Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-1.2.git;a=commitdiff;h=6199bf2bcb53ef2acae70154093feccee9c8dd77
commit 6199bf2bcb53ef2acae70154093feccee9c8dd77 Author: Miklos Vajna <vmik...@frugalware.org> Date: Tue Mar 30 17:52:32 2010 +0200 curl-7.19.7-2locris1-i686 - add libcurl-contentencoding.patch for CVE-2010-0734 - closes #4162 (cherry picked from commit 73537e5ea01f0358867849d947ecd10760609258) diff --git a/source/network/curl/FrugalBuild b/source/network/curl/FrugalBuild index 6d02156..30d7421 100644 --- a/source/network/curl/FrugalBuild +++ b/source/network/curl/FrugalBuild @@ -4,7 +4,7 @@ pkgname=curl pkgver=7.19.7 -pkgrel=1 +pkgrel=2locris1 pkgdesc="A command line tool for transferring data specified with URL syntax." url="http://curl.haxx.se" makedepends=('groff') @@ -13,7 +13,7 @@ groups=('network') archs=('i686' 'x86_64' 'ppc') Fconfopts="$Fconfopts --enable-ares" #ares necessary for rtorrent up2date="lynx -dump $url/download.html|grep Released|tr -s ' '|sed 's/, / /'|cut -d ' ' -f 3" -source=(http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2) -signatures=($source.asc) +source=(http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2 libcurl-contentencoding.patch) +signatures=($source.asc '') # optimization OK diff --git a/source/network/curl/libcurl-contentencoding.patch b/source/network/curl/libcurl-contentencoding.patch new file mode 100644 index 0000000..7d0cd8d --- /dev/null +++ b/source/network/curl/libcurl-contentencoding.patch @@ -0,0 +1,16 @@ +Index: lib/content_encoding.c +=================================================================== +RCS file: /cvsroot/curl/curl/lib/content_encoding.c,v +retrieving revision 1.35 +diff -u -p -r1.35 content_encoding.c +--- lib/content_encoding.c 22 Jan 2010 23:21:39 -0000 1.35 ++++ lib/content_encoding.c 9 Feb 2010 08:53:40 -0000 +@@ -40,7 +40,7 @@ + (doing so will reduce code size slightly). */ + #define OLD_ZLIB_SUPPORT 1 + +-#define DSIZ 0x10000 /* buffer size for decompressed data */ ++#define DSIZ CURL_MAX_WRITE_SIZE /* buffer size for decompressed data */ + + #define GZIP_MAGIC_0 0x1f + #define GZIP_MAGIC_1 0x8b _______________________________________________ Frugalware-git mailing list Frugalware-git@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-git