new upstream release - 7.36.0 (fixes CVE-2014-0138)
This commit is contained in:
Kamil Dudka
parent
e9708b37b5
commit
4bddb2814c
@ -1,36 +0,0 @@
|
|||||||
From 1742db74f6527846581da8b846f9c9666eac4fd6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Steve Holme <steve_holme@hotmail.com>
|
|
||||||
Date: Sun, 2 Feb 2014 11:01:10 +0000
|
|
||||||
Subject: [PATCH] tests: Fixed test172 cookie expiry
|
|
||||||
|
|
||||||
The test contains a cookie jar file where one of the cookies has an
|
|
||||||
expiry date of 1391252187 -- Sat, 1 Feb 2014 10:56:27 GMT which has
|
|
||||||
now expired. Updated to Wed, 14 Oct 2037 16:36:33 GMT as per test
|
|
||||||
179.
|
|
||||||
|
|
||||||
Reported-by: Adam Sampson
|
|
||||||
Bug: http://curl.haxx.se/bug/view.cgi?id=1330
|
|
||||||
|
|
||||||
[upstream commit ffb8a21d85bde8b626e5dc52ce25f0447ee49f89]
|
|
||||||
|
|
||||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
||||||
---
|
|
||||||
tests/data/test172 | 2 +-
|
|
||||||
1 files changed, 1 insertions(+), 1 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/tests/data/test172 b/tests/data/test172
|
|
||||||
index b3efae9..3d53418 100644
|
|
||||||
--- a/tests/data/test172
|
|
||||||
+++ b/tests/data/test172
|
|
||||||
@@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/we/want/172 -b log/jar172.txt -b "tool=curl; name=fool"
|
|
||||||
|
|
||||||
.%HOSTIP TRUE /silly/ FALSE 0 ismatch this
|
|
||||||
.%HOSTIP TRUE / FALSE 0 partmatch present
|
|
||||||
-%HOSTIP FALSE /we/want/ FALSE 1391252187 nodomain value
|
|
||||||
+%HOSTIP FALSE /we/want/ FALSE 2139150993 nodomain value
|
|
||||||
</file>
|
|
||||||
</client>
|
|
||||||
|
|
||||||
--
|
|
||||||
1.7.1
|
|
||||||
|
|
||||||
@ -12,7 +12,7 @@ diff --git a/configure b/configure
|
|||||||
index 8f079a3..53b4774 100755
|
index 8f079a3..53b4774 100755
|
||||||
--- a/configure
|
--- a/configure
|
||||||
+++ b/configure
|
+++ b/configure
|
||||||
@@ -16005,18 +16005,11 @@ $as_echo "yes" >&6; }
|
@@ -16006,18 +16006,11 @@ $as_echo "yes" >&6; }
|
||||||
gccvhi=`echo $gccver | cut -d . -f1`
|
gccvhi=`echo $gccver | cut -d . -f1`
|
||||||
gccvlo=`echo $gccver | cut -d . -f2`
|
gccvlo=`echo $gccver | cut -d . -f2`
|
||||||
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`
|
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`
|
||||||
@ -12,7 +12,7 @@ diff --git a/configure b/configure
|
|||||||
index a466175..cb63075 100755
|
index a466175..cb63075 100755
|
||||||
--- a/configure
|
--- a/configure
|
||||||
+++ b/configure
|
+++ b/configure
|
||||||
@@ -15470,13 +15470,9 @@ fi
|
@@ -15471,13 +15471,9 @@ fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -1,3 +1,9 @@
|
|||||||
|
From a4c56b928518439399e051406145d7d5b150a3be Mon Sep 17 00:00:00 2001
|
||||||
|
From: Kamil Dudka <kdudka@redhat.com>
|
||||||
|
Date: Wed, 26 Mar 2014 08:51:53 +0100
|
||||||
|
Subject: [PATCH] disable valgrind for certain test-cases (libssh2 problem)
|
||||||
|
|
||||||
|
---
|
||||||
tests/data/test604 | 3 +++
|
tests/data/test604 | 3 +++
|
||||||
tests/data/test623 | 4 +++-
|
tests/data/test623 | 4 +++-
|
||||||
2 files changed, 6 insertions(+), 1 deletions(-)
|
2 files changed, 6 insertions(+), 1 deletions(-)
|
||||||
@ -6,7 +12,7 @@ diff --git a/tests/data/test604 b/tests/data/test604
|
|||||||
index af0259f..2bcf7d1 100644
|
index af0259f..2bcf7d1 100644
|
||||||
--- a/tests/data/test604
|
--- a/tests/data/test604
|
||||||
+++ b/tests/data/test604
|
+++ b/tests/data/test604
|
||||||
@@ -26,5 +26,8 @@ SFTP retrieval of nonexistent file
|
@@ -29,5 +29,8 @@ disable
|
||||||
<errorcode>
|
<errorcode>
|
||||||
78
|
78
|
||||||
</errorcode>
|
</errorcode>
|
||||||
@ -19,7 +25,7 @@ diff --git a/tests/data/test623 b/tests/data/test623
|
|||||||
index 19e505b..38a41d2 100644
|
index 19e505b..38a41d2 100644
|
||||||
--- a/tests/data/test623
|
--- a/tests/data/test623
|
||||||
+++ b/tests/data/test623
|
+++ b/tests/data/test623
|
||||||
@@ -36,6 +36,8 @@ for ssh upload test
|
@@ -39,6 +39,8 @@ disable
|
||||||
<errorcode>
|
<errorcode>
|
||||||
79
|
79
|
||||||
</errorcode>
|
</errorcode>
|
||||||
@ -29,3 +35,6 @@ index 19e505b..38a41d2 100644
|
|||||||
+</valgrind>
|
+</valgrind>
|
||||||
</verify>
|
</verify>
|
||||||
</testcase>
|
</testcase>
|
||||||
|
--
|
||||||
|
1.7.1
|
||||||
|
|
||||||
@ -1,7 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
Version: GnuPG v1
|
|
||||||
|
|
||||||
iEYEABECAAYFAlLoqVAACgkQeOEcayedXJHXgACfXucGEK+4gBtUjRNJlPdBThPs
|
|
||||||
lQkAoJRfmKWAlAvMtBuXofIEog9D2y9z
|
|
||||||
=Wgsv
|
|
||||||
-----END PGP SIGNATURE-----
|
|
||||||
7
curl-7.36.0.tar.lzma.asc
Normal file
7
curl-7.36.0.tar.lzma.asc
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
Version: GnuPG v1
|
||||||
|
|
||||||
|
iEYEABECAAYFAlMyeZEACgkQeOEcayedXJFTpACfaOmp5/t6thzl/LLM4L6/AO70
|
||||||
|
i5oAoJLzbaqGU31OhelQxcyrRX2gDubB
|
||||||
|
=++7u
|
||||||
|
-----END PGP SIGNATURE-----
|
||||||
17
curl.spec
17
curl.spec
@ -1,29 +1,26 @@
|
|||||||
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
||||||
Name: curl
|
Name: curl
|
||||||
Version: 7.35.0
|
Version: 7.36.0
|
||||||
Release: 5%{?dist}
|
Release: 1%{?dist}
|
||||||
License: MIT
|
License: MIT
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
|
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
|
||||||
Source2: curlbuild.h
|
Source2: curlbuild.h
|
||||||
|
|
||||||
# refresh expired cookie in test172 from upstream test-suite (#1068967)
|
|
||||||
Patch1: 0001-curl-7.32.0-ffb8a21d.patch
|
|
||||||
|
|
||||||
# patch making libcurl multilib ready
|
# patch making libcurl multilib ready
|
||||||
Patch101: 0101-curl-7.32.0-multilib.patch
|
Patch101: 0101-curl-7.32.0-multilib.patch
|
||||||
|
|
||||||
# prevent configure script from discarding -g in CFLAGS (#496778)
|
# prevent configure script from discarding -g in CFLAGS (#496778)
|
||||||
Patch102: 0102-curl-7.32.0-debug.patch
|
Patch102: 0102-curl-7.36.0-debug.patch
|
||||||
|
|
||||||
# make the curl tool link SSL libraries also used by src/tool_metalink.c
|
# make the curl tool link SSL libraries also used by src/tool_metalink.c
|
||||||
Patch103: 0103-curl-7.32.0-metalink.patch
|
Patch103: 0103-curl-7.36.0-metalink.patch
|
||||||
|
|
||||||
# use localhost6 instead of ip6-localhost in the curl test-suite
|
# use localhost6 instead of ip6-localhost in the curl test-suite
|
||||||
Patch104: 0104-curl-7.19.7-localhost6.patch
|
Patch104: 0104-curl-7.19.7-localhost6.patch
|
||||||
|
|
||||||
# disable valgrind for certain test-cases (libssh2 problem)
|
# disable valgrind for certain test-cases (libssh2 problem)
|
||||||
Patch106: 0106-curl-7.21.0-libssh2-valgrind.patch
|
Patch106: 0106-curl-7.36.0-libssh2-valgrind.patch
|
||||||
|
|
||||||
# work around valgrind bug (#678518)
|
# work around valgrind bug (#678518)
|
||||||
Patch107: 0107-curl-7.21.4-libidn-valgrind.patch
|
Patch107: 0107-curl-7.21.4-libidn-valgrind.patch
|
||||||
@ -122,7 +119,6 @@ documentation of the library, too.
|
|||||||
%setup -q
|
%setup -q
|
||||||
|
|
||||||
# upstream patches
|
# upstream patches
|
||||||
%patch1 -p1
|
|
||||||
|
|
||||||
# Fedora patches
|
# Fedora patches
|
||||||
%patch101 -p1
|
%patch101 -p1
|
||||||
@ -244,6 +240,9 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%{_datadir}/aclocal/libcurl.m4
|
%{_datadir}/aclocal/libcurl.m4
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Mar 26 2014 Kamil Dudka <kdudka@redhat.com> 7.36.0-1
|
||||||
|
- new upstream release (fixes CVE-2014-0138)
|
||||||
|
|
||||||
* Mon Mar 17 2014 Paul Howarth <paul@city-fan.org> 7.35.0-5
|
* Mon Mar 17 2014 Paul Howarth <paul@city-fan.org> 7.35.0-5
|
||||||
- add all perl build requirements for the test suite, in a portable way
|
- add all perl build requirements for the test suite, in a portable way
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user