diff --git a/0006-curl-7.51.0-ciphers-man-page.patch b/0006-curl-7.51.0-ciphers-man-page.patch new file mode 100644 index 0000000..43f6719 --- /dev/null +++ b/0006-curl-7.51.0-ciphers-man-page.patch @@ -0,0 +1,65 @@ +From e7e5ada376af33d00b75c1f80f4b2d0438cb91f6 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Sun, 25 Dec 2016 11:01:17 +0100 +Subject: [PATCH] docs/ciphers: link to our own new page about ciphers + +... as the former ones always go stale! + +Upstream-commit: 209b2302272b86c2bbe4d3d2b62e1695655f8670 +Signed-off-by: Kamil Dudka +--- + docs/curl.1 | 6 +----- + docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3 | 8 ++------ + 2 files changed, 3 insertions(+), 11 deletions(-) + +diff --git a/docs/curl.1 b/docs/curl.1 +index 05d1a8d..915e3d1 100644 +--- a/docs/curl.1 ++++ b/docs/curl.1 +@@ -292,11 +292,7 @@ If this option is used several times, the last one will be used. + .IP "--ciphers " + (SSL) Specifies which ciphers to use in the connection. The list of ciphers + must specify valid ciphers. Read up on SSL cipher list details on this URL: +-\fIhttps://www.openssl.org/docs/apps/ciphers.html\fP +- +-NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS +-ciphers is in the NSSCipherSuite entry at this URL: +-\fIhttps://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP ++\fIhttps://curl.haxx.se/docs/ssl-ciphers.html\fP + + If this option is used several times, the last one will be used. + .IP "--compressed" +diff --git a/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3 b/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3 +index 71833b5..f6b9459 100644 +--- a/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3 ++++ b/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3 +@@ -5,7 +5,7 @@ + .\" * | (__| |_| | _ <| |___ + .\" * \___|\___/|_| \_\_____| + .\" * +-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. ++.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + .\" * + .\" * This software is licensed as described in the file COPYING, which + .\" * you should have received as part of this distribution. The terms +@@ -40,16 +40,12 @@ compile OpenSSL. + + You'll find more details about cipher lists on this URL: + +- https://www.openssl.org/docs/apps/ciphers.html ++ https://curl.haxx.se/docs/ssl-ciphers.html + + For NSS, valid examples of cipher lists include 'rsa_rc4_128_md5', + \'rsa_aes_128_sha\', etc. With NSS you don't add/remove ciphers. If one uses + this option then all known ciphers are disabled and only those passed in are + enabled. +- +-You'll find more details about the NSS cipher lists on this URL: +- +- http://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives + .SH DEFAULT + NULL, use internal default + .SH PROTOCOLS +-- +2.9.4 + diff --git a/curl.spec b/curl.spec index d83afc0..1ee06e1 100644 --- a/curl.spec +++ b/curl.spec @@ -1,7 +1,7 @@ Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Name: curl Version: 7.51.0 -Release: 6%{?dist} +Release: 7%{?dist} License: MIT Group: Applications/Internet Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma @@ -21,6 +21,9 @@ Patch4: 0004-curl-7.51.0-CVE-2016-9586.patch # fix out of bounds read in curl --write-out (CVE-2017-7407) Patch5: 0005-curl-7.51.0-CVE-2017-7407.patch +# fix links to documentation of TLS cipher-suites (#1463532) +Patch6: 0006-curl-7.51.0-ciphers-man-page.patch + # patch making libcurl multilib ready Patch101: 0101-curl-7.32.0-multilib.patch @@ -143,6 +146,7 @@ documentation of the library, too. %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 # Fedora patches %patch101 -p1 @@ -254,6 +258,9 @@ rm -rf $RPM_BUILD_ROOT %{_datadir}/aclocal/libcurl.m4 %changelog +* Wed Jun 21 2017 Kamil Dudka 7.51.0-7 +- fix links to documentation of TLS cipher-suites (#1463532) + * Fri Apr 07 2017 Kamil Dudka 7.51.0-6 - fix out of bounds read in curl --write-out (CVE-2017-7407)