rpms/curl
8
0
Fork 1
Code Issues Pull Requests Releases Activity

new upstream release - 7.86.0

Browse Source 
Resolves: CVE-2022-42916 - HSTS bypass via IDN
Resolves: CVE-2022-42915 - HTTP proxy double-free
Resolves: CVE-2022-35260 - .netrc parser out-of-bounds access
Resolves: CVE-2022-32221 - POST following PUT confusion
This commit is contained in:
Kamil Dudka 2022-10-26 14:24:08 +02:00
parent 4bceeec6e1
commit 3501daee0b
3 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
0102-curl-7.84.0-test3026.patch
View File

@ -55,7 +55,7 @@ diff --git a/tests/libtest/lib3026.c b/tests/libtest/lib3026.c
index 43fe335..70cd7a4 100644
--- a/tests/libtest/lib3026.c
+++ b/tests/libtest/lib3026.c
@@ -123,8 +123,8 @@ int test(char *URL)
@@ -139,8 +139,8 @@ int test(char *URL)
results[i] = CURL_LAST; /* initialize with invalid value */
res = pthread_create(&tids[i], NULL, run_thread, &results[i]);
if(res) {

9
curl.spec
View File

@ -1,6 +1,6 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
Version: 7.85.0
Version: 7.86.0
Release: 1%{?dist}
License: MIT
Source0: https://curl.se/download/%{name}-%{version}.tar.xz
@ -421,6 +421,13 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog
* Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2022-42916 - HSTS bypass via IDN
CVE-2022-42915 - HTTP proxy double-free
CVE-2022-35260 - .netrc parser out-of-bounds access
CVE-2022-32221 - POST following PUT confusion
* Thu Sep 01 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-1
- new upstream release, which fixes the following vulnerability
CVE-2022-35252 - control code in cookie denial of service

4
sources
View File

@ -1,2 +1,2 @@
SHA512 (curl-7.85.0.tar.xz) = b57cc31649a4f47cc4b482f56a85c86c8e8aaeaf01bc1b51b065fdb9145a9092bc52535e52a85a66432eb163605b2edbf5bc5c33ea6e40e50f26a69ad1365cbd
SHA512 (curl-7.85.0.tar.xz.asc) = 7022daf84b330b24112d595edee715cdeb881a4ba8a4fa7eec23aed28292e5d943af778f03aadd036d44d875f9e226096ea142d18afe516b6bdbd475fcd3aca6
SHA512 (curl-7.86.0.tar.xz) = 18e03a3c00f22125e07bddb18becbf5acdca22baeb7b29f45ef189a5c56f95b2d51247813f7a9a90f04eb051739e9aa7d3a1c5be397bae75d763a2b918d1b656
SHA512 (curl-7.86.0.tar.xz.asc) = 9e97d5f44b3c856f401fe30ba713e1ca1f74edfc693dc42f1ce8e43f9f6dd4bf6998c579bc9c5d0f749f475a7d67d232e92ab6f89b95141acdb53e149f2312f0