curl: update curl to version 7.43.0

This brings curl to version 7.43.0 and contains fixes for the following security vulnerabilities: CVE-2015-3236: lingering HTTP credentials in connection re-use http://curl.haxx.se/docs/adv_20150617A.html CVE-2015-3237: SMB send off unrelated memory contents http://curl.haxx.se/docs/adv_20150617B.html The 100-check_long_long patch is not needed any more, because the upstream autoconf script already checks for long long when cyassl is selected. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 46169
9 years ago · 97b14fd700
parent 69a2459c66
commit 97b14fd700
5 changed files with 13 additions and 23 deletions
--- a/package/network/utils/curl/Makefile
+++ b/package/network/utils/curl/Makefile
@ -8,8 +8,8 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=curl
-PKG_VERSION:=7.40.0
-PKG_RELEASE:=3
+PKG_VERSION:=7.43.0
+PKG_RELEASE:=1

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=http://curl.haxx.se/download/ \
@ -18,7 +18,7 @@ PKG_SOURCE_URL:=http://curl.haxx.se/download/ \
 	ftp://ftp.planetmirror.com/pub/curl/ \
 	http://www.mirrormonster.com/curl/download/ \
 	http://curl.mirrors.cyberservers.net/download/
-PKG_MD5SUM:=8d30594212e65657a5c32030f0998fa9
+PKG_MD5SUM:=11bddbb452a8b766b932f859aaeeed39

 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=COPYING
--- a/package/network/utils/curl/patches/100-check_long_long.patch
+++ b/package/network/utils/curl/patches/100-check_long_long.patch
@ -1,10 +0,0 @@
--- a/configure.ac
-+++ b/configure.ac
-@@ -2885,6 +2885,7 @@ CURL_VERIFY_RUNTIMELIBS
- 
- AC_CHECK_SIZEOF(size_t)
- AC_CHECK_SIZEOF(long)
-+AC_CHECK_SIZEOF(long long)
- AC_CHECK_SIZEOF(int)
- AC_CHECK_SIZEOF(short)
- CURL_CONFIGURE_LONG
--- a/package/network/utils/curl/patches/200-no_docs_tests.patch
+++ b/package/network/utils/curl/patches/200-no_docs_tests.patch
@ -1,6 +1,6 @@
 --- a/Makefile.am
 +++ b/Makefile.am
-@@ -129,7 +129,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ)	\
+@@ -129,7 +129,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP)
 bin_SCRIPTS = curl-config
 
 SUBDIRS = lib src include
@ -11,7 +11,7 @@
 pkgconfig_DATA = libcurl.pc
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -577,7 +577,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ)	\
+@@ -577,7 +577,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP)
 
 bin_SCRIPTS = curl-config
 SUBDIRS = lib src include
--- a/package/network/utils/curl/patches/300-fix-disable-crypto-auth.patch
+++ b/package/network/utils/curl/patches/300-fix-disable-crypto-auth.patch
@ -1,6 +1,6 @@
 --- a/lib/curl_ntlm_msgs.c
 +++ b/lib/curl_ntlm_msgs.c
-@@ -571,7 +571,7 @@ CURLcode Curl_sasl_create_ntlm_type3_mes
+@@ -569,7 +569,7 @@ CURLcode Curl_sasl_create_ntlm_type3_mes
   else
 #endif
 
@ -11,9 +11,9 @@
     unsigned char ntbuffer[0x18];
 --- a/lib/vtls/vtls.c
 +++ b/lib/vtls/vtls.c
-@@ -835,9 +835,9 @@ void Curl_ssl_md5sum(unsigned char *tmp,
-                      unsigned char *md5sum, /* output */
-                      size_t md5len)
+@@ -852,9 +852,9 @@ CURLcode Curl_ssl_md5sum(unsigned char *
+                          unsigned char *md5sum, /* output */
+                          size_t md5len)
 {
 -#ifdef curlssl_md5sum
 +#if defined(curlssl_md5sum)
--- a/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
+++ b/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
@ -1,11 +1,11 @@
 --- a/lib/vtls/polarssl.c
 +++ b/lib/vtls/polarssl.c
-@@ -591,7 +591,7 @@ void Curl_polarssl_session_free(void *pt
+@@ -592,7 +592,7 @@ void Curl_polarssl_session_free(void *pt
 
 size_t Curl_polarssl_version(char *buffer, size_t size)
 {
 -  unsigned int version = version_get_number();
 +  unsigned int version = POLARSSL_VERSION_NUMBER;
-   return snprintf(buffer, size, "PolarSSL/%d.%d.%d", version>>24,
-                   (version>>16)&0xff, (version>>8)&0xff);
- }
+   return snprintf(buffer, size, "%s/%d.%d.%d",
+                   version >= 0x01030A00?"mbedTLS":"PolarSSL",
+                   version>>24, (version>>16)&0xff, (version>>8)&0xff);