Accepting request 1189336 from devel:libraries:c_c++

OBS-URL: https://build.opensuse.org/request/show/1189336
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/curl?expand=0&rev=200
This commit is contained in:
Dominique Leuenberger 2024-07-30 09:53:10 +00:00 committed by Git OBS Bridge
commit f27f10ffaa
8 changed files with 107 additions and 65 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0f58bb95fc330c8a46eeb3df5701b0d90c9d9bfcc42bd1cd08791d12551d4400
size 2748860

View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmZNiQcACgkQXMkI/bce
EsKpxwf/XuUnVCDn7fC0t7I07jjovBc+CTgwMpgvXBHw2CdURhpdCLF3AHARcPLA
zwf8FhM2FB+K7A7JgMy9QZSDNfKkCLYMILqsn9U3sIOzGIinJJq9d89W8CuVhcEK
x4a0c4g0jax8p3EVHN5tio7EZTrfUHvnXY+PLUMx52v/0Q1OWagVYwkg4qTb5fHL
IrfXCQkg8b4kxw5p9d7n0OvyN6W2VdvIlX7ZxXPmjX9tQT6LK7KZj49P09oRzxsM
1UNF0A5YiNgsONJ4l1/tOQub9uE6pu+fhJ97XLzH1K1d1ha98dIE/veudCaqkZDq
CfvkeuN68zsv85MdvD6S16RC2JhhCA==
=ONcR
-----END PGP SIGNATURE-----

3
curl-8.9.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ff09b2791ca56d25fd5c3f3a4927dce7c8a9dc4182200c487ca889fba1fdd412
size 2781828

11
curl-8.9.0.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmagncYACgkQXMkI/bce
EsIf4wf/RVl/4hrfHsntyMCoM/SnY/PZlWommcAnfmSff0OAKV6OvtINkPUAyBdg
T1PGwkbPOLHB93NBFOm7bjSixbNgRL58gR3Rh+kvMKzx7G2Ug/gpWH3c8JHvwsHw
S4TCjuVGYsAWDn9/3y3qQNypmUMV8tIWslXoya5F9GtrnJEFItQ1efPPIra9nTtx
9XRrmB2/EUvPsdKmkztNP8NYaEyYDVPst+1HUv8+UdK5GL1wG8rAp2vPiofvHRDe
l9AiGu+d9U+UuqO8vNhqc46ii+h4Uj8Sk51mNf88TKAhEdKvPUMEaaySQzu23CKr
TCyqjvRyY12mEGT0bOX2xIsf0C665g==
=GGbI
-----END PGP SIGNATURE-----

View File

@ -1,26 +0,0 @@
From 4cc5657247183a0bc3b0969beeaea9acddb09d22 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 22 May 2024 08:43:43 +0200
Subject: [PATCH] docs/Makefile.am: make curl-config.1 install
on "make install" like it should
Follow-up to 60971d665b9b1df87082
Closes #13741
---
docs/Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/docs/Makefile.am b/docs/Makefile.am
index 83f5b0c461cc0f..e9ef6284860555 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -28,6 +28,7 @@ if BUILD_DOCS
# if we disable man page building, ignore these
MK_CA_DOCS = mk-ca-bundle.1
CURLCONF_DOCS = curl-config.1
+man_MANS = curl-config.1
endif
CURLPAGES = curl-config.md mk-ca-bundle.md

View File

@ -1,3 +1,73 @@
-------------------------------------------------------------------
Wed Jul 24 07:07:57 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
- Update to 8.9.0:
* Security fixes:
- [bsc#1227888, CVE-2024-6197] curl: freeing stack buffer
in utf8asn1str
- [bsc#1228260, CVE-2024-6874] idn: tweak buffer use when
converting with macidn
* Changes:
- curl: add --ip-tos (IP Type of Service / Traffic Class)
- curl: add --mptcp
- curl: add --vlan-priority
- curl: add -w '%{num_retries}
- gnutls: support CA caching
- mbedtls: support CURLOPT_CERTINFO
- noproxy: patterns need to be comma separated
- socket: support binding to interface *AND* IP
- tcpkeepalive: add CURLOPT_TCP_KEEPCNT and --keepalive-cnt
- urlapi: add CURLU_NO_GUESS_SCHEME
- wolfssl: support CA caching
* Bugfixes:
- connection: shutdown TLS (for FTP) better
- curl-config: revert to backticks to support old target envs
- curl: allow etag and content-disposition for 3xx reply
- curl: bsearch the --write-out variable name
- curl: check for --disable case *sensitively*
- doh: fix leak and zero-length HTTPS RR crash
- file: separate fake headers and body with a stand-alone CRLF
- ftp: remove redundant null pointer check in loop condition
- gnutls: improve TLS shutdown
- gnutls: pass in SNI name, not hostname when checking cert
- hostip: skip error check for infallible function call
- http/3: add shutdown support
- http/3: resume upload on ack if we have more data to send
- lib: add a few DEBUGASSERT(data) to aid code analyzers
- lib: add failure reason on bind errors
- lib: graceful connection shutdown
- lib: xfer_setup and non-blocking shutdown
- multi: add multi->proto_hash, a key-value store for protocol data
- multi: do a final progress update on connect failure
- multi: fix multi_wait() timeout handling
- multi: fix pollset during RESOLVING phase
- ngtcp2+quictls: fix cert-status use
- noproxy: test bad ipv6 net size first
- openssl/gnutls: rectify the TLS version checks for QUIC
- openssl: fix hostname handling when using ECH
- openssl: stop duplicate ssl key logging for legacy OpenSSL
- quic: enable UDP GRO
- quic: openssl quic, cmake and doc version update to 3.3.0
- quic: require at least OpenSSL 3.3 for QUIC
- quic: update to quiche 0.22.0
- smtp: for starttls, do full upgrade
- tool_operate: avoid explicitly setting verifypeer to 1
- tool_writeout: get certinfo only when needing it
- transfer: avoid polling socket every transfer loop
- transfer: conn close on paused upload
- transfer: do not use EXPIRE_NOW while blocked
- transfer: remove curl_upload_refill_watermark, no longer used
- transfer: set CSELECT_IN if there is data pending
- url: allow DoH transfers to override max connection limit
- x509asn1: add some common ECDSA OIDs
- x509asn1: ASN1tostr() should fail when 'constructed' is set
- x509asn1: fallback to dotted OID representation
- x509asn1: prevent NULL dereference
- x509asn1: remove superfluous free()
- x509asn1: remove two static variables
* Rebase libcurl-ocloexec.patch
* Remove curl-make-install-curl-config.patch upstream
-------------------------------------------------------------------
Thu Jun 20 15:22:47 UTC 2024 - Dirk Müller <dmueller@suse.com>

View File

@ -29,7 +29,7 @@
%endif
Name: curl%{?psuffix}
Version: 8.8.0
Version: 8.9.0
Release: 0
Summary: A Tool for Transferring Data from URLs
License: curl
@ -43,8 +43,6 @@ Patch1: dont-mess-with-rpmoptflags.patch
Patch2: curl-secure-getenv.patch
#PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled
Patch3: curl-disabled-redirect-protocol-message.patch
#PATCH-FIX-UPSTREAM Fix make install for curl-config.1 github.com/curl/curl/pull/13741
Patch4: curl-make-install-curl-config.patch
BuildRequires: groff
BuildRequires: libtool
BuildRequires: pkgconfig

View File

@ -7,11 +7,11 @@ To make it portable you have to test O_CLOEXEC support at *runtime*
compile time is not enough.
Index: curl-8.4.0/lib/file.c
Index: curl-8.9.0/lib/file.c
===================================================================
--- curl-8.4.0.orig/lib/file.c
+++ curl-8.4.0/lib/file.c
@@ -232,7 +232,7 @@ static CURLcode file_connect(struct Curl
--- curl-8.9.0.orig/lib/file.c
+++ curl-8.9.0/lib/file.c
@@ -242,7 +242,7 @@ static CURLcode file_connect(struct Curl
}
}
#else
@ -20,19 +20,19 @@ Index: curl-8.4.0/lib/file.c
file->path = real_path;
#endif
#endif
@@ -318,7 +318,7 @@ static CURLcode file_upload(struct Curl_
@@ -329,7 +329,7 @@ static CURLcode file_upload(struct Curl_
else
mode = MODE_DEFAULT|O_TRUNC;
- fd = open(file->path, mode, data->set.new_file_perms);
+ fd = open(file->path, mode|O_CLOEXEC, data->set.new_file_perms);
if(fd < 0) {
failf(data, "Can't open %s for writing", file->path);
failf(data, "cannot open %s for writing", file->path);
return CURLE_WRITE_ERROR;
Index: curl-8.4.0/lib/if2ip.c
Index: curl-8.9.0/lib/if2ip.c
===================================================================
--- curl-8.4.0.orig/lib/if2ip.c
+++ curl-8.4.0/lib/if2ip.c
--- curl-8.9.0.orig/lib/if2ip.c
+++ curl-8.9.0/lib/if2ip.c
@@ -208,7 +208,7 @@ if2ip_result_t Curl_if2ip(int af,
if(len >= sizeof(req.ifr_name))
return IF2IP_NOT_FOUND;
@ -42,11 +42,11 @@ Index: curl-8.4.0/lib/if2ip.c
if(CURL_SOCKET_BAD == dummy)
return IF2IP_NOT_FOUND;
Index: curl-8.4.0/configure.ac
Index: curl-8.9.0/configure.ac
===================================================================
--- curl-8.4.0.orig/configure.ac
+++ curl-8.4.0/configure.ac
@@ -428,6 +428,8 @@ AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-m
--- curl-8.9.0.orig/configure.ac
+++ curl-8.9.0/configure.ac
@@ -441,6 +441,8 @@ AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-m
# Silence warning: ar: 'u' modifier ignored since 'D' is the default
AC_SUBST(AR_FLAGS, [cr])
@ -55,10 +55,10 @@ Index: curl-8.4.0/configure.ac
dnl This defines _ALL_SOURCE for AIX
CURL_CHECK_AIX_ALL_SOURCE
Index: curl-8.4.0/lib/hostip.c
Index: curl-8.9.0/lib/hostip.c
===================================================================
--- curl-8.4.0.orig/lib/hostip.c
+++ curl-8.4.0/lib/hostip.c
--- curl-8.9.0.orig/lib/hostip.c
+++ curl-8.9.0/lib/hostip.c
@@ -44,6 +44,7 @@
#include <setjmp.h>
#include <signal.h>
@ -67,20 +67,20 @@ Index: curl-8.4.0/lib/hostip.c
#include "urldata.h"
#include "sendf.h"
#include "hostip.h"
@@ -609,7 +610,7 @@ bool Curl_ipv6works(struct Curl_easy *da
@@ -616,7 +617,7 @@ bool Curl_ipv6works(struct Curl_easy *da
else {
int ipv6_works = -1;
/* probe to see if we have a working IPv6 stack */
- curl_socket_t s = socket(PF_INET6, SOCK_DGRAM, 0);
+ curl_socket_t s = socket(PF_INET6, SOCK_DGRAM|SOCK_CLOEXEC, 0);
if(s == CURL_SOCKET_BAD)
/* an IPv6 address was requested but we can't get/use one */
/* an IPv6 address was requested but we cannot get/use one */
ipv6_works = 0;
Index: curl-8.4.0/lib/cf-socket.c
Index: curl-8.9.0/lib/cf-socket.c
===================================================================
--- curl-8.4.0.orig/lib/cf-socket.c
+++ curl-8.4.0/lib/cf-socket.c
@@ -274,7 +274,9 @@ static CURLcode socket_open(struct Curl_
--- curl-8.9.0.orig/lib/cf-socket.c
+++ curl-8.9.0/lib/cf-socket.c
@@ -360,7 +360,9 @@ static CURLcode socket_open(struct Curl_
}
else {
/* opensocket callback not set, so simply create the socket now */