From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 21 Jan 2022 08:20:19 +0100 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nAoDb-008XOq-6z for lore@lore.pengutronix.de; Fri, 21 Jan 2022 08:20:19 +0100 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1nAoDa-0006AE-Du; Fri, 21 Jan 2022 08:20:18 +0100 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nAoCM-0005lP-0U; Fri, 21 Jan 2022 08:19:02 +0100 Received: from [2a0a:edc0:0:1101:1d::39] (helo=dude03.red.stw.pengutronix.de) by drehscheibe.grey.stw.pengutronix.de with esmtp (Exim 4.94.2) (envelope-from ) id 1nAoCL-00BW5Q-W5; Fri, 21 Jan 2022 08:19:01 +0100 Received: from mol by dude03.red.stw.pengutronix.de with local (Exim 4.94.2) (envelope-from ) id 1nAoCK-008Fak-4A; Fri, 21 Jan 2022 08:19:00 +0100 From: Michael Olbrich To: ptxdist@pengutronix.de Date: Fri, 21 Jan 2022 08:19:00 +0100 Message-Id: <20220121071900.1966515-1-m.olbrich@pengutronix.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20211222130304.2549154-3-christian.melki@t2data.com> References: <20211222130304.2549154-3-christian.melki@t2data.com> MIME-Version: 1.0 Subject: Re: [ptxdist] [APPLIED] curl: Version bump 7.77.0 -> 7.80.0 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: Christian Melki Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false Thanks, applied as fbd2255619933e27bbbabb88f0429a6fc8ea5010. Michael [sent from post-receive hook] On Fri, 21 Jan 2022 08:18:59 +0100, Christian Melki wrote: > Fixes CVE-2021-22947, CVE-2021-22946, CVE-2021-22945 > > Change tarball compression to xz instead of bz2. > Remove enable-symbol-hiding. > Rename get-easy-option to get-easy-options. > Remove without-metalink, deprecated. > > Signed-off-by: Christian Melki > Message-Id: <20211222130304.2549154-3-christian.melki@t2data.com> > [mol: update host-libcurl options] > Signed-off-by: Michael Olbrich > > diff --git a/rules/host-libcurl.make b/rules/host-libcurl.make > index 1a2a1fcf567a..e08f720b713d 100644 > --- a/rules/host-libcurl.make > +++ b/rules/host-libcurl.make > @@ -21,55 +21,92 @@ HOST_PACKAGES-$(PTXCONF_HOST_LIBCURL) += host-libcurl > HOST_LIBCURL_CONF_TOOL := autoconf > HOST_LIBCURL_CONF_OPT := \ > $(HOST_AUTOCONF) \ > - --with-random=/dev/urandom \ > - --without-zlib \ > \ > + --enable-optimize \ > + --disable-warnings \ > + --disable-werror \ > + --disable-curldebug \ > + --enable-symbol-hiding \ > + --disable-ares \ > + --enable-rt \ > + --disable-ech \ > + --disable-code-coverage \ > + --enable-http \ > + --disable-ftp \ > + --disable-file \ > --disable-ldap \ > --disable-ldaps \ > --disable-rtsp \ > + --enable-proxy \ > --disable-dict \ > --disable-telnet \ > + --disable-tftp \ > --disable-pop3 \ > --disable-imap \ > --disable-smb \ > --disable-smtp \ > --disable-gopher \ > + --disable-mqtt \ > --disable-manual \ > - \ > + --enable-libcurl-option \ > + --disable-libgcc \ > + --enable-ipv6 \ > + --enable-openssl-auto-load-config \ > + --disable-versioned-symbols \ > + --disable-threaded-resolver \ > + --enable-pthreads \ > + --disable-verbose \ > --disable-sspi \ > + --disable-crypto-auth \ > + --disable-ntlm \ > --disable-ntlm-wb \ > - --disable-debug \ > - --disable-verbose \ > - \ > - --enable-thread \ > - --enable-nonblocking\ > - --enable-hidden-symbols \ > - --enable-proxy \ > - \ > - --without-krb4 \ > - --without-spnego \ > - --without-gssapi \ > - --without-winssl \ > - --without-darwinssl \ > + --disable-tls-srp \ > + --enable-unix-sockets \ > + --disable-cookies \ > + --enable-socketpair \ > + --disable-http-auth \ > + --disable-doh \ > + --disable-mime \ > + --enable-dateparse \ > + --disable-netrc \ > + --enable-progress-meter \ > + --disable-dnsshuffle \ > + --enable-get-easy-options \ > + --disable-alt-svc \ > + --enable-hsts \ > + --without-schannel \ > + --without-secure-transport \ > + --without-amissl \ > + --with-openssl=$(PTXDIST_SYSROOT_HOST) \ > --without-gnutls \ > + --without-mbedtls \ > + --without-wolfssl \ > + --without-mesalink \ > + --without-bearssl \ > + --without-rustls \ > --without-nss \ > - --without-winidn \ > - --without-libidn \ > - --without-axtls \ > - --without-polarssl \ > - --without-cyassl \ > + --without-hyper \ > + --without-zlib \ > + --without-brotli \ > + --without-zstd \ > + --without-gssapi \ > + --with-default-ssl-backend=openssl \ > + --with-random=/dev/urandom \ > + --without-ca-fallback \ > + --without-libpsl \ > + --without-libgsasl \ > + --without-libssh2 \ > + --without-libssh \ > + --without-wolfssh \ > --without-librtmp \ > - \ > - --disable-ares \ > - --enable-http \ > - --disable-nghttp2 \ > - --disable-cookies \ > - --disable-ftp \ > - --disable-tftp \ > - --disable-file \ > - --disable-crypto-auth \ > - --disable-libssh2 \ > - --with-ssl > + --without-winidn \ > + --without-libidn2 \ > + --without-nghttp2 \ > + --without-ngtcp2 \ > + --without-nghttp3 \ > + --without-quiche \ > + --without-zsh-functions-dir \ > + --without-fish-functions-dir > > $(STATEDIR)/host-libcurl.install: > @$(call targetinfo) > diff --git a/rules/libcurl.make b/rules/libcurl.make > index 2e68e51ea930..fcf042f9dec6 100644 > --- a/rules/libcurl.make > +++ b/rules/libcurl.make > @@ -15,10 +15,10 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl > # > # Paths and names > # > -LIBCURL_VERSION := 7.77.0 > -LIBCURL_MD5 := 045d28029679dabb6b20a814934671ad > +LIBCURL_VERSION := 7.80.0 > +LIBCURL_MD5 := cf9f8553762150ef0ebcd5ee412737f5 > LIBCURL := curl-$(LIBCURL_VERSION) > -LIBCURL_SUFFIX := tar.bz2 > +LIBCURL_SUFFIX := tar.xz > LIBCURL_URL := https://curl.haxx.se/download/$(LIBCURL).$(LIBCURL_SUFFIX) > LIBCURL_SOURCE := $(SRCDIR)/$(LIBCURL).$(LIBCURL_SUFFIX) > LIBCURL_DIR := $(BUILDDIR)/$(LIBCURL) > @@ -40,7 +40,6 @@ LIBCURL_CONF_OPT := \ > --disable-werror \ > --disable-curldebug \ > --enable-symbol-hiding \ > - --enable-hidden-symbols \ > --$(call ptx/endis, PTXCONF_LIBCURL_C_ARES)-ares \ > --enable-rt \ > --disable-ech \ > @@ -73,6 +72,7 @@ LIBCURL_CONF_OPT := \ > --$(call ptx/endis, PTXCONF_LIBCURL_VERBOSE)-verbose \ > --disable-sspi \ > --$(call ptx/endis, PTXCONF_LIBCURL_CRYPTO_AUTH)-crypto-auth \ > + --$(call ptx/endis, PTXCONF_LIBCURL_CRYPTO_AUTH)-ntlm \ > --disable-ntlm-wb \ > --enable-tls-srp \ > --enable-unix-sockets \ > @@ -85,7 +85,7 @@ LIBCURL_CONF_OPT := \ > --enable-netrc \ > --enable-progress-meter \ > --disable-dnsshuffle \ > - --enable-get-easy-option \ > + --enable-get-easy-options \ > --disable-alt-svc \ > --enable-hsts \ > --without-schannel \ > @@ -99,6 +99,7 @@ LIBCURL_CONF_OPT := \ > --without-bearssl \ > --without-rustls \ > --without-nss \ > + --without-hyper \ > --with-zlib=$(SYSROOT) \ > --without-brotli \ > --without-zstd \ > @@ -110,7 +111,6 @@ LIBCURL_CONF_OPT := \ > --without-ca-fallback \ > --without-libpsl \ > --without-libgsasl \ > - --without-libmetalink \ > --$(call ptx/wwo, PTXCONF_LIBCURL_LIBSSH2)-libssh2 \ > --without-libssh \ > --without-wolfssh \ > @@ -121,7 +121,6 @@ LIBCURL_CONF_OPT := \ > --without-ngtcp2 \ > --without-nghttp3 \ > --without-quiche \ > - --without-hyper \ > --without-zsh-functions-dir \ > --without-fish-functions-dir > _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de