Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package curl for openSUSE:Factory checked in at 2022-09-01 22:09:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/curl (Old) and /work/SRC/openSUSE:Factory/.curl.new.2083 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "curl" Thu Sep 1 22:09:29 2022 rev:177 rq:1000435 version:7.85.0 Changes: -------- --- /work/SRC/openSUSE:Factory/curl/curl.changes 2022-07-31 23:00:09.927556028 +0200 +++ /work/SRC/openSUSE:Factory/.curl.new.2083/curl.changes 2022-09-01 22:10:22.672114003 +0200 @@ -1,0 +2,60 @@ +Wed Aug 31 07:34:20 UTC 2022 - Pedro Monreal <pmonr...@suse.com> + +- Update to 7.85.0: + * Security fixes: [bsc#1202593, CVE-2022-35252] + - control code in cookie denial of service + * Changes: + - quic: add support via wolfSSL + - schannel: Add TLS 1.3 support + - setopt: add CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR + * Bugfixes: + - asyn-thread: fix socket leak on OOM + - asyn-thread: make getaddrinfo_complete return CURLcode + - base64: base64url encoding has no padding + - configure: fix broken m4 syntax in TLS options + - configure: if asked to use TLS, fail if no TLS lib was detected + - connect: add quic connection information + - connect: set socktype/protocol correctly + - cookie: reject cookies with "control bytes" + - cookie: treat a blank domain in Set-Cookie: as non-existing + - curl: output warning when a cookie is dropped due to size + - Curl_close: call Curl_resolver_cancel to avoid memory-leak + - digest: fix memory leak, fix not quoted 'opaque' + - digest: fix missing increment of 'nc' value for auth-int + - digest: pass over leading spaces in qop values + - digest: reject broken header with session protocol but without qop + - doh: use https protocol by default + - easy_lock.h: include sched.h if available to fix build + - easy_lock.h: use __asm__ instead of asm to fix build + - easy_lock: switch to using atomic_int instead of bool + - ftp: use a correct expire ID for timer expiry + - h2h3: fix overriding the 'TE: Trailers' header + - hostip: resolve *.localhost to 127.0.0.1/::1 + - HTTP3.md: update to msh3 v0.4.0 + - hyper: use wakers for curl pause/resume + - lib3026: reduce the number of threads to 100 + - libssh2: make atime/mtime date overflow return error + - libssh2: provide symlink name in SFTP dir listing + - multi: have curl_multi_remove_handle close CONNECT_ONLY transfer + - multi: use larger dns hash table for multi interface + - multi_wait: fix skipping to populate revents for extra_fds + - netrc: Use the password from lines without login + - ngtcp2: Fix build error due to change in nghttp3 prototypes + - ngtcp2: fix stall or busy loop on STOP_SENDING with upload data + - ngtcp2: implement cb_h3_stop_sending and cb_h3_reset_stream callbacks + - openssl: add 'CURL_BORINGSSL_VERSION' to identify BoringSSL + - openssl: add cert path in error message + - openssl: add details to "unable to set client certificate" error + - openssl: fix BoringSSL symbol conflicts with LDAP and Schannel + - select: do not return fatal error on EINTR from poll() + - sendf: fix paused header writes since after the header API + - sendf: skip storing HTTP headers if HTTP disabled + - url: really use the user provided in the url when netrc entry exists + - url: reject URLs with hostnames longer than 65535 bytes + - url: treat missing usernames in netrc as empty + - urldata: reduce size of several struct fields + - vtls: make Curl_ssl_backend() return the enum type curl_sslbackend + * Remove tests-for-32bit.patch fixed in the update + * Rebase libcurl-ocloexec.patch + +------------------------------------------------------------------- Old: ---- curl-7.84.0.tar.xz curl-7.84.0.tar.xz.asc tests-for-32bit.patch New: ---- curl-7.85.0.tar.xz curl-7.85.0.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ curl.spec ++++++ --- /var/tmp/diff_new_pack.Tl12zV/_old 2022-09-01 22:10:23.940117471 +0200 +++ /var/tmp/diff_new_pack.Tl12zV/_new 2022-09-01 22:10:23.948117492 +0200 @@ -21,7 +21,7 @@ # need ssl always for python-pycurl %bcond_without openssl Name: curl -Version: 7.84.0 +Version: 7.85.0 Release: 0 Summary: A Tool for Transferring Data from URLs License: curl @@ -35,7 +35,6 @@ Patch2: curl-secure-getenv.patch #PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled Patch3: curl-disabled-redirect-protocol-message.patch -Patch4: https://github.com/curl/curl/commit/0484127805dc2cb7c743b67e017a725b5369227d.patch#/tests-for-32bit.patch BuildRequires: libtool BuildRequires: pkgconfig Requires: libcurl4 = %{version} ++++++ curl-7.84.0.tar.xz -> curl-7.85.0.tar.xz ++++++ ++++ 43552 lines of diff (skipped) ++++++ libcurl-ocloexec.patch ++++++ --- /var/tmp/diff_new_pack.Tl12zV/_old 2022-09-01 22:10:25.176120851 +0200 +++ /var/tmp/diff_new_pack.Tl12zV/_new 2022-09-01 22:10:25.180120862 +0200 @@ -7,20 +7,20 @@ compile time is not enough. -Index: curl-7.82.0/lib/file.c +Index: curl-7.85.0/lib/file.c =================================================================== ---- curl-7.82.0.orig/lib/file.c -+++ curl-7.82.0/lib/file.c -@@ -194,7 +194,7 @@ static CURLcode file_connect(struct Curl - return CURLE_URL_MALFORMAT; +--- curl-7.85.0.orig/lib/file.c ++++ curl-7.85.0/lib/file.c +@@ -222,7 +222,7 @@ static CURLcode file_connect(struct Curl + } } - + #else - fd = open_readonly(real_path, O_RDONLY); + fd = open_readonly(real_path, O_RDONLY|O_CLOEXEC); file->path = real_path; + #endif #endif - file->freepath = real_path; /* free this when done */ -@@ -278,7 +278,7 @@ static CURLcode file_upload(struct Curl_ +@@ -307,7 +307,7 @@ static CURLcode file_upload(struct Curl_ else mode = MODE_DEFAULT|O_TRUNC; @@ -29,11 +29,11 @@ if(fd < 0) { failf(data, "Can't open %s for writing", file->path); return CURLE_WRITE_ERROR; -Index: curl-7.82.0/lib/if2ip.c +Index: curl-7.85.0/lib/if2ip.c =================================================================== ---- curl-7.82.0.orig/lib/if2ip.c -+++ curl-7.82.0/lib/if2ip.c -@@ -204,7 +204,7 @@ if2ip_result_t Curl_if2ip(int af, +--- curl-7.85.0.orig/lib/if2ip.c ++++ curl-7.85.0/lib/if2ip.c +@@ -206,7 +206,7 @@ if2ip_result_t Curl_if2ip(int af, if(len >= sizeof(req.ifr_name)) return IF2IP_NOT_FOUND; @@ -42,11 +42,11 @@ if(CURL_SOCKET_BAD == dummy) return IF2IP_NOT_FOUND; -Index: curl-7.82.0/lib/connect.c +Index: curl-7.85.0/lib/connect.c =================================================================== ---- curl-7.82.0.orig/lib/connect.c -+++ curl-7.82.0/lib/connect.c -@@ -1622,7 +1622,9 @@ CURLcode Curl_socket(struct Curl_easy *d +--- curl-7.85.0.orig/lib/connect.c ++++ curl-7.85.0/lib/connect.c +@@ -1651,7 +1651,9 @@ CURLcode Curl_socket(struct Curl_easy *d } else /* opensocket callback not set, so simply create the socket now */ @@ -57,11 +57,11 @@ if(*sockfd == CURL_SOCKET_BAD) /* no socket, no connection */ -Index: curl-7.82.0/configure.ac +Index: curl-7.85.0/configure.ac =================================================================== ---- curl-7.82.0.orig/configure.ac -+++ curl-7.82.0/configure.ac -@@ -320,6 +320,8 @@ AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-m +--- curl-7.85.0.orig/configure.ac ++++ curl-7.85.0/configure.ac +@@ -335,6 +335,8 @@ AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-m # Silence warning: ar: 'u' modifier ignored since 'D' is the default AC_SUBST(AR_FLAGS, [cr]) @@ -70,11 +70,11 @@ dnl This defines _ALL_SOURCE for AIX CURL_CHECK_AIX_ALL_SOURCE -Index: curl-7.82.0/lib/hostip.c +Index: curl-7.85.0/lib/hostip.c =================================================================== ---- curl-7.82.0.orig/lib/hostip.c -+++ curl-7.82.0/lib/hostip.c -@@ -49,7 +49,7 @@ +--- curl-7.85.0.orig/lib/hostip.c ++++ curl-7.85.0/lib/hostip.c +@@ -51,7 +51,7 @@ #ifdef HAVE_PROCESS_H #include <process.h> #endif @@ -83,7 +83,7 @@ #include "urldata.h" #include "sendf.h" #include "hostip.h" -@@ -549,7 +549,7 @@ bool Curl_ipv6works(struct Curl_easy *da +@@ -551,7 +551,7 @@ bool Curl_ipv6works(struct Curl_easy *da else { int ipv6_works = -1; /* probe to see if we have a working IPv6 stack */
