summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2015-07-03 23:21:01 +0000
committerHauke Mehrtens <hauke@hauke-m.de>2015-07-03 23:21:01 +0000
commit97b14fd70037aa1d10bbd0b2ed67efd82e160c56 (patch)
tree68db5d8a98993614e1b6ee5c853c624fd330db09
parent69a2459c668e9ddf129bbff94633a621e21aeca8 (diff)
downloadmaster-31e0f0ae-97b14fd70037aa1d10bbd0b2ed67efd82e160c56.tar.gz
master-31e0f0ae-97b14fd70037aa1d10bbd0b2ed67efd82e160c56.tar.bz2
master-31e0f0ae-97b14fd70037aa1d10bbd0b2ed67efd82e160c56.zip
curl: update curl to version 7.43.0
This brings curl to version 7.43.0 and contains fixes for the following security vulnerabilities: CVE-2015-3236: lingering HTTP credentials in connection re-use http://curl.haxx.se/docs/adv_20150617A.html CVE-2015-3237: SMB send off unrelated memory contents http://curl.haxx.se/docs/adv_20150617B.html The 100-check_long_long patch is not needed any more, because the upstream autoconf script already checks for long long when cyassl is selected. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 46169
Diffstat
-rw-r--r--package/network/utils/curl/Makefile6
-rw-r--r--package/network/utils/curl/patches/100-check_long_long.patch10
-rw-r--r--package/network/utils/curl/patches/200-no_docs_tests.patch4
-rw-r--r--package/network/utils/curl/patches/300-fix-disable-crypto-auth.patch8
-rw-r--r--package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch8
5 files changed, 13 insertions, 23 deletions
diff --git a/package/network/utils/curl/Makefile b/package/network/utils/curl/Makefile
index 7f6d35575a..82574cd396 100644
--- a/package/network/utils/curl/Makefile
+++ b/package/network/utils/curl/Makefile
@@ -8,8 +8,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=curl
-PKG_VERSION:=7.40.0
-PKG_RELEASE:=3
+PKG_VERSION:=7.43.0
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://curl.haxx.se/download/ \
@@ -18,7 +18,7 @@ PKG_SOURCE_URL:=http://curl.haxx.se/download/ \
ftp://ftp.planetmirror.com/pub/curl/ \
http://www.mirrormonster.com/curl/download/ \
http://curl.mirrors.cyberservers.net/download/
-PKG_MD5SUM:=8d30594212e65657a5c32030f0998fa9
+PKG_MD5SUM:=11bddbb452a8b766b932f859aaeeed39
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
diff --git a/package/network/utils/curl/patches/100-check_long_long.patch b/package/network/utils/curl/patches/100-check_long_long.patch
deleted file mode 100644
index 2dd8cc72d8..0000000000
--- a/package/network/utils/curl/patches/100-check_long_long.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -2885,6 +2885,7 @@ CURL_VERIFY_RUNTIMELIBS
-
- AC_CHECK_SIZEOF(size_t)
- AC_CHECK_SIZEOF(long)
-+AC_CHECK_SIZEOF(long long)
- AC_CHECK_SIZEOF(int)
- AC_CHECK_SIZEOF(short)
- CURL_CONFIGURE_LONG
diff --git a/package/network/utils/curl/patches/200-no_docs_tests.patch b/package/network/utils/curl/patches/200-no_docs_tests.patch
index 6a1fdf5b6b..2845577f1c 100644
--- a/package/network/utils/curl/patches/200-no_docs_tests.patch
+++ b/package/network/utils/curl/patches/200-no_docs_tests.patch
@@ -1,6 +1,6 @@
--- a/Makefile.am
+++ b/Makefile.am
-@@ -129,7 +129,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ) \
+@@ -129,7 +129,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP)
bin_SCRIPTS = curl-config
SUBDIRS = lib src include
@@ -11,7 +11,7 @@
pkgconfig_DATA = libcurl.pc
--- a/Makefile.in
+++ b/Makefile.in
-@@ -577,7 +577,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ) \
+@@ -577,7 +577,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP)
bin_SCRIPTS = curl-config
SUBDIRS = lib src include
diff --git a/package/network/utils/curl/patches/300-fix-disable-crypto-auth.patch b/package/network/utils/curl/patches/300-fix-disable-crypto-auth.patch
index 3f88861e54..1cdb8200e1 100644
--- a/package/network/utils/curl/patches/300-fix-disable-crypto-auth.patch
+++ b/package/network/utils/curl/patches/300-fix-disable-crypto-auth.patch
@@ -1,6 +1,6 @@
--- a/lib/curl_ntlm_msgs.c
+++ b/lib/curl_ntlm_msgs.c
-@@ -571,7 +571,7 @@ CURLcode Curl_sasl_create_ntlm_type3_mes
+@@ -569,7 +569,7 @@ CURLcode Curl_sasl_create_ntlm_type3_mes
else
#endif
@@ -11,9 +11,9 @@
unsigned char ntbuffer[0x18];
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
-@@ -835,9 +835,9 @@ void Curl_ssl_md5sum(unsigned char *tmp,
- unsigned char *md5sum, /* output */
- size_t md5len)
+@@ -852,9 +852,9 @@ CURLcode Curl_ssl_md5sum(unsigned char *
+ unsigned char *md5sum, /* output */
+ size_t md5len)
{
-#ifdef curlssl_md5sum
+#if defined(curlssl_md5sum)
diff --git a/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch b/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
index d008227509..1b5b63aa69 100644
--- a/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
+++ b/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
@@ -1,11 +1,11 @@
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
-@@ -591,7 +591,7 @@ void Curl_polarssl_session_free(void *pt
+@@ -592,7 +592,7 @@ void Curl_polarssl_session_free(void *pt
size_t Curl_polarssl_version(char *buffer, size_t size)
{
- unsigned int version = version_get_number();
+ unsigned int version = POLARSSL_VERSION_NUMBER;
- return snprintf(buffer, size, "PolarSSL/%d.%d.%d", version>>24,
- (version>>16)&0xff, (version>>8)&0xff);
- }
+ return snprintf(buffer, size, "%s/%d.%d.%d",
+ version >= 0x01030A00?"mbedTLS":"PolarSSL",
+ version>>24, (version>>16)&0xff, (version>>8)&0xff);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 11:37:00 +0000