| Rev | Line | |
|---|
| [1923] | 1 | --- curl.spec.orig 2011-07-01 10:50:07.000000000 -0400 |
|---|
| 2 | +++ curl.spec 2011-07-01 10:50:46.000000000 -0400 |
|---|
| [1922] | 3 | @@ -1,7 +1,7 @@ |
|---|
| 4 | Summary: A utility for getting files from remote servers (FTP, HTTP, and others) |
|---|
| 5 | Name: curl |
|---|
| 6 | Version: 7.20.1 |
|---|
| 7 | -Release: 5%{?dist} |
|---|
| 8 | +Release: 5.scripts.%{scriptsversion}%{?dist} |
|---|
| 9 | License: MIT |
|---|
| 10 | Group: Applications/Internet |
|---|
| 11 | Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma |
|---|
| 12 | @@ -90,6 +90,9 @@ |
|---|
| 13 | # workaround for broken applications using curl multi (#599340) |
|---|
| 14 | Patch108: 0108-curl-7.20.1-threaded-dns-multi.patch |
|---|
| 15 | |
|---|
| 16 | +# disable credential delegation over Negotiate (CVE-2011-2192) |
|---|
| 17 | +Patch1000: curl-gssapi-delegation.patch |
|---|
| 18 | + |
|---|
| 19 | Provides: webclient |
|---|
| 20 | URL: http://curl.haxx.se/ |
|---|
| 21 | BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
|---|
| 22 | @@ -190,6 +193,7 @@ |
|---|
| 23 | %patch105 -p1 |
|---|
| 24 | %patch106 -p1 |
|---|
| 25 | %patch108 -p1 |
|---|
| 26 | +%patch1000 -p1 |
|---|
| 27 | |
|---|
| 28 | # other patches |
|---|
| 29 | %patch15 -p1 |
|---|
| 30 | @@ -289,6 +293,10 @@ |
|---|
| 31 | %{_datadir}/aclocal/libcurl.m4 |
|---|
| 32 | |
|---|
| 33 | %changelog |
|---|
| [1923] | 34 | +* Fri Jul 01 2011 Geoffrey Thomas <geofft@mit.edu> 7.20.1-5.scripts.r1923 |
|---|
| [1922] | 35 | +- disable credential delegation over Negotiate (CVE-2011-2192) |
|---|
| 36 | + Patch from upstream: http://curl.haxx.se/docs/adv_20110623.html |
|---|
| 37 | + |
|---|
| 38 | * Fri Nov 26 2010 Kamil Dudka <kdudka@redhat.com> 7.20.1-5 |
|---|
| 39 | - do not send QUIT to a dead FTP control connection (#650255) |
|---|
| 40 | - prevent FTP client from hanging on unrecognized ABOR response (#649347) |
|---|
Note: See
TracBrowser
for help on using the repository browser.
