rpms/curl/devel curl-7.19.4-easy-leak.patch, NONE, 1.1 .cvsignore, 1.32, 1.33 curl.spec, 1.86, 1.87 sources, 1.32, 1.33 curl-7.19.3-nss-fix.patch, 1.1, NONE
Jindrich Novy
jnovy at fedoraproject.org
Tue Mar 3 07:08:57 UTC 2009
- Previous message (by thread): rpms/resource-agents/devel .cvsignore, 1.2, 1.3 resource-agents.spec, 1.2, 1.3 sources, 1.2, 1.3
- Next message (by thread): rpms/curl/F-10 curl-7.19.4-easy-leak.patch, NONE, 1.1 .cvsignore, 1.31, 1.32 curl-7.17.1-badsocket.patch, 1.1, 1.2 curl.spec, 1.84, 1.85 sources, 1.31, 1.32 curl-7.17.1-sslgen.patch, 1.1, NONE curl-7.18.2-nss-init.patch, 1.1, NONE curl-7.18.2-nssproxy.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jnovy
Update of /cvs/pkgs/rpms/curl/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28890
Modified Files:
.cvsignore curl.spec sources
Added Files:
curl-7.19.4-easy-leak.patch
Removed Files:
curl-7.19.3-nss-fix.patch
Log Message:
* Tue Mar 03 2009 Jindrich Novy <jnovy at redhat.com> 7.19.4-1
- update to 7.19.4 (fixes CVE-2009-0037)
- fix leak in curl_easy* functions, thanks to Kamil Dudka
- drop nss-fix patch, applied upstream
curl-7.19.4-easy-leak.patch:
--- NEW FILE curl-7.19.4-easy-leak.patch ---
diff -up curl-7.19.4/lib/easy.c.easy-leak curl-7.19.4/lib/easy.c
--- curl-7.19.4/lib/easy.c.easy-leak 2009-01-29 21:41:51.000000000 +0100
+++ curl-7.19.4/lib/easy.c 2009-03-03 07:54:58.000000000 +0100
@@ -352,13 +352,11 @@ CURL *curl_easy_init(void)
struct SessionHandle *data;
/* Make sure we inited the global SSL stuff */
- if(!initialized) {
- res = curl_global_init(CURL_GLOBAL_DEFAULT);
- if(res) {
- /* something in the global init failed, return nothing */
- DEBUGF(fprintf(stderr, "Error: curl_global_init failed\n"));
- return NULL;
- }
+ res = curl_global_init(CURL_GLOBAL_DEFAULT);
+ if(res) {
+ /* something in the global init failed, return nothing */
+ DEBUGF(fprintf(stderr, "Error: curl_global_init failed\n"));
+ return NULL;
}
/* We use curl_open() with undefined URL so far */
@@ -549,10 +547,10 @@ void curl_easy_cleanup(CURL *curl)
{
struct SessionHandle *data = (struct SessionHandle *)curl;
- if(!data)
- return;
+ if(data)
+ Curl_close(data);
- Curl_close(data);
+ curl_global_cleanup();
}
/*
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/curl/devel/.cvsignore,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- .cvsignore 17 Feb 2009 11:31:20 -0000 1.32
+++ .cvsignore 3 Mar 2009 07:08:27 -0000 1.33
@@ -1,2 +1 @@
-curl-7.18.2.tar.bz2
-curl-7.19.3.tar.bz2
+curl-7.19.4.tar.bz2
Index: curl.spec
===================================================================
RCS file: /cvs/pkgs/rpms/curl/devel/curl.spec,v
retrieving revision 1.86
retrieving revision 1.87
diff -u -r1.86 -r1.87
--- curl.spec 24 Feb 2009 10:20:40 -0000 1.86
+++ curl.spec 3 Mar 2009 07:08:27 -0000 1.87
@@ -1,14 +1,14 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
-Version: 7.19.3
-Release: 2%{?dist}
+Version: 7.19.4
+Release: 1%{?dist}
License: MIT
Group: Applications/Internet
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.bz2
Patch1: curl-7.15.3-multilib.patch
Patch2: curl-7.16.0-privlibs.patch
Patch3: curl-7.17.1-badsocket.patch
-Patch4: curl-7.19.3-nss-fix.patch
+Patch4: curl-7.19.4-easy-leak.patch
Provides: webclient
URL: http://curl.haxx.se/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -49,7 +49,7 @@
%patch1 -p1 -b .multilib
%patch2 -p1 -b .privlibs
%patch3 -p1 -b .badsocket
-%patch4 -p1 -b .nssfix
+%patch4 -p1 -b .easy-leak
# Convert docs to UTF-8
for f in CHANGES README; do
@@ -118,6 +118,11 @@
%{_datadir}/aclocal/libcurl.m4
%changelog
+* Tue Mar 03 2009 Jindrich Novy <jnovy at redhat.com> 7.19.4-1
+- update to 7.19.4 (fixes CVE-2009-0037)
+- fix leak in curl_easy* functions, thanks to Kamil Dudka
+- drop nss-fix patch, applied upstream
+
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 7.19.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/curl/devel/sources,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- sources 17 Feb 2009 11:31:20 -0000 1.32
+++ sources 3 Mar 2009 07:08:27 -0000 1.33
@@ -1 +1 @@
-10eb8c13350c735eff20d7b4530be8cd curl-7.19.3.tar.bz2
+2734167c1e5f7ce6be99b75d2d371d85 curl-7.19.4.tar.bz2
--- curl-7.19.3-nss-fix.patch DELETED ---
- Previous message (by thread): rpms/resource-agents/devel .cvsignore, 1.2, 1.3 resource-agents.spec, 1.2, 1.3 sources, 1.2, 1.3
- Next message (by thread): rpms/curl/F-10 curl-7.19.4-easy-leak.patch, NONE, 1.1 .cvsignore, 1.31, 1.32 curl-7.17.1-badsocket.patch, 1.1, 1.2 curl.spec, 1.84, 1.85 sources, 1.31, 1.32 curl-7.17.1-sslgen.patch, 1.1, NONE curl-7.18.2-nss-init.patch, 1.1, NONE curl-7.18.2-nssproxy.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list