diff --git a/.curl.metadata b/.curl.metadata
index edb7094de9d94a3df499bf1f59555e354be1df2b..c8a76f70686419b5cd9646a4bcde7fe9808c644f 100644
--- a/.curl.metadata
+++ b/.curl.metadata
@@ -1,2 +1,2 @@
-3ccd55d91af9516539df80625f818c734dc6f2ecf9bada33c76765e99121db15 SOURCES/curl-8.6.0.tar.xz
+f292f6cc051d5bbabf725ef85d432dfeacc8711dd717ea97612ae590643801e5 SOURCES/curl-8.9.1.tar.xz
64619d3c1a2b68da837014b2ab02a049ed2c69aaebfa10a20a4f29dab003ecb8 SOURCES/mykey.asc
diff --git a/SOURCES/0101-curl-7.32.0-multilib.patch b/SOURCES/0101-curl-7.32.0-multilib.patch
index 328d3a45867b412a598af62505fc1585773619f6..9ea1b2087fa15ab850662787afb11f6d535e85e3 100644
--- a/SOURCES/0101-curl-7.32.0-multilib.patch
+++ b/SOURCES/0101-curl-7.32.0-multilib.patch
@@ -14,66 +14,67 @@ index 54f92d9..15a60da 100644
--- a/curl-config.in
+++ b/curl-config.in
@@ -78,7 +78,7 @@ while test $# -gt 0; do
- ;;
+ ;;
- --cc)
-- echo "@CC@"
-+ echo "gcc"
- ;;
+ --cc)
+- echo '@CC@'
++ echo "gcc"
+ ;;
- --prefix)
-@@ -157,32 +157,19 @@ while test $# -gt 0; do
- ;;
+ --prefix)
+@@ -157,33 +157,20 @@ while test $# -gt 0; do
+ ;;
- --libs)
-- if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then
-- CURLLIBDIR="-L@libdir@ "
-- else
-- CURLLIBDIR=""
-- fi
-- if test "X@ENABLE_SHARED@" = "Xno"; then
-- echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@
-- else
-- echo ${CURLLIBDIR}-lcurl
-- fi
-+ echo -lcurl
- ;;
- --ssl-backends)
- echo "@SSL_BACKENDS@"
- ;;
+ --libs)
+- if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then
+- CURLLIBDIR="-L@libdir@ "
+- else
+- CURLLIBDIR=""
+- fi
+- if test "X@ENABLE_SHARED@" = "Xno"; then
+- echo "${CURLLIBDIR}-lcurl @LIBCURL_LIBS@"
+- else
+- echo "${CURLLIBDIR}-lcurl"
+- fi
++ echo -lcurl
+ ;;
- --static-libs)
-- if test "X@ENABLE_STATIC@" != "Xno" ; then
-- echo "@libdir@/libcurl.@libext@" @LDFLAGS@ @LIBCURL_LIBS@
-- else
-- echo "curl was built with static libraries disabled" >&2
-- exit 1
-- fi
-+ echo "curl was built with static libraries disabled" >&2
-+ exit 1
- ;;
+ --ssl-backends)
+ echo '@SSL_BACKENDS@'
+ ;;
- --configure)
-- echo @CONFIGURE_OPTIONS@
-+ pkg-config libcurl --variable=configure_options | sed 's/^"//;s/"$//'
- ;;
+ --static-libs)
+- if test "X@ENABLE_STATIC@" != "Xno" ; then
+- echo "@libdir@/libcurl.@libext@" @LDFLAGS@ @LIBCURL_LIBS@
+- else
+- echo 'curl was built with static libraries disabled' >&2
+- exit 1
+- fi
++ echo "curl was built with static libraries disabled" >&2
++ exit 1
+ ;;
- *)
+ --configure)
+- echo @CONFIGURE_OPTIONS@
++ pkg-config libcurl --variable=configure_options | sed 's/^"//;s/"$//'
+ ;;
+
+ *)
diff --git a/docs/curl-config.1 b/docs/curl-config.1
index c142cb9..0e189b4 100644
---- a/docs/curl-config.1
-+++ b/docs/curl-config.1
+--- a/docs/curl-config.md
++++ b/docs/curl-config.md
@@ -48,7 +48,9 @@ no, one or several names. If more than one name, they will appear
- comma\-separated. (Added in 7.58.0)
- .IP --static-libs
- Shows the complete set of libs and other linker options you will need in order
--to link your application with libcurl statically. (Added in 7.17.1)
-+to link your application with libcurl statically. Note that Fedora/RHEL libcurl
+ ## --static-libs
+
+ Shows the complete set of libs and other linker options you need in order to
+-link your application with libcurl statically. (Added in 7.17.1)
++link your application with libcurl statically. Note that Fedora/RHEL libcurl
+packages do not provide any static libraries, thus cannot be linked statically.
+(Added in 7.17.1)
- .IP --version
- Outputs version information about the installed libcurl.
- .IP --vernum
+
+ ## --version
+
diff --git a/libcurl.pc.in b/libcurl.pc.in
index 9db6b0f..dcac692 100644
--- a/libcurl.pc.in
diff --git a/SOURCES/0102-curl-7.88.0-tests-warnings.patch b/SOURCES/0102-curl-7.88.0-tests-warnings.patch
new file mode 100644
index 0000000000000000000000000000000000000000..b4bdf4e46e5f7609cffcef5092d1ca53508bac26
--- /dev/null
+++ b/SOURCES/0102-curl-7.88.0-tests-warnings.patch
@@ -0,0 +1,30 @@
+From d506d885aa16b4a87acbac082eea41dccdc7b69f Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Wed, 15 Feb 2023 10:42:38 +0100
+Subject: [PATCH] Revert "runtests: consider warnings fatal and error on them"
+
+While it might be useful for upstream developers, it is not so useful
+for downstream consumers.
+
+This reverts upstream commit 22f795c834cfdbacbb1b55426028a581e3cf67a8.
+---
+ tests/runtests.pl | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/tests/runtests.pl b/tests/runtests.pl
+index 71644ad18..0cf85c3fe 100755
+--- a/tests/runtests.pl
++++ b/tests/runtests.pl
+@@ -55,8 +55,7 @@
+ # given, this won't be a problem.
+
+ use strict;
+-# Promote all warnings to fatal
+-use warnings FATAL => 'all';
++use warnings;
+ use 5.006;
+ use POSIX qw(strftime);
+
+--
+2.39.1
+
diff --git a/SOURCES/curl-8.9.1.tar.xz.asc b/SOURCES/curl-8.9.1.tar.xz.asc
new file mode 100644
index 0000000000000000000000000000000000000000..b5c59474a910765de03290d30bd75f306c5a8c39
--- /dev/null
+++ b/SOURCES/curl-8.9.1.tar.xz.asc
@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmap30kACgkQXMkI/bce
+EsKX+wf/brccw5rGTAbmjj7WGBfbAmwrSsDexTXRiEBXT/+qhkWIplN6wdtsZ86I
+tUraaapoyvRKLa3Wxlv9fSF/xXji+5lhO/W9pfWxwZNeSZFiOgKcK/Li4Fx0c7t4
+WpxkAbRvbJreA40BR32qSgnNNjKU5QX/ivf67B1EFL71kgsCW/QczB6mcuxszlkN
+ro39Jb8hDtnAD3hHXrTEaW3lOEgf/Jo/a1Zii3+W3OkW+uZHwzUoqe+HLGHYM2vW
+Q3hBVQaEWmNIwArA73s/kOiFATLthUTvSJO56ebLQJFHJf61cwqSsg2o07i5SqEc
+QlKzV/h7ydbBWdHiSTpCMxue7tLUZw==
+=EiUG
+-----END PGP SIGNATURE-----
diff --git a/SPECS/curl.spec b/SPECS/curl.spec
index e6211832efcba914864f1bfcaad10a758f0f1bed..7ca674d004dfab27066a8058c035e87d4b29f81e 100644
--- a/SPECS/curl.spec
+++ b/SPECS/curl.spec
@@ -1,7 +1,7 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
-Version: 8.6.0
-Release: 8%{?dist}
+Version: 8.9.1
+Release: 1%{?dist}
License: curl
Source0: https://curl.se/download/%{name}-%{version}.tar.xz
Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
@@ -10,32 +10,11 @@ Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
# which points to the GPG key as of April 7th 2016 of https://daniel.haxx.se/mykey.asc
Source2: mykey.asc
-# remove duplicate content from curl-config.1
-Patch001: 0001-curl-8.6.0-remove-duplicate-content.patch
-
-# ignore response bode to HEAD requests
-# https://bodhi.fedoraproject.org/updates/FEDORA-2024-634a6662aa
-Patch002: 0002-curl-8.6.0-ignore-response-body-to-HEAD.patch
-
-# revert "receive max buffer" + add test case
-# it breaks pycurl tests suite
-Patch003: 0003-curl-8.6.0-vtls-revert-receive-max-buffer-add-test-case.patch
-
-# http2: push headers better cleanup (CVE-2024-2398)
-# provide common cleanup method for push headers
-Patch004: 0004-curl-8.6.0-CVE-2024-2398.patch
-
-# setopt: Fix disabling all protocols (CVE-2024-2004)
-Patch005: 0005-curl-8.6.0-CVE-2024-2004.patch
-
# patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch
-# test3026: disable valgrind
-Patch102: 0102-curl-7.84.0-test3026.patch
-
# do not fail on warnings in the upstream test driver
-Patch104: 0104-curl-7.88.0-tests-warnings.patch
+Patch102: 0102-curl-7.88.0-tests-warnings.patch
Provides: curl-full = %{version}-%{release}
# do not fail when trying to install curl-minimal after drop
@@ -218,13 +197,6 @@ be installed.
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%autosetup -p1
-# temporarily disable test 0313
-# <https://bugzilla.redhat.com/show_bug.cgi?id=2263877>
-# <https://github.com/curl/curl/pull/11531>
-# disable test 1801
-# <https://github.com/bagder/curl/commit/21e82bd6#commitcomment-12226582>
-printf "313\n1801\n" >> tests/data/DISABLED
-
# test3026: avoid pthread_create() failure due to resource exhaustion on i386
%ifarch %{ix86}
sed -e 's|NUM_THREADS 1000$|NUM_THREADS 256|' \
@@ -265,7 +237,8 @@ export common_configure_opts=" \
--with-gssapi \
--with-libidn2 \
--with-nghttp2 \
- --with-ssl --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt"
+ --with-ssl --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt \
+ --with-zsh-functions-dir"
%global _configure ../configure
@@ -425,6 +398,9 @@ rm -f ${RPM_BUILD_ROOT}%{_mandir}/man1/mk-ca-bundle.1*
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog
+* Wed Jul 31 2024 Jacek Migacz <jmigacz@redhat.com> - 8.9.1-1
+- new upstream release (RHEL-50806)
+
* Tue Jul 9 2024 Jacek Migacz <jmigacz@redhat.com> - 8.6.0-8
- disable OpenSSL Engine API support (RHEL-30436)
- setopt: Fix disabling all protocols (CVE-2024-2004)