packages/curl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!120 fix CVE-2022-32207 better

Browse Source 
From: @eaglegai 
Reviewed-by: @zengwefeng 
Signed-off-by: @zengwefeng
This commit is contained in:
openeuler-ci-bot 2022-07-07 02:56:52 +00:00 committed by Gitee
commit 01bddc40f8
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
backport-CVE-2022-32207.patch
View File

@ -107,7 +107,7 @@ Index: curl-7.81.0/lib/fopen.c
+
+#include "curl_setup.h"
+
+#if !defined(CURL_DISABLE_COOKIES) && !defined(CURL_DISABLE_ALTSVC) && \
+#if !defined(CURL_DISABLE_COOKIES) || !defined(CURL_DISABLE_ALTSVC) || \
+ !defined(CURL_DISABLE_HSTS)
+
+#ifdef HAVE_FCNTL_H

8
curl.spec
View File

@ -6,7 +6,7 @@
Name: curl
Version: 7.79.1
Release: 6
Release: 7
Summary: Curl is used in command lines or scripts to transfer data
License: MIT
URL: https://curl.haxx.se/
@ -200,6 +200,12 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_mandir}/man3/*
%changelog
* Tue Jul 05 2022 gaihuiying <eaglegai@163.com> - 7.79.1-7
- Type:cves
- CVE:CVE-2022-32207
- SUG:NA
- DESC:fix CVE-2022-32207 better
* Wed Jun 29 2022 gaihuiying <eaglegai@163.com> - 7.79.1-6
- Type:cves
- CVE:CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208