From 5d4a9257c35ec5127b97c7c29c350b6698981fa4 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Mon, 23 Oct 2017 10:10:34 +0200 Subject: [PATCH] new upstream release - 7.56.1 (fixes CVE-2017-1000257) --- 0102-curl-7.36.0-debug.patch | 2 +- curl-7.56.0.tar.xz.asc | 11 ----------- curl-7.56.1.tar.xz.asc | 11 +++++++++++ curl.spec | 5 ++++- sources | 2 +- 5 files changed, 17 insertions(+), 14 deletions(-) delete mode 100644 curl-7.56.0.tar.xz.asc create mode 100644 curl-7.56.1.tar.xz.asc diff --git a/0102-curl-7.36.0-debug.patch b/0102-curl-7.36.0-debug.patch index 9cbf61b..12f9eb8 100644 --- a/0102-curl-7.36.0-debug.patch +++ b/0102-curl-7.36.0-debug.patch @@ -12,7 +12,7 @@ diff --git a/configure b/configure index 8f079a3..53b4774 100755 --- a/configure +++ b/configure -@@ -20351,18 +20351,11 @@ $as_echo "yes" >&6; } +@@ -16501,18 +16501,11 @@ $as_echo "yes" >&6; } gccvhi=`echo $gccver | cut -d . -f1` gccvlo=`echo $gccver | cut -d . -f2` compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null` diff --git a/curl-7.56.0.tar.xz.asc b/curl-7.56.0.tar.xz.asc deleted file mode 100644 index f1e3ad4..0000000 --- a/curl-7.56.0.tar.xz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlnUd8QACgkQXMkI/bce -EsLXpgf/RNe897KrWq4s9H/ycobJXt4UEHXMbpjxQwEggNO4n0EwZ7Mt7WZ1aYR9 -q0ELx4mYS0/Lr9u1v5RxtMiG9L91B9nSdhFzL3/hhiTubTyhxgleGJMc94iTFMQY -FjZYWZKHtBQlS8rjzTy2f7ESBIAs7zDPgWCfUlm0iuawSPx/Rw8ZrxC4yULvRubV -2wZgjOZeVnhTt6CyNihY9+xrNgEOLAd2b0zjDJSoS0iQmZ5QYZKP+XeD9imQvLLF -O0yhlE9PgCJTGCfjoehQop9rR7CtzDTT65A+syab5mQY+YbphL+8MfjKtoeWA78I -JzW//7fC4iCORd3D/HJ1lOa442cfCA== -=qKHn ------END PGP SIGNATURE----- diff --git a/curl-7.56.1.tar.xz.asc b/curl-7.56.1.tar.xz.asc new file mode 100644 index 0000000..5222a00 --- /dev/null +++ b/curl-7.56.1.tar.xz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlnthGcACgkQXMkI/bce +EsL8iQf+KpTYayGV9X+fg4owYmGfQdDrWiV5YFbTlTOBTYSNQQBUuWX+VE5kMNhd +xsE27/JGgQWRKqM1UXACN18FYviAoWq7yb/4cGW3Ws3V4+GxmpGuaBsxaULobxDQ +uco2CAsi0PtIizMa2di+vWhAznDDKHfiw69F18hTD+k9B9xIHnEX3EGQDVi8Gksk +TtQ62A06HInIJw/hk6tEbFMzyI4J4iJh/NBPwxqUefsr2E6gG443FB61qjltrzPb +17OU/DZDpRf4MIQjwz1rgxdLWPagF3EcmpL0mgIEUg70dshzG6rrP1jSzsMwou6J +sQoV0oUXSY5zdUnIjiS5TOoJa3eyLw== +=0ZNH +-----END PGP SIGNATURE----- diff --git a/curl.spec b/curl.spec index ee8b9dd..01b7df9 100644 --- a/curl.spec +++ b/curl.spec @@ -1,6 +1,6 @@ Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Name: curl -Version: 7.56.0 +Version: 7.56.1 Release: 1%{?dist} License: MIT Group: Applications/Internet @@ -298,6 +298,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la %{_libdir}/libcurl.so.[0-9].[0-9].[0-9].minimal %changelog +* Mon Oct 23 2017 Kamil Dudka - 7.56.1-1 +- new upstream release (fixes CVE-2017-1000257) + * Wed Oct 04 2017 Kamil Dudka - 7.56.0-1 - new upstream release (fixes CVE-2017-1000254) diff --git a/sources b/sources index 6d1593a..ecf6692 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (curl-7.56.0.tar.xz) = a6bd5c56cd3a939a31b755bee3733df6670eec3d65b81b6c3e32ef9df110e3e748adc2cee81b1eb29f81cdf344230314c7ac1a2ed8f329f41c8352f920de3bfe +SHA512 (curl-7.56.1.tar.xz) = 5cd86257c4bd39f971d854b966ace05fc18c39962589525c4090a7b243f7e2739dccae2ac1a634578f86ead6bba290d862f3a835e4856b0549386e319ebb588d