curl: bump to 7.62.0

author Hans Dedecker <dedeckeh@gmail.com>

Wed, 31 Oct 2018 21:58:54 +0000 (22:58 +0100)

committer Jo-Philipp Wich <jo@mein.io>

Tue, 18 Dec 2018 16:48:09 +0000 (17:48 +0100)
author Hans Dedecker <dedeckeh@gmail.com>
Wed, 31 Oct 2018 21:58:54 +0000 (22:58 +0100)
committer Jo-Philipp Wich <jo@mein.io>
Tue, 18 Dec 2018 16:48:09 +0000 (17:48 +0100)
diff --git a/package/network/utils/curl/Makefile b/package/network/utils/curl/Makefile

index d90e706bfc39c8037fc339f798cdcdcc6982bd84..75343cbbac4be68c6a4f7fbf86ae017661234e07 100644 (file)
--- a/package/network/utils/curl/Makefile
+++ b/package/network/utils/curl/Makefile
@@ -8,7 +8,7 @@
  include $(TOPDIR)/rules.mk
  
  PKG_NAME:=curl
-PKG_VERSION:=7.61.1
+PKG_VERSION:=7.62.0
  PKG_RELEASE:=1
  
  PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
@@ -16,7 +16,7 @@ PKG_SOURCE_URL:=https://dl.uxnr.de/mirror/curl/ \
         https://curl.mirror.anstey.ca/ \
         https://curl.askapache.com/download/ \
         https://curl.haxx.se/download/
-PKG_HASH:=3d5913d6a39bd22e68e34dff697fd6e4c3c81563f580c76fca2009315cd81891
+PKG_HASH:=dab5643a5fe775ae92570b9f3df6b0ef4bc2a827a959361fb130c73b721275c1
  
  PKG_LICENSE:=MIT
  PKG_LICENSE_FILES:=COPYING
diff --git a/package/network/utils/curl/patches/310-mbedtls-disable-runtime-version-check.patch b/package/network/utils/curl/patches/310-mbedtls-disable-runtime-version-check.patch

index 4d34426a3616bd024552b762af9af6327296de17..9ef398dcffbbdca21be98e1608f81eaf070ea275 100644 (file)
--- a/package/network/utils/curl/patches/310-mbedtls-disable-runtime-version-check.patch
+++ b/package/network/utils/curl/patches/310-mbedtls-disable-runtime-version-check.patch
@@ -1,6 +1,6 @@
  --- a/lib/vtls/mbedtls.c
  +++ b/lib/vtls/mbedtls.c
-@@ -814,7 +814,7 @@ static void Curl_mbedtls_session_free(vo
+@@ -811,7 +811,7 @@ static void Curl_mbedtls_session_free(vo
   
   static size_t Curl_mbedtls_version(char *buffer, size_t size)
   {
diff --git a/package/network/utils/curl/patches/400-CVE-2018-0500.patch b/package/network/utils/curl/patches/400-CVE-2018-0500.patch

index 9ef4111aeab21b2d1a4cf4e02218a47c993e8f92..b456938d566d3c9498e253605ca02c13475daf21 100644 (file)
--- a/package/network/utils/curl/patches/400-CVE-2018-0500.patch
+++ b/package/network/utils/curl/patches/400-CVE-2018-0500.patch
@@ -14,11 +14,11 @@ Bug: https://curl.haxx.se/docs/adv_2018-70a2.html
  
  --- a/lib/smtp.c
  +++ b/lib/smtp.c
-@@ -1563,13 +1563,14 @@ CURLcode Curl_smtp_escape_eob(struct con
+@@ -1560,14 +1560,14 @@ CURLcode Curl_smtp_escape_eob(struct con
     if(!scratch || data->set.crlf) {
       oldscratch = scratch;
   
--    scratch = newscratch = malloc(2 * data->set.buffer_size);
+-    scratch = newscratch = malloc(2 * data->set.upload_buffer_size);
  +    scratch = newscratch = malloc(2 * UPLOAD_BUFSIZE);
       if(!newscratch) {
         failf(data, "Failed to alloc scratch buffer!");
@@ -26,7 +26,8 @@ Bug: https://curl.haxx.se/docs/adv_2018-70a2.html
         return CURLE_OUT_OF_MEMORY;
       }
     }
-+  DEBUGASSERT(UPLOAD_BUFSIZE >= nread);
+-  DEBUGASSERT(data->set.upload_buffer_size >= (size_t)nread);
++  DEBUGASSERT(UPLOAD_BUFSIZE >= (size_t)nread);
   
     /* Have we already sent part of the EOB? */
     eob_sent = smtp->eob;
author	Hans Dedecker <dedeckeh@gmail.com>
	Wed, 31 Oct 2018 21:58:54 +0000 (22:58 +0100)
committer	Jo-Philipp Wich <jo@mein.io>
	Tue, 18 Dec 2018 16:48:09 +0000 (17:48 +0100)
package/network/utils/curl/Makefile		patch \| blob \| history
package/network/utils/curl/patches/310-mbedtls-disable-runtime-version-check.patch		patch \| blob \| history
package/network/utils/curl/patches/400-CVE-2018-0500.patch		patch \| blob \| history