Commit 7a92a58e authored by Rocky Automation's avatar Rocky Automation 📺
Browse files

import curl-7.61.1-18.el8_4.1

parent 98f45c7f
This diff is collapsed.
Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl Name: curl
Version: 7.61.1 Version: 7.61.1
Release: 18%{?dist} Release: 18%{?dist}.1
License: MIT License: MIT
Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz
...@@ -79,6 +79,9 @@ Patch27: 0027-curl-7.61.1-CVE-2020-8286.patch ...@@ -79,6 +79,9 @@ Patch27: 0027-curl-7.61.1-CVE-2020-8286.patch
# http: send payload when (proxy) authentication is done (#1918692) # http: send payload when (proxy) authentication is done (#1918692)
Patch28: 0028-curl-7.61.1-http-auth-payload.patch Patch28: 0028-curl-7.61.1-http-auth-payload.patch
# fix bad connection reuse due to flawed path name checks (CVE-2021-22924)
Patch31: 0031-curl-7.61.1-CVE-2021-22924.patch
# patch making libcurl multilib ready # patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch Patch101: 0101-curl-7.32.0-multilib.patch
...@@ -104,7 +107,6 @@ BuildRequires: gcc ...@@ -104,7 +107,6 @@ BuildRequires: gcc
BuildRequires: groff BuildRequires: groff
BuildRequires: krb5-devel BuildRequires: krb5-devel
BuildRequires: libidn2-devel BuildRequires: libidn2-devel
BuildRequires: libmetalink-devel
BuildRequires: libnghttp2-devel BuildRequires: libnghttp2-devel
BuildRequires: libpsl-devel BuildRequires: libpsl-devel
BuildRequires: libssh-devel BuildRequires: libssh-devel
...@@ -278,6 +280,7 @@ sed -e 's|%%HTTPPORT|%{?__isa_bits}90|g' -i tests/data/test1448 ...@@ -278,6 +280,7 @@ sed -e 's|%%HTTPPORT|%{?__isa_bits}90|g' -i tests/data/test1448
%patch26 -p1 %patch26 -p1
%patch27 -p1 %patch27 -p1
%patch28 -p1 %patch28 -p1
%patch31 -p1
# make tests/*.py use Python 3 # make tests/*.py use Python 3
sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py
...@@ -314,6 +317,7 @@ export common_configure_opts=" \ ...@@ -314,6 +317,7 @@ export common_configure_opts=" \
--enable-symbol-hiding \ --enable-symbol-hiding \
--enable-ipv6 \ --enable-ipv6 \
--enable-threaded-resolver \ --enable-threaded-resolver \
--without-libmetalink \
--with-gssapi \ --with-gssapi \
--with-nghttp2 \ --with-nghttp2 \
--with-ssl --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt" --with-ssl --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt"
...@@ -329,7 +333,6 @@ export common_configure_opts=" \ ...@@ -329,7 +333,6 @@ export common_configure_opts=" \
--disable-manual \ --disable-manual \
--without-brotli \ --without-brotli \
--without-libidn2 \ --without-libidn2 \
--without-libmetalink \
--without-libpsl \ --without-libpsl \
--without-libssh --without-libssh
) )
...@@ -343,7 +346,6 @@ export common_configure_opts=" \ ...@@ -343,7 +346,6 @@ export common_configure_opts=" \
--enable-manual \ --enable-manual \
--with-brotli \ --with-brotli \
--with-libidn2 \ --with-libidn2 \
--with-libmetalink \
--with-libpsl \ --with-libpsl \
--with-libssh --with-libssh
) )
...@@ -441,6 +443,12 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la ...@@ -441,6 +443,12 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog %changelog
* Thu Aug 05 2021 Kamil Dudka <kdudka@redhat.com> - 7.61.1-18.el8_4.1
- fix bad connection reuse due to flawed path name checks (CVE-2021-22924)
- disable metalink support to fix the following vulnerabilities
CVE-2021-22923 - metalink download sends credentials
CVE-2021-22922 - wrong content via metalink not discarded
* Thu Jan 28 2021 Kamil Dudka <kdudka@redhat.com> - 7.61.1-18 * Thu Jan 28 2021 Kamil Dudka <kdudka@redhat.com> - 7.61.1-18
- http: send payload when (proxy) authentication is done (#1918692) - http: send payload when (proxy) authentication is done (#1918692)
- curl: Inferior OCSP verification (CVE-2020-8286) - curl: Inferior OCSP verification (CVE-2020-8286)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment