package/libcurl: security bump to 8.7.1
Drop patch that is included in this release. Drop autoreconf that was
introduced for this patch.
Fixes the following security issues:
* CVE-2024-2004
* CVE-2024-2379
* CVE-2024-2398
* CVE-2024-2466
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit fbeec56312
)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
parent
ee27dfff40
commit
e14d5578d6
@ -1,109 +0,0 @@
|
||||
From 9b3f67e267d1fa8d7867655d133bdbf8830a0ab3 Mon Sep 17 00:00:00 2001
|
||||
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
||||
Date: Thu, 15 Feb 2024 20:59:25 +0100
|
||||
Subject: [PATCH] configure.ac: find libpsl with pkg-config
|
||||
|
||||
Find libpsl with pkg-config to avoid static build failures.
|
||||
|
||||
Ref: http://autobuild.buildroot.org/results/1fb15e1a99472c403d0d3b1a688902f32e78d002
|
||||
|
||||
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
||||
Closes #12947
|
||||
|
||||
Upstream: https://github.com/curl/curl/commit/9b3f67e267d1fa8d7867655d133bdbf8830a0ab3
|
||||
---
|
||||
configure.ac | 79 ++++++++++++++++++++++++++++++++++++++++++++--------
|
||||
docs/TODO | 7 -----
|
||||
2 files changed, 67 insertions(+), 19 deletions(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index cd0e2d07d8d164..09d5364f4de575 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -2075,19 +2075,74 @@ dnl **********************************************************************
|
||||
dnl Check for libpsl
|
||||
dnl **********************************************************************
|
||||
|
||||
-AC_ARG_WITH(libpsl,
|
||||
- AS_HELP_STRING([--without-libpsl],
|
||||
- [disable support for libpsl]),
|
||||
- with_libpsl=$withval,
|
||||
- with_libpsl=yes)
|
||||
-curl_psl_msg="no (libpsl disabled)"
|
||||
-if test $with_libpsl != "no"; then
|
||||
- AC_SEARCH_LIBS(psl_builtin, psl,
|
||||
- [curl_psl_msg="enabled";
|
||||
- AC_DEFINE([USE_LIBPSL], [1], [PSL support enabled])
|
||||
- ],
|
||||
- [AC_MSG_ERROR([libpsl was not found]) ]
|
||||
+dnl Default to compiler & linker defaults for LIBPSL files & libraries.
|
||||
+OPT_LIBPSL=off
|
||||
+AC_ARG_WITH(libpsl,dnl
|
||||
+AS_HELP_STRING([--with-libpsl=PATH],[Where to look for libpsl, PATH points to the LIBPSL installation; when possible, set the PKG_CONFIG_PATH environment variable instead of using this option])
|
||||
+AS_HELP_STRING([--without-libpsl], [disable LIBPSL]),
|
||||
+ OPT_LIBPSL=$withval)
|
||||
+
|
||||
+if test X"$OPT_LIBPSL" != Xno; then
|
||||
+ dnl backup the pre-libpsl variables
|
||||
+ CLEANLDFLAGS="$LDFLAGS"
|
||||
+ CLEANCPPFLAGS="$CPPFLAGS"
|
||||
+ CLEANLIBS="$LIBS"
|
||||
+
|
||||
+ case "$OPT_LIBPSL" in
|
||||
+ yes)
|
||||
+ dnl --with-libpsl (without path) used
|
||||
+ CURL_CHECK_PKGCONFIG(libpsl)
|
||||
+
|
||||
+ if test "$PKGCONFIG" != "no" ; then
|
||||
+ LIB_PSL=`$PKGCONFIG --libs-only-l libpsl`
|
||||
+ LD_PSL=`$PKGCONFIG --libs-only-L libpsl`
|
||||
+ CPP_PSL=`$PKGCONFIG --cflags-only-I libpsl`
|
||||
+ else
|
||||
+ dnl no libpsl pkg-config found
|
||||
+ LIB_PSL="-lpsl"
|
||||
+ fi
|
||||
+
|
||||
+ ;;
|
||||
+ off)
|
||||
+ dnl no --with-libpsl option given, just check default places
|
||||
+ LIB_PSL="-lpsl"
|
||||
+ ;;
|
||||
+ *)
|
||||
+ dnl use the given --with-libpsl spot
|
||||
+ LIB_PSL="-lpsl"
|
||||
+ PREFIX_PSL=$OPT_LIBPSL
|
||||
+ ;;
|
||||
+ esac
|
||||
+
|
||||
+ dnl if given with a prefix, we set -L and -I based on that
|
||||
+ if test -n "$PREFIX_PSL"; then
|
||||
+ LD_PSL=-L${PREFIX_PSL}/lib$libsuff
|
||||
+ CPP_PSL=-I${PREFIX_PSL}/include
|
||||
+ fi
|
||||
+
|
||||
+ LDFLAGS="$LDFLAGS $LD_PSL"
|
||||
+ CPPFLAGS="$CPPFLAGS $CPP_PSL"
|
||||
+ LIBS="$LIB_PSL $LIBS"
|
||||
+
|
||||
+ AC_CHECK_LIB(psl, psl_builtin,
|
||||
+ [
|
||||
+ AC_CHECK_HEADERS(libpsl.h,
|
||||
+ curl_psl_msg="enabled"
|
||||
+ LIBPSL_ENABLED=1
|
||||
+ AC_DEFINE(USE_LIBPSL, 1, [if libpsl is in use])
|
||||
+ AC_SUBST(USE_LIBPSL, [1])
|
||||
+ )
|
||||
+ ],
|
||||
+ dnl not found, revert back to clean variables
|
||||
+ LDFLAGS=$CLEANLDFLAGS
|
||||
+ CPPFLAGS=$CLEANCPPFLAGS
|
||||
+ LIBS=$CLEANLIBS
|
||||
)
|
||||
+
|
||||
+ if test X"$OPT_LIBPSL" != Xoff &&
|
||||
+ test "$LIBPSL_ENABLED" != "1"; then
|
||||
+ AC_MSG_ERROR([libpsl libs and/or directories were not found where specified!])
|
||||
+ fi
|
||||
fi
|
||||
AM_CONDITIONAL([USE_LIBPSL], [test "$curl_psl_msg" = "enabled"])
|
||||
|
@ -1,5 +1,5 @@
|
||||
# Locally calculated after checking pgp signature
|
||||
# https://curl.se/download/curl-8.6.0.tar.xz.asc
|
||||
# https://curl.se/download/curl-8.7.1.tar.xz.asc
|
||||
# signed with key 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2
|
||||
sha256 3ccd55d91af9516539df80625f818c734dc6f2ecf9bada33c76765e99121db15 curl-8.6.0.tar.xz
|
||||
sha256 6fea2aac6a4610fbd0400afb0bcddbe7258a64c63f1f68e5855ebc0c659710cd curl-8.7.1.tar.xz
|
||||
sha256 adb1fc06547fd136244179809f7b7c2d2ae6c4534f160aa513af9b6a12866a32 COPYING
|
||||
|
@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
LIBCURL_VERSION = 8.6.0
|
||||
LIBCURL_VERSION = 8.7.1
|
||||
LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz
|
||||
LIBCURL_SITE = https://curl.se/download
|
||||
LIBCURL_DEPENDENCIES = host-pkgconf \
|
||||
@ -14,8 +14,6 @@ LIBCURL_LICENSE = curl
|
||||
LIBCURL_LICENSE_FILES = COPYING
|
||||
LIBCURL_CPE_ID_VENDOR = haxx
|
||||
LIBCURL_INSTALL_STAGING = YES
|
||||
# 0001-configure.ac-find-libpsl-with-pkg-config.patch
|
||||
LIBCURL_AUTORECONF = YES
|
||||
|
||||
# We disable NTLM delegation to winbinds ntlm_auth ('--disable-ntlm-wb')
|
||||
# support because it uses fork(), which doesn't work on non-MMU platforms.
|
||||
|
Loading…
Reference in New Issue
Block a user