Thanks, applied as 6d1eeb754a28d3b800caa730ac4944db67fc8698. Michael
[sent from post-receive hook] On Mon, 17 Feb 2025 08:24:42 +0100, Christian Melki <[email protected]> wrote: > Mostly fixes. > https://curl.se/changes.html#8_12_0 > > Plugs CVEs: > CVE-2025-0725: gzip integer overflow > CVE-2025-0665: eventfd double close > CVE-2025-0167: netrc and default credential leak > > * Copyright year changed in license file. > > * Remove deprecated options. > > Signed-off-by: Christian Melki <[email protected]> > Message-Id: <[email protected]> > Signed-off-by: Michael Olbrich <[email protected]> > > diff --git a/rules/libcurl.make b/rules/libcurl.make > index 4ce6fe031f0a..87dc7d488bd8 100644 > --- a/rules/libcurl.make > +++ b/rules/libcurl.make > @@ -15,15 +15,15 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl > # > # Paths and names > # > -LIBCURL_VERSION := 8.11.1 > -LIBCURL_MD5 := 25e65a5156ca4928060b61cb051813db > +LIBCURL_VERSION := 8.12.0 > +LIBCURL_MD5 := 3005f775ce65b301a27f8d43a8c85511 > LIBCURL := curl-$(LIBCURL_VERSION) > LIBCURL_SUFFIX := tar.xz > LIBCURL_URL := https://curl.se/download/$(LIBCURL).$(LIBCURL_SUFFIX) > LIBCURL_SOURCE := $(SRCDIR)/$(LIBCURL).$(LIBCURL_SUFFIX) > LIBCURL_DIR := $(BUILDDIR)/$(LIBCURL) > LIBCURL_LICENSE := curl > -LIBCURL_LICENSE_FILES := file://COPYING;md5=eed2e5088e1ac619c9a1c747da291d75 > +LIBCURL_LICENSE_FILES := file://COPYING;md5=72f4e9890e99e68d77b7e40703d789b8 > > # > ---------------------------------------------------------------------------- > # Prepare > @@ -75,7 +75,6 @@ LIBCURL_CONF_OPT := \ > --disable-versioned-symbols \ > --disable-windows-unicode \ > --$(call ptx/disen, PTXCONF_LIBCURL_C_ARES)-threaded-resolver \ > - --enable-pthreads \ > --$(call ptx/endis, PTXCONF_LIBCURL_VERBOSE)-verbose \ > --disable-sspi \ > --enable-basic-auth \ > @@ -114,7 +113,6 @@ LIBCURL_CONF_OPT := \ > --without-wolfssl \ > --without-bearssl \ > --without-rustls \ > - --without-hyper \ > --with-zlib=$(SYSROOT) \ > --without-brotli \ > --without-zstd \
