From 4ad1229e9d7e326a9f92e293970ea381b2f25c6c Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: May 11 2022 08:03:28 +0000
Subject: new upstream release - 7.83.1


Resolves: CVE-2022-27782 - fix too eager reuse of TLS and SSH connections
Resolves: CVE-2022-27779 - do not accept cookies for TLD with trailing dot
Resolves: CVE-2022-27778 - do not remove wrong file on error
Resolves: CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names
Resolves: CVE-2022-27780 - reject percent-encoded path separator in URL host

---

diff --git a/curl.spec b/curl.spec
index 93b14e4..22bac0a 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,6 +1,6 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
-Version: 7.83.0
+Version: 7.83.1
 Release: 1%{?dist}
 License: MIT
 Source0: https://curl.se/download/%{name}-%{version}.tar.xz
@@ -411,6 +411,14 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
 
 %changelog
+* Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.1-1
+- new upstream release, which fixes the following vulnerabilities
+    CVE-2022-27782 - fix too eager reuse of TLS and SSH connections
+    CVE-2022-27779 - do not accept cookies for TLD with trailing dot
+    CVE-2022-27778 - do not remove wrong file on error
+    CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names
+    CVE-2022-27780 - reject percent-encoded path separator in URL host
+
 * Wed Apr 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.0-1
 - new upstream release, which fixes the following vulnerabilities
     CVE-2022-27774 - curl credential leak on redirect
diff --git a/sources b/sources
index f18cf42..7de7a70 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (curl-7.83.0.tar.xz) = be02bb2a8a3140eff3a9046f27cd4f872ed9ddaa644af49e56e5ef7dfec84a15b01db133469269437cddc937eda73953fa8c51bb758f7e98873822cd2290d3a9
-SHA512 (curl-7.83.0.tar.xz.asc) = 8fb90f9692f4fdb82ea49f0e5151219b2334da5d3910f28e787bb688fb055b8b028ccf75cdcc15cd9f86d780d479f88f902fef7d7b9e007a4b849cb25c6c13cc
+SHA512 (curl-7.83.1.tar.xz) = 2f63327d6d3687ba36fb7b8d5d3d15599eca33ebfb08681613612ea9c4b629d3b6ce4d2742fa1ebd7a997ed332001d3a4c798985f9277c83b9e7a9aecdb1b1ee
+SHA512 (curl-7.83.1.tar.xz.asc) = f0d29de315488c844eb81ed5a89ed6334910970224c8cac43e7e6f2d58c35ad0064c0b6122e69b3a34ce91f4b56873c63e2e8aea1c602ef40711bfd62a01b191