Resolves: CVE-2021-22901 - fix TLS session caching disaster

This commit is contained in:
Kamil Dudka 2021-05-26 10:22:51 +02:00
parent aa689a0f22
commit bc006791a4
2 changed files with 1017 additions and 0 deletions

File diff suppressed because it is too large Load Diff

View File

@ -11,6 +11,9 @@ Patch1: 0001-curl-7.76.1-resource-leaks.patch
# fix TELNET stack contents disclosure (CVE-2021-22898)
Patch2: 0002-curl-7.76.1-CVE-2021-22898.patch
# fix TLS session caching disaster (CVE-2021-22901)
Patch3: 0003-curl-7.76.1-CVE-2021-22901.patch
# patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch
@ -188,6 +191,7 @@ be installed.
# upstream patches
%patch1 -p1
%patch2 -p1
%patch3 -p1
# Fedora patches
%patch101 -p1
@ -369,6 +373,7 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%changelog
* Wed May 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-3
- fix TLS session caching disaster (CVE-2021-22901)
- fix TELNET stack contents disclosure (CVE-2021-22898)
* Mon May 03 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-2