - test1002: correct the name
    - test2100: Fix typos in test description
    - tests: Run global cleanup at end of tests
    - tests: make Impacket (SMB server) Python 3 compatible
    - tool_cb_wrt: fix bad-function-cast warning
    - tool_formparse: remove redundant assignment
    - tool_help: Warn if curl and libcurl versions do not match
    - tool_help: include for strcasecmp
    - url: always clone the CUROPT_CURLU handle
    - url: convert the zone id from a IPv6 URL to correct scope id
    - urlapi: add CURLUPART_ZONEID to set and get
    - urlapi: increase supported scheme length to 40 bytes
    - urlapi: require a non-zero host name length when parsing URL
    - urlapi: stricter CURLUPART_PORT parsing
    - urlapi: strip off zone id from numerical IPv6 addresses
    - urlapi: urlencode characters above 0x7f correctly
    - vauth/cleartext: update the PLAIN login to match RFC 4616
    - vauth/oauth2: Fix OAUTHBEARER token generation
    - vauth: Fix incorrect function description for Curl_auth_user_contains_domain
    - vtls: fix potential ssl_buffer stack overflow
    - wildcard: disable from build when FTP isn't present
    - xattr: skip unittest on unsupported platforms
* Tue Apr 09 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Install curl.fish completions file from curl rather than from the fish package
* Tue Apr 09 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - update to version 7.64.1
    * Changes:
    - alt-svc: experiemental support added
    - configure: add --with-amissl
    * Bugfixes:
    - AppVeyor: switch VS 2015 builds to VS 2017 image
    - CURLU: fix NULL dereference when used over proxy
    - Curl_easy: remove req.maxfd - never used!
    - Curl_resolv: fix a gcc -Werror=maybe-uninitialized warning
    - DoH: inherit some SSL options from user's easy handle
    - Secure Transport: no more "darwinssl"
    - Secure Transport: tvOS 11 is required for ALPN support
    - cirrus: Added FreeBSD builds using Cirrus CI
    - cleanup: make local functions static
    - cli tool: do not use mime.h private structures
    - cmdline-opts/proxytunnel.d: the option tunnnels all protocols
    - configure: add additional libraries to check for LDAP support
    - configure: remove the unused fdopen macro
    - configure: show features as well in the final summary
    - conncache: use conn->data to know if a transfer owns it
    - connection: never reuse CONNECT_ONLY connections
    - connection_check: restore original conn->data after the check
    - connection_check: set ->data to the transfer doing the check
    - cookie: Add support for cookie prefixes
    - cookies: dotless names can set cookies again
    - cookies: fix NULL dereference if flushing cookies with no CookieInfo set
    - curl.1: --user and --proxy-user are hidden from ps output
    - curl.1: mark the argument to --cookie as
    - curl.h: use __has_declspec_attribute for shared builds
    - curl: display --version features sorted alphabetically
    - curl: fix FreeBSD compiler warning in the --xattr code
    - curl: remove MANUAL from -M output
    - curl_easy_duphandle.3: clarify that a duped handle has no shares
    - curl_multi_remove_handle.3: use at any time, just not from within callbacks
    - curl_url.3: this API is not experimental anymore
    - dns: release sharelock as soon as possible
    - docs: update max-redirs.d phrasing
    - examples/10-at-a-time.c: improve readability and simplify
    - examples/cacertinmem.c: use multiple certificates for loading CA-chain
    - examples/crawler: Fix the Accept-Encoding setting
    - examples/ephiperfifo.c: various fixes
    - examples/externalsocket: add missing close socket calls
    - examples/http2-download: cleaned up
    - examples/http2-serverpush: add some sensible error checks
    - examples/http2-upload: cleaned up
    - examples/httpcustomheader: Value stored to 'res' is never read
    - examples/postinmemory: Potential leak of memory pointed to by 'chunk.memory'
    - examples/sftpuploadresume: Value stored to 'result' is never read
    - examples: only include
    - examples: remove recursive calls to curl_multi_socket_action
    - examples: remove superfluous null-pointer checks
    - file: fix "Checking if unsigned variable 'readcount' is less than zero."
    - fnmatch: disable if FTP is disabled
    - gnutls: remove call to deprecated gnutls_compression_get_name
    - gopher: remove check for path == NULL
    - gssapi: fix deprecated header warnings
    - hostip: make create_hostcache_id avoid alloc + free
    - http2: multi_connchanged() moved from multi.c, only used for h2
    - http2: verify :athority in push promise requests
    - http: make adding a blank header thread-safe
    - http: send payload when (proxy) authentication is done
    - http: set state.infilesize when sending multipart formposts
    - makefile: make checksrc and hugefile commands "silent"
    - mbedtls: make it build even if MBEDTLS_VERSION_C isn't set
    - mbedtls: release sessionid resources on error
    - memdebug: log pointer before freeing its data
    - memdebug: make debug-specific functions use curl_dbg_ prefix
    - mime: put the boundary buffer into the curl_mime struct
    - multi: call multi_done on connect timeouts, fixes CURLINFO_TOTAL_TIME
    - multi: remove verbose "Expire in" ... messages
    - multi: removed unused code for request retries
    - multi: support verbose conncache closure handle
    - negotiate: fix for HTTP POST with Negotiate
    - openssl: add support for TLS ASYNC state
    - openssl: if cert type is ENG and no key specified, key is ENG too
    - pretransfer: don't strlen() POSTFIELDS set for GET requests
    - rand: Fix a mismatch between comments in source and header
    - runtests: detect "schannel" as an alias for "winssl"
    - schannel: be quiet - remove verbose output
    - schannel: close TLS before removing conn from cache
    - schannel: support CALG_ECDH_EPHEM algorithm
    - scripts/completion.pl: also generate fish completion file
    - singlesocket: fix the 'sincebefore' placement
    - source: fix two 'nread' may be used uninitialized warnings
    - ssh: fix Condition '!status' is always true
    - ssh: loop the state machine if not done and not blocking
    - strerror: make the strerror function use local buffers
    - test578: make it read data from the correct test
    - tests: Fixed XML validation errors in some test files
    - tests: add stderr comparison to the test suite
    - tests: fix multiple may be used uninitialized warnings
    - threaded-resolver: shutdown the resolver thread without error message
    - tool_cb_wrt: fix writing to Windows null device NUL
    - tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr
    - tool_operate: build on AmigaOS
    - tool_operate: fix typecheck warning
    - transfer.c: do not compute length of undefined hex buffer
    - travis: add build using gnutls
    - travis: add scan-build
    - travis: bump the used wolfSSL version to 4.0.0
    - travis: enable valgrind for the iconv tests
    - travis: use updated compiler versions: clang 7 and gcc 8
    - unit1307: require FTP support
    - unit1651: survive curl_easy_init() fails
    - url/idnconvert: remove scan for <= 32 ascii values
    - url: change conn shutdown order to ensure SOCKETFUNCTION callbacks
    - urlapi: reduce variable scope, remove unreachable 'break'
    - urldata: convert bools to bitfields and move to end
    - urldata: simplify bytecounters
    - urlglob: Argument with 'nonnull' attribute passed null
    - version.c: silent scan-build even when librtmp is not enabled
    - vtls: rename some of the SSL functions
    - wolfssl: stop custom-adding curves
    - x509asn1: "Dereference of null pointer"
    - x509asn1: cleanup and unify code layout
    - zsh.pl: escape ':' character
    - zsh.pl: update regex to better match curl -h output
  - Dropped patches fixed upstream:
    * 0001-connection_check-set-data-to-the-transfer-doing-the-.patch
    * 0002-connection_check-restore-original-conn-data-after-th.patch
    * curl-singlesocket-sincebefore-placement.patch
* Mon Mar 18 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Fix variable placement that wasn't properly reset within a loop
    missing to notify sockets. [bsc#1129083, bsc#1129470]
    * Added curl-singlesocket-sincebefore-placement.patch
* Fri Mar 08 2019 Fabian Vogt <fvogt@suse.com>
  - Add patches to fix use-after-free (boo#1127849):
    * 0001-connection_check-set-data-to-the-transfer-doing-the-.patch
    * 0002-connection_check-restore-original-conn-data-after-th.patch
* Wed Feb 27 2019 Stephan Kulow <coolo@suse.com>
  - BuildRequire libcurl4-mini for !bootstrap to avoid build cycles
    due to cmake pulling libcurl4
* Wed Feb 06 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - update to version 7.64.0
    [bcs#1123371, CVE-2018-16890][bcs#1123377, CVE-2019-3822]
    [bcs#1123378, CVE-2019-3823]
    * Changes:
    - cookies: leave secure cookies alone
    - hostip: support wildcard hosts
    - http: Implement trailing headers for chunked transfers
    - http: added options for allowing HTTP/0.9 responses
    - timeval: Use high resolution timestamps on Windows
    * Bugfixes:
    - CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
    - CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
    - CVE-2019-3823: SMTP end-of-response out-of-bounds read
    - FAQ: remove mention of sourceforge for github
    - OS400: handle memory error in list conversion
    - OS400: upgrade ILE/RPG binding.
    - README: add codacy code quality badge
    - Revert http_negotiate: do not close connection
    - THANKS: added several missing names from year <= 2000
    - build: make 'tidy' target work for metalink builds
    - cmake: added checks for variadic macros
    - cmake: updated check for HAVE_POLL_FINE to match autotools
    - cmake: use lowercase for function name like the rest of the code
    - configure: detect xlclang separately from clang
    - configure: fix recv/send/select detection on Android
    - configure: rewrite --enable-code-coverage
    - conncache_unlock: avoid indirection by changing input argument type
    - cookie: fix comment typo
    - cookies: allow secure override when done over HTTPS
    - cookies: extend domain checks to non psl builds
    - cookies: skip custom cookies when redirecting cross-site
    - curl --xattr: strip credentials from any URL that is stored
    - curl -J: refuse to append to the destination file
    - curl/urlapi.h: include "curl.h" first
    - curl_multi_remove_handle() don't block terminating c-ares requests
    - darwinssl: accept setting max-tls with default min-tls
    - disconnect: separate connections and easy handles better
    - disconnect: set conn->data for protocol disconnect
    - docs/version.d: mention MultiSSL
    - docs: fix the --tls-max description
    - docs: use $(INSTALL_DATA) to install man page
    - docs: use meaningless port number in CURLOPT_LOCALPORT example
    - gopher: always include the entire gopher-path in request
    - http2: clear pause stream id if it gets closed
    - if2ip: remove unused function Curl_if_is_interface_name
    - libssh: do not let libssh create socket
    - libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh
    - libssh: free sftp_canonicalize_path() data correctly
    - libtest/stub_gssapi: use "real" snprintf
    - mbedtls: use VERIFYHOST
    - multi: multiplexing improvements
    - multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
    - ntlm: fix NTMLv2 compliance
    - ntlm_sspi: add support for channel binding
    - openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
    - openssl: fix the SSL_get_tlsext_status_ocsp_resp call
    - openvms: fix OpenSSL discovery on VAX
    - openvms: fix typos in documentation
    - os400: add a missing closing bracket
    - os400: fix extra parameter syntax error
    - pingpong: change default response timeout to 120 seconds
    - pingpong: ignore regular timeout in disconnect phase
    - printf: fix format specifiers
    - runtests.pl: Fix perl call to include srcdir
    - schannel: fix compiler warning
    - schannel: preserve original certificate path parameter
    - schannel: stop calling it "winssl"
    - sigpipe: if mbedTLS is used, ignore SIGPIPE
    - smb: fix incorrect path in request if connection reused
    - ssh: log the libssh2 error message when ssh session startup fails
    - test1558: verify CURLINFO_PROTOCOL on file:// transfer
    - test1561: improve test name
    - test1653: make it survive torture tests
    - tests: allow tests to pass by 2037-02-12
    - tests: move objnames-* from lib into tests
    - timediff: fix math for unsigned time_t
    - timeval: Disable MSVC Analyzer GetTickCount warning
    - tool_cb_prg: avoid integer overflow
    - travis: added cmake build for osx
    - urlapi: Fix port parsing of eol colon
    - urlapi: distinguish possibly empty query
    - urlapi: fix parsing ipv6 with zone index
    - urldata: rename easy_conn to just conn
    - winbuild: conditionally use /DZLIB_WINAPI
    - wolfssl: fix memory-leak in threaded use
    - spnego_sspi: add support for channel binding
* Mon Jan 28 2019 Jan Engelhardt <jengelh@inai.de>
  - Fix wrong summary, curl is at version 7, not 4.
* Fri Jan 18 2019 Vítězslav Čížek <vcizek@suse.com>
  - Provide libcurl4 = %version in the mini library package

Files

/usr/lib64/libcurl.so.4
/usr/lib64/libcurl.so.4.8.0
/usr/share/licenses/libcurl4
/usr/share/licenses/libcurl4/COPYING


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Aug 2 00:05:10 2022