mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-08-06 13:57:14 +02:00
main/curl: upgrade to 7.57.0
This commit is contained in:
TBK
Natanael Copa
parent
6791f008cd
commit
d19c5b26c7
@ -3,19 +3,22 @@
|
||||
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
|
||||
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
|
||||
pkgname=curl
|
||||
pkgver=7.56.1
|
||||
pkgrel=1
|
||||
pkgver=7.57.0
|
||||
pkgrel=0
|
||||
pkgdesc="An URL retrival utility and library"
|
||||
url="http://curl.haxx.se"
|
||||
arch="all"
|
||||
license="MIT"
|
||||
depends="ca-certificates"
|
||||
makedepends="zlib-dev libressl-dev libssh2-dev groff perl"
|
||||
source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2
|
||||
"
|
||||
source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2"
|
||||
subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev libcurl"
|
||||
|
||||
# secfixes:
|
||||
# 7.57.0-r0:
|
||||
# - CVE-2017-8816
|
||||
# - CVE-2017-8817
|
||||
# - CVE-2017-8818
|
||||
# 7.56.1-r0:
|
||||
# - CVE-2017-1000257
|
||||
# 7.55.0-r0:
|
||||
@ -67,9 +70,8 @@ build() {
|
||||
--without-libidn \
|
||||
--without-libidn2 \
|
||||
--disable-ldap \
|
||||
--with-pic \
|
||||
|| return 1
|
||||
make || return 1
|
||||
--with-pic
|
||||
make
|
||||
}
|
||||
|
||||
check() {
|
||||
@ -79,7 +81,7 @@ check() {
|
||||
|
||||
package() {
|
||||
make DESTDIR="$pkgdir" \
|
||||
-C "$builddir" install || return 1
|
||||
-C "$builddir" install
|
||||
}
|
||||
|
||||
libcurl() {
|
||||
@ -88,4 +90,4 @@ libcurl() {
|
||||
mv "$pkgdir"/usr/lib "$subpkgdir"/usr
|
||||
}
|
||||
|
||||
sha512sums="f8a602e6890b2791ea9199c80801ffd027980de3733d4ab001ee80b5167f840cc821c6fe7852087c88a471edc9d3f328cf660af3e2c6f7139d6c8de62b0ade68 curl-7.56.1.tar.bz2"
|
||||
sha512sums="f366d2e931d7aff63bac0e1f760ced32c849252947d522427ba92124566906a7e6bd081b6d1630df36895dda2a00ac4cf1bed1470740693ef47ab90c6a270377 curl-7.57.0.tar.bz2"
|
||||
|
||||
@ -1,32 +0,0 @@
|
||||
From 45a560390c4356bcb81d933bbbb229c8ea2acb63 Mon Sep 17 00:00:00 2001
|
||||
From: Adam Sampson <ats@offog.org>
|
||||
Date: Wed, 9 Aug 2017 14:11:17 +0100
|
||||
Subject: [PATCH] curl: do bounds check using a double comparison
|
||||
|
||||
The fix for this in 8661a0aacc01492e0436275ff36a21734f2541bb wasn't
|
||||
complete: if the parsed number in num is larger than will fit in a long,
|
||||
the conversion is undefined behaviour (causing test1427 to fail for me
|
||||
on IA32 with GCC 7.1, although it passes on AMD64 and ARMv7). Getting
|
||||
rid of the cast means the comparison will be done using doubles.
|
||||
|
||||
It might make more sense for the max argument to also be a double...
|
||||
|
||||
Fixes #1750
|
||||
Closes #1749
|
||||
---
|
||||
src/tool_paramhlp.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
|
||||
index b9dedc989e..85c5e79a7e 100644
|
||||
--- a/src/tool_paramhlp.c
|
||||
+++ b/src/tool_paramhlp.c
|
||||
@@ -218,7 +218,7 @@ static ParameterError str2double(double *val, const char *str, long max)
|
||||
num = strtod(str, &endptr);
|
||||
if(errno == ERANGE)
|
||||
return PARAM_NUMBER_TOO_LARGE;
|
||||
- if((long)num > max) {
|
||||
+ if(num > max) {
|
||||
/* too large */
|
||||
return PARAM_NUMBER_TOO_LARGE;
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user