rpms/curl
6
0
Fork 1
Code Issues Pull Requests Releases Activity

new upstream release - 7.71.0

Browse Source 
Resolves: CVE-2020-8169 - curl: Partial password leak over DNS on HTTP redirect
Resolves: CVE-2020-8177 - curl: overwrite local file with -J
This commit is contained in:
Kamil Dudka 2020-06-24 09:27:34 +02:00
parent c74a58b095
commit 8c661bb9d7
7 changed files with 28 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
0001-curl-7.70.0-tests-build-dir.patch
View File

@ -1,63 +0,0 @@
From a6d36d6795d18895a63ced7b01a2b1ba2e9e04e5 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Wed, 29 Apr 2020 13:26:14 +0200
Subject: [PATCH 1/2] tests: look for preprocessed tests in build directory
... which is not always the same directory as source directory
Closes #5310
Upstream-commit: 1066f5f0d4b304f7ba46f912cf13e12f45e39553
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
tests/server/util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/server/util.c b/tests/server/util.c
index f576b9c..09bb515 100644
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -199,7 +199,7 @@ FILE *test2fopen(long testno)
FILE *stream;
char filename[256];
/* first try the alternative, preprocessed, file */
- msnprintf(filename, sizeof(filename), ALTTEST_DATA_PATH, path, testno);
+ msnprintf(filename, sizeof(filename), ALTTEST_DATA_PATH, ".", testno);
stream = fopen(filename, "rb");
if(stream)
return stream;
--
2.21.1
From 540709d145c875c4cf67ce0c7acd6416c05f773c Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Wed, 29 Apr 2020 13:27:20 +0200
Subject: [PATCH 2/2] test1177: look for curl.h in source directory
If we use a separate build directory, there is no copy of the header.
Closes #5310
Upstream-commit: 68774da9ca5f39dbb403d63a7d9326b28263bdcb
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
tests/data/test1177 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/data/test1177 b/tests/data/test1177
index 75a1ab3..85b520c 100644
--- a/tests/data/test1177
+++ b/tests/data/test1177
@@ -18,7 +18,7 @@ Verify that CURL_VERSION_* in headers and docs are in sync
</name>
<command type="perl">
-%SRCDIR/version-scan.pl %SRCDIR/../docs/libcurl/curl_version_info.3 ../include/curl/curl.h
+%SRCDIR/version-scan.pl %SRCDIR/../docs/libcurl/curl_version_info.3 %SRCDIR/../include/curl/curl.h
</command>
</client>
--
2.21.1

14
0101-curl-7.32.0-multilib.patch
View File

@ -4,10 +4,10 @@ Date: Fri, 12 Apr 2013 12:04:05 +0200
Subject: [PATCH] prevent multilib conflicts on the curl-config script Subject: [PATCH] prevent multilib conflicts on the curl-config script
--- ---
curl-config.in | 21 +++------------------ curl-config.in | 23 +++++------------------
docs/curl-config.1 | 4 +++- docs/curl-config.1 | 4 +++-
libcurl.pc.in | 1 + libcurl.pc.in | 1 +
3 files changed, 7 insertions(+), 19 deletions(-) 3 files changed, 9 insertions(+), 19 deletions(-)
diff --git a/curl-config.in b/curl-config.in diff --git a/curl-config.in b/curl-config.in
index 150004d..95d0759 100644 index 150004d..95d0759 100644
@ -22,7 +22,7 @@ index 150004d..95d0759 100644
;; ;;
--prefix) --prefix)
@@ -155,32 +155,17 @@ while test $# -gt 0; do @@ -155,32 +155,19 @@ while test $# -gt 0; do
;; ;;
--libs) --libs)
@ -31,7 +31,7 @@ index 150004d..95d0759 100644
- else - else
- CURLLIBDIR="" - CURLLIBDIR=""
- fi - fi
- if test "X@REQUIRE_LIB_DEPS@" = "Xyes"; then - if test "X@ENABLE_SHARED@" = "Xno" -o "X@REQUIRE_LIB_DEPS@" = "Xyes"; then
- echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@ - echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@
- else - else
- echo ${CURLLIBDIR}-lcurl - echo ${CURLLIBDIR}-lcurl
@ -49,6 +49,8 @@ index 150004d..95d0759 100644
- echo "curl was built with static libraries disabled" >&2 - echo "curl was built with static libraries disabled" >&2
- exit 1 - exit 1
- fi - fi
+ echo "curl was built with static libraries disabled" >&2
+ exit 1
;; ;;
--configure) --configure)

2
0105-curl-7.63.0-lib1560-valgrind.patch
View File

@ -26,7 +26,7 @@ diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
index 080421b..ea3b806 100644 index 080421b..ea3b806 100644
--- a/tests/libtest/Makefile.inc --- a/tests/libtest/Makefile.inc
+++ b/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc
@@ -583,6 +583,7 @@ lib1559_SOURCES = lib1559.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) @@ -586,6 +586,7 @@ lib1559_SOURCES = lib1559.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib1559_LDADD = $(TESTUTIL_LIBS) lib1559_LDADD = $(TESTUTIL_LIBS)
lib1560_SOURCES = lib1560.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib1560_SOURCES = lib1560.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)

11
curl-7.70.0.tar.xz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl6pGOwACgkQXMkI/bce
EsJJvggAoWbMdK1FfuTzNORxiW/UoJmT2HCjuN5nLzlObJbhYQWnKWRfE09c2j3C
g1GQJ6vUq452DFAYiWFnml4u1E9UVjmLVrsOzsBZD1EvbVaFQF9cP1UoURU7h9n/
uTcNZ4oxuvnxYX0oDStEx9mVw63Gw+CtyUJoDNmzmVAk0sBfcCa3mRBZwhNnYPXU
dUxb6bpelcdTDJZGCJIzcmoidbS214GAGomLYrLhKlcYwU4aSKpERAnXK4TbiZjR
l30qG0HkrP1vQ1UKkUKLbuC4Fy27WgSqYBq/dY9ljmwAXb1txrsbHqA1RE3L4NyA
7uE/as3hskrUuVFidsTPwoAOPljJpw==
=g8R9
-----END PGP SIGNATURE-----

11
curl-7.71.0.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl7y9KMACgkQXMkI/bce
EsJDYAgAmtxtJ5xPWUQ3zYFzPGVGvAOIzRT0UrdWHR5JH9ED23zXsm8Nw8hgrwX4
VS6d0olNYNzEVDf+on/p3SbLBnvG4rc+i3hLMYmwfJMZW/+1Z0iwmT+nKFzBqt3n
KCmvokRzRyztasCiagBagv3qbV8v2o72hfMmEH7AWqafrRvsaAjiJDedUHi5W9rH
aBFrvuyllA/PfUsM3de4/g2Gs0i882gRmR/BMJNTCYlVRXGDXzO1Vj/jpXWOvV7W
llT0W3Y8FbPch0/R05q5Dc4k7+slPYP4eQ95qVU7pyMozHFsCiP0P3guk4LDbgW4
ljK090GRc3xBVPHI5+UYYAnt/BEnwg==
=ccth
-----END PGP SIGNATURE-----

13
curl.spec
View File

@ -1,13 +1,10 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl Name: curl
Version: 7.70.0 Version: 7.71.0
Release: 1%{?dist} Release: 1%{?dist}
License: MIT License: MIT
Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz
# make test-suite work with separate build dir
Patch1: 0001-curl-7.70.0-tests-build-dir.patch
# patch making libcurl multilib ready # patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch Patch101: 0101-curl-7.32.0-multilib.patch
@ -175,7 +172,6 @@ be installed.
%setup -q %setup -q
# upstream patches # upstream patches
%patch1 -p1
# Fedora patches # Fedora patches
%patch101 -p1 %patch101 -p1
@ -335,7 +331,7 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%files -n libcurl-devel %files -n libcurl-devel
%doc docs/examples/*.c docs/examples/Makefile.example docs/INTERNALS.md %doc docs/examples/*.c docs/examples/Makefile.example docs/INTERNALS.md
%doc docs/CONTRIBUTE.md docs/libcurl/ABI %doc docs/CONTRIBUTE.md docs/libcurl/ABI.md
%{_bindir}/curl-config* %{_bindir}/curl-config*
%{_includedir}/curl %{_includedir}/curl
%{_libdir}/*.so %{_libdir}/*.so
@ -354,6 +350,11 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog %changelog
* Wed Jun 24 2020 Kamil Dudka <kdudka@redhat.com> - 7.71.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2020-8169 - curl: Partial password leak over DNS on HTTP redirect
CVE-2020-8177 - curl: overwrite local file with -J
* Wed Apr 29 2020 Kamil Dudka <kdudka@redhat.com> - 7.70.0-1 * Wed Apr 29 2020 Kamil Dudka <kdudka@redhat.com> - 7.70.0-1
- new upstream release - new upstream release

2
sources
View File

@ -1 +1 @@
SHA512 (curl-7.70.0.tar.xz) = ab8796af1bd6f35ae704fd5e3639a8153482615a05c24e2e6d0b9cef8ed9a1e0d497ead2dbf5972cc53f632c2d87f0bf79e9e7cac625452dd24e6c7d8045cfc6 SHA512 (curl-7.71.0.tar.xz) = f1ea045f23b6a7e2c84ea83954d3299c612f57c3b1e5fee0b39493dc92fc4e95e7af2a5424c2e5bc480659e80cf1adce1fc528fc816f8ff2d0e7bfcfe4c5830a