From 0ad6eeb7155f933757a5fcb7eba2812627c5a783 Mon Sep 17 00:00:00 2001
From: Peridot Bot <rockyautomation@rockylinux.org>
Date: Tue, 5 Dec 2023 00:47:24 +0000
Subject: [PATCH] import curl-7.76.1-26.el9_3.2

---
 SPECS/curl.spec | 66 ++++++++++++++++++++++++-------------------------
 1 file changed, 33 insertions(+), 33 deletions(-)

diff --git a/SPECS/curl.spec b/SPECS/curl.spec
index 00b0b75..f2c0c82 100644
--- a/SPECS/curl.spec
+++ b/SPECS/curl.spec
@@ -1,105 +1,105 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.76.1
-Release: 26%{?dist}.2.0.1
+Release: 26%{?dist}.2
 License: MIT
 Source: https://curl.se/download/%{name}-%{version}.tar.xz
 
 # http2: fix resource leaks detected by Coverity
-Patch1: 0001-curl-7.76.1-resource-leaks.patch
+Patch1:   0001-curl-7.76.1-resource-leaks.patch
 
 # fix TELNET stack contents disclosure (CVE-2021-22898)
-Patch2: 0002-curl-7.76.1-CVE-2021-22898.patch
+Patch2:   0002-curl-7.76.1-CVE-2021-22898.patch
 
 # fix TLS session caching disaster (CVE-2021-22901)
-Patch3: 0003-curl-7.76.1-CVE-2021-22901.patch
+Patch3:   0003-curl-7.76.1-CVE-2021-22901.patch
 
 # fix SIGSEGV upon disconnect of a ldaps:// transfer (#1941925)
-Patch4: 0004-curl-7.76.1-ldaps-segv.patch
+Patch4:   0004-curl-7.76.1-ldaps-segv.patch
 
 # fix bad connection reuse due to flawed path name checks (CVE-2021-22924)
-Patch5: 0005-curl-7.76.1-CVE-2021-22924.patch
+Patch5:   0005-curl-7.76.1-CVE-2021-22924.patch
 
 # fix TELNET stack contents disclosure again (CVE-2021-22925)
-Patch6: 0006-curl-7.76.1-CVE-2021-22925.patch
+Patch6:   0006-curl-7.76.1-CVE-2021-22925.patch
 
 # fix use-after-free and double-free in MQTT sending (CVE-2021-22945)
-Patch7: 0007-curl-7.76.1-CVE-2021-22945.patch
+Patch7:   0007-curl-7.76.1-CVE-2021-22945.patch
 
 # fix protocol downgrade required TLS bypass (CVE-2021-22946)
-Patch8: 0008-curl-7.76.1-CVE-2021-22946.patch
+Patch8:   0008-curl-7.76.1-CVE-2021-22946.patch
 
 # fix STARTTLS protocol injection via MITM (CVE-2021-22947)
-Patch9: 0009-curl-7.76.1-CVE-2021-22947.patch
+Patch9:   0009-curl-7.76.1-CVE-2021-22947.patch
 
 # fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
-Patch10: 0010-curl-7.76.1-CVE-2022-22576.patch
+Patch10:  0010-curl-7.76.1-CVE-2022-22576.patch
 
 # fix bad local IPv6 connection reuse (CVE-2022-27775)
-Patch11: 0011-curl-7.76.1-CVE-2022-27775.patch
+Patch11:  0011-curl-7.76.1-CVE-2022-27775.patch
 
 # fix auth/cookie leak on redirect (CVE-2022-27776)
-Patch12: 0012-curl-7.76.1-CVE-2022-27776.patch
+Patch12:  0012-curl-7.76.1-CVE-2022-27776.patch
 
 # fix credential leak on redirect (CVE-2022-27774)
-Patch13: 0013-curl-7.76.1-CVE-2022-27774.patch
+Patch13:  0013-curl-7.76.1-CVE-2022-27774.patch
 
 # fix too eager reuse of TLS and SSH connections (CVE-2022-27782)
-Patch14: 0014-curl-7.76.1-CVE-2022-27782.patch
+Patch14:  0014-curl-7.76.1-CVE-2022-27782.patch
 
 # make upstream tests work with openssh-8.7p1
-Patch15: 0015-curl-7.76.1-tests-openssh.patch
+Patch15:  0015-curl-7.76.1-tests-openssh.patch
 
 # fix FTP-KRB bad message verification (CVE-2022-32208)
-Patch16: 0016-curl-7.76.1-CVE-2022-32208.patch
+Patch16:  0016-curl-7.76.1-CVE-2022-32208.patch
 
 # fix HTTP compression denial of service (CVE-2022-32206)
-Patch17: 0017-curl-7.76.1-CVE-2022-32206.patch
+Patch17:  0017-curl-7.76.1-CVE-2022-32206.patch
 
 # fix unpreserved file permissions (CVE-2022-32207)
-Patch19: 0019-curl-7.76.1-CVE-2022-32207.patch
+Patch19:  0019-curl-7.76.1-CVE-2022-32207.patch
 
 # fix build failure caused by openldap rebase (#2094159)
-Patch20: 0020-curl-7.76.1-openldap-rebase.patch
+Patch20:  0020-curl-7.76.1-openldap-rebase.patch
 
 # control code in cookie denial of service (CVE-2022-35252)
-Patch21: 0021-curl-7.76.1-CVE-2022-35252.patch
+Patch21:  0021-curl-7.76.1-CVE-2022-35252.patch
 
 # fix POST following PUT confusion (CVE-2022-32221)
-Patch22: 0022-curl-7.76.1-CVE-2022-32221.patch
+Patch22:  0022-curl-7.76.1-CVE-2022-32221.patch
 
 # smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552)
-Patch23: 0023-curl-7.76.1-CVE-2022-43552.patch
+Patch23:  0023-curl-7.76.1-CVE-2022-43552.patch
 
 # fix HTTP multi-header compression denial of service (CVE-2023-23916)
-Patch24: 0024-curl-7.76.1-CVE-2023-23916.patch
+Patch24:  0024-curl-7.76.1-CVE-2023-23916.patch
 
 # fix TELNET option IAC injection (CVE-2023-27533)
-Patch25: 0025-curl-7.76.1-CVE-2023-27533.patch
+Patch25:  0025-curl-7.76.1-CVE-2023-27533.patch
 
 # fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
-Patch26: 0026-curl-7.76.1-CVE-2023-27534.patch
+Patch26:  0026-curl-7.76.1-CVE-2023-27534.patch
 
 # fix FTP too eager connection reuse (CVE-2023-27535)
-Patch27: 0027-curl-7.76.1-CVE-2023-27535.patch
+Patch27:  0027-curl-7.76.1-CVE-2023-27535.patch
 
 # fix GSS delegation too eager connection re-use (CVE-2023-27536)
-Patch28: 0028-curl-7.76.1-CVE-2023-27536.patch
+Patch28:  0028-curl-7.76.1-CVE-2023-27536.patch
 
 # fix SSH connection too eager reuse still (CVE-2023-27538)
-Patch29: 0029-curl-7.76.1-CVE-2023-27538.patch
+Patch29:  0029-curl-7.76.1-CVE-2023-27538.patch
 
 # unify the upload/method handling (CVE-2023-28322)
-Patch30: 0030-curl-7.76.1-CVE-2023-28322.patch
+Patch30:  0030-curl-7.76.1-CVE-2023-28322.patch
 
 # fix host name wildcard checking
-Patch31: 0031-curl-7.76.1-CVE-2023-28321.patch
+Patch31:  0031-curl-7.76.1-CVE-2023-28321.patch
 
 # return error if hostname too long for remote resolve (CVE-2023-38545)
-Patch32: 0032-curl-7.76.1-CVE-2023-38545.patch
+Patch32:  0032-curl-7.76.1-CVE-2023-38545.patch
 
 # fix cookie injection with none file (CVE-2023-38546)
-Patch33: 0033-curl-7.61.1-CVE-2023-38546.patch
+Patch33:  0033-curl-7.61.1-CVE-2023-38546.patch
 
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
-- 
GitLab