kookie
/
nomicon
1
0
Fork 0
Code Issues Projects Releases 1 Activity

curl: 7.82.0 -> 7.83.0

Browse Source 
https://curl.se/changes.html#7_83_0
https://curl.se/docs/CVE-2022-22576.html
https://curl.se/docs/CVE-2022-27774.html
https://curl.se/docs/CVE-2022-27775.html
https://curl.se/docs/CVE-2022-27776.html

Fixes: CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776
main
Martin Weinelt 2 years ago
parent 9611466e74
commit 85f5539c4b
No known key found for this signature in database
GPG Key ID: 87C1E9888F856759
2 changed files with 2 additions and 33 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 30
      pkgs/tools/networking/curl/7.82.0-openssl-fix-CN-check.patch
  2. 5
      pkgs/tools/networking/curl/default.nix

30
pkgs/tools/networking/curl/7.82.0-openssl-fix-CN-check.patch
Unescape View File

@ -1,30 +0,0 @@
From 911714d617c106ed5d553bf003e34ec94ab6a136 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 8 Mar 2022 13:38:13 +0100
Subject: [PATCH] openssl: fix CN check error code
Due to a missing 'else' this returns error too easily.
Regressed in: d15692ebb
Reported-by: Kristoffer Gleditsch
Fixes #8559
Closes #8560
---
lib/vtls/openssl.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 0b79fc50a9c5..4618beeb3867 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1817,7 +1817,8 @@ CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn,
memcpy(peer_CN, ASN1_STRING_get0_data(tmp), peerlen);
peer_CN[peerlen] = '\0';
}
- result = CURLE_OUT_OF_MEMORY;
+ else
+ result = CURLE_OUT_OF_MEMORY;
}
}
else /* not a UTF8 name */

5
pkgs/tools/networking/curl/default.nix
Unescape View File

@ -54,19 +54,18 @@ assert zstdSupport -> zstd != null;
stdenv.mkDerivation rec {
pname = "curl";
version = "7.82.0";
version = "7.83.0";
src = fetchurl {
urls = [
"https://curl.haxx.se/download/${pname}-${version}.tar.bz2"
"https://github.com/curl/curl/releases/download/${lib.replaceStrings ["."] ["_"] pname}-${version}/${pname}-${version}.tar.bz2"
];
sha256 = "sha256-RtmgQAozQI/ZkncLBKRKdDSzA28ugImsKLV1c9WdNx8=";
sha256 = "sha256-JHx+x1IcQljmVjTlKScNIU/jKWmXHMy3KEXnqkaDH5Y=";
};
patches = [
./7.79.1-darwin-no-systemconfiguration.patch
./7.82.0-openssl-fix-CN-check.patch
];
outputs = [ "bin" "dev" "out" "man" "devdoc" ];

Write Preview
Loading…
Cancel
Save