new upstream release - 7.83.1
Resolves: CVE-2022-27782 - fix too eager reuse of TLS and SSH connections Resolves: CVE-2022-27779 - do not accept cookies for TLD with trailing dot Resolves: CVE-2022-27778 - do not remove wrong file on error Resolves: CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names Resolves: CVE-2022-27780 - reject percent-encoded path separator in URL host
This commit is contained in:
parent
f17162c526
commit
4ad1229e9d
10
curl.spec
10
curl.spec
@ -1,6 +1,6 @@
|
|||||||
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
||||||
Name: curl
|
Name: curl
|
||||||
Version: 7.83.0
|
Version: 7.83.1
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
License: MIT
|
License: MIT
|
||||||
Source0: https://curl.se/download/%{name}-%{version}.tar.xz
|
Source0: https://curl.se/download/%{name}-%{version}.tar.xz
|
||||||
@ -411,6 +411,14 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
|
|||||||
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
|
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.1-1
|
||||||
|
- new upstream release, which fixes the following vulnerabilities
|
||||||
|
CVE-2022-27782 - fix too eager reuse of TLS and SSH connections
|
||||||
|
CVE-2022-27779 - do not accept cookies for TLD with trailing dot
|
||||||
|
CVE-2022-27778 - do not remove wrong file on error
|
||||||
|
CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names
|
||||||
|
CVE-2022-27780 - reject percent-encoded path separator in URL host
|
||||||
|
|
||||||
* Wed Apr 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.0-1
|
* Wed Apr 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.0-1
|
||||||
- new upstream release, which fixes the following vulnerabilities
|
- new upstream release, which fixes the following vulnerabilities
|
||||||
CVE-2022-27774 - curl credential leak on redirect
|
CVE-2022-27774 - curl credential leak on redirect
|
||||||
|
4
sources
4
sources
@ -1,2 +1,2 @@
|
|||||||
SHA512 (curl-7.83.0.tar.xz) = be02bb2a8a3140eff3a9046f27cd4f872ed9ddaa644af49e56e5ef7dfec84a15b01db133469269437cddc937eda73953fa8c51bb758f7e98873822cd2290d3a9
|
SHA512 (curl-7.83.1.tar.xz) = 2f63327d6d3687ba36fb7b8d5d3d15599eca33ebfb08681613612ea9c4b629d3b6ce4d2742fa1ebd7a997ed332001d3a4c798985f9277c83b9e7a9aecdb1b1ee
|
||||||
SHA512 (curl-7.83.0.tar.xz.asc) = 8fb90f9692f4fdb82ea49f0e5151219b2334da5d3910f28e787bb688fb055b8b028ccf75cdcc15cd9f86d780d479f88f902fef7d7b9e007a4b849cb25c6c13cc
|
SHA512 (curl-7.83.1.tar.xz.asc) = f0d29de315488c844eb81ed5a89ed6334910970224c8cac43e7e6f2d58c35ad0064c0b6122e69b3a34ce91f4b56873c63e2e8aea1c602ef40711bfd62a01b191
|
||||||
|
Loading…
Reference in New Issue
Block a user