!4 update to 7.69.1

Merge pull request !4 from orange-snn/master
2020-05-12 10:52:57 +08:00 · 2020-05-12 10:52:57 +08:00 · 8da27392a6
commit 8da27392a6
parent 1c74858e38 078759bd9e
7 changed files with 59 additions and 188 deletions
--- a/0001-curl-7.66.0-metalink-memleak.patch
+++ b/0001-curl-7.66.0-metalink-memleak.patch
@ -1,71 +0,0 @@
 From 855ebacdffbc421b121563ae1ecd9fde736bfaf2 Mon Sep 17 00:00:00 2001
 From: Kamil Dudka <kdudka@redhat.com>
 Date: Wed, 11 Sep 2019 16:32:11 +0200
 Subject: [PATCH] curl: fix memory leaked by parse_metalink()
 This commit fixes a regression introduced by curl-7_65_3-5-gb88940850.
 Detected by tests 2005, 2008, 2009, 2010, 2011, and 2012 with valgrind
 and libmetalink enabled.
 Closes #4326
 Upstream-commit: 1ca91bcdb588dc6c25d345f2411fdba314433732
 Signed-off-by: Kamil Dudka <kdudka@redhat.com>
 ---
 src/tool_metalink.c | 2 +-
 src/tool_metalink.h | 3 +++
 src/tool_operate.c  | 4 ++++
 3 files changed, 8 insertions(+), 1 deletion(-)
 diff --git a/src/tool_metalink.c b/src/tool_metalink.c
 index 0740407f9..cd5a7d650 100644
 --- a/src/tool_metalink.c
 +++ b/src/tool_metalink.c
@@ -965,7 +965,7 @@ static void delete_metalink_resource(metalink_resource *res)
   Curl_safefree(res);
 }
 -static void delete_metalinkfile(metalinkfile *mlfile)
 +void delete_metalinkfile(metalinkfile *mlfile)
 {
   metalink_resource *res;
   if(mlfile == NULL) {
 diff --git a/src/tool_metalink.h b/src/tool_metalink.h
 index 1e367033c..f5ec306f7 100644
 --- a/src/tool_metalink.h
 +++ b/src/tool_metalink.h
@@ -105,6 +105,8 @@ extern const digest_params SHA256_DIGEST_PARAMS[1];
  * Counts the resource in the metalinkfile.
  */
 int count_next_metalink_resource(metalinkfile *mlfile);
 +
 +void delete_metalinkfile(metalinkfile *mlfile);
 void clean_metalink(struct OperationConfig *config);
 /*
@@ -158,6 +160,7 @@ void metalink_cleanup(void);
 #else /* USE_METALINK */
 #define count_next_metalink_resource(x)  0
 +#define delete_metalinkfile(x)  (void)x
 #define clean_metalink(x)  (void)x
 /* metalink_cleanup() takes no arguments */
 diff --git a/src/tool_operate.c b/src/tool_operate.c
 index d2ad9642d..09dfc0c84 100644
 --- a/src/tool_operate.c
 +++ b/src/tool_operate.c
@@ -2073,6 +2073,10 @@ static CURLcode serial_transfers(struct GlobalConfig *global,
     result = post_transfer(global, share, per, result, &retry);
     if(retry)
       continue;
 +
 +    /* Release metalink related resources here */
 +    delete_metalinkfile(per->mlfile);
 +
     per = del_transfer(per);
     /* Bail out upon critical errors or --fail-early */
 -- 
 2.20.1
--- a/0103-curl-7.59.0-python3.patch
+++ b/0103-curl-7.59.0-python3.patch
@ -9,8 +9,7 @@ there is no 'impacket' module available for Python 3:
 https://github.com/CoreSecurity/impacket/issues/61
 ---
 tests/negtelnetserver.py | 4 ++--
- tests/smbserver.py       | 4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
 2 files changed, 4 insertions(+), 4 deletions(-)
 diff --git a/tests/negtelnetserver.py b/tests/negtelnetserver.py
 index 8cfd409..72ee771 100755
@ -30,28 +29,7 @@ index 8cfd409..72ee771 100755
         except IOError:
             log.exception("IOError hit during request")
-diff --git a/tests/smbserver.py b/tests/smbserver.py
+
-index 195ae39..b09cd44 100755
+--
 --- a/tests/smbserver.py
 +++ b/tests/smbserver.py
@@ -24,7 +24,7 @@
 from __future__ import (absolute_import, division, print_function)
 # unicode_literals)
 import argparse
 -import ConfigParser
 +import configparser
 import os
 import sys
 import logging
@@ -58,7 +58,7 @@ def smbserver(options):
             f.write("{0}".format(pid))
     # Here we write a mini config for the server
 -    smb_config = ConfigParser.ConfigParser()
 +    smb_config = configparser.ConfigParser()
     smb_config.add_section("global")
     smb_config.set("global", "server_name", "SERVICE")
     smb_config.set("global", "server_os", "UNIX")
 -- 
 2.14.3
--- a/0105-curl-7.63.0-lib1560-valgrind.patch
+++ b/0105-curl-7.63.0-lib1560-valgrind.patch
@ -2,16 +2,16 @@ From f55cca0e86f59ec11ffafd5c0503c39ca3723e2e Mon Sep 17 00:00:00 2001
 From: Kamil Dudka <kdudka@redhat.com>
 Date: Mon, 4 Feb 2019 17:32:56 +0100
 Subject: [PATCH] libtest: compile lib1560.c with -fno-builtin-strcmp
-
+ 
 ... to prevent valgrind from reporting false positives on x86_64:
-
+ 
 Conditional jump or move depends on uninitialised value(s)
   at 0x10BCAA: part2id (lib1560.c:489)
   by 0x10BCAA: updateurl (lib1560.c:521)
   by 0x10BCAA: set_parts (lib1560.c:630)
   by 0x10BCAA: test (lib1560.c:802)
   by 0x4923412: (below main) (in /usr/lib64/libc-2.28.9000.so)
-
+ 
 Conditional jump or move depends on uninitialised value(s)
   at 0x10BCC3: part2id (lib1560.c:491)
   by 0x10BCC3: updateurl (lib1560.c:521)
@ -21,19 +21,18 @@ Conditional jump or move depends on uninitialised value(s)
 ---
 tests/libtest/Makefile.inc | 1 +
 1 file changed, 1 insertion(+)
-
+ 
 diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
 index 080421b..ea3b806 100644
 --- a/tests/libtest/Makefile.inc
 +++ b/tests/libtest/Makefile.inc
-@@ -531,6 +531,7 @@ lib1559_SOURCES = lib1559.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+@@ -562,6 +562,7 @@ lib1559_SOURCES = lib1559.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
 lib1559_LDADD = $(TESTUTIL_LIBS)
 lib1560_SOURCES = lib1560.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
 +lib1560_CFLAGS = $(AM_CFLAGS) -fno-builtin-strcmp
 lib1560_LDADD = $(TESTUTIL_LIBS)
- lib1591_SOURCES = lib1591.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+ lib1564_SOURCES = lib1564.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
 -- 
 2.17.2
--- a/0106-curl-fix-CVE-2019-15601.patch
+++ b/0106-curl-fix-CVE-2019-15601.patch
@ -1,45 +0,0 @@
 From 1b71bc532bde8621fd3260843f8197182a467ff2 Mon Sep 17 00:00:00 2001
 From: Daniel Stenberg <daniel@haxx.se>
 Date: Thu, 7 Nov 2019 10:13:01 +0100
 Subject: [PATCH] file: on Windows, refuse paths that start with \\
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 ... as that might cause an unexpected SMB connection to a given host
 name.
 Reported-by: Fernando Muñoz
 CVE-2019-15601
 Bug: https://curl.haxx.se/docs/CVE-2019-15601.html
 ---
 lib/file.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
 diff --git a/lib/file.c b/lib/file.c
 index d349cd9..166931d 100644
 --- a/lib/file.c
 +++ b/lib/file.c
@@ -136,7 +136,7 @@ static CURLcode file_connect(struct connectdata *conn, bool *done)
   struct Curl_easy *data = conn->data;
   char *real_path;
   struct FILEPROTO *file = data->req.protop;
 -  int fd;
 +  int fd = -1;
 #ifdef DOS_FILESYSTEM
   size_t i;
   char *actual_path;
@@ -181,7 +181,9 @@ static CURLcode file_connect(struct connectdata *conn, bool *done)
       return CURLE_URL_MALFORMAT;
     }
 -  fd = open_readonly(actual_path, O_RDONLY|O_BINARY);
 +  if(strncmp("\\\\", actual_path, 2))
 +    /* refuse to open path that starts with two backslashes */
 +    fd = open_readonly(actual_path, O_RDONLY|O_BINARY);
   file->path = actual_path;
 #else
   if(memchr(real_path, 0, real_path_len)) {
 -- 
 1.8.3.1
--- a/curl-7.66.0.tar.xz
+++ b/curl-7.66.0.tar.xz
--- a/curl-7.69.1.tar.gz
+++ b/curl-7.69.1.tar.gz
--- a/curl.spec
+++ b/curl.spec
@ -5,20 +5,18 @@
 %global _configure ../configure
 Name:           curl
-Version:        7.66.0
+Version:        7.69.1
-Release:        2
+Release:        1
 Summary:        Curl is used in command lines or scripts to transfer data
 License:        MIT
 URL:            https://curl.haxx.se/
-Source:         https://curl.haxx.se/download/curl-%{version}.tar.xz
+Source:         https://curl.haxx.se/download/curl-%{version}.tar.gz
-Patch1:         0001-curl-7.66.0-metalink-memleak.patch
+Patch6000:      0101-curl-7.32.0-multilib.patch
-Patch101:       0101-curl-7.32.0-multilib.patch
+Patch6001:      0102-curl-7.36.0-debug.patch
-Patch102:       0102-curl-7.36.0-debug.patch
+Patch6002:      0103-curl-7.59.0-python3.patch
-Patch103:       0103-curl-7.59.0-python3.patch
+Patch6003:      0104-curl-7.19.7-localhost6.patch
-Patch104:       0104-curl-7.19.7-localhost6.patch
+Patch6004:      0105-curl-7.63.0-lib1560-valgrind.patch
 Patch105:       0105-curl-7.63.0-lib1560-valgrind.patch
 Patch106:       0106-curl-fix-CVE-2019-15601.patch
 BuildRequires:  automake brotli-devel coreutils gcc groff krb5-devel
 BuildRequires:  libidn2-devel libmetalink-devel libnghttp2-devel libpsl-devel
@ -33,34 +31,33 @@ BuildRequires:  perl(Time::Local) perl(Time::HiRes) perl(vars)
 BuildRequires:  valgrind
 %endif
-Requires:       libpsl >= %{libpsl_version} libssh >= %{libssh_version}
+Requires:	libcurl == %{version}-%{release}
-Requires:       openssl-libs >= 1:%{openssl_version}
+Provides:       curl-full = %{version}-%{release} webclient = %{version}-%{release}
-
+Obsoletes:	curl-full < %{version}-%{release} webclient < %{version}-%{release}
 Provides:       curl-full = %{version}-%{release} libcurl-full = %{version}-%{release}
 Provides:       webclient libcurl = %{version}-%{release}
 Obsoletes:      libcurl < %{version}-%{release}
 %description
 cURL is a computer software project providing a library (libcurl) and
 command-line tool (curl) for transferring data using various protocols.
-%package        devel
+%package	-n libcurl
-Summary:        Files needed for building applications with libcurl
+Summary:	A library for getting files from web servers
-Requires:       curl = %{version}-%{release}
+Requires:	libssh >= %{libssh_version} libpsl >= %{libpsl_version}
-Provides:       curl-devel = %{version}-%{release}
+Requires:       openssl-libs >= 1:%{openssl_version}
-Provides:       libcurl-devel = %{version}-%{release}
+Provides:	libcurl-full = %{version}-%{release} 
 Obsoletes:      curl-devel < %{version}-%{release}
 Obsoletes:      libcurl-devel < %{version}-%{release}
-%description    devel
+%description -n libcurl
-The curl-devel package includes header files and libraries necessary for developing programs.
+A library for getting files from web servers.
-%package        help
+%package -n 	libcurl-devel
-Summary:        Documents for autogen
+Summary:	Header files for libcurl
-Buildarch:      noarch
+Requires:	libcurl = %{version}-%{release}
 Provides:	curl-devel = %{version}-%{release}
 Obsoletes:	curl-devel < %{version}-%{release}
 %description -n libcurl-devel
 Header files for libcurl.
-%description    help
+%package_help
 Man pages and other related documents.
 %prep
 %autosetup -n %{name}-%{version} -p1
@ -79,15 +76,10 @@ sed -e 's/^35$/35,52/' -i tests/data/test323
 %build
 install -d build-full
-export common_configure_opts=" \
+export common_configure_opts="--cache-file=../config.cache \
-    --cache-file=../config.cache \
+    --enable-symbol-hiding  --enable-ipv6  --enable-threaded-resolver \
-    --disable-static \
+    --with-gssapi  --with-nghttp2  --with-ssl \
-    --enable-symbol-hiding \
+    --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt"
    --enable-ipv6 \
    --enable-threaded-resolver \
    --with-gssapi \
    --with-nghttp2 \
    --with-ssl --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt"
 # configure full build
 (
@ -126,19 +118,25 @@ LD_LIBRARY_PATH="$RPM_BUILD_ROOT%{_libdir}:$LD_LIBRARY_PATH" %make_install -C sc
 # by fish-3.0.2-1.module_f31+3716+57207597 and would trigger a conflict
 rm -rf ${RPM_BUILD_ROOT}%{_datadir}/fish
 rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.a
 rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %ldconfig_scriptlets
 %ldconfig_scriptlets -n libcurl
 %files
 %defattr(-,root,root)
 %license COPYING
 %{_bindir}/curl
 %{_datadir}/zsh
 %files -n libcurl
 %defattr(-,root,root)
 %{_libdir}/libcurl.so.4
 %{_libdir}/libcurl.so.4.[0-9].[0-9]
-%files devel
+%files -n libcurl-devel
 %defattr(-,root,root)
 %doc docs/examples/*.c docs/examples/Makefile.example docs/INTERNALS.md
 %doc docs/CONTRIBUTE.md docs/libcurl/ABI
@ -158,6 +156,18 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_mandir}/man3/*
 %changelog
 * Fri Apr 17 2020 songnannan <songnannan2@huawei.com> - 7.69.1-1
 - Type:bugfix
 - ID:NA
 - SUG:NA
 - DESC:update to 7.69.1
 * Tue Apr 14 2020 songnannan <songnannan2@huawei.com> - 7.66.0-3
 - Type:bugfix
 - ID:NA
 - SUG:NA
 - DESC:split out the libcurl and libcurl-devel package
 * Tue Mar 17 2020 chenzhen <chenzhen44@huawei.com> - 7.66.0-2
 - Type:cves
 - ID:CVE-2019-15601