# Contributor: Sergei Lukin # Contributor: Valery Kartel # Contributor: Ɓukasz Jendrysik # Maintainer: Natanael Copa pkgname=curl pkgver=7.64.0 pkgrel=3 pkgdesc="URL retrival utility and library" url="https://curl.haxx.se" arch="all" license="MIT" depends="ca-certificates" depends_dev="openssl-dev libssh2-dev nghttp2-dev zlib-dev" checkdepends="python2" makedepends="$depends_dev autoconf automake groff libtool perl" subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev libcurl" source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz url-fix-7.64.patch CVE-2019-5435.patch CVE-2019-5436.patch CVE-2019-5481.patch CVE-2019-5482.patch " options="!check" # sftp tests failing builddir="$srcdir/$pkgname-$pkgver" # secfixes: # 7.64.0-r3: # - CVE-2019-5481 # - CVE-2019-5482 # 7.64.0-r2: # - CVE-2019-5435 # - CVE-2019-5436 # 7.64.0-r0: # - CVE-2018-16980 # - CVE-2019-3822 # - CVE-2019-3823 # 7.62.0-r0: # - CVE-2018-16839 # - CVE-2018-16840 # - CVE-2018-16842 # 7.61.1-r0: # - CVE-2018-14618 # 7.61.0-r0: # - CVE-2018-0500 # 7.60.0-r0: # - CVE-2018-1000300 # - CVE-2018-1000301 # 7.59.0-r0: # - CVE-2018-1000120 # - CVE-2018-1000121 # - CVE-2018-1000122 # 7.57.0-r0: # - CVE-2017-8816 # - CVE-2017-8817 # - CVE-2017-8818 # 7.56.1-r0: # - CVE-2017-1000257 # 7.55.0-r0: # - CVE-2017-1000099 # - CVE-2017-1000100 # - CVE-2017-1000101 # 7.54.0-r0: # - CVE-2017-7468 # 7.53.1-r2: # - CVE-2017-7407 # 7.53.0: # - CVE-2017-2629 # 7.52.1: # - CVE-2016-9594 # 7.51.0: # - CVE-2016-8615 # - CVE-2016-8616 # - CVE-2016-8617 # - CVE-2016-8618 # - CVE-2016-8619 # - CVE-2016-8620 # - CVE-2016-8621 # - CVE-2016-8622 # - CVE-2016-8623 # - CVE-2016-8624 # - CVE-2016-8625 # 7.50.3: # - CVE-2016-7167 # 7.50.2: # - CVE-2016-7141 # 7.50.1: # - CVE-2016-5419 # - CVE-2016-5420 # - CVE-2016-5421 # 7.36.0: # - CVE-2014-0138 # - CVE-2014-0139 build() { cd "$builddir" autoreconf -vif ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --enable-ipv6 \ --enable-unix-sockets \ --without-libidn \ --without-libidn2 \ --with-libssh2 \ --with-nghttp2 \ --disable-ldap \ --with-pic make } check() { cd "$builddir" make check } package() { cd "$builddir" make install DESTDIR="$pkgdir" } libcurl() { pkgdesc="The multiprotocol file transfer library" mkdir -p "$subpkgdir"/usr mv "$pkgdir"/usr/lib "$subpkgdir"/usr } sha512sums="953f1f5336ce5dfd1b9f933624432d401552d91ee02d39ecde6f023c956f99ec6aae8d7746d7c34b6eb2d6452f114e67da4e64d9c8dd90b7644b7844e7b9b423 curl-7.64.0.tar.xz 9b0cd3bfb705e804f21b3c87929ec5c3bbd6f17748e82cda75c3edbca5ea66cbcb0260c666635a2cbdaa6d4081008a9c445b4f266e9b970d3deaed21f9b352a1 url-fix-7.64.patch c629a1b36920a3f8eab3321b0222e203f53f29e5947d39a0c32e0a7de2d8ab2182c3d6bbb0828847f2f353d1d3a15d85203e17ef74018a5c865a854d7a413fc3 CVE-2019-5435.patch 9ccb8d898530f14cf497b4d0ede3b28d6baac5fa0b867636219795cf748f0149a110a386d4212ff48781c2c37e03290f2afe47cc186bd606f569acfd48457a15 CVE-2019-5436.patch 37161e4d94cdb1add2216b031f70d7ae84451229dffe48ca9856bb311e88678f0e11baab6bb4da0386ed31e8467aa51fabaf6122f876ef9bc0003638d07f22cf CVE-2019-5481.patch 6703658d9212bb87de22fabd996e8f8eb8c98aa4c015b1daa4c1a15f503c4a5530dafbcc1817032d973ef94ac29fe7b8ee16426e443b20d0bcdbe5d7f0209ffb CVE-2019-5482.patch"