From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 15 Sep 2023 20:00:03 +0200 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qhD6q-00GTKJ-DS for lore@lore.pengutronix.de; Fri, 15 Sep 2023 20:00:03 +0200 Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1qhD6n-00086m-V1; Fri, 15 Sep 2023 20:00:01 +0200 Received: from mail-am6eur05on2065.outbound.protection.outlook.com ([40.107.22.65] helo=EUR05-AM6-obe.outbound.protection.outlook.com) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1qhD6Q-00085L-K3 for ptxdist@pengutronix.de; Fri, 15 Sep 2023 19:59:40 +0200 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Tmv1lmX2v+HtQVtSBqjiycP6ebY1aOYB9muZYxaaJx+Nxzg0uAiBinGwL59aBRoAgsFsrxsRU1BuwO/JaebegLuwajJGhcfZjNPcMHifbMcj40pEmsPVbZXKyo9h85PoMJemAA00jCfYJnL4kQP9zaZzzGtyPTNizq1cpHD6hMo9GU6f01+YS5lFMh2tMvfr7nEDsKrZNXhjJcZq6zycEgQ5JSpv/EVdxjZZdMdjO3PCSvBGbDR2b4oJ++xvkbTSdMNu+skmra1r9ztfoxpP5g/q6QuXYzuqnGO1AOa4oa4qF4+dEQj5Y03Y1rw39Hf8topltqfJ+Bq45rxxxCDH+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hoM+4724IYhntxBosNb5vI0bUDZksX8p42IdxuLRJh4=; b=MyfCIRQR+4nA1c0toT6yRZdzzHH4PcHuAj67YMmkrtzUkXhnRLpjGhDWytRBnFMi9cQdEbvMGN5mYcLzY4gWYGtVQsMfyQZjzLue++ywmckQZQNrhoEMoMZZGNQYjCmoRDFNxQDnoPIaRq9AQocQK+Zg6O6f5CZBsJ5cfYGzDBWl4iII2KJ6z2BSlAGHYv0HBcdgg0uuuqskd2J0qIxvXD2z8nBca037eXNIn+ChM3+0dKK39tH6KNx+HcfwALDzrEOX0aW5NYja7g8sixWVU9tdLn6RChHkMh+hNbUj7YOZDJEI2bdAueVg4J+zqJeFIkLwWqfn2W3ik8FyrH/ZaA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=t2data.com; dmarc=pass action=none header.from=t2data.com; dkim=pass header.d=t2data.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hoM+4724IYhntxBosNb5vI0bUDZksX8p42IdxuLRJh4=; b=F2GAjdiDmAaJ0i18bEh5A7gKgDCHX/Sy0j01xZwOvAND/xi4gme6NCQBL60oeTD4l/FWwGYy4ayCxYd18XEDe/HUcJIoMLuNKI0pmHsOts2hUnY2U6h0Krd4S+wYUoE6Pma99mrJRVakGa6no/PGWkfWrhmd+egXKdwY9jCOPCQ= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t2data.com; Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) by DU0P251MB0556.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:32b::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6792.21; Fri, 15 Sep 2023 17:59:35 +0000 Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::ba2b:f72d:8ac5:b2c1]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::ba2b:f72d:8ac5:b2c1%7]) with mapi id 15.20.6792.021; Fri, 15 Sep 2023 17:59:35 +0000 From: Christian Melki To: ptxdist@pengutronix.de Date: Fri, 15 Sep 2023 19:59:19 +0200 Message-Id: <20230915175919.2719326-1-christian.melki@t2data.com> X-Mailer: git-send-email 2.34.1 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: GV3P280CA0069.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:a::30) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB9P251MB0618:EE_|DU0P251MB0556:EE_ X-MS-Office365-Filtering-Correlation-Id: 962f8a02-716d-4e0b-096b-08dbb6158532 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 8ry6JmaQsb2tvwxB8tfKcXGIcCrpbrZIWMdYvgQzfMAIf53Irr9/lhQWQxTNxj6Jvg/JC3O9itXXQXH+WISkfyi0IBFKbwkD/cqKqzqOpCZpEj/f6tz/huUIgArem6xdL8q9maVj2kMsMXemdWU8hz9UiATpDzck/Yjn6VIG7JNcWvFFemipjelxdNCyorc907P+FElYSxGMg+A1TxumUZ5TElm4RJHWp2sSA9JITBQ3G0QtXZzekal7HG0BWCTdnVQeU5SjT6X5KfHddwqnu1GqYnMd7CdUkN7hFbr1kHaQRFOfP8Aq64EljNaUTaMNfHCMEb6z0Txeo4OpL1Ht5PpyOZAcLjdpiOfpG2w+jn7s2FURvdaejPOfpv4vvuz377+Eve85Oz1f+SaHeemGtOpd7YvKNPqGDQ2jUHyz8w6hvlyYuH0YBDeDeHwVFfQSryIN3vtyb03V8LIPMzriss3XFyjU0qGpk1uoDFmh74b+neoCeUjNRiOCx5f6CTaDMUaApfr8XXtUViaX14jPQFQdRAyBWh2930YqgDTko8qwweywnXBDWFemrGFN2PPjKW2D/g2bggQK6OGnBk/t2yaikn0ldjNmv89nEkJ+qVQ= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(376002)(396003)(346002)(366004)(136003)(39830400003)(1800799009)(186009)(451199024)(8676002)(8936002)(44832011)(5660300002)(316002)(6916009)(41300700001)(66476007)(66556008)(66946007)(83380400001)(38350700002)(38100700002)(86362001)(52116002)(6512007)(26005)(1076003)(966005)(2616005)(2906002)(36756003)(478600001)(6506007)(6486002)(6666004); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?2LOxUqzlTjzlAiV1fhzeyfhfBo3uOtNO/9GijG+j/zBOkre7ctegdfUNyu6+?= =?us-ascii?Q?AodKvfvqcjkt0D6AmC1xGSXUzzOTx0ih6099MJxR8lqFlSMYvzd/IjzNkn7t?= =?us-ascii?Q?kvXCgWBCEj6nKV9SWsUZR12sWMpbfzFfUR3uNXlC/ng8etUUV/2W8lubdvYH?= =?us-ascii?Q?WGwPnVPRmRqOAEYG7zLw4qLRPxXXQih1RpUrfS5D9wQsb48KZoXrEG5P+DV5?= =?us-ascii?Q?GSKDuGSMRJD61Wci4KqBIjSwQ+nwGs9H3RqPbm663oBi9FUStgyt8u3oM172?= =?us-ascii?Q?li201YJwW5m3CovyNzK6voPNUdpGx4I27buCxcWFhHUjXml8OourvcfDTblA?= =?us-ascii?Q?8Cdjjew6ub4wDdq2uIkhYTUDRiAXtHeoic3SvM0NyffuQbKyqEJfiWui7nkW?= =?us-ascii?Q?q4snkzid/u/pUEc0jG6rap9tMLPmBhmTCMUl2okH0rtvbSH2uFtQuAoxMJ0x?= =?us-ascii?Q?WcOncvP0zruZ6ngYHQQgbpu3iU1lxpjt5UZ7z2Wvh/M78Y/U7/7UAwKoJ4tx?= =?us-ascii?Q?u3IC9ZJxFDyl6uztpQWXkXrRlVm/63Mj25KDAJlM8dYoHCWUVUm3vuXdhKAK?= =?us-ascii?Q?cfd1/52FXkJ/Rs+3M63Dr640ix4CyeZWRBpwR3GHbMEQzcT6jX0lmRn4f5n0?= =?us-ascii?Q?dNnwiLlLVTbl3cMOYGdVOTmdZQiTyhzh0rfhANw5zHzWcsHhzp+1OwcYeuXI?= =?us-ascii?Q?yub7+4K26isCOzPxYpWR8EPTKJbLn2CL8EK8AReSUm51E6mUFm9mMBhP3PQT?= =?us-ascii?Q?wfekcRRfr7naa58eUH7quAL8Qd3EgRDs+NOWN2cGHKP/tQMtY0NMWDZNyGuI?= =?us-ascii?Q?/2XvgxxoBCLUW6UUlTzOtuqvlJ3LlqTl/BCpYJ8S7z4Qey4pBnI4HVGl1jQn?= =?us-ascii?Q?O3bLzy7zhgpdb4YysC2bU0/m8xGdNOyKiPYVS8f4wyqzkXEOEv8zbOw6rtHB?= =?us-ascii?Q?ZIOETRdh1fksdwQoMulKNzQn/xdlb1Ili6RDUxudTLEQYKyW+GiV+tiQ9lCy?= =?us-ascii?Q?kpgGsnKiBvGOQ6FUUk7AIEcddKqKbFEeZNi/YktxsvFOJiqlBgWyEww/Xlx+?= =?us-ascii?Q?ilspnWLQnlB2ueqNlGCd/onJRRT0j3lL4pYTop7fE8kTCDppMR+OiB7iWV4p?= =?us-ascii?Q?NaQe9mRg3BQIpxWv1wuIeMynwUyFoWMCj82U35SW1kTiXnm1vICtuA4cMupt?= =?us-ascii?Q?U000l71MECG36cdeyEnObUxG97JfJLvXJL6pHO7/Cw29YRk6QppSZXt9/zs0?= =?us-ascii?Q?2DktlOVnWJSZvEhCMbM8N2QHPWNMObw/A0sHVkHYjcsXhpnATysHuSl7q+lh?= =?us-ascii?Q?CXOn4CvqciDZ1EGzAp+5up3dHhIB8OAg1R4AdFagwfWxMX3MHRtCiABVoQYG?= =?us-ascii?Q?HmnoJ3cSlVxDdNIsqlSVYC/awxPPSND6WwUFojhJolyfBqiUC3pvoEnxxAVU?= =?us-ascii?Q?XliOo2bIwvkut9UlaGNAWOi9G6H/4uL8aQPuyfg7c1MVyOKeJtXsHzV3zMFV?= =?us-ascii?Q?OeLcUhbzP0lETifLeZBlpu4MtdaJTZMDWK82/jkJb7/3kBwVVZi9bA83RarW?= =?us-ascii?Q?kV4cfs4I6Z5kVgQsoVzh9s87RC3OIrlp+brZd3VrVslYGdoexhxtN5QnZYQM?= =?us-ascii?Q?Aw=3D=3D?= X-OriginatorOrg: t2data.com X-MS-Exchange-CrossTenant-Network-Message-Id: 962f8a02-716d-4e0b-096b-08dbb6158532 X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Sep 2023 17:59:34.9205 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: TI74fsjOAM8J0bmMDEjSiZ+hlkwWT66C+t2DdyDkJ5xYboqAs0xAAGz7FQUr4G/9uSjnlu6W+VCvxIqes1bEMIZGSRoYsiKB4jOfEPbbdi8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0P251MB0556 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.whiteo.stw.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Subject: [ptxdist] [PATCH] libcurl: Version bump. 8.2.1 -> 8.3.0 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false Some work went in to more tweaks and making a smaller curl. https://curl.se/changes.html#8_3_0 Plugs CVEs: CVE-2023-38039 HTTP headers eat all memory * crypto-auth is actually gone. But instead of adding per auth capability right now, just keep the symbol and make it behave as it used to. Sans basic-auth that is. That was always enabled. * Move some options to better adapt to options filtering. * Make bindlocal enabled, as it used to be. * Make form-api dependant on mime, afaiu, this is how it works. Signed-off-by: Christian Melki --- rules/libcurl.make | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/rules/libcurl.make b/rules/libcurl.make index c19f828e5..ad615bd87 100644 --- a/rules/libcurl.make +++ b/rules/libcurl.make @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl # # Paths and names # -LIBCURL_VERSION := 8.2.1 -LIBCURL_MD5 := 556576a795bdd2c7d10de6886480065f +LIBCURL_VERSION := 8.3.0 +LIBCURL_MD5 := 2fc6cf5cefa8b73e3826aa24befdccff LIBCURL := curl-$(LIBCURL_VERSION) LIBCURL_SUFFIX := tar.xz LIBCURL_URL := https://curl.se/download/$(LIBCURL).$(LIBCURL_SUFFIX) @@ -45,7 +45,6 @@ LIBCURL_CONF_OPT := \ --enable-rt \ --disable-ech \ --disable-code-coverage \ - --disable-headers-api \ $(GLOBAL_LARGE_FILE_OPTION) \ --$(call ptx/endis, PTXCONF_LIBCURL_HTTP)-http \ --$(call ptx/endis, PTXCONF_LIBCURL_FTP)-ftp \ @@ -73,7 +72,12 @@ LIBCURL_CONF_OPT := \ --enable-pthreads \ --$(call ptx/endis, PTXCONF_LIBCURL_VERBOSE)-verbose \ --disable-sspi \ - --$(call ptx/endis, PTXCONF_LIBCURL_CRYPTO_AUTH)-crypto-auth \ + --enable-basic-auth \ + --$(call ptx/endis, PTXCONF_LIBCURL_CRYPTO_AUTH)-bearer-auth \ + --$(call ptx/endis, PTXCONF_LIBCURL_CRYPTO_AUTH)-digest-auth \ + --$(call ptx/endis, PTXCONF_LIBCURL_CRYPTO_AUTH)-kerberos-auth \ + --$(call ptx/endis, PTXCONF_LIBCURL_CRYPTO_AUTH)-negotiate-auth \ + --$(call ptx/endis, PTXCONF_LIBCURL_CRYPTO_AUTH)-aws \ --$(call ptx/endis, PTXCONF_LIBCURL_CRYPTO_AUTH)-ntlm \ --disable-ntlm-wb \ --enable-tls-srp \ @@ -83,12 +87,15 @@ LIBCURL_CONF_OPT := \ --$(call ptx/endis, PTXCONF_LIBCURL_HTTP)-http-auth \ --disable-doh \ --$(call ptx/endis, PTXCONF_LIBCURL_MIME)-mime \ + --enable-bindlocal \ + --$(call ptx/endis, PTXCONF_LIBCURL_MIME)-form-api \ --enable-dateparse \ --enable-netrc \ --enable-progress-meter \ --disable-dnsshuffle \ --enable-get-easy-options \ --disable-alt-svc \ + --disable-headers-api \ --enable-hsts \ --disable-websockets \ --without-schannel \ @@ -101,7 +108,6 @@ LIBCURL_CONF_OPT := \ --without-wolfssl \ --without-bearssl \ --without-rustls \ - --without-nss \ --without-hyper \ --with-zlib=$(SYSROOT) \ --without-brotli \ @@ -122,9 +128,9 @@ LIBCURL_CONF_OPT := \ --without-libidn2 \ --without-nghttp2 \ --without-ngtcp2 \ - --without-msh3 \ --without-nghttp3 \ --without-quiche \ + --without-msh3 \ --without-zsh-functions-dir \ --without-fish-functions-dir -- 2.34.1