Commit f0e3d2c5 authored by Sören Tempel's avatar Sören Tempel

main/curl: security upgrade to 7.53.0

parent 31e139cc
From a7b38c9dc98481e4a5fc37e51a8690337c674dfb Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 26 Dec 2016 00:06:33 +0100
Subject: [PATCH 1/1] vtls: s/SSLEAY/OPENSSL
Fixed an old leftover use of the USE_SSLEAY define which would make a
socket get removed from the applications sockets to monitor when the
multi_socket API was used, leading to timeouts.
Bug: #1174
---
lib/vtls/vtls.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index b808e1c5f..707f24b02 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -484,7 +484,7 @@ void Curl_ssl_close_all(struct Curl_easy *data)
curlssl_close_all(data);
}
-#if defined(USE_SSLEAY) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
+#if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
defined(USE_DARWINSSL) || defined(USE_NSS)
/* This function is for OpenSSL, GnuTLS, darwinssl, and schannel only. */
int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks,
@@ -518,7 +518,7 @@ int Curl_ssl_getsock(struct connectdata *conn,
(void)numsocks;
return GETSOCK_BLANK;
}
-/* USE_SSLEAY || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */
+/* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */
#endif
void Curl_ssl_close(struct connectdata *conn, int sockindex)
--
2.11.0
......@@ -2,8 +2,8 @@
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=curl
pkgver=7.52.1
pkgrel=1
pkgver=7.53.0
pkgrel=0
pkgdesc="An URL retrival utility and library"
url="http://curl.haxx.se"
arch="all"
......@@ -11,11 +11,12 @@ license="MIT"
depends="ca-certificates"
depends_dev="zlib-dev libressl-dev libssh2-dev"
makedepends="$depends_dev groff perl"
source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2
0001-vtls-s-SSLEAY-OPENSSL.patch"
source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2"
subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev libcurl"
# secfixes:
# 7.53.0:
# - CVE-2017-2629
# 7.52.1:
# - CVE-2016-9594
# 7.51.0:
......@@ -72,9 +73,4 @@ libcurl() {
mv "$pkgdir"/usr/lib "$subpkgdir"/usr
}
md5sums="dd014df06ff1d12e173de86873f9f77a curl-7.52.1.tar.bz2
3c3fdedadb124e347b17b94a7001f6a6 0001-vtls-s-SSLEAY-OPENSSL.patch"
sha256sums="d16185a767cb2c1ba3d5b9096ec54e5ec198b213f45864a38b3bda4bbf87389b curl-7.52.1.tar.bz2
0c493c6602ca8562167a96e6596ba58c83c489d69a15d79c1bccbf0c9541eded 0001-vtls-s-SSLEAY-OPENSSL.patch"
sha512sums="cf36563c77d096f2c6084354ed6d45ccca7c557828ceab21204e4e8be0d4f0d287839c8cfac906174b86d51a1ee816c2769fc78ef88f039c9645bd2c27982a75 curl-7.52.1.tar.bz2
ee4bf94e4cf1e1cd3c887ab001e1fad94728ba6d86afeed760e4e91c0f096ebc42c9b6972c8ac6ff254d34571ca335eca6c0ab49b68ac4cdb899ebfdf3e94c3e 0001-vtls-s-SSLEAY-OPENSSL.patch"
sha512sums="1fc3264dd52f6f16463de158b4ab4637ba698b1fdbf01b7a3c05ae80b06a5480323b748b31f771c969a5f7062aa9e41a1aad8677be220a411d3cbad24581baf2 curl-7.53.0.tar.bz2"
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment