We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
https://curl.se/docs/CVE-2022-32221.html
Affected versions: libcurl 7.7 to and including 7.85.0 Not affected versions: libcurl < 7.7 and >= 7.86.0
davix bundles 7.69.0
The bundled library is used in the EPEL 7 and EPEL 8 builds, because the system version is too old. EPEL 9 and Fedora uses the system version.
I have backported the commit fixing the CVE (a one line patch) to the packages in EPEL 7 and EPEL 8.
The text was updated successfully, but these errors were encountered:
Hello,
Thank you for doing that! I'll end up applying the same EPEL fix during the CMake BuildCurlBundled target.
For this repository, I don't want to apply it via a specfile patch as it will do it on all platforms.
Thanks again for handling this on EPEL!
Cheers, Mihai
Sorry, something went wrong.
Address "CVE-2022-32221" in the bundled curl library (v7.69).
45057f3
The patch is applied during the CMake preparation step, before compiling the bundled curl source code. Closes davix #102
Thank you again for reporting and patching this for EPEL. The issue has been addressed here as well.
The next Davix release (v0.8.4) brings the fix for both the upstream and the EPEL version.
v0.8.4
No branches or pull requests
https://curl.se/docs/CVE-2022-32221.html
Affected versions: libcurl 7.7 to and including 7.85.0
Not affected versions: libcurl < 7.7 and >= 7.86.0
davix bundles 7.69.0
The bundled library is used in the EPEL 7 and EPEL 8 builds, because the system version is too old.
EPEL 9 and Fedora uses the system version.
I have backported the commit fixing the CVE (a one line patch) to the packages in EPEL 7 and EPEL 8.
The text was updated successfully, but these errors were encountered: