new upstream release - 7.65.0

Resolves: CVE-2019-5436 - TFTP receive buffer overflow Resolves: CVE-2019-5435 - integer overflows in curl_url_set()
2019-05-22 10:37:45 +02:00 · 2019-05-22 10:37:45 +02:00 · 3c7950da77
commit 3c7950da77
parent 9dd5d73f3b
6 changed files with 21 additions and 88 deletions
--- a/0001-curl-7.64.1-negotiate-without-ticket.patch
+++ b/0001-curl-7.64.1-negotiate-without-ticket.patch
@ -1,68 +0,0 @@
-From f7c66081721ac54f68457f07994487f416db383f Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Mon, 6 May 2019 14:16:35 +0200
-Subject: [PATCH] spnego_gssapi: fix return code on gss_init_sec_context()
- failure
-
-Fixes #3726
-Closes #3849
-
-Upstream-commit: f65845c1eccc02385cdfb22bf2e521e670f7b295
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
- lib/vauth/spnego_gssapi.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c
-index 7c4bd4b59..de8bde2ba 100644
--- a/lib/vauth/spnego_gssapi.c
-+++ b/lib/vauth/spnego_gssapi.c
-@@ -170,7 +170,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
-     Curl_gss_log_error(data, "gss_init_sec_context() failed: ",
-                        major_status, minor_status);
- 
-    return CURLE_OUT_OF_MEMORY;
-+    return CURLE_LOGIN_DENIED;
-   }
- 
-   if(!output_token.value || !output_token.length) {
-- 
-2.20.1
-
-From ce0dbcf6f028c84adf4ff3704c04a09d4450a596 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Mon, 6 May 2019 14:32:00 +0200
-Subject: [PATCH] http_negotiate: do not treat failure of
- gss_init_sec_context() as fatal
-
-Fixes #3726
-Closes #3849
-
-Upstream-commit: f4603708af08f454bca8b74095d0af40a4516512
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
- lib/http_negotiate.c | 8 +++++++-
- 1 file changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
-index 9415236fb..201c3a785 100644
--- a/lib/http_negotiate.c
-+++ b/lib/http_negotiate.c
-@@ -143,7 +143,13 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
-     }
-     if(!neg_ctx->context) {
-       result = Curl_input_negotiate(conn, proxy, "Negotiate");
-      if(result)
-+      if(result == CURLE_LOGIN_DENIED) {
-+        /* negotiate auth failed, let's continue unauthenticated to stay
-+         * compatible with the behavior before curl-7_64_0-158-g6c6035532 */
-+        conn->data->state.authproblem = TRUE;
-+        return CURLE_OK;
-+      }
-+      else if(result)
-         return result;
-     }
- 
-- 
-2.20.1
-
--- a/0105-curl-7.63.0-lib1560-valgrind.patch
+++ b/0105-curl-7.63.0-lib1560-valgrind.patch
@ -26,8 +26,8 @@ diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
 index 080421b..ea3b806 100644
 --- a/tests/libtest/Makefile.inc
 +++ b/tests/libtest/Makefile.inc
-@@ -530,6 +530,7 @@ lib1558_SOURCES = lib1558.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
- lib1558_LDADD = $(TESTUTIL_LIBS)
+@@ -528,6 +528,7 @@ lib1559_SOURCES = lib1559.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+ lib1559_LDADD = $(TESTUTIL_LIBS)
 
 lib1560_SOURCES = lib1560.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
 +lib1560_CFLAGS = $(AM_CFLAGS) -fno-builtin-strcmp
--- a/curl-7.64.1.tar.xz.asc
+++ b/curl-7.64.1.tar.xz.asc
@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlybHwMACgkQXMkI/bce
-EsIlxQf+LUj/zeWzTgxXIFgtfba+RKb66RpWhgzKLBpiGFQjhckILFJ+Li625SE3
-9fCrIslGuY2S4G6fRH1qEIZVglpA185sTeY241/JK788ftJFFQd2GtM/+Ysrla5h
-zc2wD3amDXcROWI+QIl/dBy7xRnW8TSTMu2sEPLarsNtXK9EC+h/WIkeYW1amMf2
-a8vRFwXFZ7OrEiq7A0avvmbrQVgIIGP/zyz44ZN00PPgLm40c1rngHGBJJzEMVSS
-ClZ+wUQ+AyamL3Ls9a+V3SF3IuVrFInjv5Y1OshPULaqL2VxPsCVw67sCVouePMS
-J0u3GZPsE+sVbx7cHCfZFdSnutFBKQ==
-=WUio
-----END PGP SIGNATURE-----
--- a/curl-7.65.0.tar.xz.asc
+++ b/curl-7.65.0.tar.xz.asc
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlzk438ACgkQXMkI/bce
+EsITWggAgk129Kxp4Br7Nn2+vyygKwv3dDEm87wJVuQka8gT2pZ9ZVQ6rEX9j0sR
+RETf8KrEbSlOBgl2EJpgToL5kgiMCweTXced3VY2szVVibenBa2Zd9MpSl5Sf7hH
+axinhdvEPNH+w8WuprEqZh+d/T5grAxChPJz4bLqKQI5fw5T3IuMfYTjZqx8DkOt
+4FekihWCr6N/nW9BFOz8H19GFtotYSwoPvQJ+RmB7+Zt7ruHjRgyINCgxbWPvs4P
+eZNWykqQ9FaXLSoJQYjLvEx0smye0bxSu3EIYBeL60fiFWJaSHQPyfBgC3JC+dD6
+ufxhEk814I4XzPaRFTLjgzjmTqRMPw==
+=4VIp
+-----END PGP SIGNATURE-----
--- a/curl.spec
+++ b/curl.spec
@ -1,13 +1,10 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
-Version: 7.64.1
-Release: 2%{?dist}
+Version: 7.65.0
+Release: 1%{?dist}
 License: MIT
 Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz

-# do not treat failure of gss_init_sec_context() with --negotiate as fatal
-Patch1:   0001-curl-7.64.1-negotiate-without-ticket.patch
-
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch

@ -174,7 +171,6 @@ be installed.
 %setup -q

 # upstream patches
-%patch1 -p1

 # Fedora patches
 %patch101 -p1
@ -350,6 +346,11 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal

 %changelog
+* Wed May 22 2019 Kamil Dudka <kdudka@redhat.com> - 7.65.0-1
+- new upstream release, which fixes the following vulnerabilities
+    CVE-2019-5436 - TFTP receive buffer overflow
+    CVE-2019-5435 - integer overflows in curl_url_set()
+
 * Thu May 09 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.1-2
 - do not treat failure of gss_init_sec_context() with --negotiate as fatal

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (curl-7.64.1.tar.xz) = 1629ba154691bf9d936e0bce69ec8fb54991a40d34bc16ffdfb117f91e3faa93164154fc9ae9043e963955862e69515018673b7239f2fd625684a59cdd1db81c
+SHA512 (curl-7.65.0.tar.xz) = 032c065c1d4bd07ba028625f8fab6a09e7cb8505a5f19339b3abdee5a9cda7d091c11f075fe3fc227d082690a66c558c770a4cd9fb17b52acc13794976a770c5