new upstream release - 7.50.0

2016-07-21 11:31:27 +02:00 · 2016-07-21 11:31:27 +02:00 · bed70046cf
commit bed70046cf
parent 83e65ab057
5 changed files with 17 additions and 53 deletions
--- a/0007-curl-7.49.1-urlglob.patch
+++ b/0007-curl-7.49.1-urlglob.patch
@ -1,35 +0,0 @@
-From 5a3eddc9c327dcc20620d8ae47b27f5085811c7e Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Fri, 3 Jun 2016 11:26:20 +0200
-Subject: [PATCH] tool_urlglob: fix off-by-one error in glob_parse()
-
-... causing SIGSEGV while parsing URL with too many globs.
-Minimal example:
-
-$ curl $(for i in $(seq 101); do printf '{a}'; done)
-
-Reported-by: Romain Coltel
-Bug: https://bugzilla.redhat.com/1340757
-
-Upstream-commit: 584d0121c353ed855115c39f6cbc009854018029
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
- src/tool_urlglob.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
-index 70d17fe..a357b8b 100644
--- a/src/tool_urlglob.c
-+++ b/src/tool_urlglob.c
-@@ -401,7 +401,7 @@ static CURLcode glob_parse(URLGlob *glob, char *pattern,
-       }
-     }
- 
-    if(++glob->size > GLOB_PATTERN_NUM)
-+    if(++glob->size >= GLOB_PATTERN_NUM)
-       return GLOBERROR("too many globs", pos, CURLE_URL_MALFORMAT);
-   }
-   return res;
-- 
-2.5.5
-
--- a/curl-7.49.1.tar.lzma.asc
+++ b/curl-7.49.1.tar.lzma.asc
@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2
-
-iQEcBAABCgAGBQJXS9rrAAoJEFzJCP23HhLCQ4MIAIKNa1jj9CcGbnuFDi/buyAW
-k0YEQZOOohvX0Kx/oYbga8gSKiy0NBYqS6u+MK3b8k5yDdRS6yD2eHZRdcFF/w4N
-kKRS77fkYm+OdZ9KrTcK4X9VJs0T9YYBkAEJFSTmvDmM6mtoage/Kf44q+jbyB4O
-QqtoZhRui2cZ+w4Eaj4R40sWpFSWKYwpzMqfrsfWlcoIUk9TZRePT60FfDXYXvVV
-GeybgTlYHlFJ+imQd0jwL8+YmO4/Q48FrRoVYMX/oqiC/f4tRVeIJML2BS+W2J65
-iCPw3CPb6INCrSd4/yRAajXUxco66EQX/FO5aeCvdDDvoWdp5UD6zDTemC1gUyw=
-=4/tM
-----END PGP SIGNATURE-----
--- a/curl-7.50.0.tar.lzma.asc
+++ b/curl-7.50.0.tar.lzma.asc
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iQEcBAABCgAGBQJXkI6pAAoJEFzJCP23HhLC6F4H/2M0xB4iDTUy14+6ilY6hhvF
+jZw6VPkN5upjN660koECvycRtTDry94ZoGcTcifHba3NjixkpfpY1Xa3qixoyqos
+IlyyqG77NcrMGs3us6dEpqxUlQ+I2F+LXGLm9Uz/A7c6NN1dh2esXeJD911Dhmbs
+Ko4qbB1+m1FYxTjv9X2m99+93QtfKVnFGfjfF7mR6ZUKLsq+Ix8djzlmQ3p/d0XK
+LhmkO3kfvHiE83ENRVTj/oplqLFTd7MOAkzc22OQ267GwqntlM0K2YsdGR2DEEiZ
+ReI4KGzNwkG/VIeEBRHV38NpcGjNzm3lUcJPXSQ5xON5rGvsjsLvyWN4yS+MbT8=
+=NWkR
+-----END PGP SIGNATURE-----
--- a/curl.spec
+++ b/curl.spec
@ -1,14 +1,11 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
-Version: 7.49.1
-Release: 3%{?dist}
+Version: 7.50.0
+Release: 1%{?dist}
 License: MIT
 Group: Applications/Internet
 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma

-# fix SIGSEGV of the curl tool while parsing URL with too many globs (#1340757)
-Patch7:   0007-curl-7.49.1-urlglob.patch
-
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch

@ -121,7 +118,6 @@ documentation of the library, too.
 %setup -q

 # upstream patches
-%patch7 -p1

 # Fedora patches
 %patch101 -p1
@ -225,6 +221,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/libcurl.m4

 %changelog
+* Wed Jul 21 2016 Kamil Dudka <kdudka@redhat.com> 7.50.0-1
+- new upstream release
+
 * Fri Jun 17 2016 Kamil Dudka <kdudka@redhat.com> 7.49.1-3
 - use multilib-rpm-config to install arch-dependent header files

--- a/2
+++ b/2
@ -1 +1 @@
-ae5e5e395da413d1fa0864e1d0a3fa57  curl-7.49.1.tar.lzma
+ecb8d3699c7087146b2953fee1bdaa41  curl-7.50.0.tar.lzma