ELSA-2015-2159

Описание

[7.29.0-25.0.1]

• disable check to make build pass

[7.29.0-25]

• fix spurious failure of test 1500 on ppc64le (#1218272)

[7.29.0-24]

• use the default min/max TLS version provided by NSS (#1170339)
• improve handling of timeouts and blocking direction to speed up FTP (#1218272)

[7.29.0-23]

• require credentials to match for NTLM re-use (CVE-2015-3143)
• close Negotiate connections when done (CVE-2015-3148)

[7.29.0-22]

• reject CRLFs in URLs passed to proxy (CVE-2014-8150)

[7.29.0-21]

• use only full matches for hosts used as IP address in cookies (CVE-2014-3613)
• fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707)

[7.29.0-20]

• eliminate unnecessary delay when resolving host from /etc/hosts (#1130239)
• allow to enable/disable new AES cipher-suites (#1066065)
• call PR_Cleanup() on curl tool exit if NSPR is used (#1071254)
• implement non-blocking TLS handshake (#1091429)
• fix limited connection re-use for unencrypted HTTP (#1101092)
• disable libcurl-level downgrade to SSLv3 (#1154060)
• include response headers added by proxy in CURLINFO_HEADER_SIZE (#1161182)
• ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth (#1166264)