new upstream release - 7.61.0

Resolves: CVE-2018-0500 - SMTP send heap buffer overflow
2018-07-11 14:16:32 +02:00 · 2018-07-11 14:16:32 +02:00 · a89a46eca8
commit a89a46eca8
parent d41d215108
5 changed files with 19 additions and 15 deletions
--- a/0102-curl-7.36.0-debug.patch
+++ b/0102-curl-7.36.0-debug.patch
@ -12,7 +12,7 @@ diff --git a/configure b/configure
 index 8f079a3..53b4774 100755
 --- a/configure
 +++ b/configure
-@@ -16537,18 +16537,11 @@ $as_echo "yes" >&6; }
+@@ -16409,18 +16409,11 @@ $as_echo "yes" >&6; }
     gccvhi=`echo $gccver | cut -d . -f1`
     gccvlo=`echo $gccver | cut -d . -f2`
     compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`
--- a/curl-7.60.0.tar.xz.asc
+++ b/curl-7.60.0.tar.xz.asc
@ -1,11 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlr7zUoACgkQXMkI/bce
 EsK3jgf7Bvnswxxgq4wQWmqRKQvkN/zkuA2GjSm98M7mizVHl/7/imeqDl7S1vp0
 A6KCI99Epf+2EYgxrEbvZqlSQ6H30eBxOvV2yNwPhrS3UnXwNSJsbFr5bDRE4o8S
 upyP/tSgEIGJcpq0bstrD7T/DRZ1yFCLB5rOOJx4lQnPuB3C7GAmuOj1ZtIxWIn+
 D/G+X1+/oZlils2TMI7ryjRuFvOSPHdUNldwtvfaRg0i3tNYnPbWq54lhouSn31H
 ft8wNd3nnUpueWCWaKKXo+GBVDemDAMEcDbna+woW5SFLI6ZG/c822ljtld05Dk1
 KmwikC7MREQxkODmC10yrgy9I9akNg==
 =f++X
 -----END PGP SIGNATURE-----
--- a/curl-7.61.0.tar.xz.asc
+++ b/curl-7.61.0.tar.xz.asc
@ -0,0 +1,11 @@
 -----BEGIN PGP SIGNATURE-----
 iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAltFnUIACgkQXMkI/bce
 EsJSSggAo2pO9DacErY/wVqYm2KA76s8HDMyGkvb7HXPWe3w1Nj6nwCY8Knbp2C6
 s6LZ73gqKfe3K+kFsFE6bFy9l2MKNs64cBG19dNUGcoYek6zt1BBXC6LT8/eOWc4
 l6HKift+CBh6ErtInB2CzmoG7dvNoZA00sERJbj9w+QZK4CTBZPWjz9BRHo7V31q
 VnciTRgJ39HjL0kupdDIZgpCL741aWlkbOZu5wsRfe7nxWeiCdyOVluXluDi9t2i
 s1mTPMpkMWDIEh723QL5jOlct9/hTLXAS2yZeR6qJafcicyIboXh0ZwGQGonHADi
 aBs922AWx3v8x18thsCMQZwJSHiYEw==
 =7p0n
 -----END PGP SIGNATURE-----
--- a/curl.spec
+++ b/curl.spec
@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
-Version: 7.60.0
+Version: 7.61.0
-Release: 3%{?dist}
+Release: 1%{?dist}
 License: MIT
 Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz
@ -307,6 +307,10 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
 %changelog
 * Wed Jul 11 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-1
 - new upstream release, which fixes the following vulnerability
    CVE-2018-0500 - SMTP send heap buffer overflow
 * Tue Jul 10 2018 Kamil Dudka <kdudka@redhat.com> - 7.60.0-3
 - enable support for brotli compression in libcurl-full
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (curl-7.60.0.tar.xz) = 96a0c32ca846a76bba75e9e560ad4c15df79540992ed1a83713095be94ddba039f289bda9678762fd79fb9691fe810735178fb9dc970c37012dff96b8ce08abf
+SHA512 (curl-7.61.0.tar.xz) = 1b450bbd794460fea12374a49739a49a43c3651038dc092c277769bab09a62627f8eedfa94b5c1610503bf20eeaf60643a1e32fdcf1bcf8d4085090c4a598b13
`@ -1 +1 @@`
	`SHA512 (curl-7.60.0.tar.xz) = 96a0c32ca846a76bba75e9e560ad4c15df79540992ed1a83713095be94ddba039f289bda9678762fd79fb9691fe810735178fb9dc970c37012dff96b8ce08abf`	`SHA512 (curl-7.61.0.tar.xz) = 1b450bbd794460fea12374a49739a49a43c3651038dc092c277769bab09a62627f8eedfa94b5c1610503bf20eeaf60643a1e32fdcf1bcf8d4085090c4a598b13`