Resolves: CVE-2018-16842 - make the patch for CVE-2018-16842 apply properly

`git apply` fails silently unless `git init` is invoked first.
2018-11-15 15:32:09 +01:00 · 2018-11-15 15:32:09 +01:00 · 3a4404c668
parent 81eb511a57
commit 3a4404c668
1 changed files with 5 additions and 1 deletions
--- a/curl.spec
+++ b/curl.spec
@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.61.1
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: MIT
 Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz

@ -186,6 +186,7 @@ be installed.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+git init
 git apply %{PATCH4}
 %patch5 -p1
 %patch6 -p1
@ -355,6 +356,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal

 %changelog
+* Thu Nov 15 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.1-5
+- make the patch for CVE-2018-16842 apply properly (CVE-2018-16842)
+
 * Thu Nov 01 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.1-4
 - SASL password overflow via integer overflow (CVE-2018-16839)
 - fix use-after-free in handle close (CVE-2018-16840)