source: trunk/server/fedora/specs/curl.spec.patch @ 1937

Last change on this file since 1937 was 1925, checked in by geofft, 14 years ago
It helps to edit curl.spec instead of curl.spec.orig
File size: 1.7 KB
RevLine 
[1925]1--- curl.spec.orig      2011-07-01 16:31:16.000000000 -0400
2+++ curl.spec   2011-07-01 16:30:24.000000000 -0400
[1922]3@@ -1,7 +1,7 @@
4 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
5 Name: curl
6 Version: 7.20.1
7-Release: 5%{?dist}
8+Release: 5.scripts.%{scriptsversion}%{?dist}
9 License: MIT
10 Group: Applications/Internet
11 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
12@@ -90,6 +90,9 @@
13 # workaround for broken applications using curl multi (#599340)
14 Patch108: 0108-curl-7.20.1-threaded-dns-multi.patch
15 
16+# disable credential delegation over Negotiate (CVE-2011-2192)
17+Patch1000: curl-gssapi-delegation.patch
18+
19 Provides: webclient
20 URL: http://curl.haxx.se/
21 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
22@@ -190,6 +193,7 @@
23 %patch105 -p1
24 %patch106 -p1
25 %patch108 -p1
26+%patch1000 -p1
27 
28 # other patches
29 %patch15 -p1
[1925]30@@ -225,16 +229,6 @@
[1924]31 
32 make %{?_smp_mflags}
33 
[1925]34-%check
35-LD_LIBRARY_PATH=$RPM_BUILD_ROOT%{_libdir}
36-export LD_LIBRARY_PATH
37-cd tests
38-make %{?_smp_mflags}
39-
40-# use different port range for 32bit and 64bit build, thus make it possible
41-# to run both in parallel on the same machine
42-./runtests.pl -a -b%{?__isa_bits}90 -p -v
43-
[1924]44 %install
45 rm -rf $RPM_BUILD_ROOT
46 
[1925]47@@ -289,6 +283,10 @@
[1922]48 %{_datadir}/aclocal/libcurl.m4
49 
50 %changelog
[1925]51+* Fri Jul 01 2011 Geoffrey Thomas <geofft@mit.edu> 7.20.1-5.scripts
[1922]52+- disable credential delegation over Negotiate (CVE-2011-2192)
53+  Patch from upstream: http://curl.haxx.se/docs/adv_20110623.html
54+
55 * Fri Nov 26 2010 Kamil Dudka <kdudka@redhat.com> 7.20.1-5
56 - do not send QUIT to a dead FTP control connection (#650255)
57 - prevent FTP client from hanging on unrecognized ABOR response (#649347)
Note: See TracBrowser for help on using the repository browser.