diff options
author | Sören Tempel <soeren+git@soeren-tempel.net> | 2017-02-22 14:21:35 +0100 |
---|---|---|
committer | Sören Tempel <soeren+git@soeren-tempel.net> | 2017-02-22 14:26:20 +0100 |
commit | f0e3d2c50ca204b4ddfa477de24dc480e374a651 (patch) | |
tree | 539adc70c377a19f8f8afdd415ef80006d7f3024 | |
parent | 31e139cc114193238ed9ef31fb088903aa311226 (diff) | |
download | aports-f0e3d2c50ca204b4ddfa477de24dc480e374a651.tar.bz2 aports-f0e3d2c50ca204b4ddfa477de24dc480e374a651.tar.xz |
main/curl: security upgrade to 7.53.0
-rw-r--r-- | main/curl/0001-vtls-s-SSLEAY-OPENSSL.patch | 39 | ||||
-rw-r--r-- | main/curl/APKBUILD | 16 |
2 files changed, 6 insertions, 49 deletions
diff --git a/main/curl/0001-vtls-s-SSLEAY-OPENSSL.patch b/main/curl/0001-vtls-s-SSLEAY-OPENSSL.patch deleted file mode 100644 index 8b0c9baf0b..0000000000 --- a/main/curl/0001-vtls-s-SSLEAY-OPENSSL.patch +++ /dev/null @@ -1,39 +0,0 @@ -From a7b38c9dc98481e4a5fc37e51a8690337c674dfb Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg <daniel@haxx.se> -Date: Mon, 26 Dec 2016 00:06:33 +0100 -Subject: [PATCH 1/1] vtls: s/SSLEAY/OPENSSL - -Fixed an old leftover use of the USE_SSLEAY define which would make a -socket get removed from the applications sockets to monitor when the -multi_socket API was used, leading to timeouts. - -Bug: #1174 ---- - lib/vtls/vtls.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c -index b808e1c5f..707f24b02 100644 ---- a/lib/vtls/vtls.c -+++ b/lib/vtls/vtls.c -@@ -484,7 +484,7 @@ void Curl_ssl_close_all(struct Curl_easy *data) - curlssl_close_all(data); - } - --#if defined(USE_SSLEAY) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \ -+#if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \ - defined(USE_DARWINSSL) || defined(USE_NSS) - /* This function is for OpenSSL, GnuTLS, darwinssl, and schannel only. */ - int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks, -@@ -518,7 +518,7 @@ int Curl_ssl_getsock(struct connectdata *conn, - (void)numsocks; - return GETSOCK_BLANK; - } --/* USE_SSLEAY || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */ -+/* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */ - #endif - - void Curl_ssl_close(struct connectdata *conn, int sockindex) --- -2.11.0 - diff --git a/main/curl/APKBUILD b/main/curl/APKBUILD index 5325e4137e..59a8317779 100644 --- a/main/curl/APKBUILD +++ b/main/curl/APKBUILD @@ -2,8 +2,8 @@ # Contributor: Łukasz Jendrysik <scadu@yandex.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=curl -pkgver=7.52.1 -pkgrel=1 +pkgver=7.53.0 +pkgrel=0 pkgdesc="An URL retrival utility and library" url="http://curl.haxx.se" arch="all" @@ -11,11 +11,12 @@ license="MIT" depends="ca-certificates" depends_dev="zlib-dev libressl-dev libssh2-dev" makedepends="$depends_dev groff perl" -source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2 - 0001-vtls-s-SSLEAY-OPENSSL.patch" +source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2" subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev libcurl" # secfixes: +# 7.53.0: +# - CVE-2017-2629 # 7.52.1: # - CVE-2016-9594 # 7.51.0: @@ -72,9 +73,4 @@ libcurl() { mv "$pkgdir"/usr/lib "$subpkgdir"/usr } -md5sums="dd014df06ff1d12e173de86873f9f77a curl-7.52.1.tar.bz2 -3c3fdedadb124e347b17b94a7001f6a6 0001-vtls-s-SSLEAY-OPENSSL.patch" -sha256sums="d16185a767cb2c1ba3d5b9096ec54e5ec198b213f45864a38b3bda4bbf87389b curl-7.52.1.tar.bz2 -0c493c6602ca8562167a96e6596ba58c83c489d69a15d79c1bccbf0c9541eded 0001-vtls-s-SSLEAY-OPENSSL.patch" -sha512sums="cf36563c77d096f2c6084354ed6d45ccca7c557828ceab21204e4e8be0d4f0d287839c8cfac906174b86d51a1ee816c2769fc78ef88f039c9645bd2c27982a75 curl-7.52.1.tar.bz2 -ee4bf94e4cf1e1cd3c887ab001e1fad94728ba6d86afeed760e4e91c0f096ebc42c9b6972c8ac6ff254d34571ca335eca6c0ab49b68ac4cdb899ebfdf3e94c3e 0001-vtls-s-SSLEAY-OPENSSL.patch" +sha512sums="1fc3264dd52f6f16463de158b4ab4637ba698b1fdbf01b7a3c05ae80b06a5480323b748b31f771c969a5f7062aa9e41a1aad8677be220a411d3cbad24581baf2 curl-7.53.0.tar.bz2" |