rpms
/
curl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Resolves: #1994521 - disable more protocols and features in libcurl-minimal 

... to limit vulnerability exposure in case there is a CVE in curl
in some of the rarer protocols
This commit is contained in:
Kamil Dudka 2021-09-20 14:54:20 +02:00
parent 54117120e4
commit 5ebead952b
1 changed files with 32 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
curl.spec
View File

@ -1,7 +1,7 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
Version: 7.79.1
Release: 1%{?dist}
Release: 2%{?dist}
License: MIT
Source0: https://curl.se/download/%{name}-%{version}.tar.xz
Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
@ -246,9 +246,23 @@ export common_configure_opts=" \
(
cd build-minimal
%configure $common_configure_opts \
--disable-dict \
--disable-gopher \
--disable-hsts \
--disable-imap \
--disable-ldap \
--disable-ldaps \
--disable-manual \
--disable-mqtt \
--disable-ntlm \
--disable-ntlm-wb \
--disable-pop3 \
--disable-rtsp \
--disable-smb \
--disable-smtp \
--disable-telnet \
--disable-tftp \
--disable-tls-srp \
--without-brotli \
--without-libidn2 \
--without-libpsl \
@ -259,9 +273,23 @@ export common_configure_opts=" \
(
cd build-full
%configure $common_configure_opts \
--enable-dict \
--enable-gopher \
--enable-hsts \
--enable-imap \
--enable-ldap \
--enable-ldaps \
--enable-manual \
--enable-mqtt \
--enable-ntlm \
--enable-ntlm-wb \
--enable-pop3 \
--enable-rtsp \
--enable-smb \
--enable-smtp \
--enable-telnet \
--enable-tftp \
--enable-tls-srp \
--with-brotli \
--with-libidn2 \
--with-libpsl \
@ -369,6 +397,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog
* Mon Oct 04 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-2
- disable more protocols and features in libcurl-minimal (#1994521)
* Wed Sep 22 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-1
- new upstream release