[packages/curl] - up to 7.51.0
arekm
arekm at pld-linux.org
Wed Nov 2 11:44:34 CET 2016
commit f319ccdbd27a47ff92b91e3dcab04919a6cf0e58
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Wed Nov 2 11:44:05 2016 +0100
- up to 7.51.0
Fixes:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
and few smaller issues.
curl.spec | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
---
diff --git a/curl.spec b/curl.spec
index e78df99..6e76f73 100644
--- a/curl.spec
+++ b/curl.spec
@@ -22,12 +22,12 @@ Summary(pt_BR.UTF-8): Busca URL (suporta FTP, TELNET, LDAP, GOPHER, DICT, HTTP e
Summary(ru.UTF-8): Утилита для получения файлов с серверов FTP, HTTP и других
Summary(uk.UTF-8): Утиліта для отримання файлів з серверів FTP, HTTP та інших
Name: curl
-Version: 7.50.1
-Release: 2
+Version: 7.51.0
+Release: 1
License: MIT-like
Group: Applications/Networking
Source0: https://curl.haxx.se/download/%{name}-%{version}.tar.lzma
-# Source0-md5: 01ac668b9f78266d72bdb86aa9db0849
+# Source0-md5: 0f876ef6d5776d96b08510461d57db1b
Patch0: %{name}-ac.patch
Patch1: %{name}-krb5flags.patch
URL: http://curl.haxx.se/
@@ -268,7 +268,7 @@ rm -rf $RPM_BUILD_ROOT
%files
%defattr(644,root,root,755)
-%doc CHANGES COPYING README docs/{BUGS,FAQ,FEATURES,HISTORY,KNOWN_BUGS,MANUAL,SSLCERTS,THANKS,TODO,TheArtOfHttpScripting}
+%doc CHANGES COPYING README docs/{BUGS,FAQ,FEATURES,HISTORY.md,KNOWN_BUGS,MANUAL,SSLCERTS.md,THANKS,TODO,TheArtOfHttpScripting}
%attr(755,root,root) %{_bindir}/curl
%{_mandir}/man1/curl.1*
@@ -279,7 +279,7 @@ rm -rf $RPM_BUILD_ROOT
%files devel
%defattr(644,root,root,755)
-%doc docs/{CONTRIBUTE,INTERNALS,LICENSE-MIXING,RESOURCES}
+%doc docs/{CONTRIBUTE.md,INTERNALS.md,LICENSE-MIXING.md,RESOURCES}
%attr(755,root,root) %{_bindir}/curl-config
%attr(755,root,root) %{_libdir}/libcurl.so
%{_libdir}/libcurl.la
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/curl.git/commitdiff/f319ccdbd27a47ff92b91e3dcab04919a6cf0e58
More information about the pld-cvs-commit
mailing list