new upstream release - 7.76.0
Resolves: CVE-2021-22890 - TLS 1.3 session ticket proxy host mixup Resolves: CVE-2021-22876 - Automatic referer leaks credentials
This commit is contained in:
parent
3addcd310b
commit
3872cc4434
@ -1,156 +0,0 @@
|
||||
From 17686d25019489f43f3d5641db8683932857845e Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Mon, 15 Feb 2021 09:41:22 +0100
|
||||
Subject: [PATCH 1/2] openldap: pass 'data' to the callbacks instead of 'conn'
|
||||
|
||||
Upstream-commit: a59c33ceffb8f78b71fa084bbc99c94ecfe82ce6
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
lib/openldap.c | 16 +++++++++-------
|
||||
1 file changed, 9 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/lib/openldap.c b/lib/openldap.c
|
||||
index 4070bbf..d079822 100644
|
||||
--- a/lib/openldap.c
|
||||
+++ b/lib/openldap.c
|
||||
@@ -278,7 +278,7 @@ static CURLcode ldap_connecting(struct Curl_easy *data, bool *done)
|
||||
if(!li->sslinst) {
|
||||
Sockbuf *sb;
|
||||
ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb);
|
||||
- ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, conn);
|
||||
+ ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data);
|
||||
li->sslinst = TRUE;
|
||||
li->recv = conn->recv[FIRSTSOCKET];
|
||||
li->send = conn->send[FIRSTSOCKET];
|
||||
@@ -716,8 +716,8 @@ ldapsb_tls_ctrl(Sockbuf_IO_Desc *sbiod, int opt, void *arg)
|
||||
{
|
||||
(void)arg;
|
||||
if(opt == LBER_SB_OPT_DATA_READY) {
|
||||
- struct connectdata *conn = sbiod->sbiod_pvt;
|
||||
- return Curl_ssl_data_pending(conn, FIRSTSOCKET);
|
||||
+ struct Curl_easy *data = sbiod->sbiod_pvt;
|
||||
+ return Curl_ssl_data_pending(data->conn, FIRSTSOCKET);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
@@ -725,12 +725,13 @@ ldapsb_tls_ctrl(Sockbuf_IO_Desc *sbiod, int opt, void *arg)
|
||||
static ber_slen_t
|
||||
ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
|
||||
{
|
||||
- struct connectdata *conn = sbiod->sbiod_pvt;
|
||||
+ struct Curl_easy *data = sbiod->sbiod_pvt;
|
||||
+ struct connectdata *conn = data->conn;
|
||||
struct ldapconninfo *li = conn->proto.ldapc;
|
||||
ber_slen_t ret;
|
||||
CURLcode err = CURLE_RECV_ERROR;
|
||||
|
||||
- ret = (li->recv)(conn->data, FIRSTSOCKET, buf, len, &err);
|
||||
+ ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err);
|
||||
if(ret < 0 && err == CURLE_AGAIN) {
|
||||
SET_SOCKERRNO(EWOULDBLOCK);
|
||||
}
|
||||
@@ -740,12 +741,13 @@ ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
|
||||
static ber_slen_t
|
||||
ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
|
||||
{
|
||||
- struct connectdata *conn = sbiod->sbiod_pvt;
|
||||
+ struct Curl_easy *data = sbiod->sbiod_pvt;
|
||||
+ struct connectdata *conn = data->conn;
|
||||
struct ldapconninfo *li = conn->proto.ldapc;
|
||||
ber_slen_t ret;
|
||||
CURLcode err = CURLE_SEND_ERROR;
|
||||
|
||||
- ret = (li->send)(conn->data, FIRSTSOCKET, buf, len, &err);
|
||||
+ ret = (li->send)(data, FIRSTSOCKET, buf, len, &err);
|
||||
if(ret < 0 && err == CURLE_AGAIN) {
|
||||
SET_SOCKERRNO(EWOULDBLOCK);
|
||||
}
|
||||
--
|
||||
2.26.3
|
||||
|
||||
|
||||
From a1c1f175e44ef95c47b1e2e91424e193ee7a0d0b Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Tue, 23 Mar 2021 09:28:07 +0100
|
||||
Subject: [PATCH 2/2] openldap: avoid NULL pointer dereferences
|
||||
|
||||
Follow-up to a59c33ceffb8f78
|
||||
Reported-by: Patrick Monnerat
|
||||
Fixes #6676
|
||||
Closes #6780
|
||||
|
||||
Upstream-commit: e467ea3bd937f38e1d2e070a68ed451303ba1e73
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
lib/openldap.c | 40 +++++++++++++++++++++++++---------------
|
||||
1 file changed, 25 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/lib/openldap.c b/lib/openldap.c
|
||||
index d079822..066c0fd 100644
|
||||
--- a/lib/openldap.c
|
||||
+++ b/lib/openldap.c
|
||||
@@ -369,6 +369,9 @@ static CURLcode ldap_disconnect(struct Curl_easy *data,
|
||||
|
||||
if(li) {
|
||||
if(li->ld) {
|
||||
+ Sockbuf *sb;
|
||||
+ ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb);
|
||||
+ ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, NULL);
|
||||
ldap_unbind_ext(li->ld, NULL, NULL);
|
||||
li->ld = NULL;
|
||||
}
|
||||
@@ -726,14 +729,18 @@ static ber_slen_t
|
||||
ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
|
||||
{
|
||||
struct Curl_easy *data = sbiod->sbiod_pvt;
|
||||
- struct connectdata *conn = data->conn;
|
||||
- struct ldapconninfo *li = conn->proto.ldapc;
|
||||
- ber_slen_t ret;
|
||||
- CURLcode err = CURLE_RECV_ERROR;
|
||||
+ ber_slen_t ret = 0;
|
||||
+ if(data) {
|
||||
+ struct connectdata *conn = data->conn;
|
||||
+ if(conn) {
|
||||
+ struct ldapconninfo *li = conn->proto.ldapc;
|
||||
+ CURLcode err = CURLE_RECV_ERROR;
|
||||
|
||||
- ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err);
|
||||
- if(ret < 0 && err == CURLE_AGAIN) {
|
||||
- SET_SOCKERRNO(EWOULDBLOCK);
|
||||
+ ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err);
|
||||
+ if(ret < 0 && err == CURLE_AGAIN) {
|
||||
+ SET_SOCKERRNO(EWOULDBLOCK);
|
||||
+ }
|
||||
+ }
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
@@ -742,14 +749,17 @@ static ber_slen_t
|
||||
ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
|
||||
{
|
||||
struct Curl_easy *data = sbiod->sbiod_pvt;
|
||||
- struct connectdata *conn = data->conn;
|
||||
- struct ldapconninfo *li = conn->proto.ldapc;
|
||||
- ber_slen_t ret;
|
||||
- CURLcode err = CURLE_SEND_ERROR;
|
||||
-
|
||||
- ret = (li->send)(data, FIRSTSOCKET, buf, len, &err);
|
||||
- if(ret < 0 && err == CURLE_AGAIN) {
|
||||
- SET_SOCKERRNO(EWOULDBLOCK);
|
||||
+ ber_slen_t ret = 0;
|
||||
+ if(data) {
|
||||
+ struct connectdata *conn = data->conn;
|
||||
+ if(conn) {
|
||||
+ struct ldapconninfo *li = conn->proto.ldapc;
|
||||
+ CURLcode err = CURLE_SEND_ERROR;
|
||||
+ ret = (li->send)(data, FIRSTSOCKET, buf, len, &err);
|
||||
+ if(ret < 0 && err == CURLE_AGAIN) {
|
||||
+ SET_SOCKERRNO(EWOULDBLOCK);
|
||||
+ }
|
||||
+ }
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
--
|
||||
2.26.3
|
||||
|
@ -1,11 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmAaSxEACgkQXMkI/bce
|
||||
EsI36QgAlx+oYuWiaMytv/Ixfcm2gTq+9Qu60KsmvccyKLOq7OxAmX+gz1PYOsUc
|
||||
eqAwq8dg9Mo+cuk7zWpxRMg1qBgvZpv5oeAhy8VUeWD/HE0Z2RoxC3tw87uNn5uN
|
||||
2g0FJEXGzDaQQdI0hh2Kb4uNqiKiBCsSfHX4J+eWDUoHwzoFestct8PAcAG8lOzt
|
||||
0nGj6Is1Rba3SrlkCtRdzEkrjfNe5KKNjE9F0ybhL7TPKSZZvlustZgU5OgdjDHu
|
||||
uJzFQDK5eyjeYu7tyJQOOwercjOQrmp0YYvYt6CdALUflU2RNvnS83+e/syAYEZ4
|
||||
FvnYlZyp8WCKxOikGwX2m/JEOATXSw==
|
||||
=HFSu
|
||||
-----END PGP SIGNATURE-----
|
11
curl-7.76.0.tar.xz.asc
Normal file
11
curl-7.76.0.tar.xz.asc
Normal file
@ -0,0 +1,11 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmBkDkUACgkQXMkI/bce
|
||||
EsJ15ggAtcFfjbq0Fk1KMymZ7trx49GcOPNUKa7utST3tumg0Tc3HsIeuWIOyO0s
|
||||
frTWFtroWogELMjjdr+yyrI5PZrLkEdtFKd+lRYO4T2Y0SS6Q57d/4CCu3SXNgmd
|
||||
zKUq4ZSRbjdPFRKkWJ6RMDfPeu8pcJIGQM23BapPbpxtEgd5f8+PzzSX/8S3I1aD
|
||||
yDv9V3tM+NQq6peetV6wj7hWFInUHbTWPSlyzuCvWB2cQRxDNsTcSxuShd0krbgV
|
||||
CA6Kt4MQc7QOi7luUAHEGmjTRIhSwvTfY6w0EqqFzvRHlf0gsCIUn5jEs8cq+2iV
|
||||
nEUuezAT/rRYfyjyQ1hWvIK5GP5aCw==
|
||||
=ju96
|
||||
-----END PGP SIGNATURE-----
|
13
curl.spec
13
curl.spec
@ -1,13 +1,10 @@
|
||||
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
||||
Name: curl
|
||||
Version: 7.75.0
|
||||
Release: 4%{?dist}
|
||||
Version: 7.76.0
|
||||
Release: 1%{?dist}
|
||||
License: MIT
|
||||
Source: https://curl.se/download/%{name}-%{version}.tar.xz
|
||||
|
||||
# fix SIGSEGV upon disconnect of a ldaps:// transfer (#1941925)
|
||||
Patch1: 0001-curl-7.75.0-ldaps-segv.patch
|
||||
|
||||
# patch making libcurl multilib ready
|
||||
Patch101: 0101-curl-7.32.0-multilib.patch
|
||||
|
||||
@ -183,7 +180,6 @@ be installed.
|
||||
%setup -q
|
||||
|
||||
# upstream patches
|
||||
%patch1 -p1
|
||||
|
||||
# Fedora patches
|
||||
%patch101 -p1
|
||||
@ -364,6 +360,11 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
|
||||
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
|
||||
|
||||
%changelog
|
||||
* Fri Apr 23 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.0-1
|
||||
- new upstream release, which fixes the following vulnerabilities
|
||||
CVE-2021-22890 - TLS 1.3 session ticket proxy host mixup
|
||||
CVE-2021-22876 - Automatic referer leaks credentials
|
||||
|
||||
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 7.75.0-4
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (curl-7.75.0.tar.xz) = 4c2fc6658379b8b93dd50665b70f3000b63d3bcafd2df60b7e651a8edf4735b3decb06c338b84cb22058191aa9f8f4dc85760a42f9987210b59300758304b746
|
||||
SHA512 (curl-7.76.0.tar.xz) = a67e5078b48150c6f5331e76b25a6b197f1e916be1db900bf9455b032b3af5a71610b47e607546ecbae510d196a0cfcb75a14dac549288797af1701b7b587ece
|
||||
|
Loading…
Reference in New Issue
Block a user