A utility for getting files from remote servers (FTP, HTTP, and others)
c72bd06c40
No one is interested to read through reports like this upon each update:
```
rpminspect version: 1.11-0.1.202206281908gitc4b3399.el9 (with data package: 1.7-0.1.202206211435git4072215.el9)
rpminspect profile: none
new build: curl-7.76.1-14.el9_0.5
old build: curl-7.76.1-14.el9_0.4 (found in rhel-9.0.0-z brew tag)
Test description:
Check for correct RPM dependency metadata. Report incorrect or
conflicting findings as well as expected changes when comparing a new
build to an older build. Changes are only reported when comparing
builds, but this inspection will check for correct RPM dependency
metadata when inspecting a single build and report findings.
======================================== Test Output ========================================
rpmdeps:
--------
Result: VERIFY
1) Subpackage curl on aarch64 carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
2) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
3) Subpackage curl-minimal on aarch64 carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
4) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
5) Subpackage libcurl-devel on aarch64 carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
6) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
7) Subpackage curl on ppc64le carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
8) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
9) Subpackage curl-minimal on ppc64le carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
10) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
11) Subpackage libcurl-devel on ppc64le carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
12) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
13) Subpackage libcurl-devel on i686 carries 'Requires: libcurl.so.4' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
14) Multiple subpackages provide 'Requires: libcurl.so.4': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
15) Subpackage curl on i686 carries 'Requires: libcurl.so.4' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
16) Multiple subpackages provide 'Requires: libcurl.so.4': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
17) Subpackage curl-minimal on i686 carries 'Requires: libcurl.so.4' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
18) Multiple subpackages provide 'Requires: libcurl.so.4': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
19) Subpackage curl on x86_64 carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
20) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
21) Subpackage curl-minimal on x86_64 carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
22) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
23) Subpackage libcurl-devel on x86_64 carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
24) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
25) Subpackage libcurl-devel on s390x carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
26) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
27) Subpackage curl on s390x carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
28) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
Result: VERIFY
29) Subpackage curl-minimal on s390x carries 'Requires: libcurl.so.4()(64bit)' which comes from subpackage libcurl-minimal but does not carry an explicit package version requirement. Please add 'Requires: libcurl-minimal = %{version}-%{release}' to the spec file to avoid the need to test interoperability between various combinations of old and new subpackages.
Waiver Authorization: Anyone
Suggested Remedy:
Add the indicated explicit Requires to the spec file for the named subpackage. Subpackages depending on shared libraries in another subpackage must carry an explicit 'Requires: SUBPACKAGE_NAME = %{version}-%{release}' in the spec file.
Result: VERIFY
30) Multiple subpackages provide 'Requires: libcurl.so.4()(64bit)': libcurl, libcurl-minimal
Waiver Authorization: Anyone
Suggested Remedy:
Check subpackage %files sections and explicit Provides statements. Only one subpackage should provide a given shared library. Shared library names are automatically added as Provides, so there is no need to specify them in the spec file but you do need to make sure only one subpackage is packaging up the shared library in question.
```
|
||
|---|---|---|
| tests | ||
| .gitignore | ||
| 0001-curl-7.76.1-resource-leaks.patch | ||
| 0002-curl-7.76.1-CVE-2021-22898.patch | ||
| 0003-curl-7.76.1-CVE-2021-22901.patch | ||
| 0004-curl-7.76.1-ldaps-segv.patch | ||
| 0005-curl-7.76.1-CVE-2021-22924.patch | ||
| 0006-curl-7.76.1-CVE-2021-22925.patch | ||
| 0007-curl-7.76.1-CVE-2021-22945.patch | ||
| 0008-curl-7.76.1-CVE-2021-22946.patch | ||
| 0009-curl-7.76.1-CVE-2021-22947.patch | ||
| 0010-curl-7.76.1-CVE-2022-22576.patch | ||
| 0011-curl-7.76.1-CVE-2022-27775.patch | ||
| 0012-curl-7.76.1-CVE-2022-27776.patch | ||
| 0013-curl-7.76.1-CVE-2022-27774.patch | ||
| 0014-curl-7.76.1-CVE-2022-27782.patch | ||
| 0015-curl-7.76.1-tests-openssh.patch | ||
| 0016-curl-7.76.1-CVE-2022-32208.patch | ||
| 0017-curl-7.76.1-CVE-2022-32206.patch | ||
| 0019-curl-7.76.1-CVE-2022-32207.patch | ||
| 0020-curl-7.76.1-openldap-rebase.patch | ||
| 0101-curl-7.32.0-multilib.patch | ||
| 0102-curl-7.36.0-debug.patch | ||
| 0105-curl-7.63.0-lib1560-valgrind.patch | ||
| curl-7.76.1.tar.xz.asc | ||
| curl.spec | ||
| gating.yaml | ||
| rpminspect.yaml | ||
| sources | ||