Commit 7a92a58e authored by Rocky Automation's avatar Rocky Automation 📺
Browse files

import curl-7.61.1-18.el8_4.1

parent 98f45c7f
This diff is collapsed.
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
Version: 7.61.1
Release: 18%{?dist}
Release: 18%{?dist}.1
License: MIT
Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz
......@@ -79,6 +79,9 @@ Patch27: 0027-curl-7.61.1-CVE-2020-8286.patch
# http: send payload when (proxy) authentication is done (#1918692)
Patch28: 0028-curl-7.61.1-http-auth-payload.patch
# fix bad connection reuse due to flawed path name checks (CVE-2021-22924)
Patch31: 0031-curl-7.61.1-CVE-2021-22924.patch
# patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch
......@@ -104,7 +107,6 @@ BuildRequires: gcc
BuildRequires: groff
BuildRequires: krb5-devel
BuildRequires: libidn2-devel
BuildRequires: libmetalink-devel
BuildRequires: libnghttp2-devel
BuildRequires: libpsl-devel
BuildRequires: libssh-devel
......@@ -278,6 +280,7 @@ sed -e 's|%%HTTPPORT|%{?__isa_bits}90|g' -i tests/data/test1448
%patch26 -p1
%patch27 -p1
%patch28 -p1
%patch31 -p1
# make tests/*.py use Python 3
sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py
......@@ -314,6 +317,7 @@ export common_configure_opts=" \
--enable-symbol-hiding \
--enable-ipv6 \
--enable-threaded-resolver \
--without-libmetalink \
--with-gssapi \
--with-nghttp2 \
--with-ssl --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt"
......@@ -329,7 +333,6 @@ export common_configure_opts=" \
--disable-manual \
--without-brotli \
--without-libidn2 \
--without-libmetalink \
--without-libpsl \
--without-libssh
)
......@@ -343,7 +346,6 @@ export common_configure_opts=" \
--enable-manual \
--with-brotli \
--with-libidn2 \
--with-libmetalink \
--with-libpsl \
--with-libssh
)
......@@ -441,6 +443,12 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog
* Thu Aug 05 2021 Kamil Dudka <kdudka@redhat.com> - 7.61.1-18.el8_4.1
- fix bad connection reuse due to flawed path name checks (CVE-2021-22924)
- disable metalink support to fix the following vulnerabilities
CVE-2021-22923 - metalink download sends credentials
CVE-2021-22922 - wrong content via metalink not discarded
* Thu Jan 28 2021 Kamil Dudka <kdudka@redhat.com> - 7.61.1-18
- http: send payload when (proxy) authentication is done (#1918692)
- curl: Inferior OCSP verification (CVE-2020-8286)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment