• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#Global macro or variable
2%global libpsl_version %(pkg-config --modversion libpsl 2>/dev/null || echo 0)
3%global libssh_version %(pkg-config --modversion libssh 2>/dev/null || echo 0)
4%global openssl_version %({ pkg-config --modversion openssl 2>/dev/null || echo 0;} | sed 's|-|-0.|')
5%global _configure ../configure
6
7Name:           curl
8Version:        7.79.1
9Release:        19
10Summary:        Curl is used in command lines or scripts to transfer data
11License:        MIT
12URL:            https://curl.haxx.se/
13Source:         https://curl.haxx.se/download/curl-%{version}.tar.xz
14
15Patch1:         backport-0101-curl-7.32.0-multilib.patch
16Patch2:         backport-CVE-2022-22576.patch
17Patch3:         backport-CVE-2022-27775.patch
18Patch4:         backport-CVE-2022-27776.patch
19Patch5:         backport-pre-CVE-2022-27774.patch
20Patch6:         backport-001-CVE-2022-27774.patch
21Patch7:         backport-002-CVE-2022-27774.patch
22Patch8:         backport-CVE-2022-27781.patch
23Patch9:         backport-pre-CVE-2022-27782.patch
24Patch10:        backport-CVE-2022-27782.patch
25Patch11:        backport-CVE-2022-32205.patch
26Patch12:        backport-CVE-2022-32206.patch
27Patch13:        backport-CVE-2022-32207.patch
28Patch14:        backport-CVE-2022-32208.patch
29Patch15:        backport-fix-configure-disable-http-auth-build-error.patch
30Patch16:        backport-CVE-2022-35252-cookie-reject-cookies-with-control-bytes.patch
31Patch17:        backport-CVE-2022-32221.patch
32Patch18:        backport-CVE-2022-42916.patch
33Patch19:        backport-CVE-2022-42915.patch
34Patch20:        backport-CVE-2022-43551-http-use-the-IDN-decoded-name-in-HSTS-checks.patch
35Patch21:        backport-CVE-2022-43552-smb-telnet-do-not-free-the-protocol-struct-in-_done.patch
36Patch22:        backport-0001-CVE-2023-23914-CVE-2023-23915.patch
37Patch23:        backport-0002-CVE-2023-23914-CVE-2023-23915.patch
38Patch24:        backport-0003-CVE-2023-23914-CVE-2023-23915.patch
39Patch25:        backport-0004-CVE-2023-23914-CVE-2023-23915.patch
40Patch26:        backport-0005-CVE-2023-23914-CVE-2023-23915.patch
41Patch27:        backport-0001-CVE-2023-23916.patch
42Patch28:        backport-0002-CVE-2023-23916.patch
43Patch29:        backport-CVE-2023-27533.patch
44Patch30:        backport-CVE-2023-27534-pre1.patch
45Patch31:        backport-CVE-2023-27534.patch
46Patch32:        backport-CVE-2023-27538.patch
47Patch33:        backport-CVE-2023-27535-pre1.patch
48Patch34:        backport-CVE-2023-27536.patch
49Patch35:        backport-CVE-2023-27535.patch
50Patch36:        backport-after-CVE-2022-32207-to-fix-build-error-when-user-don-t-use-glibc.patch
51Patch37:        backport-CVE-2023-28321.patch
52Patch38:        backport-CVE-2023-28322.patch
53Patch39:        backport-0001-CVE-2023-28320.patch
54Patch40:        backport-0002-CVE-2023-28320.patch
55Patch41:        backport-0003-CVE-2023-28320.patch
56
57BuildRequires:  automake brotli-devel coreutils gcc groff krb5-devel
58BuildRequires:  libidn2-devel libnghttp2-devel libpsl-devel
59BuildRequires:  libssh-devel make openldap-devel openssh-clients openssh-server
60BuildRequires:  openssl-devel perl-interpreter pkgconfig python3-devel sed
61BuildRequires:  stunnel zlib-devel gnutls-utils nghttp2 perl(IO::Compress::Gzip)
62BuildRequires:  perl(Getopt::Long) perl(Pod::Usage) perl(strict) perl(warnings)
63BuildRequires:  perl(Cwd) perl(Digest::MD5) perl(Exporter) perl(File::Basename)
64BuildRequires:  perl(File::Copy) perl(File::Spec) perl(IPC::Open2) perl(MIME::Base64)
65BuildRequires:  perl(Time::Local) perl(Time::HiRes) perl(vars)
66
67Requires:       libcurl = %{version}-%{release}
68Provides:       curl-full = %{version}-%{release} webclient
69
70%description
71cURL is a computer software project providing a library (libcurl) and
72command-line tool (curl) for transferring data using various protocols.
73
74%package -n 	libcurl
75Summary:	A library for getting files from web servers
76Requires:	libssh >= %{libssh_version} libpsl >= %{libpsl_version}
77Requires:       openssl-libs >= 1:%{openssl_version}
78Provides:	libcurl-full = %{version}-%{release}
79Conflicts:	curl < 7.66.0-3
80
81%description -n libcurl
82A library for getting files from web servers.
83
84%package -n 	libcurl-devel
85Summary:	Header files for libcurl
86Requires:	libcurl = %{version}-%{release}
87Provides:	curl-devel = %{version}-%{release}
88Obsoletes:	curl-devel < %{version}-%{release}
89
90%description -n libcurl-devel
91Header files for libcurl.
92
93%package_help
94
95%prep
96%autosetup -n %{name}-%{version} -p1
97
98printf "1112\n1455\n1184\n1801\n1592\n" >> tests/data/DISABLED
99
100# adapt test 323 for updated OpenSSL
101sed -e 's/^35$/35,52/' -i tests/data/test323
102# use localhost6 instead of ip6-localhost in the curl test-suite
103(
104    # avoid glob expansion in the trace output of `bash -x`
105    { set +x; } 2>/dev/null
106    cmd="sed -e 's|ip6-localhost|localhost6|' -i tests/data/test[0-9]*"
107    printf "+ %s\n" "$cmd" >&2
108    eval "$cmd"
109)
110
111%build
112# regenerate Makefile.in files
113aclocal -I m4
114automake
115
116install -d build-full
117export common_configure_opts="--cache-file=../config.cache \
118    --enable-symbol-hiding  --enable-ipv6  --enable-threaded-resolver \
119    --with-gssapi  --with-nghttp2  --with-ssl \
120    --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt"
121
122%global _configure ../configure
123
124# configure full build
125(
126    cd build-full
127    %configure $common_configure_opts \
128        --enable-ldap \
129        --enable-ldaps \
130        --enable-manual \
131        --with-brotli \
132        --with-libidn2 \
133        --with-libpsl \
134        --with-libssh
135)
136
137sed -e 's/^runpath_var=.*/runpath_var=/' \
138    -e 's/^hardcode_libdir_flag_spec=".*"$/hardcode_libdir_flag_spec=""/' \
139    -i build-full/libtool
140
141%make_build V=1 -C build-full
142
143%check
144# compile upstream test-cases
145%make_build V=1 -C build-full/tests
146
147# relax crypto policy for the test-suite to make it pass again (#1610888)
148export OPENSSL_SYSTEM_CIPHERS_OVERRIDE=XXX
149export OPENSSL_CONF=
150
151# make runtests.pl work for out-of-tree builds
152export srcdir=../../tests
153
154# prevent valgrind from being extremely slow (#1662656)
155unset DEBUGINFOD_URLS
156
157# run the upstream test-suite for curl-full
158for size in full; do (
159    cd build-${size}
160
161    # we have to override LD_LIBRARY_PATH because we eliminated rpath
162    export LD_LIBRARY_PATH="${PWD}/lib/.libs"
163
164    cd tests
165    perl -I../../tests ../../tests/runtests.pl -a -n -p -v '!flaky'
166)
167done
168
169%install
170rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.{la,so}
171
172# install libcurl.m4 for devel
173install -D -m 644 docs/libcurl/libcurl.m4 $RPM_BUILD_ROOT%{_datadir}/aclocal/libcurl.m4
174
175# curl file install
176cd build-full
177%make_install
178
179# install zsh completion for curl
180LD_LIBRARY_PATH="$RPM_BUILD_ROOT%{_libdir}:$LD_LIBRARY_PATH" %make_install -C scripts
181
182# do not install /usr/share/fish/completions/curl.fish which is also installed
183# by fish-3.0.2-1.module_f31+3716+57207597 and would trigger a conflict
184rm -rf ${RPM_BUILD_ROOT}%{_datadir}/fish
185
186rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.a
187rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
188
189%ldconfig_scriptlets
190
191%ldconfig_scriptlets -n libcurl
192
193%files
194%defattr(-,root,root)
195%license COPYING
196%{_bindir}/curl
197%{_datadir}/zsh
198
199%files -n libcurl
200%defattr(-,root,root)
201%{_libdir}/libcurl.so.4
202%{_libdir}/libcurl.so.4.[0-9].[0-9]
203
204%files -n libcurl-devel
205%defattr(-,root,root)
206%doc docs/examples/*.c docs/examples/Makefile.example docs/INTERNALS.md
207%doc docs/CONTRIBUTE.md docs/libcurl/ABI.md
208%{_bindir}/curl-config*
209%{_includedir}/curl
210%{_libdir}/*.so
211%{_libdir}/pkgconfig/*.pc
212%{_datadir}/aclocal/libcurl.m4
213
214%files help
215%defattr(-,root,root)
216%doc CHANGES README*
217%doc docs/BUGS.md docs/FAQ docs/FEATURES.md
218%doc docs/TheArtOfHttpScripting.md docs/TODO
219%{_mandir}/man1/curl.1*
220%{_mandir}/man1/curl-config.1*
221%{_mandir}/man3/*
222
223%changelog
224* Sat Jun 10 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-19
225- Type:bugfix
226- CVE:NA
227- SUG:NA
228- DESC:disable valgrind in tests
229
230* Thu Jun 08 2023 xingwei <xingwei14@h-partners.com> - 7.79.1-18
231- Type:CVE
232- CVE:CVE-2023-28320
233- SUG:NA
234- DESC:fix CVE-2023-28320
235
236* Wed May 24 2023 xingwei <xingwei14@h-partners.com> - 7.79.1-17
237- Type:CVE
238- CVE:CVE-2023-28321,CVE-2023-28322
239- SUG:NA
240- DESC:fix CVE-2023-28321,CVE-2023-28322
241
242* Wed Apr 19 2023 gaihuiying <eaglegai@163.com> - 7.79.1-16
243- Type:bugfix
244- CVE:NA
245- SUG:NA
246- DESC:backport to fix build error when user don't use glibc
247
248* Wed Mar 22 2023 xingwei <xingwei14@h-partners.com> - 7.79.1-15
249- Type:cves
250- CVE:CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538
251- SUG:NA
252- DESC:fix CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538
253
254* Sat Feb 18 2023 xinghe <xinghe2@h-partners.com> - 7.79.1-14
255- Type:cves
256- CVE:CVE-2023-23914 CVE-2023-23915 CVE-2023-23916
257- SUG:NA
258- DESC:fix CVE-2023-23914 CVE-2023-23915 CVE-2023-23916
259
260* Thu Dec 22 2022 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-13
261- Type:cves
262- CVE:CVE-2022-43551 CVE-2022-43552
263- SUG:NA
264- DESC:fix CVE-2022-43551 CVE-2022-43552
265
266* Thu Oct 27 2022 yanglu <yanglu72@h-partners.com> - 7.79.1-12
267- Type:cves
268- CVE:CVE-2022-32221 CVE-2022-42915 CVE-2022-42916
269- SUG:NA
270- DESC:fix CVE-2022-32221 CVE-2022-42915 CVE-2022-42916
271
272* Tue Oct 11 2022 huangduirong <huangduirong@huawei.com> - 7.79.1-11
273- Type:bugfix
274- ID:NA
275- SUG:NA
276- DESC:Move autoreconf to build
277
278* Thu Sep 01 2022 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-10
279- Type:cves
280- CVE:CVE-2022-35252
281- SUG:NA
282- DESC:fix CVE-2022-35252
283
284* Mon Jul 25 2022 gaihuiying <eaglegai@163.com> - 7.79.1-9
285- Type:bugfix
286- CVE:NA
287- SUG:NA
288- DESC:fix build error when add --disable-http-auth configure option
289
290* Tue Jul 05 2022 gaihuiying <eaglegai@163.com> - 7.79.1-8
291- Type:cves
292- CVE:CVE-2022-32207
293- SUG:NA
294- DESC:fix CVE-2022-32207 better
295
296* Wed Jun 29 2022 gaihuiying <eaglegai@163.com> - 7.79.1-7
297- Type:cves
298- CVE:CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208
299- SUG:NA
300- DESC:fix CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208
301
302* Tue May 17 2022 gaihuiying <eaglegai@163.com> - 7.79.1-6
303- Type:cves
304- CVE:CVE-2022-27781 CVE-2022-27782
305- SUG:NA
306- DESC:fix CVE-2022-27781 CVE-2022-27782
307
308* Fri May 06 2022 gaihuiying <eaglegai@163.com> - 7.79.1-5
309- Type:cves
310- CVE:CVE-2022-22576 CVE-2022-27774 CVE-2022-27775 CVE-2022-27776
311- SUG:NA
312- DESC:fix CVE-2022-22576 CVE-2022-27774 CVE-2022-27775 CVE-2022-27776
313
314* Tue Feb 22 2022 gaoxingwang <gaoxingwang@huawei.com> - 7.79.1-4
315- Type:bugfix
316- CVE:NA
317- SUG:NA
318- DESC:fix dict and neg telnet server start fail in upstream testcase
319
320* Mon Jan 24 2022 gaoxingwang <gaoxingwang@huawei.com> - 7.79.1-3
321- Type:bugfix
322- CVE:NA
323- SUG:NA
324- DESC:enable check in spec
325
326* Thu Jan 20 2022 yanglu <yanglu72@huawei.com> - 7.79.1-2
327- Type:bugfix
328- CVE:NA
329- SUG:NA
330- DESC:delete useless patch
331
332* Tue Dec 14 2021 yanglu <yanglu72@huawei.com> - 7.79.1-1
333- Type:requirement
334- CVE:NA
335- SUG:NA
336- DESC:update curl to 7.79.1
337
338* Wed Sep 29 2021 yanglu <yanglu72@huawei.com> - 7.77.0-3
339- Type:CVE
340- CVE:CVE-2021-22945 CVE-2021-22946 CVE-2021-22947
341- SUG:NA
342- DESC:fix CVE-2021-22945 CVE-2021-22946CVE-2021-22947
343
344* Fri Aug 13 2021 gaihuiying <gaihuiying1@huawei.com> - 7.77.0-2
345- Type:CVE
346- CVE:CVE-2021-22925 CVE-2021-22926
347- SUG:NA
348- DESC:fix CVE-2021-22925 CVE-2021-22926
349
350* Thu Jul 8 2021 gaihuiying <gaihuiying1@huawei.com> - 7.77.0-1
351- Type:requirement
352- CVE:NA
353- SUG:NA
354- DESC:update curl to 7.77.0
355
356* Tue Jun 8 2021 gaihuiying <gaihuiying1@huawei.com> - 7.71.1-9
357- Type:CVE
358- CVE:CVE-2021-22897 CVE-2021-22898
359- SUG:NA
360- DESC:fix CVE-2021-22897 CVE-2021-22898
361
362* Tue Apr 20 2021 gaihuiying <gaihuiying1@huawei.com> - 7.71.1-8
363- Type:CVE
364- CVE:CVE-2021-22890
365- SUG:NA
366- DESC:fix CVE-2021-22890
367
368* Thu Apr 8 2021 xieliuhua <xieliuhua@huawei.com> - 7.71.1-7
369- Type:CVE
370- CVE:CVE-2021-22876
371- SUG:NA
372- DESC:fix CVE-2021-22876
373
374* Tue Jan 26 2021 wangxiaopeng <wangxiaopeng7@huawei.com> - 7.71.1-6
375- Type:CVE
376- CVE:CVE-2020-8285
377- SUG:NA
378- DESC:fix CVE-2020-8285
379
380* Tue Jan 19 2021 xielh2000 <xielh2000@163.com> - 7.71.1-5
381- Type:CVE
382- CVE:CVE-2020-8286
383- SUG:NA
384- DESC:fix CVE-2020-8286
385
386* Mon Jan 18 2021 xihaochen <xihaochen@huawei.com> - 7.71.1-4
387- Type:CVE
388- CVE:CVE-2020-8284
389- SUG:NA
390- DESC:fix CVE-2020-8284
391
392* Tue Jan 5 2021 gaihuiying <gaihuiying1@huawei.com> - 7.71.1-3
393- Type:bugfix
394- ID:NA
395- SUG:NA
396- DESC:fix downgrade error
397
398* Mon Dec 28 2020 liuxin <liuxin264@huawei.com> - 7.71.1-2
399- Type:cves
400- ID:CVE-2020-8231
401- SUG:NA
402- DESC:fix CVE-2020-8231
403
404* Fri Jul 24 2020 zhujunhao <zhujunhao8@huawei.com> - 7.71.1-1
405- Update to 7.71.1
406
407* Thu Apr 9 2020 songnannan <songnannan2@huawei.com> - 7.66.0-3
408- split out the libcurl and libcurl-devel package
409
410* Tue Mar 17 2020 chenzhen <chenzhen44@huawei.com> - 7.66.0-2
411- Type:cves
412- ID:CVE-2019-15601
413- SUG:NA
414- DESC:fix CVE-2019-15601
415
416* Sat Jan 11 2020 openEuler Buildteam <buildteam@openeuler.org> - 7.66.0-1
417- update to 7.66.0
418
419* Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 7.61.1-4
420- Type:cves
421- ID:CVE-2019-5481 CVE-2019-5482
422- SUG:NA
423- DESC:fix CVE-2019-5481 CVE-2019-5482
424
425* Wed Sep 18 2019 guanyanjie <guanyanjie@huawei.com> - 7.61.1-3
426- Init for openEuler
427