download.lst | 4 ++--
external/curl/curl-nss.patch.1 | 6 +++---
external/curl/zlib.patch.0 | 16 ++++++++--------
3 files changed, 13 insertions(+), 13 deletions(-)
New commits:
commit add784844f736bb92728b1dcc7a2af0b4a54f787
Author: Caolán McNamara <caol...@redhat.com>
AuthorDate: Wed Oct 20 10:41:42 2021 +0100
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Fri Oct 22 09:59:08 2021 +0200
upgrade curl to 7.79.1
includes:
CVE-2021-22945: clear the leftovers pointer when sending succeeds
CVE-2021-22946: do not ignore --ssl-reqd
CVE-2021-22947: reject STARTTLS server response pipelining
Change-Id: I0047bdaa7e6e3aed1317eb014d2051a4d5ac5964
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123852
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
diff --git a/download.lst b/download.lst
index a1e91cd873a8..34bb426c8021 100644
--- a/download.lst
+++ b/download.lst
@@ -37,8 +37,8 @@ export CPPUNIT_SHA256SUM :=
89c5c6665337f56fd2db36bc3805a5619709d51fb136e5193707
export CPPUNIT_TARBALL := cppunit-1.15.1.tar.gz
export CT2N_SHA256SUM :=
71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM :=
be42766d5664a739c3974ee3dfbbcbe978a4ccb1fe628bb1d9b59ac79e445fb5
-export CURL_TARBALL := curl-7.78.0.tar.xz
+export CURL_SHA256SUM :=
0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689
+export CURL_TARBALL := curl-7.79.1.tar.xz
export EBOOK_SHA256SUM :=
7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9
export EBOOK_TARBALL := libe-book-0.1.3.tar.xz
export EPOXY_SHA256SUM :=
002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index 69fde5f7f236..d4dad7eba77e 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,9 +1,9 @@
diff -ur curl.org/configure curl/configure
--- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
+++ curl/configure 2016-03-13 15:16:44.132000076 +0100
-@@ -24009,7 +24009,7 @@
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
- $as_echo "$as_me: WARNING: Using hard-wired libraries and compilation flags
for NSS." >&2;}
+@@ -28216,7 +28216,7 @@
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
+ printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation
flags for NSS." >&2;}
addld="-L$OPT_NSS/lib"
- addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4"
+ addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4 -lnssutil3"
diff --git a/external/curl/zlib.patch.0 b/external/curl/zlib.patch.0
index f4a0ad4b152f..e0f579f8675a 100644
--- a/external/curl/zlib.patch.0
+++ b/external/curl/zlib.patch.0
@@ -1,22 +1,22 @@
--- configure
+++ configure
-@@ -20709,7 +20709,6 @@
+@@ -22699,7 +22699,6 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS
clean_LIBS=$LIBS
-ZLIB_LIBS=""
# Check whether --with-zlib was given.
- if test "${with_zlib+set}" = set; then :
-@@ -20718,6 +20719,7 @@
+ if test ${with_zlib+y}
+@@ -22709,6 +22708,7 @@
if test "$OPT_ZLIB" = "no" ; then
+ ZLIB_LIBS=""
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: zlib disabled" >&5
- $as_echo "$as_me: WARNING: zlib disabled" >&2;}
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: zlib disabled" >&5
+ printf "%s\n" "$as_me: WARNING: zlib disabled" >&2;}
else
-@@ -20725,6 +20725,21 @@
+@@ -22716,6 +22716,21 @@
OPT_ZLIB=""
fi
@@ -38,8 +38,8 @@
if test -z "$OPT_ZLIB" ; then
if test -n "$PKG_CONFIG"; then
-@@ -21005,6 +21020,7 @@
- $as_echo "$as_me: found both libz and libz.h header" >&6;}
+@@ -23011,6 +23026,7 @@
+ printf "%s\n" "$as_me: found both libz and libz.h header" >&6;}
curl_zlib_msg="enabled"
fi
+ fi
