Summary: | <net-misc/curl-8.0.1: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system, kangie |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 905145 | ||
Bug Blocks: |
Description
Sam James
2023-03-23 08:57:57 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3bca090841779256251eec23164a715e3356c3f0 commit 3bca090841779256251eec23164a715e3356c3f0 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-03-23 08:51:32 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-03-23 08:59:13 +0000 net-misc/curl: add 8.0.1 Note that https://github.com/curl/curl/commit/372b95f77f08ae7a64a5bca53cfb342ec5a8adc9 did get fixed in this release, although the warnings in bug 898364 weren't real issues here. Kangie's done a great job of upstreaming various fixes here but is away at the moment so I'm doing the easy bit of just bumping the ebuild. Also sorted dependencies and some other minor tweaks to comments. Bug: https://bugs.gentoo.org/902801 Closes: https://bugs.gentoo.org/879237 Closes: https://bugs.gentoo.org/898364 Signed-off-by: Sam James <sam@gentoo.org> net-misc/curl/Manifest | 2 + net-misc/curl/curl-8.0.1.ebuild | 316 +++++++++++++++++++++ .../curl/files/curl-8.0.1-onion-resolution.patch | 158 +++++++++++ 3 files changed, 476 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e157923b659d2650cb9eb5a3084d9539f6487b29 commit e157923b659d2650cb9eb5a3084d9539f6487b29 Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-05-17 07:51:10 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-17 07:58:25 +0000 net-misc/curl: drop 7.88.1-r2 Bug: https://bugs.gentoo.org/902801 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Closes: https://github.com/gentoo/gentoo/pull/31074 Signed-off-by: Sam James <sam@gentoo.org> net-misc/curl/Manifest | 2 - net-misc/curl/curl-7.88.1-r2.ebuild | 307 --------------------- .../files/curl-7.88.1-header-dump-segfault.patch | 29 -- .../curl/files/curl-7.88.1-onion-resolution.patch | 134 --------- net-misc/curl/files/curl-7.88.1-pipewait.patch | 64 ----- .../curl/files/curl-7.88.1-silent-parallel.patch | 20 -- 6 files changed, 556 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b3a33df81050e9831d0c058bb1c0e4abc273eb48 commit b3a33df81050e9831d0c058bb1c0e4abc273eb48 Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-05-17 07:36:59 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-17 07:58:21 +0000 net-misc/curl: drop 7.88.1-r1 Bug: https://bugs.gentoo.org/902801 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Signed-off-by: Sam James <sam@gentoo.org> net-misc/curl/curl-7.88.1-r1.ebuild | 306 ------------------------------------ 1 file changed, 306 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7de0ffe047c4bf430f82a1fa92d06faf66535ed8 commit 7de0ffe047c4bf430f82a1fa92d06faf66535ed8 Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-05-17 07:36:16 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-17 07:58:16 +0000 net-misc/curl: drop 7.87.0-r2 Bug: https://bugs.gentoo.org/902801 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Signed-off-by: Sam James <sam@gentoo.org> net-misc/curl/Manifest | 2 - net-misc/curl/curl-7.87.0-r2.ebuild | 302 --------------------- .../files/curl-7.87.0-gnutls-openssl-build.patch | 39 --- .../files/curl-7.87.0-typecheck-deprecated.patch | 48 ---- net-misc/curl/metadata.xml | 1 - 5 files changed, 392 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=3dfe02046c2bc76fb7e910a04702603b72fcb98c commit 3dfe02046c2bc76fb7e910a04702603b72fcb98c Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-10-11 08:40:59 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-10-11 08:41:24 +0000 [ GLSA 202310-12 ] curl: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/887745 Bug: https://bugs.gentoo.org/894676 Bug: https://bugs.gentoo.org/902801 Bug: https://bugs.gentoo.org/906590 Bug: https://bugs.gentoo.org/910564 Bug: https://bugs.gentoo.org/914091 Bug: https://bugs.gentoo.org/915195 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202310-12.xml | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) |