new upstream release - 7.78.0
Resolves: CVE-2021-22925 - TELNET stack contents disclosure again Resolves: CVE-2021-22924 - bad connection reuse due to flawed path name checks Resolves: CVE-2021-22923 - metalink download sends credentials Resolves: CVE-2021-22922 - wrong content via metalink not discarded
This commit is contained in:
Kamil Dudka
parent
ece67bdd2f
commit
64bcb4bcc1
@ -1,61 +0,0 @@
|
||||
From 3602ee9dcc74683f91fe4f9ca228aa17a6474403 Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Wed, 31 Oct 2012 11:38:30 +0100
|
||||
Subject: [PATCH] prevent configure script from discarding -g in CFLAGS
|
||||
(#496778)
|
||||
|
||||
---
|
||||
m4/curl-compilers.m4 | 26 ++++++--------------------
|
||||
1 file changed, 6 insertions(+), 20 deletions(-)
|
||||
|
||||
diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4
|
||||
index c64db4bc6..d115a4aed 100644
|
||||
--- a/m4/curl-compilers.m4
|
||||
+++ b/m4/curl-compilers.m4
|
||||
@@ -106,18 +106,11 @@ AC_DEFUN([CURL_CHECK_COMPILER_CLANG], [
|
||||
clangvhi=`echo $clangver | cut -d . -f1`
|
||||
clangvlo=`echo $clangver | cut -d . -f2`
|
||||
compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null`
|
||||
- flags_dbg_all="-g -g0 -g1 -g2 -g3"
|
||||
- flags_dbg_all="$flags_dbg_all -ggdb"
|
||||
- flags_dbg_all="$flags_dbg_all -gstabs"
|
||||
- flags_dbg_all="$flags_dbg_all -gstabs+"
|
||||
- flags_dbg_all="$flags_dbg_all -gcoff"
|
||||
- flags_dbg_all="$flags_dbg_all -gxcoff"
|
||||
- flags_dbg_all="$flags_dbg_all -gdwarf-2"
|
||||
- flags_dbg_all="$flags_dbg_all -gvms"
|
||||
+ flags_dbg_all=""
|
||||
flags_dbg_yes="-g"
|
||||
flags_dbg_off=""
|
||||
- flags_opt_all="-O -O0 -O1 -O2 -Os -O3 -O4"
|
||||
- flags_opt_yes="-Os"
|
||||
+ flags_opt_all=""
|
||||
+ flags_opt_yes=""
|
||||
flags_opt_off="-O0"
|
||||
else
|
||||
AC_MSG_RESULT([no])
|
||||
@@ -175,18 +168,11 @@ AC_DEFUN([CURL_CHECK_COMPILER_GNU_C], [
|
||||
gccvhi=`echo $gccver | cut -d . -f1`
|
||||
gccvlo=`echo $gccver | cut -d . -f2`
|
||||
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`
|
||||
- flags_dbg_all="-g -g0 -g1 -g2 -g3"
|
||||
- flags_dbg_all="$flags_dbg_all -ggdb"
|
||||
- flags_dbg_all="$flags_dbg_all -gstabs"
|
||||
- flags_dbg_all="$flags_dbg_all -gstabs+"
|
||||
- flags_dbg_all="$flags_dbg_all -gcoff"
|
||||
- flags_dbg_all="$flags_dbg_all -gxcoff"
|
||||
- flags_dbg_all="$flags_dbg_all -gdwarf-2"
|
||||
- flags_dbg_all="$flags_dbg_all -gvms"
|
||||
+ flags_dbg_all=""
|
||||
flags_dbg_yes="-g"
|
||||
flags_dbg_off=""
|
||||
- flags_opt_all="-O -O0 -O1 -O2 -O3 -Os -Og -Ofast"
|
||||
- flags_opt_yes="-O2"
|
||||
+ flags_opt_all=""
|
||||
+ flags_opt_yes=""
|
||||
flags_opt_off="-O0"
|
||||
CURL_CHECK_DEF([_WIN32], [], [silent])
|
||||
else
|
||||
--
|
||||
1.7.1
|
||||
|
||||
@ -26,7 +26,7 @@ diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
|
||||
index 080421b..ea3b806 100644
|
||||
--- a/tests/libtest/Makefile.inc
|
||||
+++ b/tests/libtest/Makefile.inc
|
||||
@@ -600,6 +600,7 @@ lib1559_SOURCES = lib1559.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
|
||||
@@ -601,6 +601,7 @@ lib1559_SOURCES = lib1559.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
|
||||
lib1559_LDADD = $(TESTUTIL_LIBS)
|
||||
|
||||
lib1560_SOURCES = lib1560.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
|
||||
|
||||
@ -1,11 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmCt6IwACgkQXMkI/bce
|
||||
EsJd+Af/YCvzoV76IFh2aJpoi74XOglG327GQWnJRAt6VooIXvBPddundYOSepAw
|
||||
OQbReLSQgzmWIICjp4GnV/+gkNodpqJPB1uFHo8AHEBsiVJBTNO7c/mGirQlp5TM
|
||||
f5xGP8cf1OxwDJ6PBAHAYl4s71t6CWm0C2nf8x24ROlDsO85lz+yFCg1665IbZvp
|
||||
PFSfeIGHwyUoZesBmBFznm5KI5yc+Yn9gxsq3ujPYMvjMH7KFdw7zQu3SzYjT1+w
|
||||
bHqVul6+SC8laHuIqZfKnvrjLJMcIhe0vADoyV0/P64ZJ/4X2tGBrpxtXUJJ9S9C
|
||||
Cif/PNjYIGKg9Mk8odMjXzo8EcVFGA==
|
||||
=+IKy
|
||||
-----END PGP SIGNATURE-----
|
||||
11
curl-7.78.0.tar.xz.asc
Normal file
11
curl-7.78.0.tar.xz.asc
Normal file
@ -0,0 +1,11 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmD3wwYACgkQXMkI/bce
|
||||
EsIFMggAt5xxRun4gxld2xZB0shI8fDhjGwMK+uQNpDnnt509j/UZ9+yfDra3Stl
|
||||
BHeQXSnTE6y4dKfXIkq4q3sSX2XZUuFRLHMhzH99FsY6bxgOSnZi/iIZv/RLLXTX
|
||||
NGlDR93OfsYg9UNkZVeZlFo9262f6rz7P5EsHa4HlCS0xpvLCU7q2dtkDu8SQSW1
|
||||
sQiEZOhsyXoiqqrLAgTIP9psHt6dE7qoYh1hS6b+7S9d87MSkL5MEnHukFkemlzC
|
||||
7d9cYD9Bah1LfAaYunvzPuC9FoF6gonGPrw3tLECdl2P9PpnrGeV1Z/Nhmu0d5mN
|
||||
E2A1BXBqLs8UVo4vUbiNLk0gB3TmHg==
|
||||
=yVDK
|
||||
-----END PGP SIGNATURE-----
|
||||
16
curl.spec
16
curl.spec
@ -1,7 +1,7 @@
|
||||
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
||||
Name: curl
|
||||
Version: 7.77.0
|
||||
Release: 2%{?dist}
|
||||
Version: 7.78.0
|
||||
Release: 1%{?dist}
|
||||
License: MIT
|
||||
Source0: https://curl.se/download/%{name}-%{version}.tar.xz
|
||||
Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
|
||||
@ -13,9 +13,6 @@ Source2: mykey.asc
|
||||
# patch making libcurl multilib ready
|
||||
Patch101: 0101-curl-7.32.0-multilib.patch
|
||||
|
||||
# prevent configure script from discarding -g in CFLAGS (#496778)
|
||||
Patch102: 0102-curl-7.36.0-debug.patch
|
||||
|
||||
# prevent valgrind from reporting false positives on x86_64
|
||||
Patch105: 0105-curl-7.63.0-lib1560-valgrind.patch
|
||||
|
||||
@ -191,7 +188,6 @@ be installed.
|
||||
|
||||
# Fedora patches
|
||||
%patch101 -p1
|
||||
%patch102 -p1
|
||||
%patch105 -p1
|
||||
|
||||
# disable test 1112 (#565305), test 1455 (occasionally fails with 'bind failed
|
||||
@ -237,7 +233,6 @@ export common_configure_opts=" \
|
||||
--enable-symbol-hiding \
|
||||
--enable-ipv6 \
|
||||
--enable-threaded-resolver \
|
||||
--without-libmetalink \
|
||||
--with-gssapi \
|
||||
--with-nghttp2 \
|
||||
--with-ssl --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt"
|
||||
@ -367,6 +362,13 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
|
||||
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
|
||||
|
||||
%changelog
|
||||
* Wed Jul 21 2021 Kamil Dudka <kdudka@redhat.com> - 7.78.0-1
|
||||
- new upstream release, which fixes the following vulnerabilities
|
||||
CVE-2021-22925 - TELNET stack contents disclosure again
|
||||
CVE-2021-22924 - bad connection reuse due to flawed path name checks
|
||||
CVE-2021-22923 - metalink download sends credentials
|
||||
CVE-2021-22922 - wrong content via metalink not discarded
|
||||
|
||||
* Wed Jun 02 2021 Kamil Dudka <kdudka@redhat.com> - 7.77.0-2
|
||||
- build the curl tool without metalink support (#1967213)
|
||||
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (curl-7.77.0.tar.xz) = aef92a0e3f8ce8491b258a9a1c4dcea3c07c29b139a1f68f08619caa0295cfde76335d2dfb9cdf434525daea7dd05d8acd22f203f5ccc7735bd317964ec1da76
|
||||
SHA512 (curl-7.78.0.tar.xz) = f72e822a0b5e28320ef547c7a441c07f3b4870579a70ab4c428751baba435a1385cb89a22b9ed4b84a7fafecf620f155911e4131e3463ec1bdad80ecde47bb7a
|
||||
|
||||
Loading…
Reference in New Issue
Block a user