download.lst | 8 +-
external/curl/ExternalProject_curl.mk | 2
external/curl/clang-cl.patch.0 | 2
external/curl/curl-7.26.0_win-proxy.patch | 8 +-
external/curl/curl-msvc-disable-protocols.patch.1 | 4 -
external/curl/curl-msvc-zlib.patch.1 | 2
external/curl/curl-msvc.patch.1 | 4 -
external/curl/curl-nss.patch.1 | 7 ++
external/curl/zlib.patch.0 | 12 ++--
external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch | 29 ---------
external/zlib/UnpackedTarball_zlib.mk | 7 --
external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch | 32 -----------
ucb/qa/complex/ucb/UCB.java | 7 +-
ucb/source/ucp/ftp/ftpcontent.cxx | 15 +++++
14 files changed, 47 insertions(+), 92 deletions(-)
New commits:
commit 29e8a2a12a817f3bbd6619baee33ec17c88c81da
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Oct 26 11:07:49 2022 +0200
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Oct 26 18:15:17 2022 +0200
curl: upgrade to release 7.86.0
Fixes CVE-2022-32221 which could affect libcmis, CVE-2022-42915,
and 2 more CVEs that probably don't affect LO.
* remove --without-ssl:
On the one hand, on GNU/Linux this now results in:
configure: error: --without-ssl has been set together with an explicit
option to use an ssl library
On the other hand, using the more obvious --without-openssl yields a link
failure on Android on the nss check in configure:
configure:28220: checking for SSL_VersionRangeSet in -lnss
/home/cl/Android/Sdk/ndk/20.1.5948944/toolchains/llvm/prebuilt/linux-x86_64/bin/../lib/gcc/aarch64-linux-android/4.9.x/../../../../aarch64-linux-android/bin/ld:
warning: liblog.so, needed by
/home/cl/rpmbuild/BUILD/lo-android2/workdir/UnpackedTarball/nss/dist/out/lib/libnss3.so,
not found (try using -rpath or -rpath-link)
/home/cl/rpmbuild/BUILD/lo-android2/workdir/UnpackedTarball/nss/dist/out/lib/libnspr4.so:
undefined reference to `__android_log_write'
/home/cl/rpmbuild/BUILD/lo-android2/workdir/UnpackedTarball/nss/dist/out/lib/libnspr4.so:
undefined reference to `__android_log_assert'
... so add the -llog for android in curl-nss.patch.1
Change-Id: I3931a1eec2d681c2ce0e5695039492772e9fcc81
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/141866
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit a76a88203d8508f38b10d9bbb94c3bba2485fcaf)
diff --git a/download.lst b/download.lst
index 293e41d7100c..972bbc2e57e7 100644
--- a/download.lst
+++ b/download.lst
@@ -27,8 +27,8 @@ export CPPUNIT_SHA256SUM :=
3d569869d27b48860210c758c4f313082103a5e58219a7669b52
export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz
export CT2N_SHA256SUM :=
71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM :=
88b54a6d4b9a48cb4d873c7056dcba997ddd5b7be5a2d537a4acb55c20b04be6
-export CURL_TARBALL := curl-7.85.0.tar.xz
+export CURL_SHA256SUM :=
2d61116e5f485581f6d59865377df4463f2e788677ac43222b496d4e49fb627b
+export CURL_TARBALL := curl-7.86.0.tar.xz
export EBOOK_SHA256SUM :=
7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9
export EBOOK_TARBALL := libe-book-0.1.3.tar.xz
export EPOXY_SHA256SUM :=
002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d
diff --git a/external/curl/ExternalProject_curl.mk
b/external/curl/ExternalProject_curl.mk
index b4ab0b88e55d..43bb1cad0b93 100644
--- a/external/curl/ExternalProject_curl.mk
+++ b/external/curl/ExternalProject_curl.mk
@@ -43,7 +43,7 @@ $(call gb_ExternalProject_get_state_target,curl,build):
$(if $(filter iOS MACOSX,$(OS)),\
--with-secure-transport,\
$(if $(ENABLE_NSS),--with-nss$(if
$(SYSTEM_NSS),,="$(call gb_UnpackedTarball_get_dir,nss)/dist/out")
--with-nss-deprecated,--without-nss)) \
- --without-ssl --without-gnutls --without-polarssl
--without-cyassl --without-axtls --without-mbedtls \
+ --without-openssl --without-gnutls --without-polarssl
--without-cyassl --without-axtls --without-mbedtls \
--enable-ftp --enable-http --enable-ipv6 \
--without-libidn2 --without-libpsl --without-librtmp \
--without-libssh2 --without-metalink --without-nghttp2 \
diff --git a/external/curl/curl-7.26.0_win-proxy.patch
b/external/curl/curl-7.26.0_win-proxy.patch
index 1c5469a35479..6fb20533e097 100644
--- a/external/curl/curl-7.26.0_win-proxy.patch
+++ b/external/curl/curl-7.26.0_win-proxy.patch
@@ -12,18 +12,18 @@
--- curl-7.26.0/lib/url.c
+++ misc/build/curl-7.26.0/lib/url.c
@@ -78,6 +78,10 @@
- bool curl_win32_idn_to_ascii(const char *in, char **out);
+ bool Curl_win32_idn_to_ascii(const char *in, char **out);
#endif /* USE_LIBIDN2 */
+#ifdef _WIN32
+#include <WinHttp.h>
+#endif
+
+ #include "doh.h"
#include "urldata.h"
#include "netrc.h"
-
@@ -4586,6 +4590,21 @@
- }
+ #ifndef CURL_DISABLE_PROXY
#ifndef CURL_DISABLE_HTTP
+#ifdef _WIN32
@@ -72,7 +72,7 @@
+ }
+ }
+
-+ if(!check_noproxy(conn->host.name, no_proxy)) {
++ if(!Curl_check_noproxy(conn->host.name, no_proxy)) {
+ /* Look for the http proxy setting */
+ char *tok;
+ char *saveptr;
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index 016cd109c7a2..5ef25748d7eb 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,12 +1,17 @@
diff -ur curl.org/configure curl/configure
--- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
+++ curl/configure 2016-03-13 15:16:44.132000076 +0100
-@@ -27985,7 +27985,7 @@
+@@ -27985,7 +27985,12 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation
flags for NSS." >&2;}
addld="-L$OPT_NSS/lib"
- addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4"
+ addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4 -lnssutil3"
++ case $host_os in
++ *android*)
++ addlib="${addlib} -llog"
++ ;;
++ esac
addcflags="-I$OPT_NSS/include"
version="unknown"
nssprefix=$OPT_NSS
commit dba16855b6c38210a93b49ef3418a42a516989a1
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Thu Sep 22 20:25:53 2022 +0900
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Oct 26 17:08:25 2022 +0200
curl: upgrade to release 7.85.0
Fixes CVE-2022-35252
Change-Id: I549240f6ae31ae94f925422517cd03ef2e3b5732
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/140411
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 31a8de10e8f60d79d6eb588a049567b89a48f0b1)
diff --git a/download.lst b/download.lst
index bf244aff7386..293e41d7100c 100644
--- a/download.lst
+++ b/download.lst
@@ -27,8 +27,8 @@ export CPPUNIT_SHA256SUM :=
3d569869d27b48860210c758c4f313082103a5e58219a7669b52
export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz
export CT2N_SHA256SUM :=
71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM :=
2cb9c2356e7263a1272fd1435ef7cdebf2cd21400ec287b068396deb705c22c4
-export CURL_TARBALL := curl-7.83.1.tar.xz
+export CURL_SHA256SUM :=
88b54a6d4b9a48cb4d873c7056dcba997ddd5b7be5a2d537a4acb55c20b04be6
+export CURL_TARBALL := curl-7.85.0.tar.xz
export EBOOK_SHA256SUM :=
7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9
export EBOOK_TARBALL := libe-book-0.1.3.tar.xz
export EPOXY_SHA256SUM :=
002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d
diff --git a/external/curl/clang-cl.patch.0 b/external/curl/clang-cl.patch.0
index 2fbb10c2a9aa..5dfb19d5ba59 100644
--- a/external/curl/clang-cl.patch.0
+++ b/external/curl/clang-cl.patch.0
@@ -1,6 +1,6 @@
--- winbuild/MakefileBuild.vc
+++ winbuild/MakefileBuild.vc
-@@ -60,7 +60,7 @@
+@@ -52,7 +52,7 @@
!ELSE
CC_NODEBUG = $(CC) /O2 /DNDEBUG
CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd
diff --git a/external/curl/curl-msvc-disable-protocols.patch.1
b/external/curl/curl-msvc-disable-protocols.patch.1
index a6d06c69b004..89c4ff576f85 100644
--- a/external/curl/curl-msvc-disable-protocols.patch.1
+++ b/external/curl/curl-msvc-disable-protocols.patch.1
@@ -2,7 +2,7 @@ disable protocols nobody needs in MSVC build
--- curl/lib/config-win32.h.orig 2017-08-09 16:43:29.464000000 +0200
+++ curl/lib/config-win32.h 2017-08-09 16:47:38.549200000 +0200
-@@ -733,4 +733,20 @@
+@@ -616,4 +616,20 @@
# define ENABLE_IPV6 1
#endif
@@ -25,7 +25,7 @@ disable protocols nobody needs in MSVC build
#endif /* HEADER_CURL_CONFIG_WIN32_H */
--- curl/winbuild/MakefileBuild.vc.orig 2017-10-23 23:41:21.393200000
+0200
+++ curl/winbuild/MakefileBuild.vc 2017-10-23 23:34:16.028000000 +0200
-@@ -431,7 +431,7 @@
+@@ -562,7 +562,7 @@
EXE_OBJS = $(CURL_OBJS) $(CURL_DIROBJ)\curl.res
diff --git a/external/curl/curl-msvc-zlib.patch.1
b/external/curl/curl-msvc-zlib.patch.1
index 654303c21874..a9ee0013d50b 100644
--- a/external/curl/curl-msvc-zlib.patch.1
+++ b/external/curl/curl-msvc-zlib.patch.1
@@ -2,7 +2,7 @@ find internal zlib in nmake buildsystem
--- curl/winbuild/MakefileBuild.vc.orig2 2021-10-27 20:44:48.685237000
+0200
+++ curl/winbuild/MakefileBuild.vc 2021-10-27 20:47:23.792407400 +0200
-@@ -222,8 +222,9 @@
+@@ -244,8 +244,9 @@
ZLIB_LIB_DIR = $(ZLIB_PATH)\lib
ZLIB_LFLAGS = $(ZLIB_LFLAGS) "/LIBPATH:$(ZLIB_LIB_DIR)"
!ELSE
diff --git a/external/curl/curl-msvc.patch.1 b/external/curl/curl-msvc.patch.1
index a5b79a8e9c49..54ad026ec8c7 100644
--- a/external/curl/curl-msvc.patch.1
+++ b/external/curl/curl-msvc.patch.1
@@ -2,7 +2,7 @@ MSVC: using SOLARINC
--- curl/winbuild/MakefileBuild.vc.orig 2017-10-23 16:36:07.713550851
+0200
+++ curl/winbuild/MakefileBuild.vc 2017-10-23 16:38:19.301547594 +0200
-@@ -60,7 +60,7 @@
+@@ -52,7 +52,7 @@
!ELSE
CC_NODEBUG = $(CC) /O2 /DNDEBUG
CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd
@@ -11,7 +11,7 @@ MSVC: using SOLARINC
!ENDIF
LFLAGS = /nologo /machine:$(MACHINE)
-@@ -300,11 +300,11 @@
+@@ -426,11 +426,11 @@
# CURL_XX macros are for the curl.exe command
!IF "$(DEBUG)"=="yes"
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index d4dad7eba77e..016cd109c7a2 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,7 +1,7 @@
diff -ur curl.org/configure curl/configure
--- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
+++ curl/configure 2016-03-13 15:16:44.132000076 +0100
-@@ -28216,7 +28216,7 @@
+@@ -27985,7 +27985,7 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation
flags for NSS." >&2;}
addld="-L$OPT_NSS/lib"
diff --git a/external/curl/zlib.patch.0 b/external/curl/zlib.patch.0
index e0f579f8675a..b8e242a3aaea 100644
--- a/external/curl/zlib.patch.0
+++ b/external/curl/zlib.patch.0
@@ -1,6 +1,6 @@
--- configure
+++ configure
-@@ -22699,7 +22699,6 @@
+@@ -22808,7 +22808,6 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS
clean_LIBS=$LIBS
@@ -8,7 +8,7 @@
# Check whether --with-zlib was given.
if test ${with_zlib+y}
-@@ -22709,6 +22708,7 @@
+@@ -22818,6 +22818,7 @@
if test "$OPT_ZLIB" = "no" ; then
@@ -16,7 +16,7 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: zlib disabled" >&5
printf "%s\n" "$as_me: WARNING: zlib disabled" >&2;}
else
-@@ -22716,6 +22716,21 @@
+@@ -22825,6 +825,21 @@
OPT_ZLIB=""
fi
@@ -38,7 +38,7 @@
if test -z "$OPT_ZLIB" ; then
if test -n "$PKG_CONFIG"; then
-@@ -23011,6 +23026,7 @@
+@@ -23120,6 +23120,7 @@
printf "%s\n" "$as_me: found both libz and libz.h header" >&6;}
curl_zlib_msg="enabled"
fi
@@ -48,7 +48,7 @@
if test x"$AMFIXLIB" = x1; then
--- configure.ac
+++ configure.ac
-@@ -880,19 +880,30 @@
+@@ -1222,19 +1222,30 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS
clean_LIBS=$LIBS
@@ -80,7 +80,7 @@
if test -z "$OPT_ZLIB" ; then
CURL_CHECK_PKGCONFIG(zlib)
-@@ -975,6 +986,7 @@
+@@ -1316,6 +1316,7 @@
AC_MSG_NOTICE([found both libz and libz.h header])
curl_zlib_msg="enabled"
fi
commit 9d9441ad4aba71f1e2bf854cc7dd6520dd9a5214
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Oct 26 14:58:09 2022 +0200
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Oct 26 17:08:25 2022 +0200
ucb: FTP UCP: report CURLE_URL_MALFORMAT as IllegalIdentifierException
With curl 7.86, the test JunitTest_ucb_complex starts to fail:
.ftp://noname:nopasswd@*nohost.invalid
now executing open
com.sun.star.ucb.InteractiveAugmentedIOException:
at com.sun.proxy.$Proxy15.execute(Unknown Source)
at complex.ucb.UCB.executeCommand(UCB.java:63)
at complex.ucb.UCB.checkWrongFtpConnection(UCB.java:119)
because curl_easy_perform() now returns CURLE_URL_MALFORMAT where
previously it was CURLE_COULDNT_RESOLVE_HOST.
Map this to an exception the test expects.
Change-Id: Ifdb672946726ddb4cb4d9426b7e70eefac63f040
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/141877
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 022e476af44c0dfc97403dc0f3a3b63e731903e6)
diff --git a/ucb/source/ucp/ftp/ftpcontent.cxx
b/ucb/source/ucp/ftp/ftpcontent.cxx
index 92c3639bebf0..a7703e98ed75 100644
--- a/ucb/source/ucp/ftp/ftpcontent.cxx
+++ b/ucb/source/ucp/ftp/ftpcontent.cxx
@@ -62,6 +62,7 @@
#include <com/sun/star/ucb/UnsupportedDataSinkException.hpp>
#include <com/sun/star/ucb/OpenCommandArgument2.hpp>
#include <com/sun/star/ucb/UnsupportedOpenModeException.hpp>
+#include <com/sun/star/ucb/IllegalIdentifierException.hpp>
#include <com/sun/star/ucb/InteractiveNetworkConnectException.hpp>
#include <com/sun/star/ucb/InteractiveNetworkResolveNameException.hpp>
#include <com/sun/star/ucb/InteractiveIOException.hpp>
@@ -223,6 +224,7 @@ enum ACTION { NOACTION,
THROWAUTHENTICATIONREQUEST,
THROWACCESSDENIED,
THROWINTERACTIVECONNECT,
+ THROWMALFORMED,
THROWRESOLVENAME,
THROWQUOTE,
THROWNOFILE,
@@ -339,6 +341,15 @@ Any SAL_CALL FTPContent::execute( const Command& aCommand,
Environment);
break;
}
+ case THROWMALFORMED:
+ {
+ IllegalIdentifierException ex;
+ aRet <<= ex;
+ ucbhelper::cancelCommandExecution(
+ aRet,
+ Environment);
+ break;
+ }
case THROWRESOLVENAME:
{
InteractiveNetworkResolveNameException excep;
@@ -533,6 +544,10 @@ Any SAL_CALL FTPContent::execute( const Command& aCommand,
{
if(e.code() == CURLE_COULDNT_CONNECT)
action = THROWINTERACTIVECONNECT;
+ else if (e.code() == CURLE_URL_MALFORMAT)
+ {
+ action = THROWMALFORMED;
+ }
else if(e.code() == CURLE_COULDNT_RESOLVE_HOST )
action = THROWRESOLVENAME;
else if(e.code() == CURLE_FTP_USER_PASSWORD_INCORRECT ||
commit dbe0b3c93fffd5093a606a3f95cde1b344cb34d7
Author: Noel Grandin <noel.gran...@collabora.co.uk>
AuthorDate: Wed Nov 27 09:08:37 2019 +0200
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Oct 26 17:08:25 2022 +0200
more UCB test more robust on my system
ever since a system update, this test receives an
IllegalIdentifierException thrown by
ContentProvider::queryContent
in
ucb/source/ucp/webdav-neon/webdavprovider.cxx
Given that
(1) On a system where the test passes, no IllegalArgumentException is
thrown
(2) Comment in the test indicates that the test should be run with proxy
enabled, which is not the case in our build
(3) I am running with a system proxy enabled
(4) the IllegalIdentifierException looks quite valid
I suspect that I am the victim of a dodgy test and some new proxy
behaviour in Fedora31.
Change-Id: Id3fb3499a44b5672e4eed0a2749dc287d6e7a3cc
Reviewed-on: https://gerrit.libreoffice.org/83853
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.gran...@collabora.co.uk>
(cherry picked from commit 649a37f1f4048eb10303b6d1a46050234807f8ce)
diff --git a/ucb/qa/complex/ucb/UCB.java b/ucb/qa/complex/ucb/UCB.java
index f403beee4c93..16ee670805ff 100644
--- a/ucb/qa/complex/ucb/UCB.java
+++ b/ucb/qa/complex/ucb/UCB.java
@@ -117,10 +117,11 @@ public class UCB {
System.out.println("now executing open");
executeCommand(content, "open", aArg);
- fail("Expected 'IllegalArgumentException' was not thrown.");
+ fail("Expected exception 'IllegalArgumentException' or
'IllegalIdentifierException' was not thrown.");
} catch (com.sun.star.lang.IllegalArgumentException ex) {
- //TODO error message;
- System.out.println("Correct exception thrown: " +
ex.getClass().toString());
+ // correct
+ } catch (com.sun.star.ucb.IllegalIdentifierException ex) {
+ // correct
} catch(com.sun.star.ucb.InteractiveNetworkException ex) {
System.out.println("This Exception is correctly thrown when no
Proxy in StarOffice is used.");
System.out.println("To reproduce the bug behaviour, use a Proxy
and try again.");
commit 620c74ad949415ebae98d612434803af228d1018
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Mon Oct 24 18:00:18 2022 +0900
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Oct 26 11:32:54 2022 +0200
zlib: upgrade to release 1.2.13
Fixes CVE-2022-37434
Removed two patches as fixed upstream.
Change-Id: I10465b7eafc4952cf8dc64e6d7a77f5e5255a386
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/141757
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit b2d6ad64473527f88dfb7088376ccf1242d97666)
diff --git a/download.lst b/download.lst
index 5e8b2c92b731..bf244aff7386 100644
--- a/download.lst
+++ b/download.lst
@@ -251,8 +251,8 @@ export WPS_VERSION_MICRO := 10
export WPS_TARBALL := libwps-0.4.$(WPS_VERSION_MICRO).tar.xz
export XSLTML_SHA256SUM :=
75823776fb51a9c526af904f1503a7afaaab900fba83eda64f8a41073724c870
export XSLTML_TARBALL := a7983f859eafb2677d7ff386a023bc40-xsltml_2.1.2.zip
-export ZLIB_SHA256SUM :=
7db46b8d7726232a621befaab4a1c870f00a90805511c0e0090441dac57def18
-export ZLIB_TARBALL := zlib-1.2.12.tar.xz
+export ZLIB_SHA256SUM :=
d14c38e313afc35a9a8760dadf26042f51ea0f5d154b0630a31da0540107fb98
+export ZLIB_TARBALL := zlib-1.2.13.tar.xz
export ZMF_SHA256SUM :=
27051a30cb057fdb5d5de65a1f165c7153dc76e27fe62251cbb86639eb2caf22
export ZMF_TARBALL := libzmf-0.0.2.tar.xz
diff --git a/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
b/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
deleted file mode 100644
index c5c95a92b28a..000000000000
--- a/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d Mon Sep 17 00:00:00 2001
-From: Mark Adler <f...@madler.net>
-Date: Mon, 8 Aug 2022 10:50:09 -0700
-Subject: [PATCH] Fix extra field processing bug that dereferences NULL
- state->head.
-
-The recent commit to fix a gzip header extra field processing bug
-introduced the new bug fixed here.
----
- inflate.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/inflate.c b/inflate.c
-index 7a7289749..2a3c4fe98 100644
---- a/inflate.c
-+++ b/inflate.c
-@@ -763,10 +763,10 @@ int flush;
- copy = state->length;
- if (copy > have) copy = have;
- if (copy) {
-- len = state->head->extra_len - state->length;
- if (state->head != Z_NULL &&
- state->head->extra != Z_NULL &&
-- len < state->head->extra_max) {
-+ (len = state->head->extra_len - state->length) <
-+ state->head->extra_max) {
- zmemcpy(state->head->extra + len, next,
- len + copy > state->head->extra_max ?
- state->head->extra_max - len : copy);
diff --git a/external/zlib/UnpackedTarball_zlib.mk
b/external/zlib/UnpackedTarball_zlib.mk
index 10ee74b9568a..dd9fc1c31445 100644
--- a/external/zlib/UnpackedTarball_zlib.mk
+++ b/external/zlib/UnpackedTarball_zlib.mk
@@ -16,11 +16,6 @@ $(eval $(call gb_UnpackedTarball_set_post_action,zlib,\
cp $(addsuffix .c,adler32 compress crc32 deflate inffast inflate
inftrees trees zutil) x64 \
))
-$(eval $(call gb_UnpackedTarball_set_patchlevel,zlib,1))
-
-$(eval $(call gb_UnpackedTarball_add_patches,zlib,\
- external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch \
- external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch \
-))
+$(eval $(call gb_UnpackedTarball_set_patchlevel,zlib,0))
# vim: set noet sw=4 ts=4:
diff --git a/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
b/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
deleted file mode 100644
index dc84d3a1d385..000000000000
--- a/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From eff308af425b67093bab25f80f1ae950166bece1 Mon Sep 17 00:00:00 2001
-From: Mark Adler <f...@madler.net>
-Date: Sat, 30 Jul 2022 15:51:11 -0700
-Subject: [PATCH] Fix a bug when getting a gzip header extra field with
- inflate().
-
-If the extra field was larger than the space the user provided with
-inflateGetHeader(), and if multiple calls of inflate() delivered
-the extra header data, then there could be a buffer overflow of the
-provided space. This commit assures that provided space is not
-exceeded.
----
- inflate.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/inflate.c b/inflate.c
-index 7be8c6366..7a7289749 100644
---- a/inflate.c
-+++ b/inflate.c
-@@ -763,9 +763,10 @@ int flush;
- copy = state->length;
- if (copy > have) copy = have;
- if (copy) {
-+ len = state->head->extra_len - state->length;
- if (state->head != Z_NULL &&
-- state->head->extra != Z_NULL) {
-- len = state->head->extra_len - state->length;
-+ state->head->extra != Z_NULL &&
-+ len < state->head->extra_max) {
- zmemcpy(state->head->extra + len, next,
- len + copy > state->head->extra_max ?
- state->head->extra_max - len : copy);
