diff --git a/SPECS/curl/curl.spec b/SPECS/curl/curl.spec index 8d179e0f157..63faa7b546d 100644 --- a/SPECS/curl/curl.spec +++ b/SPECS/curl/curl.spec @@ -1,7 +1,7 @@ Summary: An URL retrieval utility and library Name: curl Version: 7.68.0 -Release: 1%{?dist} +Release: 2%{?dist} License: MIT URL: http://curl.haxx.se Group: System Environment/NetworkingLibraries @@ -47,7 +47,7 @@ This package contains minimal set of shared curl libraries. --with-ssl \ --with-gssapi \ --with-libssh2 \ - --with-ca-bundle=/etc/pki/tls/certs/ca-bundle.crt \ + --with-ca-bundle=/etc/pki/tls/certs/ca-bundle.trust.crt \ --with-ca-path=/etc/ssl/certs make %{?_smp_mflags} @@ -87,6 +87,8 @@ rm -rf %{buildroot}/* %{_libdir}/libcurl.so.* %changelog +* Wed Oct 07 2020 Pawel Winogrodzki 7.68.0-2 +- Updating certificate bundle path to include full set of trust information. * Tue Aug 11 2020 Pawel Winogrodzki 7.68.0-1 - Upgrading to 7.68.0 to enable verification against a partial cert chain. * Thu May 14 2020 Nicolas Ontiveros 7.66.0-1 diff --git a/SPECS/gnutls/gnutls.spec b/SPECS/gnutls/gnutls.spec index 419793c211d..696f52c7b8f 100644 --- a/SPECS/gnutls/gnutls.spec +++ b/SPECS/gnutls/gnutls.spec @@ -1,7 +1,7 @@ Summary: The GnuTLS Transport Layer Security Library Name: gnutls Version: 3.6.14 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ and LGPLv2+ URL: https://www.gnutls.org Source0: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.6/%{name}-%{version}.tar.xz @@ -44,7 +44,7 @@ developing applications that use gnutls. --disable-openssl-compatibility \ --with-included-unistring \ --with-system-priority-file=%{_sysconfdir}/gnutls/default-priorities \ - --with-default-trust-store-file=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt \ + --with-default-trust-store-file=%{_sysconfdir}/pki/tls/certs/ca-bundle.trust.crt \ --with-default-trust-store-dir=%{_sysconfdir}/ssl/certs make %{?_smp_mflags} @@ -88,6 +88,8 @@ make %{?_smp_mflags} check %{_mandir}/man3/* %changelog +* Wed Oct 07 2020 Pawel Winogrodzki 3.6.14-2 +- Updating certificate bundle path to include full set of trust information. * Fri Aug 21 2020 Andrew Phelps 3.6.14-1 - Update to version 3.6.14 for CVE-2020-13777 * Sat May 09 2020 Nick Samson 3.6.8-3 diff --git a/SPECS/wget/wget.spec b/SPECS/wget/wget.spec index 4e66f79f04b..423af80818b 100644 --- a/SPECS/wget/wget.spec +++ b/SPECS/wget/wget.spec @@ -1,7 +1,7 @@ Summary: A network utility to retrieve files from the Web Name: wget Version: 1.20.3 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ URL: https://www.gnu.org/software/wget/wget.html Group: System Environment/NetworkingPrograms @@ -40,7 +40,7 @@ make DESTDIR=%{buildroot} install install -vdm 755 %{buildroot}/etc cat >> %{buildroot}/etc/wgetrc <<-EOF # default root certs location - ca_certificate=/etc/pki/tls/certs/ca-bundle.crt + ca_certificate=/etc/pki/tls/certs/ca-bundle.trust.crt ca_directory = /etc/ssl/certs EOF rm -rf %{buildroot}/%{_infodir} @@ -62,6 +62,8 @@ rm -rf %{buildroot}/* %{_mandir}/man1/* %changelog +* Wed Oct 07 2020 Pawel Winogrodzki 1.20.3-2 +- Updating certificate bundle path to include full set of trust information. * Mon Jun 08 2020 Joe Schmitt 1.20.3-1 - Update to version 1.20.3 to resolve CVE-2019-5953. - Use https for URL. diff --git a/cgmanifest.json b/cgmanifest.json index 772aed51dcd..a87dae37c81 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -666,8 +666,8 @@ "type": "other", "other": { "name": "curl", - "version": "7.66.0", - "downloadUrl": "http://curl.haxx.se/download/curl-7.66.0.tar.gz" + "version": "7.68.0", + "downloadUrl": "http://curl.haxx.se/download/curl-7.68.0.tar.gz" } } }, @@ -1266,8 +1266,8 @@ "type": "other", "other": { "name": "gnutls", - "version": "3.6.8", - "downloadUrl": "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.6/gnutls-3.6.8.tar.xz" + "version": "3.6.14", + "downloadUrl": "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.6/gnutls-3.6.14.tar.xz" } } }, diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt index 0b1460e8d82..25fc8ae720f 100644 --- a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt @@ -129,9 +129,9 @@ libsolv-0.7.7-4.cm1.aarch64.rpm libsolv-devel-0.7.7-4.cm1.aarch64.rpm libssh2-1.9.0-1.cm1.aarch64.rpm libssh2-devel-1.9.0-1.cm1.aarch64.rpm -curl-7.68.0-1.cm1.aarch64.rpm -curl-devel-7.68.0-1.cm1.aarch64.rpm -curl-libs-7.68.0-1.cm1.aarch64.rpm +curl-7.68.0-2.cm1.aarch64.rpm +curl-devel-7.68.0-2.cm1.aarch64.rpm +curl-libs-7.68.0-2.cm1.aarch64.rpm tdnf-2.1.0-4.cm1.aarch64.rpm tdnf-cli-libs-2.1.0-4.cm1.aarch64.rpm tdnf-devel-2.1.0-4.cm1.aarch64.rpm diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt index 40d788c287e..f0fae29b2fc 100644 --- a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt @@ -129,9 +129,9 @@ libsolv-0.7.7-4.cm1.x86_64.rpm libsolv-devel-0.7.7-4.cm1.x86_64.rpm libssh2-1.9.0-1.cm1.x86_64.rpm libssh2-devel-1.9.0-1.cm1.x86_64.rpm -curl-7.68.0-1.cm1.x86_64.rpm -curl-devel-7.68.0-1.cm1.x86_64.rpm -curl-libs-7.68.0-1.cm1.x86_64.rpm +curl-7.68.0-2.cm1.x86_64.rpm +curl-devel-7.68.0-2.cm1.x86_64.rpm +curl-libs-7.68.0-2.cm1.x86_64.rpm tdnf-2.1.0-4.cm1.x86_64.rpm tdnf-cli-libs-2.1.0-4.cm1.x86_64.rpm tdnf-devel-2.1.0-4.cm1.x86_64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt index 6bdbb7ba44d..33e851752ff 100644 --- a/toolkit/resources/manifests/package/toolchain_aarch64.txt +++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt @@ -47,10 +47,10 @@ cryptsetup-debuginfo-2.3.3-2.cm1.aarch64.rpm cryptsetup-devel-2.3.3-2.cm1.aarch64.rpm cryptsetup-libs-2.3.3-2.cm1.aarch64.rpm cryptsetup-reencrypt-2.3.3-2.cm1.aarch64.rpm -curl-7.68.0-1.cm1.aarch64.rpm -curl-debuginfo-7.68.0-1.cm1.aarch64.rpm -curl-devel-7.68.0-1.cm1.aarch64.rpm -curl-libs-7.68.0-1.cm1.aarch64.rpm +curl-7.68.0-2.cm1.aarch64.rpm +curl-debuginfo-7.68.0-2.cm1.aarch64.rpm +curl-devel-7.68.0-2.cm1.aarch64.rpm +curl-libs-7.68.0-2.cm1.aarch64.rpm device-mapper-2.03.05-5.cm1.aarch64.rpm device-mapper-devel-2.03.05-5.cm1.aarch64.rpm device-mapper-event-2.03.05-5.cm1.aarch64.rpm @@ -378,8 +378,8 @@ util-linux-devel-2.32.1-3.cm1.aarch64.rpm util-linux-lang-2.32.1-3.cm1.aarch64.rpm util-linux-libs-2.32.1-3.cm1.aarch64.rpm veritysetup-2.3.3-2.cm1.aarch64.rpm -wget-1.20.3-1.cm1.aarch64.rpm -wget-debuginfo-1.20.3-1.cm1.aarch64.rpm +wget-1.20.3-2.cm1.aarch64.rpm +wget-debuginfo-1.20.3-2.cm1.aarch64.rpm which-2.21-7.cm1.aarch64.rpm which-debuginfo-2.21-7.cm1.aarch64.rpm xz-5.2.4-3.cm1.aarch64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt index e5fdf7d1b97..b91cf4fd13f 100644 --- a/toolkit/resources/manifests/package/toolchain_x86_64.txt +++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt @@ -47,10 +47,10 @@ cryptsetup-debuginfo-2.3.3-2.cm1.x86_64.rpm cryptsetup-devel-2.3.3-2.cm1.x86_64.rpm cryptsetup-libs-2.3.3-2.cm1.x86_64.rpm cryptsetup-reencrypt-2.3.3-2.cm1.x86_64.rpm -curl-7.68.0-1.cm1.x86_64.rpm -curl-debuginfo-7.68.0-1.cm1.x86_64.rpm -curl-devel-7.68.0-1.cm1.x86_64.rpm -curl-libs-7.68.0-1.cm1.x86_64.rpm +curl-7.68.0-2.cm1.x86_64.rpm +curl-debuginfo-7.68.0-2.cm1.x86_64.rpm +curl-devel-7.68.0-2.cm1.x86_64.rpm +curl-libs-7.68.0-2.cm1.x86_64.rpm device-mapper-2.03.05-5.cm1.x86_64.rpm device-mapper-devel-2.03.05-5.cm1.x86_64.rpm device-mapper-event-2.03.05-5.cm1.x86_64.rpm @@ -378,8 +378,8 @@ util-linux-devel-2.32.1-3.cm1.x86_64.rpm util-linux-lang-2.32.1-3.cm1.x86_64.rpm util-linux-libs-2.32.1-3.cm1.x86_64.rpm veritysetup-2.3.3-2.cm1.x86_64.rpm -wget-1.20.3-1.cm1.x86_64.rpm -wget-debuginfo-1.20.3-1.cm1.x86_64.rpm +wget-1.20.3-2.cm1.x86_64.rpm +wget-debuginfo-1.20.3-2.cm1.x86_64.rpm which-2.21-7.cm1.x86_64.rpm which-debuginfo-2.21-7.cm1.x86_64.rpm xz-5.2.4-3.cm1.x86_64.rpm