From: Christian Melki <christian.melki@t2data.com>
To: ptxdist@pengutronix.de
Subject: [ptxdist] [PATCH] libcurl: Version bump. 7.83.1 -> 7.84.0
Date: Tue, 28 Jun 2022 10:58:59 +0200 [thread overview]
Message-ID: <20220628085859.2748013-1-christian.melki@t2data.com> (raw)
The usual slew of fixes and development.
https://curl.se/changes.html#7_84_0
Plugs CVEs:
CVE-2022-32208: FTP-KRB bad message verification
CVE-2022-32207: Unpreserved file permissions
CVE-2022-32206: HTTP compression denial of service
CVE-2022-32205: Set-Cookie denial of service
* Add patches to fix two build errors.
Patches from upstream curl repo.
Signed-off-by: Christian Melki <christian.melki@t2data.com>
---
...ude-sched.h-if-available-to-fix-buil.patch | 25 +++++++++++++++++++
...-__asm__-instead-of-asm-to-fix-build.patch | 22 ++++++++++++++++
patches/curl-7.84.0/series | 5 ++++
rules/libcurl.make | 4 +--
4 files changed, 54 insertions(+), 2 deletions(-)
create mode 100644 patches/curl-7.84.0/0001-easy_lock.h-include-sched.h-if-available-to-fix-buil.patch
create mode 100644 patches/curl-7.84.0/0002-easy_lock.h-use-__asm__-instead-of-asm-to-fix-build.patch
create mode 100644 patches/curl-7.84.0/series
diff --git a/patches/curl-7.84.0/0001-easy_lock.h-include-sched.h-if-available-to-fix-buil.patch b/patches/curl-7.84.0/0001-easy_lock.h-include-sched.h-if-available-to-fix-buil.patch
new file mode 100644
index 000000000..099e49c0c
--- /dev/null
+++ b/patches/curl-7.84.0/0001-easy_lock.h-include-sched.h-if-available-to-fix-buil.patch
@@ -0,0 +1,25 @@
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 27 Jun 2022 08:46:21 +0200
+Subject: [PATCH] easy_lock.h: include sched.h if available to fix build
+
+Patched-by: Harry Sintonen
+
+Closes #9054
+---
+ lib/easy_lock.h | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/lib/easy_lock.h b/lib/easy_lock.h
+index 819f50ce815b..1f54289ceb2d 100644
+--- a/lib/easy_lock.h
++++ b/lib/easy_lock.h
+@@ -36,6 +36,9 @@
+
+ #elif defined (HAVE_ATOMIC)
+ #include <stdatomic.h>
++#if defined(HAVE_SCHED_YIELD)
++#include <sched.h>
++#endif
+
+ #define curl_simple_lock atomic_bool
+ #define CURL_SIMPLE_LOCK_INIT false
diff --git a/patches/curl-7.84.0/0002-easy_lock.h-use-__asm__-instead-of-asm-to-fix-build.patch b/patches/curl-7.84.0/0002-easy_lock.h-use-__asm__-instead-of-asm-to-fix-build.patch
new file mode 100644
index 000000000..7443ba41e
--- /dev/null
+++ b/patches/curl-7.84.0/0002-easy_lock.h-use-__asm__-instead-of-asm-to-fix-build.patch
@@ -0,0 +1,22 @@
+From: vvb2060 <vvb2060@gmail.com>
+Date: Tue, 28 Jun 2022 03:48:43 +0800
+Subject: [PATCH] easy_lock.h: use __asm__ instead of asm to fix build
+
+Closes #9056
+---
+ lib/easy_lock.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/easy_lock.h b/lib/easy_lock.h
+index 1f54289ceb2d..07c85c5ffdd1 100644
+--- a/lib/easy_lock.h
++++ b/lib/easy_lock.h
+@@ -54,7 +54,7 @@ static inline void curl_simple_lock_lock(curl_simple_lock *lock)
+ #if defined(__i386__) || defined(__x86_64__)
+ __builtin_ia32_pause();
+ #elif defined(__aarch64__)
+- asm volatile("yield" ::: "memory");
++ __asm__ volatile("yield" ::: "memory");
+ #elif defined(HAVE_SCHED_YIELD)
+ sched_yield();
+ #endif
diff --git a/patches/curl-7.84.0/series b/patches/curl-7.84.0/series
new file mode 100644
index 000000000..a8ea60cf2
--- /dev/null
+++ b/patches/curl-7.84.0/series
@@ -0,0 +1,5 @@
+# generated by git-ptx-patches
+#tag:base --start-number 1
+0001-easy_lock.h-include-sched.h-if-available-to-fix-buil.patch
+0002-easy_lock.h-use-__asm__-instead-of-asm-to-fix-build.patch
+# 3ace341f1349f3d078579bbef0b35324 - git-ptx-patches magic
diff --git a/rules/libcurl.make b/rules/libcurl.make
index 8faa948bf..e40063f14 100644
--- a/rules/libcurl.make
+++ b/rules/libcurl.make
@@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl
#
# Paths and names
#
-LIBCURL_VERSION := 7.83.1
-LIBCURL_MD5 := 08c6d9c25d9cf8d17be28363753e42ca
+LIBCURL_VERSION := 7.84.0
+LIBCURL_MD5 := 6ce66afa416bb11b8f39cc9e059afd5b
LIBCURL := curl-$(LIBCURL_VERSION)
LIBCURL_SUFFIX := tar.xz
LIBCURL_URL := https://curl.haxx.se/download/$(LIBCURL).$(LIBCURL_SUFFIX)
--
2.34.1
next reply other threads:[~2022-06-28 8:59 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-28 8:58 Christian Melki [this message]
2022-07-29 6:23 ` [ptxdist] [APPLIED] " Michael Olbrich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220628085859.2748013-1-christian.melki@t2data.com \
--to=christian.melki@t2data.com \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox