From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 29 Jul 2022 08:23:49 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1oHJPZ-003Fto-Ny for lore@lore.pengutronix.de; Fri, 29 Jul 2022 08:23:49 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1oHJPZ-0006B1-43; Fri, 29 Jul 2022 08:23:49 +0200 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oHJOr-0005vR-LK; Fri, 29 Jul 2022 08:23:05 +0200 Received: from [2a0a:edc0:0:1101:1d::39] (helo=dude03.red.stw.pengutronix.de) by drehscheibe.grey.stw.pengutronix.de with esmtp (Exim 4.94.2) (envelope-from ) id 1oHJOq-000SLi-UF; Fri, 29 Jul 2022 08:23:04 +0200 Received: from mol by dude03.red.stw.pengutronix.de with local (Exim 4.94.2) (envelope-from ) id 1oHJOq-009xbs-6a; Fri, 29 Jul 2022 08:23:04 +0200 From: Michael Olbrich To: ptxdist@pengutronix.de Date: Fri, 29 Jul 2022 08:23:04 +0200 Message-Id: <20220729062304.2374049-1-m.olbrich@pengutronix.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220628085859.2748013-1-christian.melki@t2data.com> References: <20220628085859.2748013-1-christian.melki@t2data.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: Re: [ptxdist] [APPLIED] libcurl: Version bump. 7.83.1 -> 7.84.0 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: Christian Melki Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false Thanks, applied as 7b68aa26afad1cf06cb8fe7e5ef34e927363f6c5. Michael [sent from post-receive hook] On Fri, 29 Jul 2022 08:23:03 +0200, Christian Melki wrote: > The usual slew of fixes and development. > https://curl.se/changes.html#7_84_0 > Plugs CVEs: > CVE-2022-32208: FTP-KRB bad message verification > CVE-2022-32207: Unpreserved file permissions > CVE-2022-32206: HTTP compression denial of service > CVE-2022-32205: Set-Cookie denial of service > > * Add patches to fix two build errors. > Patches from upstream curl repo. > > Signed-off-by: Christian Melki > Message-Id: <20220628085859.2748013-1-christian.melki@t2data.com> > Signed-off-by: Michael Olbrich > > diff --git a/patches/curl-7.84.0/0001-easy_lock.h-include-sched.h-if-available-to-fix-buil.patch b/patches/curl-7.84.0/0001-easy_lock.h-include-sched.h-if-available-to-fix-buil.patch > new file mode 100644 > index 000000000000..099e49c0c825 > --- /dev/null > +++ b/patches/curl-7.84.0/0001-easy_lock.h-include-sched.h-if-available-to-fix-buil.patch > @@ -0,0 +1,25 @@ > +From: Daniel Stenberg > +Date: Mon, 27 Jun 2022 08:46:21 +0200 > +Subject: [PATCH] easy_lock.h: include sched.h if available to fix build > + > +Patched-by: Harry Sintonen > + > +Closes #9054 > +--- > + lib/easy_lock.h | 3 +++ > + 1 file changed, 3 insertions(+) > + > +diff --git a/lib/easy_lock.h b/lib/easy_lock.h > +index 819f50ce815b..1f54289ceb2d 100644 > +--- a/lib/easy_lock.h > ++++ b/lib/easy_lock.h > +@@ -36,6 +36,9 @@ > + > + #elif defined (HAVE_ATOMIC) > + #include > ++#if defined(HAVE_SCHED_YIELD) > ++#include > ++#endif > + > + #define curl_simple_lock atomic_bool > + #define CURL_SIMPLE_LOCK_INIT false > diff --git a/patches/curl-7.84.0/0002-easy_lock.h-use-__asm__-instead-of-asm-to-fix-build.patch b/patches/curl-7.84.0/0002-easy_lock.h-use-__asm__-instead-of-asm-to-fix-build.patch > new file mode 100644 > index 000000000000..7443ba41eed1 > --- /dev/null > +++ b/patches/curl-7.84.0/0002-easy_lock.h-use-__asm__-instead-of-asm-to-fix-build.patch > @@ -0,0 +1,22 @@ > +From: vvb2060 > +Date: Tue, 28 Jun 2022 03:48:43 +0800 > +Subject: [PATCH] easy_lock.h: use __asm__ instead of asm to fix build > + > +Closes #9056 > +--- > + lib/easy_lock.h | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/lib/easy_lock.h b/lib/easy_lock.h > +index 1f54289ceb2d..07c85c5ffdd1 100644 > +--- a/lib/easy_lock.h > ++++ b/lib/easy_lock.h > +@@ -54,7 +54,7 @@ static inline void curl_simple_lock_lock(curl_simple_lock *lock) > + #if defined(__i386__) || defined(__x86_64__) > + __builtin_ia32_pause(); > + #elif defined(__aarch64__) > +- asm volatile("yield" ::: "memory"); > ++ __asm__ volatile("yield" ::: "memory"); > + #elif defined(HAVE_SCHED_YIELD) > + sched_yield(); > + #endif > diff --git a/patches/curl-7.84.0/series b/patches/curl-7.84.0/series > new file mode 100644 > index 000000000000..a8ea60cf2cf2 > --- /dev/null > +++ b/patches/curl-7.84.0/series > @@ -0,0 +1,5 @@ > +# generated by git-ptx-patches > +#tag:base --start-number 1 > +0001-easy_lock.h-include-sched.h-if-available-to-fix-buil.patch > +0002-easy_lock.h-use-__asm__-instead-of-asm-to-fix-build.patch > +# 3ace341f1349f3d078579bbef0b35324 - git-ptx-patches magic > diff --git a/rules/libcurl.make b/rules/libcurl.make > index 8faa948bf476..e40063f14406 100644 > --- a/rules/libcurl.make > +++ b/rules/libcurl.make > @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl > # > # Paths and names > # > -LIBCURL_VERSION := 7.83.1 > -LIBCURL_MD5 := 08c6d9c25d9cf8d17be28363753e42ca > +LIBCURL_VERSION := 7.84.0 > +LIBCURL_MD5 := 6ce66afa416bb11b8f39cc9e059afd5b > LIBCURL := curl-$(LIBCURL_VERSION) > LIBCURL_SUFFIX := tar.xz > LIBCURL_URL := https://curl.haxx.se/download/$(LIBCURL).$(LIBCURL_SUFFIX)