From a94ce82de00deaf7134abcceb2ff0c94de4e7be3 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Wed, 12 Dec 2018 09:45:07 +0100 Subject: [PATCH] new upstream release - 7.63.0 --- 0102-curl-7.36.0-debug.patch | 2 +- curl-7.62.0.tar.xz.asc | 11 ----------- curl-7.63.0.tar.xz.asc | 11 +++++++++++ curl.spec | 5 ++++- sources | 2 +- 5 files changed, 17 insertions(+), 14 deletions(-) delete mode 100644 curl-7.62.0.tar.xz.asc create mode 100644 curl-7.63.0.tar.xz.asc diff --git a/0102-curl-7.36.0-debug.patch b/0102-curl-7.36.0-debug.patch index 495fe63..60de5b3 100644 --- a/0102-curl-7.36.0-debug.patch +++ b/0102-curl-7.36.0-debug.patch @@ -12,7 +12,7 @@ diff --git a/configure b/configure index 8f079a3..53b4774 100755 --- a/configure +++ b/configure -@@ -16421,18 +16421,11 @@ $as_echo "yes" >&6; } +@@ -16415,18 +16415,11 @@ $as_echo "yes" >&6; } gccvhi=`echo $gccver | cut -d . -f1` gccvlo=`echo $gccver | cut -d . -f2` compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null` diff --git a/curl-7.62.0.tar.xz.asc b/curl-7.62.0.tar.xz.asc deleted file mode 100644 index 230438a..0000000 --- a/curl-7.62.0.tar.xz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlvZT5wACgkQXMkI/bce -EsJG4gf+IY2RkT9d7SIBAanHOD2NeT4UtPAOVRVtpW8dD9TIJq4IKOqv8CpcCCRq -OZPJovdxM0qmXcrX2Dlf3zpPuY+bSzBW/xUYsKBBTTXhdUh5dv1Tz3HR6JzMHyT4 -hQm1mj6eFHFvayUKxoeQwiw3SkvW6WIlAySwEBzIzaE7icwvJ2dPO7xUOJWLXk/F -pDRCAuHqIIgNzNph0EKXkvLWz5poBzGaK9kpJxmeaS3aWpe0EZ4+N6ju2GfHK5jO -VQSuLWDHCZulv1eve+LOxgRjp/5kqQ/PPc3/99mEOxGRUxwCWVMEWGklAungn4bX -nBPWNGArGJq2+kMP7v5pr0onBz6wxg== -=CWQL ------END PGP SIGNATURE----- diff --git a/curl-7.63.0.tar.xz.asc b/curl-7.63.0.tar.xz.asc new file mode 100644 index 0000000..1dd44ac --- /dev/null +++ b/curl-7.63.0.tar.xz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlwQtYIACgkQXMkI/bce +EsKPHgf/RhfKPvl1Q8ftuEOXakF/ZIvINukj49vOMFmfQRHfmGWh5ajaGj0qVF6x +U5HtrDoFOP5m74tj6jrzr2Ala/HGeyZmiTWwRLMgu+Tvq4djIv2pzZUJpgawJS52 +LCb2DUS2F+E1AsZQYvyliYA+r2FO2RRX1kbwdu+0RyuFy5WmWwkI02VahAIYV48o +44IqtXshxfSAlfEqQ8MgXtU1KW0SWtfKVP2HpsurugjGyknoXxHP7yoDMgDAkMk0 +fNYyPDZbUXXN+6Oyo4Xh8rz4dpVLBkIoCZb4WG2pFZSrfP2+FTL5/vRo/tUyjFfv +2LHmDUOOFH3VMwMYlnMCgaaXG7/jtg== +=TkSP +-----END PGP SIGNATURE----- diff --git a/curl.spec b/curl.spec index 70e148e..b39182e 100644 --- a/curl.spec +++ b/curl.spec @@ -1,6 +1,6 @@ Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Name: curl -Version: 7.62.0 +Version: 7.63.0 Release: 1%{?dist} License: MIT Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz @@ -329,6 +329,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal %changelog +* Wed Dec 12 2018 Kamil Dudka - 7.63.0-1 +- new upstream release + * Wed Oct 31 2018 Kamil Dudka - 7.62.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2018-16839 - SASL password overflow via integer overflow diff --git a/sources b/sources index f127541..c40ff26 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (curl-7.62.0.tar.xz) = 3aace2fc85e1d5ac06a3208980f887b5f1de5e2a1460e130b15cff3f7e5700b958cbb8f296483290961ef41f550245590067f86558dbba25e3d3ac10cec1adcd +SHA512 (curl-7.63.0.tar.xz) = c905eb157c6b0093f1b1a506e4782b83af423fd6de1ce0ab5372164a686ef292ffb10d7999d3dec2de602f63ee41b65e1a1008409dd8c959a597644c0ecb395b