packages/curl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!179 [sync] PR-178: Patch optimization for CVE-2023-27536

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @seuzw 
Signed-off-by: @seuzw
This commit is contained in:
openeuler-ci-bot 2023-04-12 08:54:56 +00:00 committed by Gitee
commit 0c2cd99e2a
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
backport-CVE-2023-27536.patch
View File

@ -42,7 +42,7 @@ index aca0f39..8f823c4 100644
const struct Curl_handler *given; /* The protocol first given */
long ip_version; /* copied from the Curl_easy at creation time */
+ unsigned char gssapi_delegation; /* inherited from set.gssapi_delegation */
+ long gssapi_delegation; /* inherited from set.gssapi_delegation */
/* Protocols can use a custom keepalive mechanism to keep connections alive.
This allows those protocols to track the last time the keepalive mechanism

8
curl.spec
View File

@ -6,7 +6,7 @@
Name: curl
Version: 7.71.1
Release: 24
Release: 25
Summary: Curl is used in command lines or scripts to transfer data
License: MIT
URL: https://curl.haxx.se/
@ -223,6 +223,12 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_mandir}/man3/*
%changelog
* Tue Apr 11 2023 xingwei <xingwei14@h-partners.com> - 7.71.1-25
- Type:cves
- CVE:CVE-2023-27536
- SUG:NA
- DESC:Patch optimization for CVE-2023-27536
* Mon Mar 27 2023 xingwei <xingwei14@h-partners.com> - 7.71.1-24
- Type:cves
- CVE:CVE-2023-27535