blob: 63134b61c68f7772d5df55b4617bde47f19f93f3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=curl
pkgver=7.61.1
pkgrel=1
pkgdesc="URL retrival utility and library"
url="https://curl.haxx.se"
arch="all"
license="MIT"
depends="ca-certificates"
depends_dev="zlib-dev libressl-dev libssh2-dev"
makedepends="$depends_dev groff perl"
source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.xz"
subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev libcurl"
source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz
use-OPENSSL_config.patch
CVE-2018-16839.patch
CVE-2018-16840.patch
CVE-2018-16842.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
# 7.61.1-r1:
# - CVE-2018-16839
# - CVE-2018-16840
# - CVE-2018-16842
# 7.61.1-r0:
# - CVE-2018-14618
# 7.61.0-r0:
# - CVE-2018-0500
# 7.60.0-r0:
# - CVE-2018-1000300
# - CVE-2018-1000301
# 7.59.0-r0:
# - CVE-2018-1000120
# - CVE-2018-1000121
# - CVE-2018-1000122
# 7.58.0-r0:
# - CVE-2018-1000005
# 7.57.0-r0:
# - CVE-2017-8816
# - CVE-2017-8817
# - CVE-2017-8818
# 7.56.1-r0:
# - CVE-2017-1000257
# 7.56.0-r0:
# - CVE-2017-1000254
# 7.55.0-r0:
# - CVE-2017-1000099
# - CVE-2017-1000100
# - CVE-2017-1000101
# 7.52.1-r3:
# - CVE-2017-7468
# - CVE-2017-7407
# 7.52.1-r2:
# - CVE-2017-2629
# 7.52.1-r0:
# - CVE-2016-9594
# 7.51.0-r0:
# - CVE-2016-8615
# - CVE-2016-8616
# - CVE-2016-8617
# - CVE-2016-8618
# - CVE-2016-8619
# - CVE-2016-8620
# - CVE-2016-8621
# - CVE-2016-8622
# - CVE-2016-8623
# - CVE-2016-8624
# - CVE-2016-8625
# 7.50.3-r0:
# - CVE-2016-7167
# 7.50.2-r0:
# - CVE-2016-7141
# 7.50.1-r0:
# - CVE-2016-5419
# - CVE-2016-5420
# - CVE-2016-5421
# 7.36.0-r0:
# - CVE-2014-0138
# - CVE-2014-0139
prepare() {
cd "$builddir"
default_prepare || return 1
}
build() {
cd "$builddir"
./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--enable-ipv6 \
--enable-unix-sockets \
--without-libidn \
--without-libidn2 \
--with-libssh2 \
--disable-static \
--disable-ldap \
--with-pic \
|| return 1
make || return 1
}
package() {
make DESTDIR="$pkgdir" \
-C "$builddir" install || return 1
}
libcurl() {
pkgdesc="The multiprotocol file transfer library"
mkdir -p "$subpkgdir"/usr
mv "$pkgdir"/usr/lib "$subpkgdir"/usr
}
sha512sums="e6f82a7292c70841162480c8880d25046bcfa64058f4ff76f7d398c85da569af1c244442c9c58a3478d59264365ff8e39eed2fb564cb137118588f7862e64e9a curl-7.61.1.tar.xz
708527e73f9512c50e2250ca26786ba8994dc05fd2e362c1feb274e251219fb4bfc97e7e7722aa12424ccaf4c511d90d8820561c82a24f103b9ee2b743f4be28 use-OPENSSL_config.patch
4a28e4dcf36bf8e2fc5658d7fcee311d29452f4bed1479bad02772a8b7969c9dc653480b85715a5fe2bd2c2a8ae59e94fe72ffc6d0fe765131010d8f64bdfaee CVE-2018-16839.patch
c1a684f17267b08f77625064ac62e4f06989c552d6d501565f8bebf31d3a96a613f0683376ec7cc16f6489554dcca4dcb1d428461159b82434c076df44ef5b38 CVE-2018-16840.patch
dcaca036eafaaae66eba99808d00ff6bed3c9e59c2c1239ca1ddcf54c9e1c53edabd543dc6925ded3cdf9efd39c0968353527ae5ed0b986cefba333fbc7fd1af CVE-2018-16842.patch"
|
