From: Jan Pavlinec Date: Fri, 11 Dec 2020 12:19:30 +0000 (+0100) Subject: curl: update to version 7.74.0 (security fix) X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=9e2dc1e51e9d01ac6bb52dcef8bb7ed3e59f7735;p=feed%2Fpackages.git curl: update to version 7.74.0 (security fix) Fixes: CVE-2020-8286 CVE-2020-8285 CVE-2020-8284 Signed-off-by: Jan Pavlinec --- diff --git a/net/curl/Makefile b/net/curl/Makefile index 6023811d99..cf6cdc30f9 100644 --- a/net/curl/Makefile +++ b/net/curl/Makefile @@ -8,15 +8,15 @@ include $(TOPDIR)/rules.mk PKG_NAME:=curl -PKG_VERSION:=7.73.0 -PKG_RELEASE:=2 +PKG_VERSION:=7.74.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://dl.uxnr.de/mirror/curl/ \ https://curl.mirror.anstey.ca/ \ https://curl.askapache.com/download/ \ https://curl.haxx.se/download/ -PKG_HASH:=7c4c7ca4ea88abe00fea4740dcf81075c031b1d0bb23aff2d5efde20a3c2408a +PKG_HASH:=999d5f2c403cf6e25d58319fdd596611e455dd195208746bc6e6d197a77e878b PKG_LICENSE:=MIT PKG_LICENSE_FILES:=COPYING diff --git a/net/curl/patches/001-openssl-acknowledge-SRP-disabling-in-configure-properly.patch b/net/curl/patches/001-openssl-acknowledge-SRP-disabling-in-configure-properly.patch deleted file mode 100644 index 1309316dd0..0000000000 --- a/net/curl/patches/001-openssl-acknowledge-SRP-disabling-in-configure-properly.patch +++ /dev/null @@ -1,70 +0,0 @@ -From a3d5b199f96a108f38bd1f6adaf3a7585f721d02 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Thu, 15 Oct 2020 22:56:13 +0200 -Subject: [PATCH] openssl: acknowledge SRP disabling in configure properly - -Follow-up to 68a513247409 - -Use a new separate define that is the combination of both -HAVE_OPENSSL_SRP and USE_TLS_SRP: USE_OPENSSL_SRP - -Bug: https://curl.haxx.se/mail/lib-2020-10/0037.html - -Closes #6094 ---- - lib/vtls/openssl.c | 16 ++++++++++++---- - 1 file changed, 12 insertions(+), 4 deletions(-) - ---- a/lib/vtls/openssl.c -+++ b/lib/vtls/openssl.c -@@ -225,6 +225,14 @@ - "ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH" - #endif - -+#ifdef HAVE_OPENSSL_SRP -+/* the function exists */ -+#ifdef USE_TLS_SRP -+/* the functionality is not disabled */ -+#define USE_OPENSSL_SRP -+#endif -+#endif -+ - struct ssl_backend_data { - /* these ones requires specific SSL-types */ - SSL_CTX* ctx; -@@ -2471,7 +2479,7 @@ static CURLcode ossl_connect_step1(struc - #endif - #endif - const long int ssl_version = SSL_CONN_CONFIG(version); --#ifdef HAVE_OPENSSL_SRP -+#ifdef USE_OPENSSL_SRP - const enum CURL_TLSAUTH ssl_authtype = SSL_SET_OPTION(authtype); - #endif - char * const ssl_cert = SSL_SET_OPTION(primary.clientcert); -@@ -2516,7 +2524,7 @@ static CURLcode ossl_connect_step1(struc - failf(data, OSSL_PACKAGE " was built without SSLv2 support"); - return CURLE_NOT_BUILT_IN; - #else --#ifdef HAVE_OPENSSL_SRP -+#ifdef USE_OPENSSL_SRP - if(ssl_authtype == CURL_TLSAUTH_SRP) - return CURLE_SSL_CONNECT_ERROR; - #endif -@@ -2529,7 +2537,7 @@ static CURLcode ossl_connect_step1(struc - failf(data, OSSL_PACKAGE " was built without SSLv3 support"); - return CURLE_NOT_BUILT_IN; - #else --#ifdef HAVE_OPENSSL_SRP -+#ifdef USE_OPENSSL_SRP - if(ssl_authtype == CURL_TLSAUTH_SRP) - return CURLE_SSL_CONNECT_ERROR; - #endif -@@ -2797,7 +2805,7 @@ static CURLcode ossl_connect_step1(struc - } - #endif - --#ifdef HAVE_OPENSSL_SRP -+#ifdef USE_OPENSSL_SRP - if(ssl_authtype == CURL_TLSAUTH_SRP) { - char * const ssl_username = SSL_SET_OPTION(username); -