Resolves: #1994521 - disable more protocols and features in libcurl-minimal

... to limit vulnerability exposure in case there is a CVE in curl in some of the rarer protocols
2021-09-20 14:54:20 +02:00 · 2021-09-20 14:54:20 +02:00 · 5ebead952b
commit 5ebead952b
parent 54117120e4
1 changed files with 32 additions and 1 deletions
--- a/curl.spec
+++ b/curl.spec
@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.79.1
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: MIT
 Source0: https://curl.se/download/%{name}-%{version}.tar.xz
 Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
@ -246,9 +246,23 @@ export common_configure_opts="          \
 (
    cd build-minimal
    %configure $common_configure_opts   \
        --disable-dict                  \
        --disable-gopher                \
        --disable-hsts                  \
        --disable-imap                  \
        --disable-ldap                  \
        --disable-ldaps                 \
        --disable-manual                \
        --disable-mqtt                  \
        --disable-ntlm                  \
        --disable-ntlm-wb               \
        --disable-pop3                  \
        --disable-rtsp                  \
        --disable-smb                   \
        --disable-smtp                  \
        --disable-telnet                \
        --disable-tftp                  \
        --disable-tls-srp               \
        --without-brotli                \
        --without-libidn2               \
        --without-libpsl                \
@ -259,9 +273,23 @@ export common_configure_opts="          \
 (
    cd build-full
    %configure $common_configure_opts   \
        --enable-dict                   \
        --enable-gopher                 \
        --enable-hsts                   \
        --enable-imap                   \
        --enable-ldap                   \
        --enable-ldaps                  \
        --enable-manual                 \
        --enable-mqtt                   \
        --enable-ntlm                   \
        --enable-ntlm-wb                \
        --enable-pop3                   \
        --enable-rtsp                   \
        --enable-smb                    \
        --enable-smtp                   \
        --enable-telnet                 \
        --enable-tftp                   \
        --enable-tls-srp                \
        --with-brotli                   \
        --with-libidn2                  \
        --with-libpsl                   \
@ -369,6 +397,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
 %changelog
 * Mon Oct 04 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-2
 - disable more protocols and features in libcurl-minimal (#1994521)
 * Wed Sep 22 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-1
 - new upstream release