summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Stahl <Michael.Stahl@cib.de>2020-06-29 14:00:56 +0200
committerThorsten Behrens <Thorsten.Behrens@CIB.de>2020-06-30 23:31:03 +0200
commit43130216127913d30074d3fe99c5706dcce44dee (patch)
treef2600a9891aa3d590022f5e903e51f6ad198be8c
parent029d239dd64a52ebb548f699c89e9109ae836fce (diff)
curl: upgrade to release 7.71.0
Fixes CVE-2020-8169, and about 3 other ones that don't affect LO/libcmis. Disable new optional dependencies "ngtcp2" and "quiche". Change-Id: I595ed909c4e792ac3244643511a338b117e7f102 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97406 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@cib.de> (cherry picked from commit cb0c7e26e5708010b1fe941ae2f66134f31ed876) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97386 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
-rw-r--r--download.lst4
-rw-r--r--external/curl/ExternalPackage_curl.mk2
-rw-r--r--external/curl/ExternalProject_curl.mk1
-rw-r--r--external/curl/clang-cl.patch.04
-rw-r--r--external/curl/curl-msvc.patch.18
5 files changed, 10 insertions, 9 deletions
diff --git a/download.lst b/download.lst
index c1b8858bc443..06b4868dc8d9 100644
--- a/download.lst
+++ b/download.lst
@@ -29,8 +29,8 @@ export CPPUNIT_SHA256SUM := 3d569869d27b48860210c758c4f313082103a5e58219a7669b52
export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz
export CT2N_SHA256SUM := 71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
export CT2N_TARBALL := 1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM := 7766d263929404f693905b5e5222aa0f2bdf8c66ab4b8758f0c0820a42b966cd
-export CURL_TARBALL := curl-7.65.0.tar.xz
+export CURL_SHA256SUM := cdf18794393d8bead915312708a9e5d819c6e9919de14b20d5c8e7987abd9772
+export CURL_TARBALL := curl-7.71.0.tar.xz
export EBOOK_SHA256SUM := 7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9
export EBOOK_TARBALL := libe-book-0.1.3.tar.xz
export EPOXY_SHA256SUM := 002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d
diff --git a/external/curl/ExternalPackage_curl.mk b/external/curl/ExternalPackage_curl.mk
index 56c418b6ef0c..8da569e3e0cf 100644
--- a/external/curl/ExternalPackage_curl.mk
+++ b/external/curl/ExternalPackage_curl.mk
@@ -20,7 +20,7 @@ $(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.4.dyli
else ifeq ($(OS),AIX)
$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so,lib/.libs/libcurl.so.4))
else
-$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so.4,lib/.libs/libcurl.so.4.5.0))
+$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so.4,lib/.libs/libcurl.so.4.6.0))
endif
endif # $(DISABLE_DYNLOADING)
diff --git a/external/curl/ExternalProject_curl.mk b/external/curl/ExternalProject_curl.mk
index 366ff1e39d95..5cbedac82d1a 100644
--- a/external/curl/ExternalProject_curl.mk
+++ b/external/curl/ExternalProject_curl.mk
@@ -48,6 +48,7 @@ $(call gb_ExternalProject_get_state_target,curl,build):
--without-libidn2 --without-libpsl --without-librtmp \
--without-libssh2 --without-metalink --without-nghttp2 \
--without-libssh --without-brotli \
+ --without-ngtcp2 --without-quiche \
--disable-ares \
--disable-dict --disable-file --disable-gopher --disable-imap \
--disable-ldap --disable-ldaps --disable-manual --disable-pop3 \
diff --git a/external/curl/clang-cl.patch.0 b/external/curl/clang-cl.patch.0
index 2f7fe567460c..2fbb10c2a9aa 100644
--- a/external/curl/clang-cl.patch.0
+++ b/external/curl/clang-cl.patch.0
@@ -4,8 +4,8 @@
!ELSE
CC_NODEBUG = $(CC) /O2 /DNDEBUG
CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd
--CFLAGS = /I. /I ../lib /I../include /nologo /W4 /wd4127 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL $(SOLARINC)
-+CFLAGS = /I. /I ../lib /I../include /nologo /W4 /wd4127 /EHsc /DWIN32 /c /DBUILDING_LIBCURL $(SOLARINC)
+-CFLAGS = /I. /I ../lib /I../include /nologo /W4 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL $(SOLARINC)
++CFLAGS = /I. /I ../lib /I../include /nologo /W4 /EHsc /DWIN32 /c /DBUILDING_LIBCURL $(SOLARINC)
!ENDIF
LFLAGS = /nologo /machine:$(MACHINE)
diff --git a/external/curl/curl-msvc.patch.1 b/external/curl/curl-msvc.patch.1
index 80160958c99d..a5b79a8e9c49 100644
--- a/external/curl/curl-msvc.patch.1
+++ b/external/curl/curl-msvc.patch.1
@@ -6,8 +6,8 @@ MSVC: using SOLARINC
!ELSE
CC_NODEBUG = $(CC) /O2 /DNDEBUG
CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd
--CFLAGS = /I. /I ../lib /I../include /nologo /W4 /wd4127 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL
-+CFLAGS = /I. /I ../lib /I../include /nologo /W4 /wd4127 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL $(SOLARINC)
+-CFLAGS = /I. /I ../lib /I../include /nologo /W4 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL
++CFLAGS = /I. /I ../lib /I../include /nologo /W4 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL $(SOLARINC)
!ENDIF
LFLAGS = /nologo /machine:$(MACHINE)
@@ -18,10 +18,10 @@ MSVC: using SOLARINC
-RC_FLAGS = /dDEBUGBUILD=1 /Fo $@ $(LIBCURL_SRC_DIR)\libcurl.rc
+RC_FLAGS = $(SOLARINC) /dDEBUGBUILD=1 /Fo $@ $(LIBCURL_SRC_DIR)\libcurl.rc
CURL_CC = $(CC_DEBUG) $(RTLIB_DEBUG)
- CURL_RC_FLAGS = /i../include /dDEBUGBUILD=1 /Fo $@ $(CURL_SRC_DIR)\curl.rc
+ CURL_RC_FLAGS = $(CURL_RC_FLAGS) /i../include /dDEBUGBUILD=1 /Fo $@ $(CURL_SRC_DIR)\curl.rc
!ELSE
-RC_FLAGS = /dDEBUGBUILD=0 /Fo $@ $(LIBCURL_SRC_DIR)\libcurl.rc
+RC_FLAGS = $(SOLARINC) /dDEBUGBUILD=0 /Fo $@ $(LIBCURL_SRC_DIR)\libcurl.rc
CURL_CC = $(CC_NODEBUG) $(RTLIB)
- CURL_RC_FLAGS = /i../include /dDEBUGBUILD=0 /Fo $@ $(CURL_SRC_DIR)\curl.rc
+ CURL_RC_FLAGS = $(CURL_RC_FLAGS) /i../include /dDEBUGBUILD=0 /Fo $@ $(CURL_SRC_DIR)\curl.rc
!ENDIF