main/curl: security upgrade to 7.53.0

main/curl/0001-vtls-s-SSLEAY-OPENSSL.patch

-From a7b38c9dc98481e4a5fc37e51a8690337c674dfb Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Mon, 26 Dec 2016 00:06:33 +0100
-Subject: [PATCH 1/1] vtls: s/SSLEAY/OPENSSL
-
-Fixed an old leftover use of the USE_SSLEAY define which would make a
-socket get removed from the applications sockets to monitor when the
-multi_socket API was used, leading to timeouts.
-
-Bug: #1174
----
- lib/vtls/vtls.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
-index b808e1c5f..707f24b02 100644
---- a/lib/vtls/vtls.c
-+++ b/lib/vtls/vtls.c
-@@ -484,7 +484,7 @@ void Curl_ssl_close_all(struct Curl_easy *data)
-   curlssl_close_all(data);
- }
- 
--#if defined(USE_SSLEAY) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
-+#if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
-     defined(USE_DARWINSSL) || defined(USE_NSS)
- /* This function is for OpenSSL, GnuTLS, darwinssl, and schannel only. */
- int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks,
-@@ -518,7 +518,7 @@ int Curl_ssl_getsock(struct connectdata *conn,
-   (void)numsocks;
-   return GETSOCK_BLANK;
- }
--/* USE_SSLEAY || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */
-+/* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */
- #endif
- 
- void Curl_ssl_close(struct connectdata *conn, int sockindex)
--- 
-2.11.0
-

main/curl/APKBUILD

@@ -2,8 +2,8 @@
 # Contributor: Łukasz Jendrysik <scadu@yandex.com>
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=curl
-pkgver=7.52.1
-pkgrel=1
+pkgver=7.53.0
+pkgrel=0
 pkgdesc="An URL retrival utility and library"
 url="http://curl.haxx.se"
 arch="all"
@@ -11,11 +11,12 @@ license="MIT"
 depends="ca-certificates"
 depends_dev="zlib-dev libressl-dev libssh2-dev"
 makedepends="$depends_dev groff perl"
-source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2
-	0001-vtls-s-SSLEAY-OPENSSL.patch"
+source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2"
 subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev libcurl"
 
 # secfixes:
+#   7.53.0:
+#     - CVE-2017-2629
 #   7.52.1:
 #     - CVE-2016-9594
 #   7.51.0:
@@ -72,9 +73,4 @@ libcurl() {
 	mv "$pkgdir"/usr/lib "$subpkgdir"/usr
 }
 
-md5sums="dd014df06ff1d12e173de86873f9f77a  curl-7.52.1.tar.bz2
-3c3fdedadb124e347b17b94a7001f6a6  0001-vtls-s-SSLEAY-OPENSSL.patch"
-sha256sums="d16185a767cb2c1ba3d5b9096ec54e5ec198b213f45864a38b3bda4bbf87389b  curl-7.52.1.tar.bz2
-0c493c6602ca8562167a96e6596ba58c83c489d69a15d79c1bccbf0c9541eded  0001-vtls-s-SSLEAY-OPENSSL.patch"
-sha512sums="cf36563c77d096f2c6084354ed6d45ccca7c557828ceab21204e4e8be0d4f0d287839c8cfac906174b86d51a1ee816c2769fc78ef88f039c9645bd2c27982a75  curl-7.52.1.tar.bz2
-ee4bf94e4cf1e1cd3c887ab001e1fad94728ba6d86afeed760e4e91c0f096ebc42c9b6972c8ac6ff254d34571ca335eca6c0ab49b68ac4cdb899ebfdf3e94c3e  0001-vtls-s-SSLEAY-OPENSSL.patch"
+sha512sums="1fc3264dd52f6f16463de158b4ab4637ba698b1fdbf01b7a3c05ae80b06a5480323b748b31f771c969a5f7062aa9e41a1aad8677be220a411d3cbad24581baf2  curl-7.53.0.tar.bz2"