curl/curl.spec

#Global macro or variable
%global libpsl_version %(pkg-config --modversion libpsl 2>/dev/null || echo 0)
%global libssh_version %(pkg-config --modversion libssh 2>/dev/null || echo 0)
%global openssl_version %({ pkg-config --modversion openssl 2>/dev/null || echo 0;} | sed 's|-|-0.|')
%global _configure ../configure

Name:           curl
Version:        7.79.1
Release:        29
Summary:        Curl is used in command lines or scripts to transfer data
License:        MIT
URL:            https://curl.haxx.se/
Source:         https://curl.haxx.se/download/curl-%{version}.tar.xz

Patch1:         backport-0101-curl-7.32.0-multilib.patch
Patch2:         backport-CVE-2022-22576.patch
Patch3:         backport-CVE-2022-27775.patch
Patch4:         backport-CVE-2022-27776.patch
Patch5:         backport-pre-CVE-2022-27774.patch
Patch6:         backport-001-CVE-2022-27774.patch
Patch7:         backport-002-CVE-2022-27774.patch
Patch8:         backport-CVE-2022-27781.patch
Patch9:         backport-pre-CVE-2022-27782.patch
Patch10:        backport-CVE-2022-27782.patch
Patch11:        backport-CVE-2022-32205.patch
Patch12:        backport-CVE-2022-32206.patch
Patch13:        backport-CVE-2022-32207.patch
Patch14:        backport-CVE-2022-32208.patch
Patch15:        backport-fix-configure-disable-http-auth-build-error.patch
Patch16:        backport-CVE-2022-35252-cookie-reject-cookies-with-control-bytes.patch
Patch17:        backport-CVE-2022-32221.patch
Patch18:        backport-CVE-2022-42916.patch
Patch20:        backport-CVE-2022-43551-http-use-the-IDN-decoded-name-in-HSTS-checks.patch
Patch21:        backport-CVE-2022-43552-smb-telnet-do-not-free-the-protocol-struct-in-_done.patch
Patch22:        backport-0001-CVE-2023-23914-CVE-2023-23915.patch
Patch23:        backport-0002-CVE-2023-23914-CVE-2023-23915.patch
Patch24:        backport-0003-CVE-2023-23914-CVE-2023-23915.patch
Patch25:        backport-0004-CVE-2023-23914-CVE-2023-23915.patch
Patch26:        backport-0005-CVE-2023-23914-CVE-2023-23915.patch
Patch27:        backport-0001-CVE-2023-23916.patch
Patch28:        backport-0002-CVE-2023-23916.patch
Patch29:        backport-CVE-2023-27533.patch
Patch30:        backport-CVE-2023-27534-pre1.patch
Patch31:        backport-CVE-2023-27534.patch
Patch32:        backport-CVE-2023-27538.patch
Patch33:        backport-CVE-2023-27535-pre1.patch
Patch34:        backport-CVE-2023-27536.patch
Patch35:        backport-CVE-2023-27535.patch
Patch36:        backport-after-CVE-2022-32207-to-fix-build-error-when-user-don-t-use-glibc.patch
Patch37:        backport-CVE-2023-28321.patch 
Patch38:        backport-CVE-2023-28322.patch
Patch39:        backport-0001-CVE-2023-28320.patch
Patch40:        backport-0002-CVE-2023-28320.patch
Patch41:        backport-0003-CVE-2023-28320.patch
Patch42:        backport-curl-tool-erase-some-more-sensitive-command-line-arg.patch
Patch43:        backport-tool_getparam-repair-cleanarg.patch
Patch44:        backport-tool_getparam-fix-cleanarg-for-unicode-builds.patch
Patch45:        backport-getparam-correctly-clean-args.patch
Patch46:        backport-tool_getparam-fix-hiding-of-command-line-secrets.patch
Patch47:        backport-multi-shut-down-CONNECT-in-Curl_detach_connnection.patch
Patch48:        backport-curl_easy_cleanup.3-remove-from-multi-handle-first.patch
Patch49:        backport-http_proxy-make-Curl_connect_done-work-for-proxy-dis.patch
Patch50:        backport-Curl_connect_done-handle-being-called-twice.patch
Patch51:        backport-tftp-mark-protocol-as-not-possible-to-do-over-CONNEC.patch
Patch52:        backport-test1939-require-proxy-support-to-run.patch
Patch53:        backport-lib1939-make-it-endure-torture-tests.patch
Patch54:        backport-CVE-2022-42915.patch
Patch55:        backport-tests-verify-the-fix-for-CVE-2022-27774.patch
Patch56:        backport-test442-443-test-cookie-caps.patch
Patch57:        backport-test444-test-many-received-Set-Cookie.patch
Patch58:        backport-test8-verify-that-ctrl-byte-cookies-are-ignored.patch
Patch59:        backport-test1948-verify-PUT-POST-reusing-the-same-handle.patch
Patch60:        backport-test387-verify-rejection-of-compression-chain-attack.patch
Patch61:        backport-hostcheck-fix-host-name-wildcard-checking.patch
Patch62:        backport-CVE-2023-32001.patch
Patch63:	backport-CVE-2023-38545.patch
Patch64:	backport-CVE-2023-38546.patch
Patch65:        backport-CVE-2023-46218.patch
Patch66:        backport-0001-CVE-2023-46219.patch
Patch67:        backport-0002-CVE-2023-46219.patch
Patch68:        backport-tool_progress-avoid-division-by-zero-in-parallel-pro.patch
Patch69:        backport-digest-pass-over-leading-spaces-in-qop-values.patch
Patch70:        backport-Curl_close-call-Curl_resolver_cancel-to-avoid-memory.patch
Patch71:        backport-easy-fix-the-altsvc-init-for-curl_easy_duphandle.patch
Patch72:        backport-libssh-if-sftp_init-fails-don-t-get-the-sftp-error-c.patch
Patch73:        backport-url-move-back-the-IDN-conversion-of-proxy-names.patch
Patch74:        backport-ftp-support-growing-files-with-CURLOPT_IGNORE_CONTEN.patch
Patch75:        backport-http-fix-the-1-comparison-for-IPv6-localhost-for-coo.patch
Patch76:        backport-multi-free-up-more-data-earleier-in-DONE.patch
Patch77:        backport-curl_path-bring-back-support-for-SFTP-path-ending-in.patch
Patch78:        backport-transfer-refuse-POSTFIELDS-RESUME_FROM-combo.patch
Patch79:        backport-tool_operate-refuse-data-or-form-and-continue-at-com.patch
Patch80:        backport-http-free-the-url-before-storing-a-new-copy.patch
Patch81:        backport-url-fix-null-dispname-for-connect-to-option.patch
Patch82:        backport-vtls-avoid-memory-leak-if-sha256-call-fails.patch
Patch83:        backport-urlapi-make-sure-zoneid-is-also-duplicated-in-curl_u.patch
Patch84:        backport-transfer-also-stop-the-sending-on-closed-connection.patch
Patch85:        backport-openssl-avoid-BN_num_bits-NULL-pointer-derefs.patch
Patch86:        backport-CVE-2024-2398.patch
Patch87:        backport-paramhlp-fix-CRLF-stripping-files-with-d-file.patch
Patch88:        backport-libssh2-set-length-to-0-if-strdup-failed.patch
Patch89:        backport-openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch
Patch90:        backport-multi-avoid-memory-leak-risk.patch
Patch91:        backport-tool_cb_rea-limit-rate-unpause-for-T-.-uploads.patch
Patch92:        backport-tool_cfgable-free-proxy_-cipher13_list-on-exit.patch

BuildRequires:  automake brotli-devel coreutils gcc groff krb5-devel
BuildRequires:  libidn2-devel libnghttp2-devel libpsl-devel
BuildRequires:  libssh-devel make openldap-devel openssh-clients openssh-server
BuildRequires:  openssl-devel perl-interpreter pkgconfig python3-devel sed
BuildRequires:  stunnel zlib-devel gnutls-utils nghttp2 perl(IO::Compress::Gzip)
BuildRequires:  perl(Getopt::Long) perl(Pod::Usage) perl(strict) perl(warnings)
BuildRequires:  perl(Cwd) perl(Digest::MD5) perl(Exporter) perl(File::Basename)
BuildRequires:  perl(File::Copy) perl(File::Spec) perl(IPC::Open2) perl(MIME::Base64)
BuildRequires:  perl(Time::Local) perl(Time::HiRes) perl(vars)

Requires:       libcurl = %{version}-%{release}
Provides:       curl-full = %{version}-%{release} webclient

%description
cURL is a computer software project providing a library (libcurl) and
command-line tool (curl) for transferring data using various protocols.

%package -n 	libcurl
Summary:	A library for getting files from web servers
Requires:	libssh >= %{libssh_version} libpsl >= %{libpsl_version}
Requires:       openssl-libs >= 1:%{openssl_version}
Provides:	libcurl-full = %{version}-%{release} 
Conflicts:	curl < 7.66.0-3

%description -n libcurl
A library for getting files from web servers.

%package -n 	libcurl-devel
Summary:	Header files for libcurl
Requires:	libcurl = %{version}-%{release}
Provides:	curl-devel = %{version}-%{release}
Obsoletes:	curl-devel < %{version}-%{release}
	
%description -n libcurl-devel
Header files for libcurl.

%package_help

%prep
%autosetup -n %{name}-%{version} -p1

printf "1112\n1455\n1184\n1801\n1592\n" >> tests/data/DISABLED

# adapt test 323 for updated OpenSSL
sed -e 's/^35$/35,52/' -i tests/data/test323
# use localhost6 instead of ip6-localhost in the curl test-suite
(
    # avoid glob expansion in the trace output of `bash -x`
    { set +x; } 2>/dev/null
    cmd="sed -e 's|ip6-localhost|localhost6|' -i tests/data/test[0-9]*"
    printf "+ %s\n" "$cmd" >&2
    eval "$cmd"
)

%build
# regenerate Makefile.in files
aclocal -I m4
automake

install -d build-full
export common_configure_opts="--cache-file=../config.cache \
    --enable-symbol-hiding  --enable-ipv6  --enable-threaded-resolver \
    --with-gssapi  --with-nghttp2  --with-ssl \
    --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt"

%global _configure ../configure

# configure full build
(
    cd build-full
    %configure $common_configure_opts \
        --enable-ldap \
        --enable-ldaps \
        --enable-manual \
        --with-brotli \
        --with-libidn2 \
        --with-libpsl \
        --with-libssh
)

sed -e 's/^runpath_var=.*/runpath_var=/' \
    -e 's/^hardcode_libdir_flag_spec=".*"$/hardcode_libdir_flag_spec=""/' \
    -i build-full/libtool

%make_build V=1 -C build-full

%check
# compile upstream test-cases
%make_build V=1 -C build-full/tests
 
# relax crypto policy for the test-suite to make it pass again (#1610888)
export OPENSSL_SYSTEM_CIPHERS_OVERRIDE=XXX
export OPENSSL_CONF=
 
# make runtests.pl work for out-of-tree builds
export srcdir=../../tests
 
# prevent valgrind from being extremely slow (#1662656)
unset DEBUGINFOD_URLS
 
# run the upstream test-suite for curl-full
for size in full; do (
    cd build-${size}
 
    # we have to override LD_LIBRARY_PATH because we eliminated rpath
    export LD_LIBRARY_PATH="${PWD}/lib/.libs"
 
    cd tests
    perl -I../../tests ../../tests/runtests.pl -a -n -p -v '!flaky'
)
done

%install
rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.{la,so}

# install libcurl.m4 for devel
install -D -m 644 docs/libcurl/libcurl.m4 $RPM_BUILD_ROOT%{_datadir}/aclocal/libcurl.m4

# curl file install
cd build-full
%make_install

# install zsh completion for curl
LD_LIBRARY_PATH="$RPM_BUILD_ROOT%{_libdir}:$LD_LIBRARY_PATH" %make_install -C scripts

# do not install /usr/share/fish/completions/curl.fish which is also installed
# by fish-3.0.2-1.module_f31+3716+57207597 and would trigger a conflict
rm -rf ${RPM_BUILD_ROOT}%{_datadir}/fish

rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.a
rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la

%ldconfig_scriptlets

%ldconfig_scriptlets -n libcurl

%files
%defattr(-,root,root)
%license COPYING
%{_bindir}/curl
%{_datadir}/zsh

%files -n libcurl
%defattr(-,root,root)
%{_libdir}/libcurl.so.4
%{_libdir}/libcurl.so.4.[0-9].[0-9]

%files -n libcurl-devel
%defattr(-,root,root)
%doc docs/examples/*.c docs/examples/Makefile.example docs/INTERNALS.md
%doc docs/CONTRIBUTE.md docs/libcurl/ABI.md
%{_bindir}/curl-config*
%{_includedir}/curl
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
%{_datadir}/aclocal/libcurl.m4

%files help
%defattr(-,root,root)
%doc CHANGES README*
%doc docs/BUGS.md docs/FAQ docs/FEATURES.md
%doc docs/TheArtOfHttpScripting.md docs/TODO
%{_mandir}/man1/curl.1*
%{_mandir}/man1/curl-config.1*
%{_mandir}/man3/*

%changelog
* Mon Jun 24 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-29
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:paramhlp: fix CRLF-stripping files with "-d @file"
       libssh2: set length to 0 if strdup failed
       openldap: create ldap URLs correctly for IPv6 addresses
       multi: avoid memory-leak risk
       tool_cb_rea: limit rate unpause for -T . uploads
       tool_cfgable: free {proxy_}cipher13_list on exit

* Fri Mar 29 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-28
- Type:CVE
- CVE:CVE-2024-2398
- SUG:NA
- DESC:fix CVE-2024-2398

* Fri Jan 05 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-27
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:transfer: also stop the sending on closed connection
       openssl: avoid BN_num_bits() NULL pointer derefs

* Wed Jan 03 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-26
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:tool_progress: avoid division by zero in parallel progress
       digest: pass over leading spaces in qop values
       Curl_close: call Curl_resolver_cancel to avoid memory-leak
       easy: fix the altsvc init for curl_easy_duphandle
       libssh: if sftp_init fails, don't get the sftp error code
       url: move back the IDN conversion of proxy names
       ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH
       http: fix the ::1 comparison for IPv6 localhost for cookies
       multi: free up more data earleier in DONE
       curl_path: bring back support for SFTP path ending in /~
       transfer: refuse POSTFIELDS + RESUME_FROM combo
       tool_operate: refuse (--data or --form) and --continue-at
       http: free the url before storing a new copy
       url: fix null dispname for --connect-to option
       vtls: avoid memory leak if sha256 call fails
       urlapi: make sure zoneid is also duplicated in curl_url_dup

* Fri Dec 08 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-25
- Type:CVE
- CVE:CVE-2023-46218 CVE-2023-46219
- SUG:NA
- DESC:fix CVE-2023-46218 CVE-2023-46219

* Wed Oct 11 2023 Funda Wang <fundawang@yeah.net> - 7.79.1-24
- Type:CVE
- CVE:CVE-2023-38545, CVE-2023-38546
- SUG:NA
- DESC:fix CVE-2023-38545, CVE-2023-38546

* Thu Jul 20 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-23
- Type:CVE
- CVE:CVE-2023-32001
- SUG:NA
- DESC:fix CVE-2023-32001

* Mon Jul 10 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-22
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:backport some testcases

* Mon Jul 03 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-21
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix double-free when using https with tunneling proxy

* Mon Jun 19 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-20
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:hide sensitive info in cmdline when ps

* Sat Jun 10 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-19
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:disable valgrind in tests

* Thu Jun 08 2023 xingwei <xingwei14@h-partners.com> - 7.79.1-18
- Type:CVE
- CVE:CVE-2023-28320
- SUG:NA
- DESC:fix CVE-2023-28320

* Wed May 24 2023 xingwei <xingwei14@h-partners.com> - 7.79.1-17
- Type:CVE
- CVE:CVE-2023-28321,CVE-2023-28322
- SUG:NA
- DESC:fix CVE-2023-28321,CVE-2023-28322

* Wed Apr 19 2023 gaihuiying <eaglegai@163.com> - 7.79.1-16
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:backport to fix build error when user don't use glibc

* Wed Mar 22 2023 xingwei <xingwei14@h-partners.com> - 7.79.1-15
- Type:cves
- CVE:CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538
- SUG:NA
- DESC:fix CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538

* Sat Feb 18 2023 xinghe <xinghe2@h-partners.com> - 7.79.1-14
- Type:cves
- CVE:CVE-2023-23914 CVE-2023-23915 CVE-2023-23916
- SUG:NA
- DESC:fix CVE-2023-23914 CVE-2023-23915 CVE-2023-23916

* Thu Dec 22 2022 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-13
- Type:cves
- CVE:CVE-2022-43551 CVE-2022-43552
- SUG:NA
- DESC:fix CVE-2022-43551 CVE-2022-43552

* Thu Oct 27 2022 yanglu <yanglu72@h-partners.com> - 7.79.1-12
- Type:cves
- CVE:CVE-2022-32221 CVE-2022-42915 CVE-2022-42916
- SUG:NA
- DESC:fix CVE-2022-32221 CVE-2022-42915 CVE-2022-42916

* Tue Oct 11 2022 huangduirong <huangduirong@huawei.com> - 7.79.1-11
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:Move autoreconf to build

* Thu Sep 01 2022 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-10
- Type:cves
- CVE:CVE-2022-35252
- SUG:NA
- DESC:fix CVE-2022-35252

* Mon Jul 25 2022 gaihuiying <eaglegai@163.com> - 7.79.1-9
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix build error when add --disable-http-auth configure option

* Tue Jul 05 2022 gaihuiying <eaglegai@163.com> - 7.79.1-8
- Type:cves
- CVE:CVE-2022-32207
- SUG:NA
- DESC:fix CVE-2022-32207 better

* Wed Jun 29 2022 gaihuiying <eaglegai@163.com> - 7.79.1-7
- Type:cves
- CVE:CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208
- SUG:NA
- DESC:fix CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208

* Tue May 17 2022 gaihuiying <eaglegai@163.com> - 7.79.1-6
- Type:cves
- CVE:CVE-2022-27781 CVE-2022-27782
- SUG:NA
- DESC:fix CVE-2022-27781 CVE-2022-27782

* Fri May 06 2022 gaihuiying <eaglegai@163.com> - 7.79.1-5
- Type:cves
- CVE:CVE-2022-22576 CVE-2022-27774 CVE-2022-27775 CVE-2022-27776
- SUG:NA
- DESC:fix CVE-2022-22576 CVE-2022-27774 CVE-2022-27775 CVE-2022-27776

* Tue Feb 22 2022 gaoxingwang <gaoxingwang@huawei.com> - 7.79.1-4
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix dict and neg telnet server start fail in upstream testcase

* Mon Jan 24 2022 gaoxingwang <gaoxingwang@huawei.com> - 7.79.1-3
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:enable check in spec

* Thu Jan 20 2022 yanglu <yanglu72@huawei.com> - 7.79.1-2
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:delete useless patch

* Tue Dec 14 2021 yanglu <yanglu72@huawei.com> - 7.79.1-1
- Type:requirement
- CVE:NA
- SUG:NA
- DESC:update curl to 7.79.1

* Wed Sep 29 2021 yanglu <yanglu72@huawei.com> - 7.77.0-3
- Type:CVE
- CVE:CVE-2021-22945 CVE-2021-22946 CVE-2021-22947
- SUG:NA
- DESC:fix CVE-2021-22945 CVE-2021-22946CVE-2021-22947

* Fri Aug 13 2021 gaihuiying <gaihuiying1@huawei.com> - 7.77.0-2
- Type:CVE
- CVE:CVE-2021-22925 CVE-2021-22926
- SUG:NA
- DESC:fix CVE-2021-22925 CVE-2021-22926

* Thu Jul 8 2021 gaihuiying <gaihuiying1@huawei.com> - 7.77.0-1
- Type:requirement
- CVE:NA
- SUG:NA
- DESC:update curl to 7.77.0

* Tue Jun 8 2021 gaihuiying <gaihuiying1@huawei.com> - 7.71.1-9
- Type:CVE
- CVE:CVE-2021-22897 CVE-2021-22898
- SUG:NA
- DESC:fix CVE-2021-22897 CVE-2021-22898

* Tue Apr 20 2021 gaihuiying <gaihuiying1@huawei.com> - 7.71.1-8
- Type:CVE
- CVE:CVE-2021-22890
- SUG:NA
- DESC:fix CVE-2021-22890

* Thu Apr 8 2021 xieliuhua <xieliuhua@huawei.com> - 7.71.1-7
- Type:CVE
- CVE:CVE-2021-22876
- SUG:NA
- DESC:fix CVE-2021-22876

* Tue Jan 26 2021 wangxiaopeng <wangxiaopeng7@huawei.com> - 7.71.1-6
- Type:CVE
- CVE:CVE-2020-8285
- SUG:NA
- DESC:fix CVE-2020-8285

* Tue Jan 19 2021 xielh2000 <xielh2000@163.com> - 7.71.1-5
- Type:CVE
- CVE:CVE-2020-8286
- SUG:NA
- DESC:fix CVE-2020-8286

* Mon Jan 18 2021 xihaochen <xihaochen@huawei.com> - 7.71.1-4
- Type:CVE
- CVE:CVE-2020-8284
- SUG:NA
- DESC:fix CVE-2020-8284

* Tue Jan 5 2021 gaihuiying <gaihuiying1@huawei.com> - 7.71.1-3
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix downgrade error

* Mon Dec 28 2020 liuxin <liuxin264@huawei.com> - 7.71.1-2
- Type:cves
- ID:CVE-2020-8231
- SUG:NA
- DESC:fix CVE-2020-8231

* Fri Jul 24 2020 zhujunhao <zhujunhao8@huawei.com> - 7.71.1-1
- Update to 7.71.1

* Thu Apr 9 2020 songnannan <songnannan2@huawei.com> - 7.66.0-3
- split out the libcurl and libcurl-devel package 

* Tue Mar 17 2020 chenzhen <chenzhen44@huawei.com> - 7.66.0-2
- Type:cves
- ID:CVE-2019-15601
- SUG:NA
- DESC:fix CVE-2019-15601

* Sat Jan 11 2020 openEuler Buildteam <buildteam@openeuler.org> - 7.66.0-1
- update to 7.66.0

* Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 7.61.1-4
- Type:cves
- ID:CVE-2019-5481 CVE-2019-5482
- SUG:NA
- DESC:fix CVE-2019-5481 CVE-2019-5482

* Wed Sep 18 2019 guanyanjie <guanyanjie@huawei.com> - 7.61.1-3
- Init for openEuler