download.lst | 4 ++-- external/curl/ExternalPackage_curl.mk | 2 +- external/curl/ExternalProject_curl.mk | 2 +- external/curl/curl-7.26.0_win-proxy.patch | 12 ++++++------ external/curl/curl-nss.patch.1 | 6 +++--- external/curl/zlib.patch.0 | 16 ++++++++-------- 6 files changed, 21 insertions(+), 21 deletions(-)
New commits: commit 00e37cabb4f18ed2d510c3c75aa1946280896eeb Author: Michael Stahl <michael.st...@allotropia.de> AuthorDate: Thu May 12 11:43:59 2022 +0200 Commit: Michael Stahl <michael.st...@allotropia.de> CommitDate: Mon May 16 16:22:02 2022 +0200 curl: upgrade to release 7.83.1 Fixes CVE-2022-27774 CVE-2022-27775 CVE-2022-27776 CVE-2022-27781 plus 6 more CVEs that shouldn't affect LO. Remove obsolete configure-eval-fix.patch.0. Reviewed-on: https://gerrit.libreoffice.org/c/core/+/134225 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.st...@allotropia.de> (cherry picked from commit 58a3bf5199818e30ef4207213f29692d81b519c6) upgrade to curl-7.81.0 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128783 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caol...@redhat.com> (cherry picked from commit 40a84af1bdd7b3c414a8a78ca32b0951c03f9976) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/134246 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caol...@redhat.com> (cherry picked from commit f668663d63d5b0f37d4727b54585c3b67ab92162) Change-Id: I0a34239bfb16bf19e25bf374c7f36c4cdf1776c1 fbd7ff5acf390df1d95d6b8be0dc7751e4753bbe Reviewed-on: https://gerrit.libreoffice.org/c/core/+/134393 Tested-by: Michael Stahl <michael.st...@allotropia.de> Reviewed-by: Michael Stahl <michael.st...@allotropia.de> diff --git a/download.lst b/download.lst index 244c8bc40dd1..1643c9d394e5 100644 --- a/download.lst +++ b/download.lst @@ -29,8 +29,8 @@ export CPPUNIT_SHA256SUM := 3d569869d27b48860210c758c4f313082103a5e58219a7669b52 export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz export CT2N_SHA256SUM := 71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3 export CT2N_TARBALL := 1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt -export CURL_SHA256SUM := 0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689 -export CURL_TARBALL := curl-7.79.1.tar.xz +export CURL_SHA256SUM := 2cb9c2356e7263a1272fd1435ef7cdebf2cd21400ec287b068396deb705c22c4 +export CURL_TARBALL := curl-7.83.1.tar.xz export EBOOK_SHA256SUM := 7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9 export EBOOK_TARBALL := libe-book-0.1.3.tar.xz export EPOXY_SHA256SUM := 002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d diff --git a/external/curl/ExternalPackage_curl.mk b/external/curl/ExternalPackage_curl.mk index 1fb360c85ca9..3308074b363c 100644 --- a/external/curl/ExternalPackage_curl.mk +++ b/external/curl/ExternalPackage_curl.mk @@ -20,7 +20,7 @@ $(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.4.dyli else ifeq ($(OS),AIX) $(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so,lib/.libs/libcurl.so.4)) else -$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so.4,lib/.libs/libcurl.so.4.7.0)) +$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so.4,lib/.libs/libcurl.so.4.8.0)) endif endif # $(DISABLE_DYNLOADING) diff --git a/external/curl/ExternalProject_curl.mk b/external/curl/ExternalProject_curl.mk index 06cc96c2e8de..918238ce4135 100644 --- a/external/curl/ExternalProject_curl.mk +++ b/external/curl/ExternalProject_curl.mk @@ -42,7 +42,7 @@ $(call gb_ExternalProject_get_state_target,curl,build): ./configure \ $(if $(filter iOS MACOSX,$(OS)),\ --with-secure-transport,\ - $(if $(ENABLE_NSS),--with-nss$(if $(SYSTEM_NSS),,="$(call gb_UnpackedTarball_get_dir,nss)/dist/out"),--without-nss)) \ + $(if $(ENABLE_NSS),--with-nss$(if $(SYSTEM_NSS),,="$(call gb_UnpackedTarball_get_dir,nss)/dist/out") --with-nss-deprecated,--without-nss)) \ --without-ssl --without-gnutls --without-polarssl --without-cyassl --without-axtls --without-mbedtls \ --enable-ftp --enable-http --enable-ipv6 \ --without-libidn2 --without-libpsl --without-librtmp \ diff --git a/external/curl/curl-7.26.0_win-proxy.patch b/external/curl/curl-7.26.0_win-proxy.patch index 46cdcc739d80..1c5469a35479 100644 --- a/external/curl/curl-7.26.0_win-proxy.patch +++ b/external/curl/curl-7.26.0_win-proxy.patch @@ -31,7 +31,7 @@ +{ + int bufSize; + char *out = NULL; -+ if(wStr != NULL) { ++ if(wStr) { + bufSize = WideCharToMultiByte( + CP_ACP, 0, wStr, -1, NULL, 0, NULL, NULL); + out = (char *)malloc(bufSize * sizeof(char)); @@ -63,10 +63,10 @@ + ieNoProxy = wstrToCstr(ieProxyConfig->lpszProxyBypass); + + /* Convert the ieNoProxy into a proper no_proxy value */ -+ if(NULL != ieNoProxy) { ++ if(ieNoProxy) { + no_proxy = strdup(ieNoProxy); + pos = strpbrk(no_proxy, "; "); -+ while(NULL != pos) { ++ while(pos) { + no_proxy[pos-no_proxy] = ','; + pos = strpbrk(no_proxy, "; "); + } @@ -77,9 +77,9 @@ + char *tok; + char *saveptr; + -+ if(NULL != ieProxy) { ++ if(ieProxy) { + tok = strtok_s(ieProxy, ";", &saveptr); -+ if(strchr(tok, '=') == NULL) { ++ if(!strchr(tok, '=')) { + proxy = strdup(ieProxy); + } + else { @@ -90,7 +90,7 @@ + } + tok = strtok_s(NULL, ";", &saveptr); + } -+ while(NULL != tok); ++ while(tok); + } + } + } commit 79ef834603f92f0a107350f8b62ff17894aead0d Author: Caolán McNamara <caol...@redhat.com> AuthorDate: Wed Oct 20 10:41:42 2021 +0100 Commit: Michael Stahl <michael.st...@allotropia.de> CommitDate: Mon May 16 16:21:48 2022 +0200 upgrade curl to 7.79.1 includes: CVE-2021-22945: clear the leftovers pointer when sending succeeds CVE-2021-22946: do not ignore --ssl-reqd CVE-2021-22947: reject STARTTLS server response pipelining Change-Id: I0047bdaa7e6e3aed1317eb014d2051a4d5ac5964 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123883 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caol...@redhat.com> (cherry picked from commit a08d1dc4ee904428ef6f78208cc2508d3fc3717b) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/134392 Tested-by: Michael Stahl <michael.st...@allotropia.de> Reviewed-by: Michael Stahl <michael.st...@allotropia.de> diff --git a/download.lst b/download.lst index f4dc6bdcf193..244c8bc40dd1 100644 --- a/download.lst +++ b/download.lst @@ -29,8 +29,8 @@ export CPPUNIT_SHA256SUM := 3d569869d27b48860210c758c4f313082103a5e58219a7669b52 export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz export CT2N_SHA256SUM := 71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3 export CT2N_TARBALL := 1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt -export CURL_SHA256SUM := be42766d5664a739c3974ee3dfbbcbe978a4ccb1fe628bb1d9b59ac79e445fb5 -export CURL_TARBALL := curl-7.78.0.tar.xz +export CURL_SHA256SUM := 0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689 +export CURL_TARBALL := curl-7.79.1.tar.xz export EBOOK_SHA256SUM := 7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9 export EBOOK_TARBALL := libe-book-0.1.3.tar.xz export EPOXY_SHA256SUM := 002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1 index 69fde5f7f236..d4dad7eba77e 100644 --- a/external/curl/curl-nss.patch.1 +++ b/external/curl/curl-nss.patch.1 @@ -1,9 +1,9 @@ diff -ur curl.org/configure curl/configure --- curl.org/configure 2016-03-13 15:14:07.177000076 +0100 +++ curl/configure 2016-03-13 15:16:44.132000076 +0100 -@@ -24009,7 +24009,7 @@ - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired libraries and compilation flags for NSS." >&5 - $as_echo "$as_me: WARNING: Using hard-wired libraries and compilation flags for NSS." >&2;} +@@ -28216,7 +28216,7 @@ + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired libraries and compilation flags for NSS." >&5 + printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation flags for NSS." >&2;} addld="-L$OPT_NSS/lib" - addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4" + addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4 -lnssutil3" diff --git a/external/curl/zlib.patch.0 b/external/curl/zlib.patch.0 index f4a0ad4b152f..e0f579f8675a 100644 --- a/external/curl/zlib.patch.0 +++ b/external/curl/zlib.patch.0 @@ -1,22 +1,22 @@ --- configure +++ configure -@@ -20709,7 +20709,6 @@ +@@ -22699,7 +22699,6 @@ clean_CPPFLAGS=$CPPFLAGS clean_LDFLAGS=$LDFLAGS clean_LIBS=$LIBS -ZLIB_LIBS="" # Check whether --with-zlib was given. - if test "${with_zlib+set}" = set; then : -@@ -20718,6 +20719,7 @@ + if test ${with_zlib+y} +@@ -22709,6 +22708,7 @@ if test "$OPT_ZLIB" = "no" ; then + ZLIB_LIBS="" - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: zlib disabled" >&5 - $as_echo "$as_me: WARNING: zlib disabled" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: zlib disabled" >&5 + printf "%s\n" "$as_me: WARNING: zlib disabled" >&2;} else -@@ -20725,6 +20725,21 @@ +@@ -22716,6 +22716,21 @@ OPT_ZLIB="" fi @@ -38,8 +38,8 @@ if test -z "$OPT_ZLIB" ; then if test -n "$PKG_CONFIG"; then -@@ -21005,6 +21020,7 @@ - $as_echo "$as_me: found both libz and libz.h header" >&6;} +@@ -23011,6 +23026,7 @@ + printf "%s\n" "$as_me: found both libz and libz.h header" >&6;} curl_zlib_msg="enabled" fi + fi