Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package curl for openSUSE:Factory checked in
at 2025-05-30 14:21:32
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/curl (Old)
and /work/SRC/openSUSE:Factory/.curl.new.25440 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "curl"
Fri May 30 14:21:32 2025 rev:211 rq:1280834 version:8.14.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/curl/curl.changes 2025-04-20
19:51:07.670774625 +0200
+++ /work/SRC/openSUSE:Factory/.curl.new.25440/curl.changes 2025-05-30
17:20:21.378839924 +0200
@@ -1,0 +2,56 @@
+Wed May 28 09:36:23 UTC 2025 - Pedro Monreal <pmonr...@suse.com>
+
+- Update to 8.14.0:
+ * Security fixes:
+ - [CVE-2025-4947, bsc#1243397] QUIC certificate check skip with wolfSSL
+ - [CVE-2025-5025, bsc#1243706] No QUIC certificate pinning with wolfSSL
+ * Changes:
+ - mqtt: send ping at upkeep interval
+ - schannel: handle pkcs12 client certificates containing CA certificates
+ - TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs
+ - vquic: ngtcp2 + openssl support
+ - wcurl: import v2025.04.20 script + docs
+ - websocket: add option to disable auto-pong reply
+ * Bugfixes:
+ - asny-thrdd: fix detach from running thread
+ - async-threaded resolver: use ref counter
+ - async: DoH improvements
+ - build: enable gcc-12/13+, clang-10+ picky warnings
+ - build: enable gcc-15 picky warnings
+ - certs: drop unused `default_bits` from `.prm` files
+ - cf-https-connect: use the passed in dns struct pointer
+ - cf-socket: fix FTP accept connect
+ - cfilters: remove assert
+ - cmake: fix nghttp3 static linking with `USE_OPENSSL_QUIC=ON`
+ - cmake: prefer `COMPILE_OPTIONS` over `CMAKE_C_FLAGS` for custom C options
+ - cmake: revert `CURL_LTO` behavior for multi-config generators
+ - configure: fix --disable-rt
+ - CONTRIBUTE: add project guidelines for AI use
+ - cpool/cshutdown: force close connections under pressure
+ - curl: fix memory leak when -h is used in config file
+ - curl_get_line: handle lines ending on the buffer boundary
+ - headers: enforce a max number of response header to accept
+ - http: fix HTTP/2 handling of TE request header using "trailers"
+ - lib: include files using known path
+ - lib: unify conversions to/from hex
+ - libssh: add NULL check for Curl_meta_get()
+ - libssh: fix memory leak
+ - mqtt: use conn/easy meta hash
+ - multi: do transfer book keeping using mid
+ - multi: init_do(): check result
+ - netrc: avoid NULL deref on weird input
+ - netrc: avoid strdup NULL
+ - netrc: deal with null token better
+ - openssl-quic: avoid potential `-Wnull-dereference`, add assert
+ - openssl-quic: fix shutdown when stream not open
+ - openssl: enable builds for *both* engines and providers
+ - openssl: set the cipher string before doing private cert
+ - progress: avoid integer overflow when gathering total transfer size
+ - rand: update comment on Curl_rand_bytes weak random
+ - rustls: make max size of cert and key reasonable
+ - smb: avoid integer overflow on weird input date
+ - urlapi: redirecting to "" is considered fine
+ * Remove curl-8.13.0-CloseSocket.patch upstream
+ * Rebase libcurl-ocloexec.patch
+
+-------------------------------------------------------------------
Old:
----
curl-8.13.0-CloseSocket.patch
curl-8.13.0.tar.xz
curl-8.13.0.tar.xz.asc
New:
----
curl-8.14.0.tar.xz
curl-8.14.0.tar.xz.asc
BETA DEBUG BEGIN:
Old: - urlapi: redirecting to "" is considered fine
* Remove curl-8.13.0-CloseSocket.patch upstream
* Rebase libcurl-ocloexec.patch
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ curl.spec ++++++
--- /var/tmp/diff_new_pack.FypfiO/_old 2025-05-30 17:20:23.930947755 +0200
+++ /var/tmp/diff_new_pack.FypfiO/_new 2025-05-30 17:20:23.942948262 +0200
@@ -30,7 +30,7 @@
%endif
Name: curl%{?psuffix}
-Version: 8.13.0
+Version: 8.14.0
Release: 0
Summary: A Tool for Transferring Data from URLs
License: curl
@@ -44,8 +44,6 @@
Patch2: curl-secure-getenv.patch
# PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled
Patch3: curl-disabled-redirect-protocol-message.patch
-# PATCH-FIX-UPSTREAM curl-8.13.0-CloseSocket.patch fix Leap build
-Patch4: curl-8.13.0-CloseSocket.patch
BuildRequires: groff
BuildRequires: libtool
BuildRequires: pkgconfig
@@ -226,6 +224,9 @@
%files -n libcurl%{?psuffix}4
%license COPYING
%{_libdir}/libcurl.so.4*
+%if %{with mini}
+%exclude %{_bindir}/wcurl
+%endif
%if !%{with mini}
%files
@@ -234,6 +235,8 @@
%doc docs/{BUGS.md,FAQ,FEATURES.md,TODO,TheArtOfHttpScripting.md}
%{_bindir}/curl
%{_mandir}/man1/curl.1%{?ext_man}
+%{_bindir}/wcurl
+%{_mandir}/man1/wcurl.1%{?ext_man}
%files zsh-completion
%license COPYING
++++++ curl-8.13.0.tar.xz -> curl-8.14.0.tar.xz ++++++
++++ 131249 lines of diff (skipped)
++++++ libcurl-ocloexec.patch ++++++
--- /var/tmp/diff_new_pack.FypfiO/_old 2025-05-30 17:20:26.195043419 +0200
+++ /var/tmp/diff_new_pack.FypfiO/_new 2025-05-30 17:20:26.195043419 +0200
@@ -7,11 +7,11 @@
compile time is not enough.
-Index: curl-8.13.0/lib/file.c
+Index: curl-8.14.0/lib/file.c
===================================================================
---- curl-8.13.0.orig/lib/file.c
-+++ curl-8.13.0/lib/file.c
-@@ -236,7 +236,7 @@ static CURLcode file_connect(struct Curl
+--- curl-8.14.0.orig/lib/file.c
++++ curl-8.14.0/lib/file.c
+@@ -270,7 +270,7 @@ static CURLcode file_connect(struct Curl
}
}
#else
@@ -20,7 +20,7 @@
file->path = real_path;
#endif
#endif
-@@ -320,9 +320,9 @@ static CURLcode file_upload(struct Curl_
+@@ -349,9 +349,9 @@ static CURLcode file_upload(struct Curl_
#if (defined(ANDROID) || defined(__ANDROID__)) && \
(defined(__i386__) || defined(__arm__))
@@ -32,10 +32,10 @@
#endif
if(fd < 0) {
failf(data, "cannot open %s for writing", file->path);
-Index: curl-8.13.0/lib/if2ip.c
+Index: curl-8.14.0/lib/if2ip.c
===================================================================
---- curl-8.13.0.orig/lib/if2ip.c
-+++ curl-8.13.0/lib/if2ip.c
+--- curl-8.14.0.orig/lib/if2ip.c
++++ curl-8.14.0/lib/if2ip.c
@@ -209,7 +209,7 @@ if2ip_result_t Curl_if2ip(int af,
if(len >= sizeof(req.ifr_name))
return IF2IP_NOT_FOUND;
@@ -45,11 +45,11 @@
if(CURL_SOCKET_BAD == dummy)
return IF2IP_NOT_FOUND;
-Index: curl-8.13.0/configure.ac
+Index: curl-8.14.0/configure.ac
===================================================================
---- curl-8.13.0.orig/configure.ac
-+++ curl-8.13.0/configure.ac
-@@ -427,6 +427,8 @@ AC_DEFINE_UNQUOTED(CURL_OS, "${host}", [
+--- curl-8.14.0.orig/configure.ac
++++ curl-8.14.0/configure.ac
+@@ -440,6 +440,8 @@ AC_DEFINE_UNQUOTED(CURL_OS, "${host}", [
# Silence warning: ar: 'u' modifier ignored since 'D' is the default
AC_SUBST(AR_FLAGS, [cr])
@@ -58,10 +58,10 @@
dnl This defines _ALL_SOURCE for AIX
CURL_CHECK_AIX_ALL_SOURCE
-Index: curl-8.13.0/lib/hostip.c
+Index: curl-8.14.0/lib/hostip.c
===================================================================
---- curl-8.13.0.orig/lib/hostip.c
-+++ curl-8.13.0/lib/hostip.c
+--- curl-8.14.0.orig/lib/hostip.c
++++ curl-8.14.0/lib/hostip.c
@@ -46,6 +46,7 @@
#include <signal.h>
#endif
@@ -69,8 +69,8 @@
+#include <fcntl.h>
#include "urldata.h"
#include "sendf.h"
- #include "hostip.h"
-@@ -628,7 +629,7 @@ bool Curl_ipv6works(struct Curl_easy *da
+ #include "connect.h"
+@@ -691,7 +692,7 @@ bool Curl_ipv6works(struct Curl_easy *da
else {
int ipv6_works = -1;
/* probe to see if we have a working IPv6 stack */
@@ -79,10 +79,10 @@
if(s == CURL_SOCKET_BAD)
/* an IPv6 address was requested but we cannot get/use one */
ipv6_works = 0;
-Index: curl-8.13.0/lib/cf-socket.c
+Index: curl-8.14.0/lib/cf-socket.c
===================================================================
---- curl-8.13.0.orig/lib/cf-socket.c
-+++ curl-8.13.0/lib/cf-socket.c
+--- curl-8.14.0.orig/lib/cf-socket.c
++++ curl-8.14.0/lib/cf-socket.c
@@ -369,7 +369,9 @@ static CURLcode socket_open(struct Curl_
}
else {
