[packages/curl] - up to 7.51.0

arekm arekm at pld-linux.org
Wed Nov 2 11:44:34 CET 2016


commit f319ccdbd27a47ff92b91e3dcab04919a6cf0e58
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Wed Nov 2 11:44:05 2016 +0100

    - up to 7.51.0
    
    Fixes:
    CVE-2016-8615: cookie injection for other servers
    CVE-2016-8616: case insensitive password comparison
    CVE-2016-8617: OOB write via unchecked multiplication
    CVE-2016-8618: double-free in curl_maprintf
    CVE-2016-8619: double-free in krb5 code
    CVE-2016-8620: glob parser write/read out of bounds
    CVE-2016-8621: curl_getdate read out of bounds
    CVE-2016-8622: URL unescape heap overflow via integer truncation
    CVE-2016-8623: Use-after-free via shared cookies
    CVE-2016-8624: invalid URL parsing with '#'
    CVE-2016-8625: IDNA 2003 makes curl use wrong host
    and few smaller issues.

 curl.spec | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)
---
diff --git a/curl.spec b/curl.spec
index e78df99..6e76f73 100644
--- a/curl.spec
+++ b/curl.spec
@@ -22,12 +22,12 @@ Summary(pt_BR.UTF-8):	Busca URL (suporta FTP, TELNET, LDAP, GOPHER, DICT, HTTP e
 Summary(ru.UTF-8):	Утилита для получения файлов с серверов FTP, HTTP и других
 Summary(uk.UTF-8):	Утиліта для отримання файлів з серверів FTP, HTTP та інших
 Name:		curl
-Version:	7.50.1
-Release:	2
+Version:	7.51.0
+Release:	1
 License:	MIT-like
 Group:		Applications/Networking
 Source0:	https://curl.haxx.se/download/%{name}-%{version}.tar.lzma
-# Source0-md5:	01ac668b9f78266d72bdb86aa9db0849
+# Source0-md5:	0f876ef6d5776d96b08510461d57db1b
 Patch0:		%{name}-ac.patch
 Patch1:		%{name}-krb5flags.patch
 URL:		http://curl.haxx.se/
@@ -268,7 +268,7 @@ rm -rf $RPM_BUILD_ROOT
 
 %files
 %defattr(644,root,root,755)
-%doc CHANGES COPYING README docs/{BUGS,FAQ,FEATURES,HISTORY,KNOWN_BUGS,MANUAL,SSLCERTS,THANKS,TODO,TheArtOfHttpScripting}
+%doc CHANGES COPYING README docs/{BUGS,FAQ,FEATURES,HISTORY.md,KNOWN_BUGS,MANUAL,SSLCERTS.md,THANKS,TODO,TheArtOfHttpScripting}
 %attr(755,root,root) %{_bindir}/curl
 %{_mandir}/man1/curl.1*
 
@@ -279,7 +279,7 @@ rm -rf $RPM_BUILD_ROOT
 
 %files devel
 %defattr(644,root,root,755)
-%doc docs/{CONTRIBUTE,INTERNALS,LICENSE-MIXING,RESOURCES}
+%doc docs/{CONTRIBUTE.md,INTERNALS.md,LICENSE-MIXING.md,RESOURCES}
 %attr(755,root,root) %{_bindir}/curl-config
 %attr(755,root,root) %{_libdir}/libcurl.so
 %{_libdir}/libcurl.la
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/curl.git/commitdiff/f319ccdbd27a47ff92b91e3dcab04919a6cf0e58



More information about the pld-cvs-commit mailing list