hemu312/curl
1
0
Fork 0
forked from rpms/curl
Code Pull Requests Activity

Resolves: CVE-2021-22901 - fix TLS session caching disaster

Browse Source
This commit is contained in:
Kamil Dudka 2021-05-26 10:22:51 +02:00
parent aa689a0f22
commit bc006791a4
2 changed files with 1017 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1012
0003-curl-7.76.1-CVE-2021-22901.patch Normal file
View File

File diff suppressed because it is too large Load Diff

5
curl.spec
View File

@ -11,6 +11,9 @@ Patch1: 0001-curl-7.76.1-resource-leaks.patch
# fix TELNET stack contents disclosure (CVE-2021-22898) # fix TELNET stack contents disclosure (CVE-2021-22898)
Patch2: 0002-curl-7.76.1-CVE-2021-22898.patch Patch2: 0002-curl-7.76.1-CVE-2021-22898.patch
# fix TLS session caching disaster (CVE-2021-22901)
Patch3: 0003-curl-7.76.1-CVE-2021-22901.patch
# patch making libcurl multilib ready # patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch Patch101: 0101-curl-7.32.0-multilib.patch
@ -188,6 +191,7 @@ be installed.
# upstream patches # upstream patches
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3 -p1
# Fedora patches # Fedora patches
%patch101 -p1 %patch101 -p1
@ -369,6 +373,7 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%changelog %changelog
* Wed May 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-3 * Wed May 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-3
- fix TLS session caching disaster (CVE-2021-22901)
- fix TELNET stack contents disclosure (CVE-2021-22898) - fix TELNET stack contents disclosure (CVE-2021-22898)
* Mon May 03 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-2 * Mon May 03 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-2