From e97fe007717e51dcf9355fdaa5cd90a4f9559136f7a5697876ac9dd1b20bebdf Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Fri, 19 Nov 2021 08:25:50 +0000 Subject: [PATCH] Accepting request 931828 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 7.80.0: * Changes: - CURLOPT_MAXLIFETIME_CONN: maximum allowed lifetime for conn reuse - CURLOPT_PREREQFUNCTION: add new callback - libssh2: add SHA256 fingerprint support - urlapi: add curl_url_strerror() * Bugfixes: - aws-sigv4: make signature work when post data is binary - c-hyper: don't abort CONNECT responses early when auth-in-progress - c-hyper: make CURLOPT_SUPPRESS_CONNECT_HEADERS work - cmake: add CURL_ENABLE_SSL option - cmake: with OpenSSL, define OPENSSL_SUPPRESS_DEPRECATED - configure.ac: replace krb5-config with pkg-config - configure: when hyper is selected, deselect nghttp2 - curl-confopts.m4: remove --enable/disable-hidden-symbols - curl-openssl.m4: modify library order for openssl linking - curl_ntlm_core: use OpenSSL only if DES is available - Curl_updateconninfo: store addresses for QUIC connections too - ftp: make the MKD retry to retry once per directory - http: fix Basic auth with empty name field in URL - http: reject HTTP response codes < 100 - http: remove assert that breaks hyper - http: set content length earlier - imap: display quota information - libssh2: Get the version at runtime if possible - md5: fix compilation with OpenSSL 3.0 API - ngtcp2: advertise h3 as well as h3-29 - ngtcp2: compile with the latest nghttp3 - ngtcp2: use latest QUIC TLS RFC9001 - NTLM: use DES_set_key_unchecked with OpenSSL OBS-URL: https://build.opensuse.org/request/show/931828 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=304 --- curl-7.79.1.tar.xz | 3 --- curl-7.79.1.tar.xz.asc | 11 ---------- curl-7.80.0.tar.xz | 3 +++ curl-7.80.0.tar.xz.asc | 11 ++++++++++ curl.changes | 48 ++++++++++++++++++++++++++++++++++++++++++ curl.spec | 8 +++---- 6 files changed, 66 insertions(+), 18 deletions(-) delete mode 100644 curl-7.79.1.tar.xz delete mode 100644 curl-7.79.1.tar.xz.asc create mode 100644 curl-7.80.0.tar.xz create mode 100644 curl-7.80.0.tar.xz.asc diff --git a/curl-7.79.1.tar.xz b/curl-7.79.1.tar.xz deleted file mode 100644 index 48318b8..0000000 --- a/curl-7.79.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689 -size 2465212 diff --git a/curl-7.79.1.tar.xz.asc b/curl-7.79.1.tar.xz.asc deleted file mode 100644 index b7477d3..0000000 --- a/curl-7.79.1.tar.xz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmFKyZYACgkQXMkI/bce -EsKyewgAivvAdC3J5DBsXlR7NMWpdbVVbT87m8ONxaIflFjwrIPdaazgiX/dsiS9 -zNaPQe5k5JH0DoQipiebrg4Zi248TTqH8GXi1sAlsqBFjWroYoeKxeCkSLOsFDVj -ahZp2UM6FZTTUAQElw92+xlHJ1eD5L5CzIc+VLeVi4PAysrB1L4tPDmOFEfS1iZl -wLzxKHuNnuDMWaizfxt9F2yc/ct++sNNuBZ8FHv4nJRIEANY/nCpttQFGgjS8V8l -b22q5yIQez7zsCc9o7phS+CWLYEEgrcM+Qw7bmj1ANPgNlQ/dP5FKIwreZB1s5uV -FBq4pS30d/CfaaE0vZ27D1G6ZoLvyA== -=oayQ ------END PGP SIGNATURE----- diff --git a/curl-7.80.0.tar.xz b/curl-7.80.0.tar.xz new file mode 100644 index 0000000..7e5b92f --- /dev/null +++ b/curl-7.80.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a132bd93188b938771135ac7c1f3ac1d3ce507c1fcbef8c471397639214ae2ab +size 2474492 diff --git a/curl-7.80.0.tar.xz.asc b/curl-7.80.0.tar.xz.asc new file mode 100644 index 0000000..e929704 --- /dev/null +++ b/curl-7.80.0.tar.xz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmGLaNoACgkQXMkI/bce +EsKjDQgAgGlHB1nwcbahhkHWVnEqBrDrMFnKvGe8uCtJHnpRxrYfWceck3j8gZBV +V4xKrz3g/nTVu9p7QjEta/ZHP9TW1TJKePH6mqe31GtXGqUURTVz3XKusvyVwLYy +qqf2vA+3QKCTFM/xbP33W5eFUYA9KvdWGeRe34WoL5i2IpsElacehzg69eIfU5uK +yreJcAHHYgLWPwE2ipMBDiBZa1sz5wTAC3RXzfGHjcCvYHlrqC7CVAyWXy3xL/j2 +d8MUkqL3lKGlVRaNPYWAq6shw1hNw+i86DHcxiKeZKgF0vRk3NqhFH6dRFUS6N4w +f3GZ72waLPhwfIL/d08WAD1jZZQang== +=uLqC +-----END PGP SIGNATURE----- diff --git a/curl.changes b/curl.changes index b195f88..ab32bcf 100644 --- a/curl.changes +++ b/curl.changes @@ -1,3 +1,51 @@ +------------------------------------------------------------------- +Tue Nov 16 16:16:49 UTC 2021 - Pedro Monreal + +- Update to 7.80.0: + * Changes: + - CURLOPT_MAXLIFETIME_CONN: maximum allowed lifetime for conn reuse + - CURLOPT_PREREQFUNCTION: add new callback + - libssh2: add SHA256 fingerprint support + - urlapi: add curl_url_strerror() + * Bugfixes: + - aws-sigv4: make signature work when post data is binary + - c-hyper: don't abort CONNECT responses early when auth-in-progress + - c-hyper: make CURLOPT_SUPPRESS_CONNECT_HEADERS work + - cmake: add CURL_ENABLE_SSL option + - cmake: with OpenSSL, define OPENSSL_SUPPRESS_DEPRECATED + - configure.ac: replace krb5-config with pkg-config + - configure: when hyper is selected, deselect nghttp2 + - curl-confopts.m4: remove --enable/disable-hidden-symbols + - curl-openssl.m4: modify library order for openssl linking + - curl_ntlm_core: use OpenSSL only if DES is available + - Curl_updateconninfo: store addresses for QUIC connections too + - ftp: make the MKD retry to retry once per directory + - http: fix Basic auth with empty name field in URL + - http: reject HTTP response codes < 100 + - http: remove assert that breaks hyper + - http: set content length earlier + - imap: display quota information + - libssh2: Get the version at runtime if possible + - md5: fix compilation with OpenSSL 3.0 API + - ngtcp2: advertise h3 as well as h3-29 + - ngtcp2: compile with the latest nghttp3 + - ngtcp2: use latest QUIC TLS RFC9001 + - NTLM: use DES_set_key_unchecked with OpenSSL + - openssl: if verifypeer is not requested, skip the CA loading + - openssl: with OpenSSL 1.1.0+ a failed RAND_status means goaway + - schannel: fix memory leak due to failed SSL connection + - sendf: accept zero-length data in Curl_client_write() + - sha256: use high-level EVP interface for OpenSSL + - sws: fix memory leak on exit + - tool_operate: a failed etag save now only fails that transfer + - url: check the return value of curl_url() + - url: set "k->size" -1 at start of request + - urlapi: skip a strlen(), pass in zero + - urlapi: URL decode percent-encoded host names + - vtls: Fix a memory leak if an SSL session cannot be added to the cache + - wolfssl: use for SHA256, MD4, MD5, and setting DES odd parity +* Use --with-openssl configure option, --with-ssl is now deprecated + ------------------------------------------------------------------- Wed Sep 22 11:17:15 UTC 2021 - Pedro Monreal diff --git a/curl.spec b/curl.spec index 6ef6700..9fefc24 100644 --- a/curl.spec +++ b/curl.spec @@ -21,7 +21,7 @@ # need ssl always for python-pycurl %bcond_without openssl Name: curl -Version: 7.79.1 +Version: 7.80.0 Release: 0 Summary: A Tool for Transferring Data from URLs License: curl @@ -44,7 +44,7 @@ BuildRequires: openldap2-devel BuildRequires: pkgconfig(krb5) BuildRequires: pkgconfig(libbrotlidec) BuildRequires: pkgconfig(libidn2) -# Disable metalink [bsc#1188218, CVE-2021-22923][bsc#1188219, CVE-2021-22924] +# Disable metalink [bsc#1188218, CVE-2021-22923][bsc#1188217, CVE-2021-22922] # BuildRequires: pkgconfig(libmetalink) BuildRequires: pkgconfig(libnghttp2) BuildRequires: pkgconfig(libpsl) @@ -112,12 +112,12 @@ sed -i 's/\(link_all_deplibs=\)unknown/\1no/' configure %configure \ --enable-ipv6 \ %if %{with openssl} - --with-ssl \ + --with-openssl \ --with-ca-fallback \ --without-ca-path \ --without-ca-bundle \ %else - --without-ssl \ + --without-openssl \ %if %{with mozilla_nss} --with-nss \ %endif