mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2026-05-06 04:46:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

main/curl: security upgrade to 7.83.0

Browse Source
This commit is contained in:
J0WI 2022-04-27 09:21:58 +02:00 committed by alice
parent c25fd8e15b
commit 5f4aa894fc
2 changed files with 9 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
main/curl/APKBUILD
View File

@ -8,8 +8,8 @@
# this aport from arch=all WILL be reverted.
pkgname=curl
pkgver=7.82.0
pkgrel=1
pkgver=7.83.0
pkgrel=0
pkgdesc="URL retrival utility and library"
url="https://curl.se/"
arch="all"
@ -29,11 +29,16 @@ subpackages="
libcurl"
source="
https://curl.se/download/curl-$pkgver.tar.xz
fix-out-of-memory-error.patch"
"
options="net" # Required for running tests
[ -n "$BOOTSTRAP" ] && options="$options !check" # remove python3 dependency
# secfixes:
# 7.83.0-r0:
# - CVE-2022-22576
# - CVE-2022-27774
# - CVE-2022-27775
# - CVE-2022-27776
# 7.79.0-r0:
# - CVE-2021-22945
# - CVE-2021-22946
@ -178,6 +183,5 @@ static() {
}
sha512sums="
a977d69360d1793f8872096a21f5c0271e7ad145cd69ad45f4056a0657772f0f298b04bdb41aefd4ea5c4478352c60d80b5a118642280a07a7198aa80ffb1d57 curl-7.82.0.tar.xz
bb2e3d40d65c5c1c07b2623c2d5db11fe232ecf4d9f223ec2bdd8fba32c76c991292b36114b48dd0cad2ed376d127070a65f30fcec7af4b328e4adaab81b4dc1 fix-out-of-memory-error.patch
be02bb2a8a3140eff3a9046f27cd4f872ed9ddaa644af49e56e5ef7dfec84a15b01db133469269437cddc937eda73953fa8c51bb758f7e98873822cd2290d3a9 curl-7.83.0.tar.xz
"

30
main/curl/fix-out-of-memory-error.patch
View File

@ -1,30 +0,0 @@
From 911714d617c106ed5d553bf003e34ec94ab6a136 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 8 Mar 2022 13:38:13 +0100
Subject: [PATCH] openssl: fix CN check error code
Due to a missing 'else' this returns error too easily.
Regressed in: d15692ebb
Reported-by: Kristoffer Gleditsch
Fixes #8559
Closes #8560
---
lib/vtls/openssl.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 0b79fc50a9c5..4618beeb3867 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1817,7 +1817,8 @@ CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn,
memcpy(peer_CN, ASN1_STRING_get0_data(tmp), peerlen);
peer_CN[peerlen] = '\0';
}
- result = CURLE_OUT_OF_MEMORY;
+ else
+ result = CURLE_OUT_OF_MEMORY;
}
}
else /* not a UTF8 name */