Accepting request 568861 from home:pmonrealgonzalez:branches:devel:libraries:c_c++

- Update to version 7.58.0
  [bsc1076360, CVE-2018-1000005][bsc#1077001, CVE-2018-1000007]
  Changes:
   * new libssh-powered SSH SCP/SFTP back-end
   * curl-config: add --ssl-backends
  Bugfixes:
   * http2: fix incorrect trailer buffer size
   * http: prevent custom Authorization headers in redirects
   * travis: add boringssl build
   * examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL
   * SSL: Avoid magic allocation of SSL backend specific data
   * lib: don't export all symbols, just everything curl_*
   * libssh2: send the correct CURLE error code on scp file not found
   * libssh2: return CURLE_UPLOAD_FAILED on failure to upload
   * openssl: enable pkcs12 in boringssl builds
   * libssh2: remove dead code from SSH_SFTP_QUOTE
   * sasl_getmesssage: make sure we have a long enough string to pass
   * conncache: fix several lock issues
   * threaded-shared-conn.c: new example
   * conncache: only allow multiplexing within same multi handle
   * configure: check for netinet/in6.h
   * URL: tolerate backslash after drive letter for FILE:
   * openldap: add commented out debug possibilities
   * include: get netinet/in.h before linux/tcp.h
   * CONNECT: keep close connection flag in http_connect_state struct
   * BINDINGS: another PostgreSQL client
   * curl: limit -# update frequency for unknown total size
   * configure: add AX_CODE_COVERAGE only if using gcc
   * curl.h: remove incorrect comment about ERRORBUFFER
   * openssl: improve data-pending check for https proxy

OBS-URL: https://build.opensuse.org/request/show/568861
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=214

curl-7.57.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7ce35f207562674e71dbada6891b37e3f043c1e7a82915cb9c2a17ad3a9d659b
-size 3828358

curl-7.57.0.tar.gz.asc

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAloefhsACgkQXMkI/bce
-EsLUjAf8DoTREKM+cq2Jezo36nPyjo1D+4yedCtThTSPnf2Vd5aeeFYWGpDBnFlD
-Vlp12RR72f2QsH46aa5xfpjxZTRGikgALVUpqkrT/2BtC41sMzNH84eF4vwmTJ3F
-Y57vp8ro/cGau2JV+zfvyColMghvvJWHtUl+uHB61TJ60CXrl7JtVBnNBHMuByQN
-lTO86FD6CrKiSy+wVth6ZI+EJmwAX1bAZRNByBv56UiBI5gVJsfmDNdS2WdC4bhu
-kcr60aDibFBLKHf87D8scAQUY9D1JUG9a0twY8hluesyn8blNRwIQT/4ByZTz6Aj
-0Te6LwPE/B18YRnYiSBnpw/Pqz1Y5w==
-=3iJv
------END PGP SIGNATURE-----

curl-7.58.0.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cc245bf9a1a42a45df491501d97d5593392a03f7b4f07b952793518d97666115
+size 3879728

curl-7.58.0.tar.gz.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlpoMGoACgkQXMkI/bce
+EsIpBAf/YL7L3NkhDMC6TMhGMwuI1gzF8nrQdOv75wb09t6kZ3Lnx3pXcAjLpJlS
+TjpP4b7LqAzuSaCC1MH1idXlFxbZExnnRXxQjVL/6kOqO3vyTyUALtA7R8x/aN2z
+1Dymcl82SH+nGkMoB9eh9xyOzg4yUGF+zu7CLm8tEANJdvKGwE2qfx+nI557FNV0
+rlW9SwAMH3XUhEo78HGDfqOUYSU/c/LiLXZtBinJPeKmpJzcqgZlw8libSyzWLpe
+doMo7nbHdRV12zedhYrwlM0EPi0Fhyb14tlhl8TsSrhXfZoai1r2DaxhWDOXgTvV
+cmvsfTaj6N2GHUZFLGB/Bs/ksiMDxg==
+=Ebn1
+-----END PGP SIGNATURE-----

curl-mini.changes

@@ -1,3 +1,95 @@
+-------------------------------------------------------------------
+Wed Jan 24 10:31:58 UTC 2018 - pmonrealgonzalez@suse.com
+
+- Update to version 7.58.0
+  [bsc1076360, CVE-2018-1000005][bsc#1077001, CVE-2018-1000007]
+  Changes:
+   * new libssh-powered SSH SCP/SFTP back-end
+   * curl-config: add --ssl-backends
+  Bugfixes:
+   * http2: fix incorrect trailer buffer size
+   * http: prevent custom Authorization headers in redirects
+   * travis: add boringssl build
+   * examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL
+   * SSL: Avoid magic allocation of SSL backend specific data
+   * lib: don't export all symbols, just everything curl_*
+   * libssh2: send the correct CURLE error code on scp file not found
+   * libssh2: return CURLE_UPLOAD_FAILED on failure to upload
+   * openssl: enable pkcs12 in boringssl builds
+   * libssh2: remove dead code from SSH_SFTP_QUOTE
+   * sasl_getmesssage: make sure we have a long enough string to pass
+   * conncache: fix several lock issues
+   * threaded-shared-conn.c: new example
+   * conncache: only allow multiplexing within same multi handle
+   * configure: check for netinet/in6.h
+   * URL: tolerate backslash after drive letter for FILE:
+   * openldap: add commented out debug possibilities
+   * include: get netinet/in.h before linux/tcp.h
+   * CONNECT: keep close connection flag in http_connect_state struct
+   * BINDINGS: another PostgreSQL client
+   * curl: limit -# update frequency for unknown total size
+   * configure: add AX_CODE_COVERAGE only if using gcc
+   * curl.h: remove incorrect comment about ERRORBUFFER
+   * openssl: improve data-pending check for https proxy
+   * curl: remove __EMX__ #ifdefs
+   * CURLOPT_PRIVATE.3: fix grammar
+   * sftp: allow quoted commands to use relative paths
+   * CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE
+   * RESOLVE: output verbose text when trying to set a duplicate name
+   * multi_done: prune DNS cache
+   * tests: update .gitignore for libtests
+   * tests: mark data files as non-executable in git
+   * CURLOPT_DNS_LOCAL_IP4.3: fixed the "SEE ALSO" to not self-reference
+   * curl.1: documented two missing valid exit codes
+   * curl.1: mention http:// and https:// as valid proxy prefixes
+   * vtls: replaced getenv() with curl_getenv()
+   * setopt: less *or equal* than INT_MAX/1000 should be fine
+   * examples/smtp-mail.c: use separate defines for options and mail
+   * curl: support >256 bytes warning messsages
+   * conncache: fix a return code
+   * krb5: fix a potential access of uninitialized memory
+   * rand: add a clang-analyzer work-around
+   * CURLOPT_READFUNCTION.3: refer to argument with correct name
+   * brotli: allow compiling with version 0.6.0
+   * content_encoding: rework zlib_inflate
+   * curl_easy_reset: release mime-related data
+   * examples/rtsp: fix error handling macros
+   * curl: Support size modifiers for --max-filesize
+   * examples/cacertinmem: ignore cert-already-exists error
+   * brotli: data at the end of content can be lost
+   * curl_version_info.3: call the argument 'age'
+   * openssl: fix memory leak of SSLKEYLOGFILE filename
+   * build: remove HAVE_LIMITS_H check
+   * --mail-rcpt: fix short-text description
+   * scripts: allow all perl scripts to be run directly
+   * progress: calculate transfer speed on milliseconds if possible
+   * system.h: check __LONG_MAX__ for defining curl_off_t
+   * easy: fix connection ownership in curl_easy_pause
+   * setopt: reintroduce non-static Curl_vsetopt() for OS400 support
+   * setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values
+   * configure.ac: append extra linker flags instead of prepending them
+   * HTTP: bail out on negative Content-Length: values
+   * docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
+   * mime: clone mime tree upon easy handle duplication
+   * openssl: enable SSLKEYLOGFILE support by default
+   * smtp/pop3/imap_get_message: decrease the data length too...
+   * CURLOPT_TCP_NODELAY.3: fix typo
+   * SMB: fix numeric constant suffix and variable types
+   * ftp-wildcard: fix matching an empty string with "*[^a]"
+   * curl_fnmatch: only allow 5 '*' sections in a single pattern
+   * openssl: fix potential memory leak in SSLKEYLOGFILE logic
+   * SSH: Fix state machine for ssh-agent authentication
+   * examples/url2file.c: add missing curl_global_cleanup() call
+   * http2: don't close connection when single transfer is stopped
+   * libcurl-env.3: first version
+   * curl: progress bar refresh, get width using ioctl()
+   * CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support
+
+-------------------------------------------------------------------
+Tue Jan  9 17:55:14 UTC 2018 - normand@linux.vnet.ibm.com
+
+- disable 1501 test for PowerPC as byass boo#1075219
+
 -------------------------------------------------------------------
 Wed Nov 29 10:43:55 UTC 2017 - pmonrealgonzalez@suse.com
 

curl-mini.spec

@@ -32,7 +32,7 @@
 %endif
 
 Name:           curl-mini
-Version:        7.57.0
+Version:        7.58.0
 Release:        0
 Summary:        A Tool for Transferring Data from URLs
 License:        curl
@@ -170,6 +170,10 @@ make %{?_smp_mflags} V=1
 %if %{with testsuite}
 %check
 pushd tests
+%ifarch ppc ppc64 ppc64le
+echo "# disable 1501 for PowerPC bypass boo#1075219" >>data/DISABLED
+echo "1501" >>data/DISABLED
+%endif
 make %{?_smp_mflags}
 # make sure the testsuite runs don't race on MP machines in autobuild
 if test -z "$BUILD_INCARNATION" -a -r /.buildenv; then

curl.changes

@@ -1,3 +1,90 @@
+-------------------------------------------------------------------
+Wed Jan 24 10:31:58 UTC 2018 - pmonrealgonzalez@suse.com
+
+- Update to version 7.58.0
+  [bsc1076360, CVE-2018-1000005][bsc#1077001, CVE-2018-1000007]
+  Changes:
+   * new libssh-powered SSH SCP/SFTP back-end
+   * curl-config: add --ssl-backends
+  Bugfixes:
+   * http2: fix incorrect trailer buffer size
+   * http: prevent custom Authorization headers in redirects
+   * travis: add boringssl build
+   * examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL
+   * SSL: Avoid magic allocation of SSL backend specific data
+   * lib: don't export all symbols, just everything curl_*
+   * libssh2: send the correct CURLE error code on scp file not found
+   * libssh2: return CURLE_UPLOAD_FAILED on failure to upload
+   * openssl: enable pkcs12 in boringssl builds
+   * libssh2: remove dead code from SSH_SFTP_QUOTE
+   * sasl_getmesssage: make sure we have a long enough string to pass
+   * conncache: fix several lock issues
+   * threaded-shared-conn.c: new example
+   * conncache: only allow multiplexing within same multi handle
+   * configure: check for netinet/in6.h
+   * URL: tolerate backslash after drive letter for FILE:
+   * openldap: add commented out debug possibilities
+   * include: get netinet/in.h before linux/tcp.h
+   * CONNECT: keep close connection flag in http_connect_state struct
+   * BINDINGS: another PostgreSQL client
+   * curl: limit -# update frequency for unknown total size
+   * configure: add AX_CODE_COVERAGE only if using gcc
+   * curl.h: remove incorrect comment about ERRORBUFFER
+   * openssl: improve data-pending check for https proxy
+   * curl: remove __EMX__ #ifdefs
+   * CURLOPT_PRIVATE.3: fix grammar
+   * sftp: allow quoted commands to use relative paths
+   * CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE
+   * RESOLVE: output verbose text when trying to set a duplicate name
+   * multi_done: prune DNS cache
+   * tests: update .gitignore for libtests
+   * tests: mark data files as non-executable in git
+   * CURLOPT_DNS_LOCAL_IP4.3: fixed the "SEE ALSO" to not self-reference
+   * curl.1: documented two missing valid exit codes
+   * curl.1: mention http:// and https:// as valid proxy prefixes
+   * vtls: replaced getenv() with curl_getenv()
+   * setopt: less *or equal* than INT_MAX/1000 should be fine
+   * examples/smtp-mail.c: use separate defines for options and mail
+   * curl: support >256 bytes warning messsages
+   * conncache: fix a return code
+   * krb5: fix a potential access of uninitialized memory
+   * rand: add a clang-analyzer work-around
+   * CURLOPT_READFUNCTION.3: refer to argument with correct name
+   * brotli: allow compiling with version 0.6.0
+   * content_encoding: rework zlib_inflate
+   * curl_easy_reset: release mime-related data
+   * examples/rtsp: fix error handling macros
+   * curl: Support size modifiers for --max-filesize
+   * examples/cacertinmem: ignore cert-already-exists error
+   * brotli: data at the end of content can be lost
+   * curl_version_info.3: call the argument 'age'
+   * openssl: fix memory leak of SSLKEYLOGFILE filename
+   * build: remove HAVE_LIMITS_H check
+   * --mail-rcpt: fix short-text description
+   * scripts: allow all perl scripts to be run directly
+   * progress: calculate transfer speed on milliseconds if possible
+   * system.h: check __LONG_MAX__ for defining curl_off_t
+   * easy: fix connection ownership in curl_easy_pause
+   * setopt: reintroduce non-static Curl_vsetopt() for OS400 support
+   * setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values
+   * configure.ac: append extra linker flags instead of prepending them
+   * HTTP: bail out on negative Content-Length: values
+   * docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
+   * mime: clone mime tree upon easy handle duplication
+   * openssl: enable SSLKEYLOGFILE support by default
+   * smtp/pop3/imap_get_message: decrease the data length too...
+   * CURLOPT_TCP_NODELAY.3: fix typo
+   * SMB: fix numeric constant suffix and variable types
+   * ftp-wildcard: fix matching an empty string with "*[^a]"
+   * curl_fnmatch: only allow 5 '*' sections in a single pattern
+   * openssl: fix potential memory leak in SSLKEYLOGFILE logic
+   * SSH: Fix state machine for ssh-agent authentication
+   * examples/url2file.c: add missing curl_global_cleanup() call
+   * http2: don't close connection when single transfer is stopped
+   * libcurl-env.3: first version
+   * curl: progress bar refresh, get width using ioctl()
+   * CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support
+
 -------------------------------------------------------------------
 Tue Jan  9 17:55:14 UTC 2018 - normand@linux.vnet.ibm.com
 

curl.spec

@@ -30,7 +30,7 @@
 %endif
 
 Name:           curl
-Version:        7.57.0
+Version:        7.58.0
 Release:        0
 Summary:        A Tool for Transferring Data from URLs
 License:        curl