[1925] | 1 | --- curl.spec.orig 2011-07-01 16:31:16.000000000 -0400 |
---|
| 2 | +++ curl.spec 2011-07-01 16:30:24.000000000 -0400 |
---|
[1922] | 3 | @@ -1,7 +1,7 @@ |
---|
| 4 | Summary: A utility for getting files from remote servers (FTP, HTTP, and others) |
---|
| 5 | Name: curl |
---|
| 6 | Version: 7.20.1 |
---|
| 7 | -Release: 5%{?dist} |
---|
| 8 | +Release: 5.scripts.%{scriptsversion}%{?dist} |
---|
| 9 | License: MIT |
---|
| 10 | Group: Applications/Internet |
---|
| 11 | Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma |
---|
| 12 | @@ -90,6 +90,9 @@ |
---|
| 13 | # workaround for broken applications using curl multi (#599340) |
---|
| 14 | Patch108: 0108-curl-7.20.1-threaded-dns-multi.patch |
---|
| 15 | |
---|
| 16 | +# disable credential delegation over Negotiate (CVE-2011-2192) |
---|
| 17 | +Patch1000: curl-gssapi-delegation.patch |
---|
| 18 | + |
---|
| 19 | Provides: webclient |
---|
| 20 | URL: http://curl.haxx.se/ |
---|
| 21 | BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
---|
| 22 | @@ -190,6 +193,7 @@ |
---|
| 23 | %patch105 -p1 |
---|
| 24 | %patch106 -p1 |
---|
| 25 | %patch108 -p1 |
---|
| 26 | +%patch1000 -p1 |
---|
| 27 | |
---|
| 28 | # other patches |
---|
| 29 | %patch15 -p1 |
---|
[1925] | 30 | @@ -225,16 +229,6 @@ |
---|
[1924] | 31 | |
---|
| 32 | make %{?_smp_mflags} |
---|
| 33 | |
---|
[1925] | 34 | -%check |
---|
| 35 | -LD_LIBRARY_PATH=$RPM_BUILD_ROOT%{_libdir} |
---|
| 36 | -export LD_LIBRARY_PATH |
---|
| 37 | -cd tests |
---|
| 38 | -make %{?_smp_mflags} |
---|
| 39 | - |
---|
| 40 | -# use different port range for 32bit and 64bit build, thus make it possible |
---|
| 41 | -# to run both in parallel on the same machine |
---|
| 42 | -./runtests.pl -a -b%{?__isa_bits}90 -p -v |
---|
| 43 | - |
---|
[1924] | 44 | %install |
---|
| 45 | rm -rf $RPM_BUILD_ROOT |
---|
| 46 | |
---|
[1925] | 47 | @@ -289,6 +283,10 @@ |
---|
[1922] | 48 | %{_datadir}/aclocal/libcurl.m4 |
---|
| 49 | |
---|
| 50 | %changelog |
---|
[1925] | 51 | +* Fri Jul 01 2011 Geoffrey Thomas <geofft@mit.edu> 7.20.1-5.scripts |
---|
[1922] | 52 | +- disable credential delegation over Negotiate (CVE-2011-2192) |
---|
| 53 | + Patch from upstream: http://curl.haxx.se/docs/adv_20110623.html |
---|
| 54 | + |
---|
| 55 | * Fri Nov 26 2010 Kamil Dudka <kdudka@redhat.com> 7.20.1-5 |
---|
| 56 | - do not send QUIT to a dead FTP control connection (#650255) |
---|
| 57 | - prevent FTP client from hanging on unrecognized ABOR response (#649347) |
---|