Hello community, here is the log from the commit of package curl for openSUSE:Factory checked in at 2014-02-07 13:48:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/curl (Old) and /work/SRC/openSUSE:Factory/.curl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "curl" Changes: -------- --- /work/SRC/openSUSE:Factory/curl/curl.changes 2013-11-30 07:25:02.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.curl.new/curl.changes 2014-02-07 13:49:00.000000000 +0100 @@ -1,0 +2,27 @@ +Tue Feb 4 15:17:18 UTC 2014 - [email protected] + +- update to 7.35.0 + * security fix: + CVE-2014-0015: re-use of wrong HTTP NTLM connection (bnc#858673) + * changes: + imap/pop3/smtp: Added support for SASL authentication downgrades + imap/pop3/smtp: Extended the login options to support multiple auth mechanisms + TheArtOfHttpScripting: major update, converted layout and more + mprintf: Added support for I, I32 and I64 size specifiers + makefile: Added support for VC7, VC11 and VC12 + SSL: protocol version can be specified more precisely + imap/pop3/smtp: Added graceful cancellation of SASL authentication + Add "Happy Eyeballs" for IPv4/IPv6 dual connect attempts + base64: Added validation of base64 input strings when decoding + curl_easy_setopt: Added the ability to set the login options separately + smtp: Added support for additional SMTP commands + curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals + nss: allow to use TLS > 1.0 if built against recent NSS + SECURITY: added this document to describe our security processes + parseconfig: warn if unquoted white spaces are detected + * and many bugfixes +- fix test failure because of an expired cookie (bnc#862144) + * added curl-test172_cookie_expiration.patch +- refresh libcurl-ocloexec.patch + +------------------------------------------------------------------- Old: ---- curl-7.33.0.tar.lzma curl-7.33.0.tar.lzma.asc New: ---- curl-7.35.0.tar.lzma curl-7.35.0.tar.lzma.asc curl-test172_cookie_expiration.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ curl.spec ++++++ --- /var/tmp/diff_new_pack.2D3x4y/_old 2014-02-07 13:49:01.000000000 +0100 +++ /var/tmp/diff_new_pack.2D3x4y/_new 2014-02-07 13:49:01.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package curl # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,7 +21,7 @@ %bcond_without testsuite Name: curl -Version: 7.33.0 +Version: 7.35.0 Release: 0 Summary: A Tool for Transferring Data from URLs License: BSD-3-Clause and MIT @@ -34,6 +34,7 @@ Patch: libcurl-ocloexec.patch Patch1: dont-mess-with-rpmoptflags.diff Patch3: curl-secure-getenv.patch +Patch4: curl-test172_cookie_expiration.patch # Use rpmbuild -D 'VERIFY_SIG 1' to verify signature during build or run one-shot check by "gpg-offline --verify --package=curl curl-*.asc". %if 0%{?VERIFY_SIG} BuildRequires: gpg-offline @@ -100,6 +101,7 @@ %patch %patch1 %patch3 +%patch4 -p1 %build # curl complains if macro definition is contained in CFLAGS # see m4/xc-val-flgs.m4 ++++++ curl-test172_cookie_expiration.patch ++++++ Index: curl-7.19.7/tests/data/test172 =================================================================== --- curl-7.19.7.orig/tests/data/test172 2008-11-19 22:12:35.000000000 +0100 +++ curl-7.19.7/tests/data/test172 2014-02-04 15:05:46.817554144 +0100 @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/we/want/172 -b .%HOSTIP TRUE /silly/ FALSE 0 ismatch this .%HOSTIP TRUE / FALSE 0 partmatch present -%HOSTIP FALSE /we/want/ FALSE 1391252187 nodomain value +%HOSTIP FALSE /we/want/ FALSE 2139150993 nodomain value </file> </client> ++++++ libcurl-ocloexec.patch ++++++ --- /var/tmp/diff_new_pack.2D3x4y/_old 2014-02-07 13:49:01.000000000 +0100 +++ /var/tmp/diff_new_pack.2D3x4y/_new 2014-02-07 13:49:01.000000000 +0100 @@ -7,9 +7,11 @@ compile time is not enough. ---- lib/cookie.c.orig -+++ lib/cookie.c -@@ -841,7 +841,7 @@ struct CookieInfo *Curl_cookie_init(stru +Index: lib/cookie.c +=================================================================== +--- lib/cookie.c.orig 2014-02-04 16:25:31.256657224 +0100 ++++ lib/cookie.c 2014-02-04 16:25:32.638671791 +0100 +@@ -882,7 +882,7 @@ struct CookieInfo *Curl_cookie_init(stru fp = NULL; } else @@ -18,7 +20,7 @@ c->newsession = newsession; /* new session? */ -@@ -1179,7 +1179,7 @@ static int cookie_output(struct CookieIn +@@ -1226,7 +1226,7 @@ static int cookie_output(struct CookieIn use_stdout=TRUE; } else { @@ -27,9 +29,11 @@ if(!out) return 1; /* failure */ } ---- lib/file.c.orig -+++ lib/file.c -@@ -243,7 +243,7 @@ static CURLcode file_connect(struct conn +Index: lib/file.c +=================================================================== +--- lib/file.c.orig 2014-02-04 16:25:31.257657234 +0100 ++++ lib/file.c 2014-02-04 16:25:32.638671791 +0100 +@@ -232,7 +232,7 @@ static CURLcode file_connect(struct conn fd = open_readonly(actual_path, O_RDONLY|O_BINARY); file->path = actual_path; #else @@ -38,7 +42,7 @@ file->path = real_path; #endif file->freepath = real_path; /* free this when done */ -@@ -341,7 +341,7 @@ static CURLcode file_upload(struct conne +@@ -330,7 +330,7 @@ static CURLcode file_upload(struct conne else mode = MODE_DEFAULT|O_TRUNC; @@ -47,8 +51,10 @@ if(fd < 0) { failf(data, "Can't open %s for writing", file->path); return CURLE_WRITE_ERROR; ---- lib/formdata.c.orig -+++ lib/formdata.c +Index: lib/formdata.c +=================================================================== +--- lib/formdata.c.orig 2014-02-04 16:25:31.257657234 +0100 ++++ lib/formdata.c 2014-02-04 16:25:32.639671801 +0100 @@ -1297,7 +1297,7 @@ CURLcode Curl_getformdata(struct Session FILE *fileread; @@ -67,8 +73,10 @@ if(!form->fp) return (size_t)-1; /* failure */ } ---- lib/hostip6.c.orig -+++ lib/hostip6.c +Index: lib/hostip6.c +=================================================================== +--- lib/hostip6.c.orig 2014-02-04 16:25:31.277657445 +0100 ++++ lib/hostip6.c 2014-02-04 16:25:32.639671801 +0100 @@ -39,7 +39,7 @@ #ifdef HAVE_PROCESS_H #include <process.h> @@ -87,8 +95,10 @@ if(s == CURL_SOCKET_BAD) /* an ipv6 address was requested but we can't get/use one */ ipv6_works = 0; ---- lib/if2ip.c.orig -+++ lib/if2ip.c +Index: lib/if2ip.c +=================================================================== +--- lib/if2ip.c.orig 2014-02-04 16:25:31.277657445 +0100 ++++ lib/if2ip.c 2014-02-04 16:25:32.639671801 +0100 @@ -171,7 +171,7 @@ if2ip_result_t Curl_if2ip(int af, unsign if(len >= sizeof(req.ifr_name)) return IF2IP_NOT_FOUND; @@ -98,40 +108,24 @@ if(CURL_SOCKET_BAD == dummy) return IF2IP_NOT_FOUND; ---- lib/netrc.c.orig -+++ lib/netrc.c -@@ -97,7 +97,7 @@ int Curl_parsenetrc(const char *host, +Index: lib/netrc.c +=================================================================== +--- lib/netrc.c.orig 2014-02-04 16:25:32.639671801 +0100 ++++ lib/netrc.c 2014-02-04 16:26:01.737978525 +0100 +@@ -99,7 +99,7 @@ int Curl_parsenetrc(const char *host, netrc_alloc = TRUE; } - file = fopen(netrcfile, "r"); + file = fopen(netrcfile, "re"); + if(netrc_alloc) + Curl_safefree(netrcfile); if(file) { - char *tok; - char *tok_buf; ---- lib/ssluse.c.orig -+++ lib/ssluse.c -@@ -420,7 +420,7 @@ int cert_stuff(struct connectdata *conn, - STACK_OF(X509) *ca = NULL; - int i; - -- f = fopen(cert_file,"rb"); -+ f = fopen(cert_file,"rbe"); - if(!f) { - failf(data, "could not open PKCS12 file '%s'", cert_file); - return 0; -@@ -2168,7 +2168,7 @@ static CURLcode servercert(struct connec - - /* e.g. match issuer name with provided issuer certificate */ - if(data->set.str[STRING_SSL_ISSUERCERT]) { -- fp=fopen(data->set.str[STRING_SSL_ISSUERCERT],"r"); -+ fp=fopen(data->set.str[STRING_SSL_ISSUERCERT],"re"); - if(!fp) { - if(strict) - failf(data, "SSL: Unable to open issuer cert (%s)", ---- lib/connect.c.orig -+++ lib/connect.c -@@ -1313,7 +1313,7 @@ CURLcode Curl_socket(struct connectdata +Index: lib/connect.c +=================================================================== +--- lib/connect.c.orig 2014-02-04 16:25:31.277657445 +0100 ++++ lib/connect.c 2014-02-04 16:25:32.761673087 +0100 +@@ -1298,7 +1298,7 @@ CURLcode Curl_socket(struct connectdata (struct curl_sockaddr *)addr); else /* opensocket callback not set, so simply create the socket now */ @@ -140,9 +134,11 @@ if(*sockfd == CURL_SOCKET_BAD) /* no socket, no connection */ ---- configure.ac.orig -+++ configure.ac -@@ -183,6 +183,7 @@ AC_CANONICAL_HOST +Index: configure.ac +=================================================================== +--- configure.ac.orig 2014-02-04 16:25:31.278657455 +0100 ++++ configure.ac 2014-02-04 16:25:32.762673098 +0100 +@@ -182,6 +182,7 @@ AC_CANONICAL_HOST dnl Get system canonical name AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-machine-OS]) @@ -150,7 +146,7 @@ dnl Checks for programs. dnl Our curl_off_t internal and external configure settings -@@ -195,6 +196,7 @@ dnl Our configure and build reentrant se +@@ -194,6 +195,7 @@ dnl Our configure and build reentrant se CURL_CONFIGURE_THREAD_SAFE CURL_CONFIGURE_REENTRANT -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
