diff --git a/0102-curl-7.36.0-debug.patch b/0102-curl-7.36.0-debug.patch index ac6992a..9527166 100644 --- a/0102-curl-7.36.0-debug.patch +++ b/0102-curl-7.36.0-debug.patch @@ -12,7 +12,7 @@ diff --git a/configure b/configure index 8f079a3..53b4774 100755 --- a/configure +++ b/configure -@@ -16004,18 +16004,11 @@ $as_echo "yes" >&6; } +@@ -16068,18 +16068,11 @@ $as_echo "yes" >&6; } gccvhi=`echo $gccver | cut -d . -f1` gccvlo=`echo $gccver | cut -d . -f2` compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null` diff --git a/0103-curl-7.36.0-metalink.patch b/0103-curl-7.36.0-metalink.patch deleted file mode 100644 index c71a156..0000000 --- a/0103-curl-7.36.0-metalink.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 5a4feefe61733d7b650d6f6e1995a6d1555530d3 Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Wed, 26 Jun 2013 18:00:43 +0200 -Subject: [PATCH] make the curl tool link SSL libraries also used by src/tool_metalink.c - ---- - configure | 10 +++------- - configure.ac | 18 +++++++++++------- - 2 files changed, 14 insertions(+), 14 deletions(-) - -diff --git a/configure b/configure -index a466175..cb63075 100755 ---- a/configure -+++ b/configure -@@ -15469,13 +15469,9 @@ fi - - - --# Determine whether all dependent libraries must be specified when linking --if test "X$enable_shared" = "Xyes" -a "X$link_all_deplibs" = "Xno" --then -- REQUIRE_LIB_DEPS=no --else -- REQUIRE_LIB_DEPS=yes --fi -+REQUIRE_LIB_DEPS=yes -+ -+ - - if test x$REQUIRE_LIB_DEPS = xyes; then - USE_EXPLICIT_LIB_DEPS_TRUE= -diff --git a/configure.ac b/configure.ac -index 49309e6..90c56b5 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -241,13 +241,17 @@ fi - AC_SUBST([CPPFLAG_CURL_STATICLIB]) - - --# Determine whether all dependent libraries must be specified when linking --if test "X$enable_shared" = "Xyes" -a "X$link_all_deplibs" = "Xno" --then -- REQUIRE_LIB_DEPS=no --else -- REQUIRE_LIB_DEPS=yes --fi -+dnl make the curl tool link SSL libraries also used by src/tool_metalink.c -+REQUIRE_LIB_DEPS=yes -+ -+dnl # Determine whether all dependent libraries must be specified when linking -+dnl if test "X$enable_shared" = "Xyes" -a "X$link_all_deplibs" = "Xno" -+dnl then -+dnl REQUIRE_LIB_DEPS=no -+dnl else -+dnl REQUIRE_LIB_DEPS=yes -+dnl fi -+ - AC_SUBST(REQUIRE_LIB_DEPS) - AM_CONDITIONAL(USE_EXPLICIT_LIB_DEPS, test x$REQUIRE_LIB_DEPS = xyes) - --- -1.7.1 - diff --git a/curl-7.39.0.tar.lzma.asc b/curl-7.39.0.tar.lzma.asc deleted file mode 100644 index 4fa0abe..0000000 --- a/curl-7.39.0.tar.lzma.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iEYEABECAAYFAlRZ0ScACgkQeOEcayedXJFMdwCg+1jN1OAfEVzzyJQVtBKactH7 -KLsAoI3kTOl5X+Z41Zmd2O6A9kaS23zH -=6avy ------END PGP SIGNATURE----- diff --git a/curl-7.40.0.tar.lzma.asc b/curl-7.40.0.tar.lzma.asc new file mode 100644 index 0000000..46a7535 --- /dev/null +++ b/curl-7.40.0.tar.lzma.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iEYEABECAAYFAlSuPVwACgkQeOEcayedXJGBZACfVptdcgMlq4CelqPfrWdZpPP8 +UOMAnA2LcEYZ1bOCN3kr27ARQAz2OXT0 +=eJwT +-----END PGP SIGNATURE----- diff --git a/curl.spec b/curl.spec index 628b680..701ee36 100644 --- a/curl.spec +++ b/curl.spec @@ -1,6 +1,6 @@ Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Name: curl -Version: 7.39.0 +Version: 7.40.0 Release: 1%{?dist} License: MIT Group: Applications/Internet @@ -13,9 +13,6 @@ Patch101: 0101-curl-7.32.0-multilib.patch # prevent configure script from discarding -g in CFLAGS (#496778) Patch102: 0102-curl-7.36.0-debug.patch -# make the curl tool link SSL libraries also used by src/tool_metalink.c -Patch103: 0103-curl-7.36.0-metalink.patch - # use localhost6 instead of ip6-localhost in the curl test-suite Patch104: 0104-curl-7.19.7-localhost6.patch @@ -124,7 +121,6 @@ documentation of the library, too. # Fedora patches %patch101 -p1 %patch102 -p1 -%patch103 -p1 %patch104 -p1 %patch106 -p1 %patch107 -p1 @@ -243,6 +239,9 @@ rm -rf $RPM_BUILD_ROOT %{_datadir}/aclocal/libcurl.m4 %changelog +* Thu Jan 08 2015 Kamil Dudka 7.40.0-1 +- new upstream release (fixes CVE-2014-8150) + * Wed Nov 05 2014 Kamil Dudka 7.39.0-1 - new upstream release (fixes CVE-2014-3707) diff --git a/sources b/sources index 7d2fa7d..b980440 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -e9aa6dec29920eba8ef706ea5823bad7 curl-7.39.0.tar.lzma +d18fb866d97b536e8948833b84a58a73 curl-7.40.0.tar.lzma