diff --git a/curl-7.39.0.tar.lzma b/curl-7.39.0.tar.lzma deleted file mode 100644 index 8c8dd0a..0000000 --- a/curl-7.39.0.tar.lzma +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8aaac1c853ef9edd7bc708bc596e7703c6bda35d6ddae78c6d72d8550024fc8f -size 2648528 diff --git a/curl-7.39.0.tar.lzma.asc b/curl-7.39.0.tar.lzma.asc deleted file mode 100644 index aca3cb0..0000000 --- a/curl-7.39.0.tar.lzma.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iEYEABECAAYFAlRZ0ScACgkQeOEcayedXJFMdwCg+1jN1OAfEVzzyJQVtBKactH7 -KLsAoI3kTOl5X+Z41Zmd2O6A9kaS23zH -=6avy ------END PGP SIGNATURE----- diff --git a/curl-7.40.0.tar.lzma b/curl-7.40.0.tar.lzma new file mode 100644 index 0000000..92ae4ba --- /dev/null +++ b/curl-7.40.0.tar.lzma @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:47dff2367ff3343ce3a4661ddb0ce8d03b18e868f77fc82ae77b2c23587325a8 +size 2684351 diff --git a/curl-7.40.0.tar.lzma.asc b/curl-7.40.0.tar.lzma.asc new file mode 100644 index 0000000..2ed4472 --- /dev/null +++ b/curl-7.40.0.tar.lzma.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iEYEABECAAYFAlSuPVwACgkQeOEcayedXJGBZACfVptdcgMlq4CelqPfrWdZpPP8 +UOMAnA2LcEYZ1bOCN3kr27ARQAz2OXT0 +=eJwT +-----END PGP SIGNATURE----- diff --git a/curl.changes b/curl.changes index 8115d72..ebfa4f5 100644 --- a/curl.changes +++ b/curl.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Thu Jan 8 09:55:11 UTC 2015 - vcizek@suse.com + +- update to 7.40.0: + * fixes CVE-2014-8150 (bnc#911363) + * Changes: + http_digest: Added support for Windows SSPI based authentication + version info: Added Kerberos V5 to the supported features + Makefile: Added VC targets for WinIDN + config-win32: Introduce build targets for VS2012+ + SSL: Add PEM format support for public key pinning + smtp: Added support for the conversion of Unix newlines during mail send + smb: Added initial support for the SMB/CIFS protocol + Added support for HTTP over unix domain sockets, + via CURLOPT_UNIX_SOCKET_PATH and --unix-socket + sasl: Added support for GSS-API based Kerberos V5 authentication + ------------------------------------------------------------------- Thu Jan 1 23:08:25 UTC 2015 - meissner@suse.com diff --git a/curl.spec b/curl.spec index 60c4745..d551bda 100644 --- a/curl.spec +++ b/curl.spec @@ -20,7 +20,7 @@ %bcond_with mozilla_nss %bcond_without testsuite Name: curl -Version: 7.39.0 +Version: 7.40.0 Release: 0 Summary: A Tool for Transferring Data from URLs License: BSD-3-Clause and MIT diff --git a/libcurl-ocloexec.patch b/libcurl-ocloexec.patch index fe634ed..35cd999 100644 --- a/libcurl-ocloexec.patch +++ b/libcurl-ocloexec.patch @@ -9,9 +9,9 @@ compile time is not enough. Index: lib/cookie.c =================================================================== ---- lib/cookie.c.orig 2014-11-14 16:22:55.236645676 +0100 -+++ lib/cookie.c 2014-11-14 16:22:56.345659444 +0100 -@@ -914,7 +914,7 @@ struct CookieInfo *Curl_cookie_init(stru +--- lib/cookie.c.orig 2014-12-10 00:01:02.000000000 +0100 ++++ lib/cookie.c 2015-01-08 11:33:25.855588512 +0100 +@@ -932,7 +932,7 @@ struct CookieInfo *Curl_cookie_init(stru fp = NULL; } else @@ -20,7 +20,7 @@ Index: lib/cookie.c c->newsession = newsession; /* new session? */ -@@ -1262,7 +1262,7 @@ static int cookie_output(struct CookieIn +@@ -1281,7 +1281,7 @@ static int cookie_output(struct CookieIn use_stdout=TRUE; } else { @@ -31,8 +31,8 @@ Index: lib/cookie.c } Index: lib/file.c =================================================================== ---- lib/file.c.orig 2014-11-14 16:22:55.236645676 +0100 -+++ lib/file.c 2014-11-14 16:23:47.405293344 +0100 +--- lib/file.c.orig 2014-11-20 18:42:17.000000000 +0100 ++++ lib/file.c 2015-01-08 11:33:25.855588512 +0100 @@ -240,7 +240,7 @@ static CURLcode file_connect(struct conn /* binary zeroes indicate foul play */ return CURLE_URL_MALFORMAT; @@ -53,8 +53,8 @@ Index: lib/file.c return CURLE_WRITE_ERROR; Index: lib/formdata.c =================================================================== ---- lib/formdata.c.orig 2014-11-14 16:22:55.237645688 +0100 -+++ lib/formdata.c 2014-11-14 16:22:56.346659457 +0100 +--- lib/formdata.c.orig 2014-11-20 18:42:17.000000000 +0100 ++++ lib/formdata.c 2015-01-08 11:33:25.856588523 +0100 @@ -1261,7 +1261,7 @@ CURLcode Curl_getformdata(struct Session FILE *fileread; @@ -75,8 +75,8 @@ Index: lib/formdata.c } Index: lib/hostip6.c =================================================================== ---- lib/hostip6.c.orig 2014-11-14 16:22:55.237645688 +0100 -+++ lib/hostip6.c 2014-11-14 16:22:56.346659457 +0100 +--- lib/hostip6.c.orig 2014-12-28 14:36:05.000000000 +0100 ++++ lib/hostip6.c 2015-01-08 11:33:25.856588523 +0100 @@ -39,7 +39,7 @@ #ifdef HAVE_PROCESS_H #include @@ -93,13 +93,13 @@ Index: lib/hostip6.c - curl_socket_t s = socket(PF_INET6, SOCK_DGRAM, 0); + curl_socket_t s = socket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0); if(s == CURL_SOCKET_BAD) - /* an ipv6 address was requested but we can't get/use one */ + /* an IPv6 address was requested but we can't get/use one */ ipv6_works = 0; Index: lib/if2ip.c =================================================================== ---- lib/if2ip.c.orig 2014-11-14 16:22:55.238645701 +0100 -+++ lib/if2ip.c 2014-11-14 16:22:56.346659457 +0100 -@@ -171,7 +171,7 @@ if2ip_result_t Curl_if2ip(int af, unsign +--- lib/if2ip.c.orig 2014-12-28 14:36:05.000000000 +0100 ++++ lib/if2ip.c 2015-01-08 11:33:25.856588523 +0100 +@@ -224,7 +224,7 @@ if2ip_result_t Curl_if2ip(int af, unsign if(len >= sizeof(req.ifr_name)) return IF2IP_NOT_FOUND; @@ -110,8 +110,8 @@ Index: lib/if2ip.c Index: lib/netrc.c =================================================================== ---- lib/netrc.c.orig 2014-11-14 16:22:55.238645701 +0100 -+++ lib/netrc.c 2014-11-14 16:22:56.346659457 +0100 +--- lib/netrc.c.orig 2014-11-04 13:51:16.000000000 +0100 ++++ lib/netrc.c 2015-01-08 11:33:25.856588523 +0100 @@ -111,7 +111,7 @@ int Curl_parsenetrc(const char *host, netrc_alloc = TRUE; } @@ -123,9 +123,9 @@ Index: lib/netrc.c if(file) { Index: lib/connect.c =================================================================== ---- lib/connect.c.orig 2014-11-14 16:22:55.238645701 +0100 -+++ lib/connect.c 2014-11-14 16:22:56.346659457 +0100 -@@ -1306,7 +1306,7 @@ CURLcode Curl_socket(struct connectdata +--- lib/connect.c.orig 2014-12-28 14:36:05.000000000 +0100 ++++ lib/connect.c 2015-01-08 11:33:25.856588523 +0100 +@@ -1314,7 +1314,7 @@ CURLcode Curl_socket(struct connectdata (struct curl_sockaddr *)addr); else /* opensocket callback not set, so simply create the socket now */ @@ -136,9 +136,9 @@ Index: lib/connect.c /* no socket, no connection */ Index: configure.ac =================================================================== ---- configure.ac.orig 2014-11-14 16:22:55.239645713 +0100 -+++ configure.ac 2014-11-14 16:22:56.347659469 +0100 -@@ -181,6 +181,7 @@ AC_CANONICAL_HOST +--- configure.ac.orig 2014-12-28 14:36:05.000000000 +0100 ++++ configure.ac 2015-01-08 11:33:55.103922543 +0100 +@@ -182,6 +182,7 @@ AC_CANONICAL_HOST dnl Get system canonical name AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-machine-OS]) @@ -146,7 +146,7 @@ Index: configure.ac dnl Checks for programs. dnl Our curl_off_t internal and external configure settings -@@ -193,6 +194,7 @@ dnl Our configure and build reentrant se +@@ -194,6 +195,7 @@ dnl Our configure and build reentrant se CURL_CONFIGURE_THREAD_SAFE CURL_CONFIGURE_REENTRANT