Auto sync2gitlab import of curl-7.61.1-29.el8.src.rpm

This commit is contained in:
CentOS Sources 2023-02-09 06:10:17 +00:00
parent 2fd6dcf35a
commit 4a2a4c054f
2 changed files with 52 additions and 1 deletions

View File

@ -0,0 +1,44 @@
From 4bbd1947aeb26d5dbcddbb058652e0e64771b71d Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Mon, 6 Feb 2023 17:46:36 +0100
Subject: [PATCH] h2: lower initial window size to 32 MiB
Cherry-picked from upstream commit
15f51474c837679c0b79825c23356ac681ffabde which was focused on paused
transfers but required an update of nghttp2 to work properly.
Bug: https://bugzilla.redhat.com/2166254
---
lib/http2.c | 2 +-
tests/data/test1800 | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/http2.c b/lib/http2.c
index 3071097..1fd2233 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -63,7 +63,7 @@
#define NGHTTP2_HAS_SET_LOCAL_WINDOW_SIZE 1
#endif
-#define HTTP2_HUGE_WINDOW_SIZE (1 << 30)
+#define HTTP2_HUGE_WINDOW_SIZE (32 * 1024 * 1024) /* 32 MB */
#ifdef DEBUG_HTTP2
#define H2BUGF(x) x
diff --git a/tests/data/test1800 b/tests/data/test1800
index 0110184..c308c99 100644
--- a/tests/data/test1800
+++ b/tests/data/test1800
@@ -48,7 +48,7 @@ Host: %HOSTIP:%HTTPPORT
Accept: */*
Connection: Upgrade, HTTP2-Settings
Upgrade: %H2CVER
-HTTP2-Settings: AAMAAABkAARAAAAAAAIAAAAA
+HTTP2-Settings: AAMAAABkAAQCAAAAAAIAAAAA
</protocol>
</verify>
--
2.39.1

View File

@ -1,7 +1,7 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
Version: 7.61.1
Release: 28%{?dist}
Release: 29%{?dist}
License: MIT
Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz
@ -130,6 +130,9 @@ Patch44: 0044-curl-7.61.1-retry-http11.patch
# smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552)
Patch45: 0045-curl-7.61.1-CVE-2022-43552.patch
# h2: lower initial window size to 32 MiB (#2166254)
Patch46: 0046-curl-7.61.1-h2-window-size.patch
# patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch
@ -348,6 +351,7 @@ sed -e 's|:8992/|:%{?__isa_bits}92/|g' -i tests/data/test97{3..6}
%patch43 -p1
%patch44 -p1
%patch45 -p1
%patch46 -p1
# make tests/*.py use Python 3
sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py
@ -510,6 +514,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog
* Tue Feb 07 2023 Kamil Dudka <kdudka@redhat.com> - 7.61.1-29
- h2: lower initial window size to 32 MiB (#2166254)
* Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-28
- smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552)