Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package curl for openSUSE:Factory checked in
at 2024-08-13 13:22:08
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/curl (Old)
and /work/SRC/openSUSE:Factory/.curl.new.7232 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "curl"
Tue Aug 13 13:22:08 2024 rev:201 rq:1193338 version:8.9.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/curl/curl.changes 2024-07-30
11:53:12.322477102 +0200
+++ /work/SRC/openSUSE:Factory/.curl.new.7232/curl.changes 2024-08-13
13:22:17.399861424 +0200
@@ -1,0 +2,28 @@
+Mon Aug 12 08:41:26 UTC 2024 - Pedro Monreal <pmonr...@suse.com>
+
+- Fix regression introduced in version 8.9.1:
+ * sigpipe: init the struct so that first apply ignores
+ * Add curl-sigpipe.patch
+
+-------------------------------------------------------------------
+Wed Jul 31 08:20:44 UTC 2024 - Pedro Monreal <pmonr...@suse.com>
+
+- Update to 8.9.1:
+ * Security fixes:
+ - curl: ASN.1 date parser overread [bsc#1228535, CVE-2024-7264]
+ * Bugfixes:
+ - cmake: detect 'libssh' via 'pkg-config'
+ - cmake: detect 'nettle' when building with GnuTLS
+ - connect: fix connection shutdown for event based processing
+ - curl: more defensive socket code for --ip-tos
+ - CURLOPT_SSL_CTX_FUNCTION.md: mention CA caching
+ - CURLSHOPT_SHARE.md: mention sessions/cookies as not thread-safe
+ - ftpserver.pl: make POP3 LIST serve content from the test file
+ - lib: survive some NULL input args
+ - os400: build cli manual.
+ - os400: workaround an IBM ASCII run-time library bug
+ - transfer: speed limiting fix for 32bit systems
+ - vtls: avoid forward declaration in MultiSSL builds
+ - x509asn1: unittests and fixes for gtime2str
+
+-------------------------------------------------------------------
Old:
----
curl-8.9.0.tar.xz
curl-8.9.0.tar.xz.asc
New:
----
curl-8.9.1.tar.xz
curl-8.9.1.tar.xz.asc
curl-sigpipe.patch
BETA DEBUG BEGIN:
New: * sigpipe: init the struct so that first apply ignores
* Add curl-sigpipe.patch
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ curl.spec ++++++
--- /var/tmp/diff_new_pack.vJwwLR/_old 2024-08-13 13:22:18.067889257 +0200
+++ /var/tmp/diff_new_pack.vJwwLR/_new 2024-08-13 13:22:18.067889257 +0200
@@ -29,7 +29,7 @@
%endif
Name: curl%{?psuffix}
-Version: 8.9.0
+Version: 8.9.1
Release: 0
Summary: A Tool for Transferring Data from URLs
License: curl
@@ -43,6 +43,8 @@
Patch2: curl-secure-getenv.patch
#PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled
Patch3: curl-disabled-redirect-protocol-message.patch
+#PATCH-FIX-UPSTREAM sigpipe: init the struct so that first apply ignores
+Patch4: curl-sigpipe.patch
BuildRequires: groff
BuildRequires: libtool
BuildRequires: pkgconfig
++++++ curl-8.9.0.tar.xz -> curl-8.9.1.tar.xz ++++++
++++ 16136 lines of diff (skipped)
++++++ curl-sigpipe.patch ++++++
>From 3eec5afbd0b6377eca893c392569b2faf094d970 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <dan...@haxx.se>
Date: Mon, 5 Aug 2024 00:17:17 +0200
Subject: [PATCH] sigpipe: init the struct so that first apply ignores
Initializes 'no_signal' to TRUE, so that a call to sigpipe_apply() after
init ignores the signal (unless CURLOPT_NOSIGNAL) is set.
I have read the existing code multiple times now and I think it gets the
initial state reversed this missing to ignore.
Regression from 17e6f06ea37136c36d27
Reported-by: Rasmus Thomsen
Fixes #14344
Closes #14390
---
lib/sigpipe.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/sigpipe.h b/lib/sigpipe.h
index b91a2f51333956..d78afd905d3414 100644
--- a/lib/sigpipe.h
+++ b/lib/sigpipe.h
@@ -39,6 +39,7 @@ struct sigpipe_ignore {
static void sigpipe_init(struct sigpipe_ignore *ig)
{
memset(ig, 0, sizeof(*ig));
+ ig->no_signal = TRUE;
}
/*
