import curl-7.61.1-25.el8
This commit is contained in:
parent
b5ee1ac186
commit
5416a993a2
43
SOURCES/0042-curl-7.61.1-ssh-known-hosts.patch
Normal file
43
SOURCES/0042-curl-7.61.1-ssh-known-hosts.patch
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
From 9ea407a0476d22cde575826c18b5aa56b57ac9b4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Felix=20H=C3=A4dicke?= <felixhaedicke@web.de>
|
||||||
|
Date: Wed, 23 Jan 2019 23:10:39 +0100
|
||||||
|
Subject: [PATCH] setopt: enable CURLOPT_SSH_KNOWNHOSTS and
|
||||||
|
CURLOPT_SSH_KEYFUNCTION for libssh
|
||||||
|
|
||||||
|
CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION are supported for
|
||||||
|
libssh as well. So accepting these options only when compiling with
|
||||||
|
libssh2 is wrong here.
|
||||||
|
|
||||||
|
Fixes #3493
|
||||||
|
Closes #3494
|
||||||
|
|
||||||
|
Upstream-commit: 3cbf731d9ec7146f9f1a6ac0fbd9af7fe358f5bb
|
||||||
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||||
|
---
|
||||||
|
lib/setopt.c | 3 +--
|
||||||
|
1 file changed, 1 insertion(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/setopt.c b/lib/setopt.c
|
||||||
|
index b07ccfe..88a05ff 100644
|
||||||
|
--- a/lib/setopt.c
|
||||||
|
+++ b/lib/setopt.c
|
||||||
|
@@ -2208,7 +2208,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option,
|
||||||
|
result = Curl_setstropt(&data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5],
|
||||||
|
va_arg(param, char *));
|
||||||
|
break;
|
||||||
|
-#ifdef HAVE_LIBSSH2_KNOWNHOST_API
|
||||||
|
+
|
||||||
|
case CURLOPT_SSH_KNOWNHOSTS:
|
||||||
|
/*
|
||||||
|
* Store the file name to read known hosts from.
|
||||||
|
@@ -2229,7 +2229,6 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option,
|
||||||
|
*/
|
||||||
|
data->set.ssh_keyfunc_userp = va_arg(param, void *);
|
||||||
|
break;
|
||||||
|
-#endif /* HAVE_LIBSSH2_KNOWNHOST_API */
|
||||||
|
#endif /* USE_LIBSSH2 */
|
||||||
|
|
||||||
|
case CURLOPT_HTTP_TRANSFER_DECODING:
|
||||||
|
--
|
||||||
|
2.34.1
|
||||||
|
|
@ -1,7 +1,7 @@
|
|||||||
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
||||||
Name: curl
|
Name: curl
|
||||||
Version: 7.61.1
|
Version: 7.61.1
|
||||||
Release: 22%{?dist}.4
|
Release: 25%{?dist}
|
||||||
License: MIT
|
License: MIT
|
||||||
Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz
|
Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz
|
||||||
|
|
||||||
@ -118,6 +118,9 @@ Patch40: 0040-curl-7.61.1-CVE-2022-32208.patch
|
|||||||
# fix HTTP compression denial of service (CVE-2022-32206)
|
# fix HTTP compression denial of service (CVE-2022-32206)
|
||||||
Patch41: 0041-curl-7.61.1-CVE-2022-32206.patch
|
Patch41: 0041-curl-7.61.1-CVE-2022-32206.patch
|
||||||
|
|
||||||
|
# setopt: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION (#2063703)
|
||||||
|
Patch42: 0042-curl-7.61.1-ssh-known-hosts.patch
|
||||||
|
|
||||||
# patch making libcurl multilib ready
|
# patch making libcurl multilib ready
|
||||||
Patch101: 0101-curl-7.32.0-multilib.patch
|
Patch101: 0101-curl-7.32.0-multilib.patch
|
||||||
|
|
||||||
@ -332,6 +335,7 @@ sed -e 's|:8992/|:%{?__isa_bits}92/|g' -i tests/data/test97{3..6}
|
|||||||
%patch39 -p1
|
%patch39 -p1
|
||||||
%patch40 -p1
|
%patch40 -p1
|
||||||
%patch41 -p1
|
%patch41 -p1
|
||||||
|
%patch42 -p1
|
||||||
|
|
||||||
# make tests/*.py use Python 3
|
# make tests/*.py use Python 3
|
||||||
sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py
|
sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py
|
||||||
@ -494,17 +498,16 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
|
|||||||
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
|
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Wed Jun 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-22.el8_6.4
|
* Wed Jun 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-25
|
||||||
|
- setopt: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION (#2063703)
|
||||||
- fix HTTP compression denial of service (CVE-2022-32206)
|
- fix HTTP compression denial of service (CVE-2022-32206)
|
||||||
- fix FTP-KRB bad message verification (CVE-2022-32208)
|
- fix FTP-KRB bad message verification (CVE-2022-32208)
|
||||||
|
|
||||||
* Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-22.el8_6.3
|
* Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-24
|
||||||
- fix too eager reuse of TLS and SSH connections (CVE-2022-27782)
|
- fix too eager reuse of TLS and SSH connections (CVE-2022-27782)
|
||||||
|
|
||||||
* Tue May 04 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-22.el8_6.2
|
|
||||||
- fix invalid type in printf() argument detected by Coverity
|
- fix invalid type in printf() argument detected by Coverity
|
||||||
|
|
||||||
* Thu Apr 28 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-22.el8_6.1
|
* Thu Apr 28 2022 Kamil Dudka <kdudka@redhat.com> - 7.61.1-23
|
||||||
- fix credential leak on redirect (CVE-2022-27774)
|
- fix credential leak on redirect (CVE-2022-27774)
|
||||||
- fix auth/cookie leak on redirect (CVE-2022-27776)
|
- fix auth/cookie leak on redirect (CVE-2022-27776)
|
||||||
- fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
|
- fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
|
||||||
|
Loading…
Reference in New Issue
Block a user