From 4dc90ac57a0fd10c8f67a959277824df22f9c1ff Mon Sep 17 00:00:00 2001 From: Michael Stahl Date: Mon, 29 Jun 2020 14:00:56 +0200 Subject: curl: upgrade to release 7.71.0 Fixes CVE-2020-8169, and about 3 other ones that don't affect LO/libcmis. Disable new optional dependencies "ngtcp2" and "quiche". Change-Id: I595ed909c4e792ac3244643511a338b117e7f102 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97406 Tested-by: Jenkins Reviewed-by: Michael Stahl (cherry picked from commit cb0c7e26e5708010b1fe941ae2f66134f31ed876) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97386 Reviewed-by: Thorsten Behrens (cherry picked from commit 43130216127913d30074d3fe99c5706dcce44dee) --- download.lst | 4 ++-- external/curl/ExternalPackage_curl.mk | 2 +- external/curl/ExternalProject_curl.mk | 1 + external/curl/clang-cl.patch.0 | 4 ++-- external/curl/curl-msvc.patch.1 | 8 ++++---- 5 files changed, 10 insertions(+), 9 deletions(-) diff --git a/download.lst b/download.lst index 27c1412e09b4..98c5a6ed32c2 100644 --- a/download.lst +++ b/download.lst @@ -29,8 +29,8 @@ export CPPUNIT_SHA256SUM := 3d569869d27b48860210c758c4f313082103a5e58219a7669b52 export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz export CT2N_SHA256SUM := 71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3 export CT2N_TARBALL := 1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt -export CURL_SHA256SUM := 7766d263929404f693905b5e5222aa0f2bdf8c66ab4b8758f0c0820a42b966cd -export CURL_TARBALL := curl-7.65.0.tar.xz +export CURL_SHA256SUM := cdf18794393d8bead915312708a9e5d819c6e9919de14b20d5c8e7987abd9772 +export CURL_TARBALL := curl-7.71.0.tar.xz export EBOOK_SHA256SUM := 7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9 export EBOOK_TARBALL := libe-book-0.1.3.tar.xz export EPOXY_SHA256SUM := 1d8668b0a259c709899e1c4bab62d756d9002d546ce4f59c9665e2fc5f001a64 diff --git a/external/curl/ExternalPackage_curl.mk b/external/curl/ExternalPackage_curl.mk index 56c418b6ef0c..8da569e3e0cf 100644 --- a/external/curl/ExternalPackage_curl.mk +++ b/external/curl/ExternalPackage_curl.mk @@ -20,7 +20,7 @@ $(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.4.dyli else ifeq ($(OS),AIX) $(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so,lib/.libs/libcurl.so.4)) else -$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so.4,lib/.libs/libcurl.so.4.5.0)) +$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so.4,lib/.libs/libcurl.so.4.6.0)) endif endif # $(DISABLE_DYNLOADING) diff --git a/external/curl/ExternalProject_curl.mk b/external/curl/ExternalProject_curl.mk index 136e50f3a81c..ebcb6068b7c1 100644 --- a/external/curl/ExternalProject_curl.mk +++ b/external/curl/ExternalProject_curl.mk @@ -48,6 +48,7 @@ $(call gb_ExternalProject_get_state_target,curl,build): --without-libidn2 --without-libpsl --without-librtmp \ --without-libssh2 --without-metalink --without-nghttp2 \ --without-libssh --without-brotli \ + --without-ngtcp2 --without-quiche \ --disable-ares \ --disable-dict --disable-file --disable-gopher --disable-imap \ --disable-ldap --disable-ldaps --disable-manual --disable-pop3 \ diff --git a/external/curl/clang-cl.patch.0 b/external/curl/clang-cl.patch.0 index 2f7fe567460c..2fbb10c2a9aa 100755 --- a/external/curl/clang-cl.patch.0 +++ b/external/curl/clang-cl.patch.0 @@ -4,8 +4,8 @@ !ELSE CC_NODEBUG = $(CC) /O2 /DNDEBUG CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd --CFLAGS = /I. /I ../lib /I../include /nologo /W4 /wd4127 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL $(SOLARINC) -+CFLAGS = /I. /I ../lib /I../include /nologo /W4 /wd4127 /EHsc /DWIN32 /c /DBUILDING_LIBCURL $(SOLARINC) +-CFLAGS = /I. /I ../lib /I../include /nologo /W4 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL $(SOLARINC) ++CFLAGS = /I. /I ../lib /I../include /nologo /W4 /EHsc /DWIN32 /c /DBUILDING_LIBCURL $(SOLARINC) !ENDIF LFLAGS = /nologo /machine:$(MACHINE) diff --git a/external/curl/curl-msvc.patch.1 b/external/curl/curl-msvc.patch.1 index 80160958c99d..a5b79a8e9c49 100644 --- a/external/curl/curl-msvc.patch.1 +++ b/external/curl/curl-msvc.patch.1 @@ -6,8 +6,8 @@ MSVC: using SOLARINC !ELSE CC_NODEBUG = $(CC) /O2 /DNDEBUG CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd --CFLAGS = /I. /I ../lib /I../include /nologo /W4 /wd4127 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL -+CFLAGS = /I. /I ../lib /I../include /nologo /W4 /wd4127 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL $(SOLARINC) +-CFLAGS = /I. /I ../lib /I../include /nologo /W4 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL ++CFLAGS = /I. /I ../lib /I../include /nologo /W4 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL $(SOLARINC) !ENDIF LFLAGS = /nologo /machine:$(MACHINE) @@ -18,10 +18,10 @@ MSVC: using SOLARINC -RC_FLAGS = /dDEBUGBUILD=1 /Fo $@ $(LIBCURL_SRC_DIR)\libcurl.rc +RC_FLAGS = $(SOLARINC) /dDEBUGBUILD=1 /Fo $@ $(LIBCURL_SRC_DIR)\libcurl.rc CURL_CC = $(CC_DEBUG) $(RTLIB_DEBUG) - CURL_RC_FLAGS = /i../include /dDEBUGBUILD=1 /Fo $@ $(CURL_SRC_DIR)\curl.rc + CURL_RC_FLAGS = $(CURL_RC_FLAGS) /i../include /dDEBUGBUILD=1 /Fo $@ $(CURL_SRC_DIR)\curl.rc !ELSE -RC_FLAGS = /dDEBUGBUILD=0 /Fo $@ $(LIBCURL_SRC_DIR)\libcurl.rc +RC_FLAGS = $(SOLARINC) /dDEBUGBUILD=0 /Fo $@ $(LIBCURL_SRC_DIR)\libcurl.rc CURL_CC = $(CC_NODEBUG) $(RTLIB) - CURL_RC_FLAGS = /i../include /dDEBUGBUILD=0 /Fo $@ $(CURL_SRC_DIR)\curl.rc + CURL_RC_FLAGS = $(CURL_RC_FLAGS) /i../include /dDEBUGBUILD=0 /Fo $@ $(CURL_SRC_DIR)\curl.rc !ENDIF -- cgit v1.2.3