From 359180b2e6a0824fa69fb3b1077940aab69827a8 Mon Sep 17 00:00:00 2001
From: DistroBaker <osci-list@redhat.com>
Date: Thu, 10 Dec 2020 01:12:41 +0100
Subject: [PATCH] Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/curl.git#182c2a8bbbeee42a6e4d16817c764f624390d87d
---
 0101-curl-7.32.0-multilib.patch         |  4 ++--
 0105-curl-7.63.0-lib1560-valgrind.patch |  2 +-
 curl-7.73.0.tar.xz.asc                  | 11 -----------
 curl-7.74.0.tar.xz.asc                  | 11 +++++++++++
 curl.spec                               | 22 ++++++++++++++--------
 sources                                 |  2 +-
 6 files changed, 29 insertions(+), 23 deletions(-)
 delete mode 100644 curl-7.73.0.tar.xz.asc
 create mode 100644 curl-7.74.0.tar.xz.asc

diff --git a/0101-curl-7.32.0-multilib.patch b/0101-curl-7.32.0-multilib.patch
index 295120e..46c8986 100644
--- a/0101-curl-7.32.0-multilib.patch
+++ b/0101-curl-7.32.0-multilib.patch
@@ -85,7 +85,7 @@ index 2ba9c39..f8f8b00 100644
 +configure_options=@CONFIGURE_OPTIONS@
  
  Name: libcurl
- URL: https://curl.haxx.se/
+ URL: https://curl.se/
 -- 
-2.5.0
+2.26.2
 
diff --git a/0105-curl-7.63.0-lib1560-valgrind.patch b/0105-curl-7.63.0-lib1560-valgrind.patch
index c0d390b..f99a737 100644
--- a/0105-curl-7.63.0-lib1560-valgrind.patch
+++ b/0105-curl-7.63.0-lib1560-valgrind.patch
@@ -26,7 +26,7 @@ diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
 index 080421b..ea3b806 100644
 --- a/tests/libtest/Makefile.inc
 +++ b/tests/libtest/Makefile.inc
-@@ -586,6 +586,7 @@ lib1559_SOURCES = lib1559.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+@@ -587,6 +587,7 @@ lib1559_SOURCES = lib1559.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
  lib1559_LDADD = $(TESTUTIL_LIBS)
  
  lib1560_SOURCES = lib1560.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
diff --git a/curl-7.73.0.tar.xz.asc b/curl-7.73.0.tar.xz.asc
deleted file mode 100644
index 41b3394..0000000
--- a/curl-7.73.0.tar.xz.asc
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl+GkkYACgkQXMkI/bce
-EsI5vwf+NwIw3Jmn9lW7/VHNgFWB1Qa0gB4KlDISM2qG9CHzeIW8K50g2JiIAuLa
-CVOfuMi/jg1r2INRLErZzdGDtD71TzjaEv6A/dxWL+k5/ieFxmH5iC80rYWi8EE9
-sv/bx8vEq8ikIqqV7KxYPlX8xMJBMfCs+TNQbzYM3WUDMLYJLpuNiWrzS6h8+mPq
-4w8qYyrNI5x/J3HSJuzyoJy0ueQOQ6CaZwV/ViGBLmFkMKgsAXJu9ImRMmJXKAk5
-MLiVUKI1KpHJNHZS5pLIP5wrjIN3z7FIRxThJ6f/IqUF1mIc6MNnqcER6lBtxeq4
-SuRq9Dx5W2en/g+I5iic8GwkDD+U6A==
-=W3Yh
------END PGP SIGNATURE-----
diff --git a/curl-7.74.0.tar.xz.asc b/curl-7.74.0.tar.xz.asc
new file mode 100644
index 0000000..2712a60
--- /dev/null
+++ b/curl-7.74.0.tar.xz.asc
@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl/QcZ8ACgkQXMkI/bce
+EsJYnggAs5MbJByXsUEI3LzdRvjb2s/dNS/+ubJ98GL+ed8uVsLmGxdF0fS9EPVX
++KoaYbaZwjZJH43+UyqtoFr4GQKhxxhcyZi3477s9Ws9x60yEA21oIggkQLF6X+E
+OEymG0YmNUn/6vvWizCWZtE7TkoWAXEzPLyVbBzoFzfmgzxiQ9//usKCaDh/nCWA
+kouxubBJbpdjk8KTnVf5HMP5PJKs9LeiVh9B2F+Rq1cEvzLrxNlDYptEgH/ml5Sd
+WsWeWttngs2pnZu0pMQNGhdXp6XC5lteN21C1/3hy3KVFUnkqaA+1IHm39wBE73j
+Bmnoi36d+Ub6ZT3Va84Dp/tWJ65Xig==
+=9ka/
+-----END PGP SIGNATURE-----
diff --git a/curl.spec b/curl.spec
index 30b5fb2..027358e 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,9 +1,9 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
-Version: 7.73.0
+Version: 7.74.0
 Release: 2%{?dist}
 License: MIT
-Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz
+Source: https://curl.se/download/%{name}-%{version}.tar.xz
 
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
@@ -19,7 +19,7 @@ Patch105: 0105-curl-7.63.0-lib1560-valgrind.patch
 
 Provides: curl-full = %{version}-%{release}
 Provides: webclient
-URL: https://curl.haxx.se/
+URL: https://curl.se/
 BuildRequires: automake
 BuildRequires: brotli-devel
 BuildRequires: coreutils
@@ -39,6 +39,7 @@ BuildRequires: openssh-server
 BuildRequires: openssl-devel
 BuildRequires: perl-interpreter
 BuildRequires: pkgconfig
+BuildRequires: python-unversioned-command
 BuildRequires: python3-devel
 BuildRequires: sed
 BuildRequires: stunnel
@@ -182,10 +183,6 @@ be installed.
 %patch104 -p1
 %patch105 -p1
 
-# make tests/*.py use Python 3
-sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py
-sed -e 's|^python |%{__python3} |' -i tests/data/test1451
-
 # regenerate the configure script and Makefile.in files
 autoreconf -fiv
 
@@ -318,7 +315,7 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %doc README
 %doc docs/BUGS.md
 %doc docs/FAQ
-%doc docs/FEATURES
+%doc docs/FEATURES.md
 %doc docs/TODO
 %doc docs/TheArtOfHttpScripting.md
 %{_bindir}/curl
@@ -351,6 +348,15 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
 
 %changelog
+* Wed Dec 09 2020 Kamil Dudka <kdudka@redhat.com> - 7.74.0-2
+- do not rewrite shebangs in test-suite to use python3 explicitly
+
+* Wed Dec 09 2020 Kamil Dudka <kdudka@redhat.com> - 7.74.0-1
+- new upstream release, which fixes the following vulnerabilities
+    CVE-2020-8286 - curl: Inferior OCSP verification
+    CVE-2020-8285 - libcurl: FTP wildcard stack overflow
+    CVE-2020-8284 - curl: trusting FTP PASV responses
+
 * Wed Oct 14 2020 Kamil Dudka <kdudka@redhat.com> - 7.73.0-2
 - prevent upstream test 1451 from being skipped
 
diff --git a/sources b/sources
index 586c3da..fec3ccb 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (curl-7.73.0.tar.xz) = 95330bac2d6bc5306d47723b3c7bdb754fabe2ba2df7b2a8027453a40286f1c7caaee69333f0715e59fbc7fdf09080968ea624398c995cabf3d57493973867bd
+SHA512 (curl-7.74.0.tar.xz) = 5d987f0b4d051c9e254f14d4e2a05f7cda9fb0f0ac7b3ca3664a25a51ee5ffe092ee072c0d9a613fcd3f34727d75bba14b70f5500cb110ca818591e071c3e6f4