[packages/curl] up to 7.76.0 (fixes CVE-2021-22876 CVE-2021-22890)

Wed Mar 31 13:24:41 CEST 2021

commit eef5da07c1cdb69a12ee667a31a1c6ee56166b9c
Author: Jan Palus <atler at pld-linux.org>
Date:   Wed Mar 31 13:22:40 2021 +0200

    up to 7.76.0 (fixes CVE-2021-22876 CVE-2021-22890)
    
    - gsasl bcond for SCRAM support (enabled by default)

 curl-ac.patch | 4 ++--
 curl.spec     | 9 +++++++--
 2 files changed, 9 insertions(+), 4 deletions(-)
---

diff --git a/curl.spec b/curl.spec
index 6b8f889..d464f5d 100644
--- a/curl.spec
+++ b/curl.spec
@@ -4,6 +4,7 @@
 %bcond_without	ssh		# SSH support
 %bcond_without	ssl		# SSL support
 %bcond_with	gnutls		# GnuTLS instead of OpenSSL
+%bcond_without	gsasl		# SCRAM support with gsasl
 %bcond_without	kerberos5	# Heimdal Kerberos 5 support
 %bcond_without	ldap		# LDAP support
 %bcond_without	http2		# HTTP/2.0 support (nghttp2 based)
@@ -23,18 +24,19 @@ Summary(pt_BR.UTF-8):	Busca URL (suporta FTP, TELNET, LDAP, GOPHER, DICT, HTTP e
 Summary(ru.UTF-8):	Утилита для получения файлов с серверов FTP, HTTP и других
 Summary(uk.UTF-8):	Утиліта для отримання файлів з серверів FTP, HTTP та інших
 Name:		curl
-Version:	7.75.0
+Version:	7.76.0
 Release:	1
 License:	MIT-like
 Group:		Applications/Networking
 Source0:	https://curl.haxx.se/download/%{name}-%{version}.tar.xz
-# Source0-md5:	9730df8636d67b4e256ebc49daf27246
+# Source0-md5:	41178ceea57c863f883b6fe2c3ac276f
 Patch0:		%{name}-ac.patch
 Patch1:		%{name}-krb5flags.patch
 URL:		http://curl.haxx.se/
 BuildRequires:	autoconf >= 2.57
 BuildRequires:	automake
 %{?with_ares:BuildRequires:	c-ares-devel >= 1.7.0}
+%{?with_gsasl:BuildRequires:	gsasl-devel}
 %{?with_kerberos5:BuildRequires:	heimdal-devel}
 BuildRequires:	libbrotli-devel >= 1.0.0
 BuildRequires:	libidn2-devel
@@ -57,6 +59,7 @@ BuildRequires:	openssl-devel >= 1.0.1
 %endif
 %endif
 BuildRequires:	tar >= 1:1.22
+BuildRequires:	xz
 BuildRequires:	zlib-devel
 BuildRequires:	zstd-devel
 Requires:	%{name}-libs = %{version}-%{release}
@@ -142,6 +145,7 @@ Summary(uk.UTF-8):	Файли для розробки з використанн
 Group:		Development/Libraries
 Requires:	%{name}-libs = %{version}-%{release}
 %{?with_ares:Requires:	c-ares-devel}
+%{?with_gsasl:Requires:	gsasl-devel}
 %{?with_kerberos5:Requires:	heimdal-devel}
 Requires:	libbrotli-devel >= 1.0.0
 Requires:	libidn2-devel
@@ -246,6 +250,7 @@ Dopełnianianie parametrów w ZSH dla polecenia curl.
 %configure \
 	ac_cv_header_gss_h=no \
 	%{__enable_disable ares} \
+	%{__enable_disable gsasl} \
 	--enable-ipv6 \
 	%{__enable_disable ldap} \
 	%{__enable_disable ldap ldaps} \
diff --git a/curl-ac.patch b/curl-ac.patch
index d4e1f43..cd5591c 100644
--- a/curl-ac.patch
+++ b/curl-ac.patch
@@ -2,8 +2,8 @@ diff -urN curl-7.12.1.org/configure.ac curl-7.12.1/configure.ac
 --- curl-7.12.1.org/configure.ac	2004-08-13 02:20:37.003335512 +0200
 +++ curl-7.12.1/configure.ac	2004-08-13 02:21:07.172749064 +0200
 @@ -392,7 +392,7 @@
- main()
- {
+  struct sockaddr_in6 s;
+  (void)s;
   if (socket(AF_INET6, SOCK_STREAM, 0) < 0)
 -   exit(1);
 +   exit(0);
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/curl.git/commitdiff/eef5da07c1cdb69a12ee667a31a1c6ee56166b9c

