deleted file mode 100644

@@ -1,35 +0,0 @@

-From ccb7d79b62c8b15a6be446f9c9fd3767c01eb5b6 Mon Sep 17 00:00:00 2001

-From: Daniel Stenberg <daniel@haxx.se>

-Date: Sun, 31 Jul 2016 01:09:04 +0200

-Subject: [PATCH] curl_multi_cleanup: clear connection pointer for easy handles

-MIME-Version: 1.0

-Content-Type: text/plain; charset=UTF-8

-Content-Transfer-Encoding: 8bit

-

-CVE-2016-5421

-Bug: https://curl.haxx.se/docs/adv_20160803C.html

-Reported-by: Marcelo Echeverria and Fernando Muñoz

- lib/multi.c | 2 ++

- 1 file changed, 2 insertions(+)

-

-diff --git a/lib/multi.c b/lib/multi.c

-index 9ee3523..8bb9366 100644

-+++ b/lib/multi.c

-@@ -2155,10 +2155,12 @@ static void close_all_connections(struct Curl_multi *multi)

-   while(conn) {

-     SIGPIPE_VARIABLE(pipe_st);

-     conn->data = multi->closure_handle;

- 

-     sigpipe_ignore(conn->data, &pipe_st);

-+    conn->data->easy_conn = NULL; /* clear the easy handle's connection

-+                                     pointer */

-     /* This will remove the connection from the cache */

-     (void)Curl_disconnect(conn, FALSE);

-     sigpipe_restore(&pipe_st);

- 

-     conn = Curl_conncache_find_first_connection(&multi->conn_cache);

-2.8.1

-

deleted file mode 100644

@@ -1,53 +0,0 @@

-diff --git a/lib/escape.c b/lib/escape.c

-index 40338a9..808ac6c 100644

-+++ b/lib/escape.c

-@@ -78,15 +78,21 @@ char *curl_unescape(const char *string, int length)

- 

- char *curl_easy_escape(CURL *handle, const char *string, int inlength)

- {

--  size_t alloc = (inlength?(size_t)inlength:strlen(string))+1;

-+  size_t alloc;

-   char *ns;

-   char *testing_ptr = NULL;

-   unsigned char in; /* we need to treat the characters unsigned */

--  size_t newlen = alloc;

-+  size_t newlen;

-   size_t strindex=0;

-   size_t length;

-   CURLcode result;

- 

-+  if(inlength < 0)

-+    return NULL;

-+

-+  alloc = (inlength?(size_t)inlength:strlen(string))+1;

-+  newlen = alloc;

-+

-   ns = malloc(alloc);

-   if(!ns)

-     return NULL;

-@@ -211,14 +217,16 @@ char *curl_easy_unescape(CURL *handle, const char *string, int length,

-                          int *olen)

- {

-   char *str = NULL;

--  size_t inputlen = length;

--  size_t outputlen;

--  CURLcode res = Curl_urldecode(handle, string, inputlen, &str, &outputlen,

--                                FALSE);

--  if(res)

--    return NULL;

--  if(olen)

--    *olen = curlx_uztosi(outputlen);

-+  if(length >= 0) {

-+    size_t inputlen = length;

-+    size_t outputlen;

-+    CURLcode res = Curl_urldecode(handle, string, inputlen, &str, &outputlen,

-+                                  FALSE);

-+    if(res)

-+      return NULL;

-+    if(olen)

-+      *olen = curlx_uztosi(outputlen);

-+  }

-   return str;

- }

- 

deleted file mode 100644

@@ -1,54 +0,0 @@

-From 358b2b131ad6c095696f20dcfa62b8305263f898 Mon Sep 17 00:00:00 2001

-From: Daniel Stenberg <daniel@haxx.se>

-Date: Tue, 1 Aug 2017 17:16:46 +0200

-Subject: [PATCH] tftp: reject file name lengths that don't fit

-

-... and thereby avoid telling send() to send off more bytes than the

-size of the buffer!

-

-CVE-2017-1000100

-

-Bug: https://curl.haxx.se/docs/adv_20170809B.html

-Reported-by: Even Rouault

-

-Credit to OSS-Fuzz for the discovery

- lib/tftp.c | 7 ++++++-

- 1 file changed, 6 insertions(+), 1 deletion(-)

-

-diff --git a/lib/tftp.c b/lib/tftp.c

-index 02bd84242..f6f4bce5b 100644

-+++ b/lib/tftp.c

-@@ -3,11 +3,11 @@

-  *  Project                     ___| | | |  _ \| |

-  *                             / __| | | | |_) | |

-  *                            | (__| |_| |  _ <| |___

-  *                             \___|\___/|_| \_\_____|

-  *

-- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.

-+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.

-  *

-  * This software is licensed as described in the file COPYING, which

-  * you should have received as part of this distribution. The terms

-  * are also available at https://curl.haxx.se/docs/copyright.html.

-  *

-@@ -489,10 +489,15 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event)

-     result = Curl_urldecode(data, &state->conn->data->state.path[1], 0,

-                             &filename, NULL, FALSE);

-     if(result)

-       return result;

- 

-+    if(strlen(filename) > (state->blksize - strlen(mode) - 4)) {

-+      failf(data, "TFTP file name too long\n");

-+      return CURLE_TFTP_ILLEGAL; /* too long file name field */

-+    }

-+

-     snprintf((char *)state->spacket.data+2,

-              state->blksize,

-              "%s%c%s%c", filename, '\0',  mode, '\0');

-     sbytes = 4 + strlen(filename) + strlen(mode);

- 

-2.13.3

-

deleted file mode 100644

@@ -1,96 +0,0 @@

-From 453e7a7a03a2cec749abd3878a48e728c515cca7 Mon Sep 17 00:00:00 2001

-From: Daniel Stenberg <daniel@haxx.se>

-Date: Tue, 1 Aug 2017 17:16:07 +0200

-Subject: [PATCH] glob: do not continue parsing after a strtoul() overflow

- range

-

-Added test 1289 to verify.

-

-CVE-2017-1000101

-

-Bug: https://curl.haxx.se/docs/adv_20170809A.html

-Reported-by: Brian Carpenter

- src/tool_urlglob.c      |  5 ++++-

- tests/data/Makefile.inc |  2 +-

- tests/data/test1289     | 35 +++++++++++++++++++++++++++++++++++

- 3 files changed, 40 insertions(+), 2 deletions(-)

- create mode 100644 tests/data/test1289

-

-diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c

-index 6b1ece008..d56dcd912 100644

-+++ b/src/tool_urlglob.c

-@@ -271,11 +271,14 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,

-           endp = NULL;

-           goto fail;

-         }

-         errno = 0;

-         max_n = strtoul(pattern, &endp, 10);

--        if(errno || (*endp == ':')) {

-+        if(errno)

-+          /* overflow */

-+          endp = NULL;

-+        else if(*endp == ':') {

-           pattern = endp+1;

-           errno = 0;

-           step_n = strtoul(pattern, &endp, 10);

-           if(errno)

-             /* over/underflow situation */

-diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc

-index 35446cf71..59f692e8f 100644

-+++ b/tests/data/Makefile.inc

-@@ -130,7 +130,7 @@ test1252 test1253 test1254 test1255 test1256 test1257 test1258 test1259 \

- test1260 \

- \

- test1280 test1281 test1282 test1283 test1284 test1285 test1286 test1287 \

--test1288 \

-+test1288 test1289 \

- \

- test1300 test1301 test1302 test1303 test1304 test1305 test1306 test1307 \

- test1308 test1309 test1310 test1311 test1312 test1313 test1314 test1315 \

-diff --git a/tests/data/test1289 b/tests/data/test1289

-new file mode 100644

-index 000000000..d679cc0bc

-+++ b/tests/data/test1289

-@@ -0,0 +1,35 @@

-+<testcase>

-+<info>

-+<keywords>

-+HTTP

-+HTTP GET

-+globbing

-+</keywords>

-+</info>

-+

-+#

-+# Server-side

-+<reply>

-+</reply>

-+

-+# Client-side

-+<client>

-+<server>

-+http

-+</server>

-+<name>

-+globbing with overflow and bad syntxx

-+</name>

-+<command>

-+http://ur%20[0-60000000000000000000

-+</command>

-+</client>

-+

-+# Verify data after the test has been "shot"

-+<verify>

-+# curl: (3) [globbing] bad range in column 

-+<errorcode>

-+3

-+</errorcode>

-+</verify>

-+</testcase>

-2.13.3

-

deleted file mode 100644

@@ -1,133 +0,0 @@

-From 9d9157bb0c230c769fdf902ed3a62edf642d424b Mon Sep 17 00:00:00 2001

-From: Daniel Stenberg <daniel@haxx.se>

-Date: Mon, 25 Sep 2017 00:35:22 +0200

-Subject: [PATCH v2] FTP: zero terminate the entry path even on bad input

-

-... a single double quote could leave the entry path buffer without a zero

-terminating byte.

-

-Test 1152 added to verify.

-

-Reported-by: Max Dymond

- lib/ftp.c               |  7 ++++--

- tests/data/Makefile.inc |  1 +

- tests/data/test1152     | 61 +++++++++++++++++++++++++++++++++++++++++++++++++

- 3 files changed, 67 insertions(+), 2 deletions(-)

- create mode 100644 tests/data/test1152

-

-diff --git a/lib/ftp.c b/lib/ftp.c

-index 4860509f3..54ba4057f 100644

-+++ b/lib/ftp.c

-@@ -2825,7 +2825,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)

-         const size_t buf_size = CURL_BUFSIZE(data->set.buffer_size);

-         char *dir;

-         char *store;

--

-+        bool entry_extracted = FALSE;

-         dir = malloc(nread + 1);

-         if(!dir)

-           return CURLE_OUT_OF_MEMORY;

-@@ -2856,7 +2856,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)

-               }

-               else {

-                 /* end of path */

--                *store = '\0'; /* zero terminate */

-+                entry_extracted = TRUE;

-                 break; /* get out of this loop */

-               }

-             }

-@@ -2865,7 +2865,9 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)

-             store++;

-             ptr++;

-           }

--

-+          *store = '\0'; /* zero terminate */

-+        }

-+        if(entry_extracted) {

-           /* If the path name does not look like an absolute path (i.e.: it

-              does not start with a '/'), we probably need some server-dependent

-              adjustments. For example, this is the case when connecting to

-diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc

-index 1bfd75eca..268f5e29e 100644

-+++ b/tests/data/Makefile.inc

-@@ -121,6 +121,7 @@ test1120 test1121 test1122 test1123 test1124 test1125 test1126 test1127 \

- test1128 test1129 test1130 test1131 test1132 test1133 test1134 test1135 \

- test1136 test1137 test1138 test1139 test1140 test1141 test1142 test1143 \

- test1144 test1145 test1146 \

-+test1152 \

- test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \

- test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \

- test1216 test1217 test1218 test1219 \

-diff --git a/tests/data/test1152 b/tests/data/test1152

-new file mode 100644

-index 000000000..aa8c0a7e4

-+++ b/tests/data/test1152

-@@ -0,0 +1,61 @@

-+<testcase>

-+<info>

-+<keywords>

-+FTP

-+PASV

-+LIST

-+</keywords>

-+</info>

-+#

-+# Server-side

-+<reply>

-+<servercmd>

-+REPLY PWD 257 "just one

-+</servercmd>

-+

-+# When doing LIST, we get the default list output hard-coded in the test

-+# FTP server

-+<data mode="text">

-+total 20

-+drwxr-xr-x   8 98       98           512 Oct 22 13:06 .

-+drwxr-xr-x   8 98       98           512 Oct 22 13:06 ..

-+drwxr-xr-x   2 98       98           512 May  2  1996 curl-releases

-+-r--r--r--   1 0        1             35 Jul 16  1996 README

-+lrwxrwxrwx   1 0        1              7 Dec  9  1999 bin -> usr/bin

-+dr-xr-xr-x   2 0        1            512 Oct  1  1997 dev

-+drwxrwxrwx   2 98       98           512 May 29 16:04 download.html

-+dr-xr-xr-x   2 0        1            512 Nov 30  1995 etc

-+drwxrwxrwx   2 98       1            512 Oct 30 14:33 pub

-+dr-xr-xr-x   5 0        1            512 Oct  1  1997 usr

-+</data>

-+</reply>

-+

-+#

-+# Client-side

-+<client>

-+<server>

-+ftp

-+</server>

-+ <name>

-+FTP with uneven quote in PWD response

-+ </name>

-+ <command>

-+ftp://%HOSTIP:%FTPPORT/test-1152/

-+</command>

-+</client>

-+

-+#

-+# Verify data after the test has been "shot"

-+<verify>

-+<protocol>

-+USER anonymous

-+PASS ftp@example.com

-+PWD

-+CWD test-1152

-+EPSV

-+TYPE A

-+LIST

-+QUIT

-+</protocol>

-+</verify>

-+</testcase>

-2.14.1

-

deleted file mode 100644

@@ -1,37 +0,0 @@

-From 13c9a9ded3ae744a1e11cbc14e9146d9fa427040 Mon Sep 17 00:00:00 2001

-From: Daniel Stenberg <daniel@haxx.se>

-Date: Sat, 7 Oct 2017 00:11:31 +0200

-Subject: [PATCH] imap: if a FETCH response has no size, don't call write

- callback

-

-CVE-2017-1000257

-

-Reported-by: Brian Carpenter and 0xd34db347

-Also detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3586

- lib/imap.c | 5 +++++

- 1 file changed, 5 insertions(+)

-

-diff --git a/lib/imap.c b/lib/imap.c

-index 954d18f37..baa31a2f8 100644

-+++ b/lib/imap.c

-@@ -1124,10 +1124,15 @@ static CURLcode imap_state_fetch_resp(struct connectdata *conn, int imapcode,

- 

-       if(chunk > (size_t)size)

-         /* The conversion from curl_off_t to size_t is always fine here */

-         chunk = (size_t)size;

- 

-+      if(!chunk) {

-+        /* no size, we're done with the data */

-+        state(conn, IMAP_STOP);

-+        return CURLE_OK;

-+      }

-       result = Curl_client_write(conn, CLIENTWRITE_BODY, pp->cache, chunk);

-       if(result)

-         return result;

- 

-       data->req.bytecount += chunk;

-2.15.0.rc1

-

@@ -1,18 +1,14 @@

 Summary:        An URL retrieval utility and library

 Name:           curl

-Version:        7.54.0

-Release:        5%{?dist}

+Version:        7.56.1

+Release:        1%{?dist}

 License:        MIT

 URL:            http://curl.haxx.se

 Group:          System Environment/NetworkingLibraries

 Vendor:         VMware, Inc.

 Distribution:   Photon

-Source0:        http://curl.haxx.se/download/%{name}-%{version}.tar.lzma

-%define sha1    curl=a77da3cd2a9876bde3982976245ef2da9ad27847

-Patch0:         curl-CVE-2017-1000101.patch

-Patch1:         curl-CVE-2017-1000100.patch

-Patch2:         curl-CVE-2017-1000254.patch

-Patch3:         curl-CVE-2017-1000257.patch

+Source0:        http://curl.haxx.se/download/%{name}-%{version}.tar.xz

+%define sha1    curl=c26bd88fdd5fe5d31a3b9e7a0a6b3dffff3168df

 Requires:       ca-certificates

 BuildRequires:  ca-certificates

 Requires:       openssl

@@ -28,10 +24,6 @@ upload files can be incorporated into other programs to support

 functions like streaming media.

 %prep

 %setup -q

-%patch0 -p1

-%patch1 -p1

-%patch2 -p1

-%patch3 -p1

 sed -i '/--static-libs)/{N;s#echo .*#echo #;}' curl-config.in

 %build

 ./configure \

@@ -71,6 +63,8 @@ rm -rf %{buildroot}/*

 %{_datarootdir}/aclocal/libcurl.m4

 %{_docdir}/%{name}-%{version}

 %changelog

+*   Wed Dec 13 2017 Xiaolin Li <xiaolinl@vmware.com> 7.56.1-1

+-   Update to version 7.56.1

 *   Mon Nov 27 2017 Xiaolin Li <xiaolinl@vmware.com> 7.54.0-5

 -   Fix CVE-2017-1000257

 *   Mon Nov 06 2017 Xiaolin Li <xiaolinl@vmware.com> 7.54.0-4

@@ -1,26 +1,27 @@

 %global security_hardening none

-Summary:	Sysdig is a universal system visibility tool with native support for containers.

-Name:		sysdig

-Version:	0.10.1

-Release:	4%{?kernelsubrelease}%{?dist}

-License:	GPLv2	  

-URL:		http://www.sysdig.org/

-Group:		Applications/System	

-Vendor:		VMware, Inc.

-Distribution:	Photon

-Source0:	https://github.com/draios/sysdig/archive/%{name}-%{version}.tar.gz

-%define sha1 sysdig=272b95ad02be4d194bba66d360ff935084d9c842

-BuildRequires:	cmake 

+Summary:        Sysdig is a universal system visibility tool with native support for containers.

+Name:           sysdig

+Version:        0.19.1

+Release:        1%{?kernelsubrelease}%{?dist}

+License:        GPLv2

+URL:            http://www.sysdig.org/

+Group:          Applications/System

+Vendor:         VMware, Inc.

+Distribution:   Photon

+Source0:        https://github.com/draios/sysdig/archive/%{name}-%{version}.tar.gz

+%define sha1 sysdig=425ea9fab8e831274626a9c9e65f0dfb4f9bc019

+BuildRequires:  cmake

 BuildRequires:  linux-dev = %{KERNEL_VERSION}-%{KERNEL_RELEASE}

-BuildRequires:	openssl-devel

-BuildRequires:	curl

-BuildRequires:	zlib-devel

-BuildRequires:	ncurses-devel >= 6.0-3

-Requires:   linux = %{KERNEL_VERSION}-%{KERNEL_RELEASE}

-Requires:	zlib

-Requires:	ncurses >= 6.0-3

-Requires:	openssl

-Requires:	curl

+BuildRequires:  openssl-devel

+BuildRequires:  curl

+BuildRequires:  zlib-devel

+BuildRequires:  ncurses-devel >= 6.0-3

+BuildRequires:  wget

+Requires:       linux = %{KERNEL_VERSION}-%{KERNEL_RELEASE}

+Requires:       zlib

+Requires:       ncurses >= 6.0-3

+Requires:       openssl

+Requires:       curl

 %description

  Sysdig is open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze. Sysdig is scriptable in Lua and includes a command line interface and a powerful interactive UI, csysdig, that runs in your terminal

@@ -33,11 +34,11 @@ mkdir build

 cd build

 cmake \

-	-DCMAKE_INSTALL_PREFIX=%{_prefix} \

-	-DUSE_BUNDLED_OPENSSL=OFF \

-	-DUSE_BUNDLED_CURL=OFF \

-	-DUSE_BUNDLED_ZLIB=OFF \

-	-DUSE_BUNDLED_NCURSES=OFF ..

+    -DCMAKE_INSTALL_PREFIX=%{_prefix} \

+    -DUSE_BUNDLED_OPENSSL=OFF \

+    -DUSE_BUNDLED_CURL=OFF \

+    -DUSE_BUNDLED_ZLIB=OFF \

+    -DUSE_BUNDLED_NCURSES=OFF ..

 make KERNELDIR="/lib/modules/%{KERNEL_VERSION}-%{KERNEL_RELEASE}/build"

@@ -69,6 +70,8 @@ rm -rf %{buildroot}/*

 /lib/modules/%{KERNEL_VERSION}-%{KERNEL_RELEASE}/extra/sysdig-probe.ko

 %changelog

+*   Wed Dec 13 2017 Xiaolin Li <xiaolinl@vmware.com> 0.19.1-1

+-   Update to version 0.19.1

 *   Mon Apr 3 2017 Alexey Makhalov <amakhalov@vmware.com> 0.10.1-4

 -   Use specified version of ncurses wich has long chtype and mmask_t

     (see ncurses changelog)