pool/curl
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 633271 from devel:libraries:c_c++

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/633271
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/curl?expand=0&rev=138
This commit is contained in:
Dominique Leuenberger 2018-09-07 13:34:35 +00:00 committed by Git OBS Bridge
commit 0319d898df
9 changed files with 237 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
curl-7.61.0.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:64141f0db4945268a21b490d58806b97c615d3d0c75bf8c335bbe0efd13b45b5
size 3964862

11
curl-7.61.0.tar.gz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAltFnUEACgkQXMkI/bce
EsKFUQgAml2m2W8qyDgxFApYfsd+OJYO8yx1/ogKJJrUK8SRZYPfR0aCb9klNkQu
FwwFos2B/nkxm898CBro5Lo3XiBmF3HL3schTJodb1lPP9It76yUD9J5EedrSosj
A+HzV3cPM53/pG/RUF3NhNZnye4JHwSxC92UffpMZ/HVDOhWbrJKFZLbl+lkcM2A
xMkzVDwdW6Zztze/2O3ZSvftwUoYM7u73/NQjRnhllWn/dXkc3obB2vVFfq7n0/o
zLZMoOWCbBp0Isj/sPQpUh12Q2W8KEDKm81m1IDaF0eJeA2lI3owIXsskXnqV02u
a4vLBlaRK9cSsnNPclZEix9G4I4RfA==
=Ygjy
-----END PGP SIGNATURE-----

3
curl-7.61.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:eaa812e9a871ea10dbe8e1d3f8f12a64a8e3e62aeab18cb23742e2f1727458ae
size 3986062

11
curl-7.61.1.tar.gz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAluPblgACgkQXMkI/bce
EsIhWgf/THAQX5B2B5icUfPheWyv+laMcHU1FS3RgzYu/ImIT2DqiL8kNtSebNkf
pcZzpWmOB3OBrWJSrhkMkLUfbiWksPKgLUGSc6W4BQxkLZ9wyH/oxkfgxrzDo4a2
TeQTmON38uICPsRtGZwWTVRu4ppHTUAAfNjrigP4LmxaLYdmtQaggF7MUnhzmJFB
F+1Hba6N/Qxe0PLTAF4X0Kk5wqmk5pA3lhI0mfBtvJ8uoSzGvOsddNXrmMco9qzR
st3SAd8d7i5QyNjavYptDc0sMGof0WRelezE5EvEu54xQvTI/16CkbsVe0rvgJNz
8YmRMg4KnoY7R9qy3i11rulgBUpyVA==
=3S8D
-----END PGP SIGNATURE-----

112
curl-mini.changes
View File

@ -1,3 +1,113 @@
-------------------------------------------------------------------
Wed Sep 5 07:12:59 UTC 2018 - Karol Babioch <kbabioch@suse.com>
- Update to version 7.61.1
Bugfixes:
* CVE-2018-14618: NTLM password overflow via integer overflow (bsc#1106019)
* CURLINFO_SIZE_UPLOAD: fix missing counter update
* CURLOPT_ACCEPT_ENCODING.3: list them comma-separated
* CURLOPT_SSL_CTX_FUNCTION.3: might cause accidental connection reuse
* Curl_getoff_all_pipelines: improved for multiplexed
* DEPRECATE: remove release date from 7.62.0
* HTTP: Don't attempt to needlessly decompress redirect body
* INTERNALS: require GnuTLS >= 2.11.3
* README.md: add LGTM.com code quality grade for C/C++
* SSLCERTS: improve the openssl command line
* Silence GCC 8 cast-function-type warnings
* ares: check for NULL in completed-callback
* asyn-thread: Remove unused macro
* auth: only pick CURLAUTH_BEARER if we *have* a Bearer token
* auth: pick Bearer authentication whenever a token is available
* cmake: CMake config files are defining CURL_STATICLIB for static builds
* cmake: Respect BUILD_SHARED_LIBS
* cmake: Update scripts to use consistent style
* cmake: bumped minimum version to 3.4
* cmake: link curl to the OpenSSL targets instead of lib absolute paths
* configure: conditionally enable pedantic-errors
* configure: fix for -lpthread detection with OpenSSL and pkg-config
* conn: remove the boolean 'inuse' field
* content_encoding: accept up to 4 unknown trailer bytes after raw deflate data
* cookie tests: treat files as text
* cookies: support creation-time attribute for cookies
* curl: Fix segfault when -H @headerfile is empty
* curl: add http code 408 to transient list for --retry
* curl: fix time-of-check, time-of-use race in dir creation
* curl: use Content-Disposition before the "URL end" for -OJ
* curl: warn the user if a given file name looks like an option
* curl_threads: silence bad-function-cast warning
* darwinssl: add support for ALPN negotiation
* docs/CURLOPT_URL: fix indentation
* docs/CURLOPT_WRITEFUNCTION: size is always 1
* docs/SECURITY-PROCESS: mention bounty, drop pre-notify
* docs/examples: add hiperfifo example using linux epoll/timerfd
* docs: add disallow-username-in-url.d and haproxy-protocol.d to dist
* docs: clarify NO_PROXY env variable functionality
* docs: improved the manual pages of some callbacks
* docs: mention NULL is fine input to several functions
* formdata: Remove unused macro HTTPPOST_CONTENTTYPE_DEFAULT
* gopher: Do not translate `?' to `%09'
* header output: switch off all styles, not just unbold
* hostip: fix unused variable warning
* http2: Use correct format identifier for stream_id
* http2: abort the send_callback if not setup yet
* http2: avoid set_stream_user_data() before stream is assigned
* http2: check nghttp2_session_set_stream_user_data return code
* http2: clear the drain counter in Curl_http2_done
* http2: make sure to send after RST_STREAM
* http2: separate easy handle from connections better
* http: fix for tiny "HTTP/0.9" response
* http_proxy: Remove unused macro SELECT_TIMEOUT
* lib/Makefile: only do symbol hiding if told to
* lib1502: fix memory leak in torture test
* lib1522: fix curl_easy_setopt argument type
* libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation
* mime: check Curl_rand_hex's return code
* multi: always do the COMPLETED procedure/state
* openssl: assume engine support in 1.0.0 or later
* openssl: fix debug messages
* projects: Improve Windows perl detection in batch scripts
* retry: return error if rewind was necessary but didn't happen
* reuse_conn(): memory leak - free old_conn->options
* schannel: client certificate store opening fix
* schannel: enable CALG_TLS1PRF for w32api >= 5.1
* schannel: fix MinGW compile break
* sftp: don't send post-qoute sequence when retrying a connection
* smb: fix memory leak on early failure
* smb: fix memory-leak in URL parse error path
* smb_getsock: always wait for write socket too
* ssh-libssh: fix infinite connect loop on invalid private key
* ssh-libssh: reduce excessive verbose output about pubkey auth
* ssh-libssh: use FALLTHROUGH to silence gcc8
* ssl: set engine implicitly when a PKCS#11 URI is provided
* sws: handle EINTR when calling select()
* system_win32: fix version checking
* telnet: Remove unused macros TELOPTS and TELCMDS
* test1143: disable MSYS2's POSIX path conversion
* test1148: disable if decimal separator is not point
* test1307: (fnmatch testing) disabled
* test1422: add required file feature
* test1531: Add timeout
* test1540: Remove unused macro TEST_HANG_TIMEOUT
* test214: disable MSYS2's POSIX path conversion for URL
* test320: treat curl320.out file as binary
* tests/http_pipe.py: Use /usr/bin/env to find python
* tests: Don't use Windows path %PWD for SSH tests
* tests: fixes for Windows line endlings
* tool_operate: Fix setting proxy TLS 1.3 ciphers
* travis: build darwinssl on macos 10.12 to fix linker errors
* travis: execute "set -eo pipefail" for coverage build
* travis: run a 'make checksrc' too
* travis: update to GCC-8
* travis: verify that man pages can be regenerated
* upload: allocate upload buffer on-demand
* upload: change default UPLOAD_BUFSIZE to 64KB
* urldata: remove unused pipe_broke struct field
* vtls: reinstantiate engine on duplicated handles
* windows: implement send buffer tuning
* wolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random
- Remove patch included upstream:
* curl-switch-off-all-styles.patch
-------------------------------------------------------------------
Wed Aug 22 12:32:50 UTC 2018 - kbabioch@suse.com
@ -7,7 +117,7 @@ Wed Aug 22 12:32:50 UTC 2018 - kbabioch@suse.com
-------------------------------------------------------------------
Tue Jul 17 13:56:05 UTC 2018 - pgajdos@suse.com
- Update to version 7.62.0
- Update to version 7.61.0
[bsc#1099793, CVE-2018-0500]
Changes:
* getinfo: add microsecond precise timers for seven intervals

4
curl-mini.spec
View File

@ -29,7 +29,7 @@
# need ssl always for python-pycurl
%bcond_without openssl
Name: curl-mini
Version: 7.61.0
Version: 7.61.1
Release: 0
Summary: A Tool for Transferring Data from URLs
License: curl
@ -46,7 +46,6 @@ Patch3: ignore_runtests_failure.patch
# PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled
Patch4: curl-disabled-redirect-protocol-message.patch
Patch5: curl-use_OPENSSL_config.patch
Patch6: curl-switch-off-all-styles.patch
BuildRequires: libtool
BuildRequires: pkgconfig
Requires: libcurl4%{?mini} = %{version}
@ -127,7 +126,6 @@ user interaction or any kind of interactivity.
%endif
%patch4 -p1
%patch5 -p1
%patch6 -p1
%build
# curl complains if macro definition is contained in CFLAGS

30
curl-switch-off-all-styles.patch
View File

@ -1,30 +0,0 @@
From 1b62b1704581fed8cd01e18cffe6676667e3a7f4 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 12 Jul 2018 11:04:00 +0200
Subject: [PATCH] header output: switch off all styles, not just unbold
... the "unbold" sequence doesn't work on the mac Terminal.
Reported-by: Zero King
Fixes #2736
Closes #2738
---
src/tool_cb_hdr.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c
index 88ce5e13b8..6419b72048 100644
--- a/src/tool_cb_hdr.c
+++ b/src/tool_cb_hdr.c
@@ -42,7 +42,10 @@ static char *parse_filename(const char *ptr, size_t len);
#define BOLDOFF
#else
#define BOLD "\x1b[1m"
-#define BOLDOFF "\x1b[21m"
+/* Switch off bold by settting "all attributes off" since the explicit
+ bold-off code (21) isn't supported everywhere - like in the mac
+ Terminal. */
+#define BOLDOFF "\x1b[0m"
#endif
/*

110
curl.changes
View File

@ -1,3 +1,113 @@
-------------------------------------------------------------------
Wed Sep 5 07:12:59 UTC 2018 - Karol Babioch <kbabioch@suse.com>
- Update to version 7.61.1
Bugfixes:
* CVE-2018-14618: NTLM password overflow via integer overflow (bsc#1106019)
* CURLINFO_SIZE_UPLOAD: fix missing counter update
* CURLOPT_ACCEPT_ENCODING.3: list them comma-separated
* CURLOPT_SSL_CTX_FUNCTION.3: might cause accidental connection reuse
* Curl_getoff_all_pipelines: improved for multiplexed
* DEPRECATE: remove release date from 7.62.0
* HTTP: Don't attempt to needlessly decompress redirect body
* INTERNALS: require GnuTLS >= 2.11.3
* README.md: add LGTM.com code quality grade for C/C++
* SSLCERTS: improve the openssl command line
* Silence GCC 8 cast-function-type warnings
* ares: check for NULL in completed-callback
* asyn-thread: Remove unused macro
* auth: only pick CURLAUTH_BEARER if we *have* a Bearer token
* auth: pick Bearer authentication whenever a token is available
* cmake: CMake config files are defining CURL_STATICLIB for static builds
* cmake: Respect BUILD_SHARED_LIBS
* cmake: Update scripts to use consistent style
* cmake: bumped minimum version to 3.4
* cmake: link curl to the OpenSSL targets instead of lib absolute paths
* configure: conditionally enable pedantic-errors
* configure: fix for -lpthread detection with OpenSSL and pkg-config
* conn: remove the boolean 'inuse' field
* content_encoding: accept up to 4 unknown trailer bytes after raw deflate data
* cookie tests: treat files as text
* cookies: support creation-time attribute for cookies
* curl: Fix segfault when -H @headerfile is empty
* curl: add http code 408 to transient list for --retry
* curl: fix time-of-check, time-of-use race in dir creation
* curl: use Content-Disposition before the "URL end" for -OJ
* curl: warn the user if a given file name looks like an option
* curl_threads: silence bad-function-cast warning
* darwinssl: add support for ALPN negotiation
* docs/CURLOPT_URL: fix indentation
* docs/CURLOPT_WRITEFUNCTION: size is always 1
* docs/SECURITY-PROCESS: mention bounty, drop pre-notify
* docs/examples: add hiperfifo example using linux epoll/timerfd
* docs: add disallow-username-in-url.d and haproxy-protocol.d to dist
* docs: clarify NO_PROXY env variable functionality
* docs: improved the manual pages of some callbacks
* docs: mention NULL is fine input to several functions
* formdata: Remove unused macro HTTPPOST_CONTENTTYPE_DEFAULT
* gopher: Do not translate `?' to `%09'
* header output: switch off all styles, not just unbold
* hostip: fix unused variable warning
* http2: Use correct format identifier for stream_id
* http2: abort the send_callback if not setup yet
* http2: avoid set_stream_user_data() before stream is assigned
* http2: check nghttp2_session_set_stream_user_data return code
* http2: clear the drain counter in Curl_http2_done
* http2: make sure to send after RST_STREAM
* http2: separate easy handle from connections better
* http: fix for tiny "HTTP/0.9" response
* http_proxy: Remove unused macro SELECT_TIMEOUT
* lib/Makefile: only do symbol hiding if told to
* lib1502: fix memory leak in torture test
* lib1522: fix curl_easy_setopt argument type
* libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation
* mime: check Curl_rand_hex's return code
* multi: always do the COMPLETED procedure/state
* openssl: assume engine support in 1.0.0 or later
* openssl: fix debug messages
* projects: Improve Windows perl detection in batch scripts
* retry: return error if rewind was necessary but didn't happen
* reuse_conn(): memory leak - free old_conn->options
* schannel: client certificate store opening fix
* schannel: enable CALG_TLS1PRF for w32api >= 5.1
* schannel: fix MinGW compile break
* sftp: don't send post-qoute sequence when retrying a connection
* smb: fix memory leak on early failure
* smb: fix memory-leak in URL parse error path
* smb_getsock: always wait for write socket too
* ssh-libssh: fix infinite connect loop on invalid private key
* ssh-libssh: reduce excessive verbose output about pubkey auth
* ssh-libssh: use FALLTHROUGH to silence gcc8
* ssl: set engine implicitly when a PKCS#11 URI is provided
* sws: handle EINTR when calling select()
* system_win32: fix version checking
* telnet: Remove unused macros TELOPTS and TELCMDS
* test1143: disable MSYS2's POSIX path conversion
* test1148: disable if decimal separator is not point
* test1307: (fnmatch testing) disabled
* test1422: add required file feature
* test1531: Add timeout
* test1540: Remove unused macro TEST_HANG_TIMEOUT
* test214: disable MSYS2's POSIX path conversion for URL
* test320: treat curl320.out file as binary
* tests/http_pipe.py: Use /usr/bin/env to find python
* tests: Don't use Windows path %PWD for SSH tests
* tests: fixes for Windows line endlings
* tool_operate: Fix setting proxy TLS 1.3 ciphers
* travis: build darwinssl on macos 10.12 to fix linker errors
* travis: execute "set -eo pipefail" for coverage build
* travis: run a 'make checksrc' too
* travis: update to GCC-8
* travis: verify that man pages can be regenerated
* upload: allocate upload buffer on-demand
* upload: change default UPLOAD_BUFSIZE to 64KB
* urldata: remove unused pipe_broke struct field
* vtls: reinstantiate engine on duplicated handles
* windows: implement send buffer tuning
* wolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random
- Remove patch included upstream:
* curl-switch-off-all-styles.patch
-------------------------------------------------------------------
Wed Aug 22 12:32:50 UTC 2018 - kbabioch@suse.com

4
curl.spec
View File

@ -27,7 +27,7 @@
# need ssl always for python-pycurl
%bcond_without openssl
Name: curl
Version: 7.61.0
Version: 7.61.1
Release: 0
Summary: A Tool for Transferring Data from URLs
License: curl
@ -44,7 +44,6 @@ Patch3: ignore_runtests_failure.patch
# PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled
Patch4: curl-disabled-redirect-protocol-message.patch
Patch5: curl-use_OPENSSL_config.patch
Patch6: curl-switch-off-all-styles.patch
BuildRequires: libtool
BuildRequires: pkgconfig
Requires: libcurl4%{?mini} = %{version}
@ -125,7 +124,6 @@ user interaction or any kind of interactivity.
%endif
%patch4 -p1
%patch5 -p1
%patch6 -p1
%build
# curl complains if macro definition is contained in CFLAGS