new upstream release - 7.36.0 (fixes CVE-2014-0138)
This commit is contained in:
Kamil Dudka
parent
e9708b37b5
commit
4bddb2814c
@ -1,36 +0,0 @@
|
||||
From 1742db74f6527846581da8b846f9c9666eac4fd6 Mon Sep 17 00:00:00 2001
|
||||
From: Steve Holme <steve_holme@hotmail.com>
|
||||
Date: Sun, 2 Feb 2014 11:01:10 +0000
|
||||
Subject: [PATCH] tests: Fixed test172 cookie expiry
|
||||
|
||||
The test contains a cookie jar file where one of the cookies has an
|
||||
expiry date of 1391252187 -- Sat, 1 Feb 2014 10:56:27 GMT which has
|
||||
now expired. Updated to Wed, 14 Oct 2037 16:36:33 GMT as per test
|
||||
179.
|
||||
|
||||
Reported-by: Adam Sampson
|
||||
Bug: http://curl.haxx.se/bug/view.cgi?id=1330
|
||||
|
||||
[upstream commit ffb8a21d85bde8b626e5dc52ce25f0447ee49f89]
|
||||
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
tests/data/test172 | 2 +-
|
||||
1 files changed, 1 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/tests/data/test172 b/tests/data/test172
|
||||
index b3efae9..3d53418 100644
|
||||
--- a/tests/data/test172
|
||||
+++ b/tests/data/test172
|
||||
@@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/we/want/172 -b log/jar172.txt -b "tool=curl; name=fool"
|
||||
|
||||
.%HOSTIP TRUE /silly/ FALSE 0 ismatch this
|
||||
.%HOSTIP TRUE / FALSE 0 partmatch present
|
||||
-%HOSTIP FALSE /we/want/ FALSE 1391252187 nodomain value
|
||||
+%HOSTIP FALSE /we/want/ FALSE 2139150993 nodomain value
|
||||
</file>
|
||||
</client>
|
||||
|
||||
--
|
||||
1.7.1
|
||||
|
||||
@ -12,7 +12,7 @@ diff --git a/configure b/configure
|
||||
index 8f079a3..53b4774 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -16005,18 +16005,11 @@ $as_echo "yes" >&6; }
|
||||
@@ -16006,18 +16006,11 @@ $as_echo "yes" >&6; }
|
||||
gccvhi=`echo $gccver | cut -d . -f1`
|
||||
gccvlo=`echo $gccver | cut -d . -f2`
|
||||
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`
|
||||
@ -12,7 +12,7 @@ diff --git a/configure b/configure
|
||||
index a466175..cb63075 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -15470,13 +15470,9 @@ fi
|
||||
@@ -15471,13 +15471,9 @@ fi
|
||||
|
||||
|
||||
|
||||
@ -1,3 +1,9 @@
|
||||
From a4c56b928518439399e051406145d7d5b150a3be Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Wed, 26 Mar 2014 08:51:53 +0100
|
||||
Subject: [PATCH] disable valgrind for certain test-cases (libssh2 problem)
|
||||
|
||||
---
|
||||
tests/data/test604 | 3 +++
|
||||
tests/data/test623 | 4 +++-
|
||||
2 files changed, 6 insertions(+), 1 deletions(-)
|
||||
@ -6,7 +12,7 @@ diff --git a/tests/data/test604 b/tests/data/test604
|
||||
index af0259f..2bcf7d1 100644
|
||||
--- a/tests/data/test604
|
||||
+++ b/tests/data/test604
|
||||
@@ -26,5 +26,8 @@ SFTP retrieval of nonexistent file
|
||||
@@ -29,5 +29,8 @@ disable
|
||||
<errorcode>
|
||||
78
|
||||
</errorcode>
|
||||
@ -19,7 +25,7 @@ diff --git a/tests/data/test623 b/tests/data/test623
|
||||
index 19e505b..38a41d2 100644
|
||||
--- a/tests/data/test623
|
||||
+++ b/tests/data/test623
|
||||
@@ -36,6 +36,8 @@ for ssh upload test
|
||||
@@ -39,6 +39,8 @@ disable
|
||||
<errorcode>
|
||||
79
|
||||
</errorcode>
|
||||
@ -29,3 +35,6 @@ index 19e505b..38a41d2 100644
|
||||
+</valgrind>
|
||||
</verify>
|
||||
</testcase>
|
||||
--
|
||||
1.7.1
|
||||
|
||||
@ -1,7 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1
|
||||
|
||||
iEYEABECAAYFAlLoqVAACgkQeOEcayedXJHXgACfXucGEK+4gBtUjRNJlPdBThPs
|
||||
lQkAoJRfmKWAlAvMtBuXofIEog9D2y9z
|
||||
=Wgsv
|
||||
-----END PGP SIGNATURE-----
|
||||
7
curl-7.36.0.tar.lzma.asc
Normal file
7
curl-7.36.0.tar.lzma.asc
Normal file
@ -0,0 +1,7 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1
|
||||
|
||||
iEYEABECAAYFAlMyeZEACgkQeOEcayedXJFTpACfaOmp5/t6thzl/LLM4L6/AO70
|
||||
i5oAoJLzbaqGU31OhelQxcyrRX2gDubB
|
||||
=++7u
|
||||
-----END PGP SIGNATURE-----
|
||||
17
curl.spec
17
curl.spec
@ -1,29 +1,26 @@
|
||||
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
||||
Name: curl
|
||||
Version: 7.35.0
|
||||
Release: 5%{?dist}
|
||||
Version: 7.36.0
|
||||
Release: 1%{?dist}
|
||||
License: MIT
|
||||
Group: Applications/Internet
|
||||
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
|
||||
Source2: curlbuild.h
|
||||
|
||||
# refresh expired cookie in test172 from upstream test-suite (#1068967)
|
||||
Patch1: 0001-curl-7.32.0-ffb8a21d.patch
|
||||
|
||||
# patch making libcurl multilib ready
|
||||
Patch101: 0101-curl-7.32.0-multilib.patch
|
||||
|
||||
# prevent configure script from discarding -g in CFLAGS (#496778)
|
||||
Patch102: 0102-curl-7.32.0-debug.patch
|
||||
Patch102: 0102-curl-7.36.0-debug.patch
|
||||
|
||||
# make the curl tool link SSL libraries also used by src/tool_metalink.c
|
||||
Patch103: 0103-curl-7.32.0-metalink.patch
|
||||
Patch103: 0103-curl-7.36.0-metalink.patch
|
||||
|
||||
# use localhost6 instead of ip6-localhost in the curl test-suite
|
||||
Patch104: 0104-curl-7.19.7-localhost6.patch
|
||||
|
||||
# disable valgrind for certain test-cases (libssh2 problem)
|
||||
Patch106: 0106-curl-7.21.0-libssh2-valgrind.patch
|
||||
Patch106: 0106-curl-7.36.0-libssh2-valgrind.patch
|
||||
|
||||
# work around valgrind bug (#678518)
|
||||
Patch107: 0107-curl-7.21.4-libidn-valgrind.patch
|
||||
@ -122,7 +119,6 @@ documentation of the library, too.
|
||||
%setup -q
|
||||
|
||||
# upstream patches
|
||||
%patch1 -p1
|
||||
|
||||
# Fedora patches
|
||||
%patch101 -p1
|
||||
@ -244,6 +240,9 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_datadir}/aclocal/libcurl.m4
|
||||
|
||||
%changelog
|
||||
* Wed Mar 26 2014 Kamil Dudka <kdudka@redhat.com> 7.36.0-1
|
||||
- new upstream release (fixes CVE-2014-0138)
|
||||
|
||||
* Mon Mar 17 2014 Paul Howarth <paul@city-fan.org> 7.35.0-5
|
||||
- add all perl build requirements for the test suite, in a portable way
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user