curl

Caolán McNamara (via logerrit) Wed, 20 Oct 2021 04:01:36 -0700

 bin/oss-fuzz-setup.sh          |    2 +-
 download.lst                   |    4 ++--
 external/curl/curl-nss.patch.1 |    6 +++---
 external/curl/zlib.patch.0     |   16 ++++++++--------
 4 files changed, 14 insertions(+), 14 deletions(-)


New commits:
commit a08d1dc4ee904428ef6f78208cc2508d3fc3717b
Author:     Caolán McNamara <caol...@redhat.com>
AuthorDate: Wed Oct 20 10:41:42 2021 +0100
Commit:     Caolán McNamara <caol...@redhat.com>
CommitDate: Wed Oct 20 13:00:53 2021 +0200

    upgrade curl to 7.79.1
    
    includes:
    
    CVE-2021-22945: clear the leftovers pointer when sending succeeds
    CVE-2021-22946: do not ignore --ssl-reqd
    CVE-2021-22947: reject STARTTLS server response pipelining
    Change-Id: I0047bdaa7e6e3aed1317eb014d2051a4d5ac5964
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123883
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caol...@redhat.com>

diff --git a/bin/oss-fuzz-setup.sh b/bin/oss-fuzz-setup.sh
index 28725f8621d6..7055ef8b06dd 100755
--- a/bin/oss-fuzz-setup.sh
+++ b/bin/oss-fuzz-setup.sh
@@ -26,7 +26,7 @@ curl --no-progress-meter -S \
     -C - -O https://dev-www.libreoffice.org/src/libexttextcat-3.4.5.tar.xz \
     -C - -O https://dev-www.libreoffice.org/src/cppunit-1.15.1.tar.gz \
     -C - -O https://dev-www.libreoffice.org/src/cairo-1.17.4.tar.xz \
-    -C - -O https://dev-www.libreoffice.org/src/curl-7.78.0.tar.xz \
+    -C - -O https://dev-www.libreoffice.org/src/curl-7.79.1.tar.xz \
     -C - -O https://dev-www.libreoffice.org/src/xmlsec1-1.2.32.tar.gz \
     -C - -O https://dev-www.libreoffice.org/src/liblangtag-0.6.2.tar.bz2 \
     -C - -O https://dev-www.libreoffice.org/src/libabw-0.1.3.tar.xz \
diff --git a/download.lst b/download.lst
index 41708afbe636..b1f7d6558302 100644
--- a/download.lst
+++ b/download.lst
@@ -37,8 +37,8 @@ export CPPUNIT_SHA256SUM := 
89c5c6665337f56fd2db36bc3805a5619709d51fb136e5193707
 export CPPUNIT_TARBALL := cppunit-1.15.1.tar.gz
 export CT2N_SHA256SUM := 
71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
 export CT2N_TARBALL := 
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM := 
be42766d5664a739c3974ee3dfbbcbe978a4ccb1fe628bb1d9b59ac79e445fb5
-export CURL_TARBALL := curl-7.78.0.tar.xz
+export CURL_SHA256SUM := 
0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689
+export CURL_TARBALL := curl-7.79.1.tar.xz
 export EBOOK_SHA256SUM := 
7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9
 export EBOOK_TARBALL := libe-book-0.1.3.tar.xz
 export EPOXY_SHA256SUM := 
002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index 69fde5f7f236..d4dad7eba77e 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,9 +1,9 @@
 diff -ur curl.org/configure curl/configure
 --- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
 +++ curl/configure     2016-03-13 15:16:44.132000076 +0100
-@@ -24009,7 +24009,7 @@
-       { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired 
libraries and compilation flags for NSS." >&5
- $as_echo "$as_me: WARNING: Using hard-wired libraries and compilation flags 
for NSS." >&2;}
+@@ -28216,7 +28216,7 @@
+       { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired 
libraries and compilation flags for NSS." >&5
+ printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation 
flags for NSS." >&2;}
        addld="-L$OPT_NSS/lib"
 -      addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4"
 +      addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4 -lnssutil3"
diff --git a/external/curl/zlib.patch.0 b/external/curl/zlib.patch.0
index f4a0ad4b152f..e0f579f8675a 100644
--- a/external/curl/zlib.patch.0
+++ b/external/curl/zlib.patch.0
@@ -1,22 +1,22 @@
 --- configure
 +++ configure
-@@ -20709,7 +20709,6 @@
+@@ -22699,7 +22699,6 @@
  clean_CPPFLAGS=$CPPFLAGS
  clean_LDFLAGS=$LDFLAGS
  clean_LIBS=$LIBS
 -ZLIB_LIBS=""
  
  # Check whether --with-zlib was given.
- if test "${with_zlib+set}" = set; then :
-@@ -20718,6 +20719,7 @@
+ if test ${with_zlib+y}
+@@ -22709,6 +22708,7 @@
  
  
  if test "$OPT_ZLIB" = "no" ; then
 +    ZLIB_LIBS=""
-     { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: zlib disabled" >&5
- $as_echo "$as_me: WARNING: zlib disabled" >&2;}
+     { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: zlib disabled" >&5
+ printf "%s\n" "$as_me: WARNING: zlib disabled" >&2;}
  else
-@@ -20725,6 +20725,21 @@
+@@ -22716,6 +22716,21 @@
      OPT_ZLIB=""
    fi
  
@@ -38,8 +38,8 @@
    if test -z "$OPT_ZLIB" ; then
  
      if test -n "$PKG_CONFIG"; then
-@@ -21005,6 +21020,7 @@
- $as_echo "$as_me: found both libz and libz.h header" >&6;}
+@@ -23011,6 +23026,7 @@
+ printf "%s\n" "$as_me: found both libz and libz.h header" >&6;}
      curl_zlib_msg="enabled"
    fi
 + fi

[Libreoffice-commits] core.git: bin/oss-fuzz-setup.sh download.lst external/curl

Reply via email to