rpms/curl
8
0
Fork 1
Code Issues Pull Requests Releases Activity

new upstream release - 7.57.0

Browse Source 
Resolves: CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow
Resolves: CVE-2017-8817 - curl: FTP wildcard out of bounds read
Resolves: CVE-2017-8818 - curl: SSL out of buffer access
This commit is contained in:
Kamil Dudka 2017-11-29 13:58:44 +01:00
parent 5d4a9257c3
commit ed352e927e
5 changed files with 20 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
0102-curl-7.36.0-debug.patch
View File

@ -12,7 +12,7 @@ diff --git a/configure b/configure
index 8f079a3..53b4774 100755
--- a/configure
+++ b/configure
@@ -16501,18 +16501,11 @@ $as_echo "yes" >&6; }
@@ -16508,18 +16508,11 @@ $as_echo "yes" >&6; }
gccvhi=`echo $gccver | cut -d . -f1`
gccvlo=`echo $gccver | cut -d . -f2`
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`

11
curl-7.56.1.tar.xz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlnthGcACgkQXMkI/bce
EsL8iQf+KpTYayGV9X+fg4owYmGfQdDrWiV5YFbTlTOBTYSNQQBUuWX+VE5kMNhd
xsE27/JGgQWRKqM1UXACN18FYviAoWq7yb/4cGW3Ws3V4+GxmpGuaBsxaULobxDQ
uco2CAsi0PtIizMa2di+vWhAznDDKHfiw69F18hTD+k9B9xIHnEX3EGQDVi8Gksk
TtQ62A06HInIJw/hk6tEbFMzyI4J4iJh/NBPwxqUefsr2E6gG443FB61qjltrzPb
17OU/DZDpRf4MIQjwz1rgxdLWPagF3EcmpL0mgIEUg70dshzG6rrP1jSzsMwou6J
sQoV0oUXSY5zdUnIjiS5TOoJa3eyLw==
=0ZNH
-----END PGP SIGNATURE-----

11
curl-7.57.0.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAloefhsACgkQXMkI/bce
EsJ5Wwf/W2iMekYTk+zF2iCvCSlTT93gRl1RXIi5v3lMO3H13Xv66304ny5/XEI8
Mf0dfif/+ADV4Cm9Gsfs5Gx3d6IDtzRW66gpoNnEt/u6xLKlJWPAKHBEAOW7bDZU
78qgEAmH1CVbzD+yc1vkSTZWc3ilfezjMfwUa5E5RkTtcoD6mTWzeMLm5doFxc3s
NvPu40IlJ2Ss3jqRoKgvkGeUuOiQYUb7DDDCaSF6jZjB88J1HFYWU+i7zjVoAdD3
jRVan6R5RJbJqvo9yKT0YWxbR2RKoQIydg8Xa7ocKTM6205vc94AXSHLSkjHMr+H
5UgyAJvkk2FaoJIwLJUSTYE3RDlqog==
=Kzqh
-----END PGP SIGNATURE-----

8
curl.spec
View File

@ -1,6 +1,6 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
Version: 7.56.1
Version: 7.57.0
Release: 1%{?dist}
License: MIT
Group: Applications/Internet
@ -298,6 +298,12 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.[0-9].[0-9].[0-9].minimal
%changelog
* Wed Nov 29 2017 Kamil Dudka <kdudka@redhat.com> - 7.57.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow
CVE-2017-8817 - curl: FTP wildcard out of bounds read
CVE-2017-8818 - curl: SSL out of buffer access
* Mon Oct 23 2017 Kamil Dudka <kdudka@redhat.com> - 7.56.1-1
- new upstream release (fixes CVE-2017-1000257)

2
sources
View File

@ -1 +1 @@
SHA512 (curl-7.56.1.tar.xz) = 5cd86257c4bd39f971d854b966ace05fc18c39962589525c4090a7b243f7e2739dccae2ac1a634578f86ead6bba290d862f3a835e4856b0549386e319ebb588d
SHA512 (curl-7.57.0.tar.xz) = 200076753e3d7b9f3edd381937cb72710f4051b2f041102b49626e4e82c3f50d2bf4917b9ddb957fde37753e9457c81087c792528077916ae5c04875944a6b8d