summaryrefslogtreecommitdiff
path: root/www/curl/patches
diff options
context:
space:
mode:
authormaya <maya@pkgsrc.org>2016-11-02 07:09:38 +0000
committermaya <maya@pkgsrc.org>2016-11-02 07:09:38 +0000
commitb72c5bcea0c25bb8cc7a18d81e90a88ae4161f61 (patch)
treebcc140525ab6c18cef72d9303160459e5f365840 /www/curl/patches
parentbbede0fdcd64d08e7c030698afbc64dd163a91a2 (diff)
downloadpkgsrc-b72c5bcea0c25bb8cc7a18d81e90a88ae4161f61.tar.gz
curl: update to 7.51.0. security fix
Curl and libcurl 7.51.0 Public curl releases: 160 Command line options: 185 curl_easy_setopt() options: 225 Public functions in libcurl: 61 Contributors: 1467 This release includes the following changes: o nss: additional cipher suites are now accepted by CURLOPT_SSL_CIPHER_LIST o New option: CURLOPT_KEEP_SENDING_ON_ERROR [10] This release includes the following bugfixes: o CVE-2016-8615: cookie injection for other servers [28] o CVE-2016-8616: case insensitive password comparison [29] o CVE-2016-8617: OOB write via unchecked multiplication [30] o CVE-2016-8618: double-free in curl_maprintf [31] o CVE-2016-8619: double-free in krb5 code [32] o CVE-2016-8620: glob parser write/read out of bounds [33] o CVE-2016-8621: curl_getdate read out of bounds [34] o CVE-2016-8622: URL unescape heap overflow via integer truncation [35] o CVE-2016-8623: Use-after-free via shared cookies [36] o CVE-2016-8624: invalid URL parsing with '#' [37] o CVE-2016-8625: IDNA 2003 makes curl use wrong host [38] o openssl: fix per-thread memory leak using 1.0.1 or 1.0.2 [1] o http: accept "Transfer-Encoding: chunked" for HTTP/2 as well [2] o LICENSE-MIXING.md: update with mbedTLS dual licensing [3] o examples/imap-append: Set size of data to be uploaded [4] o test2048: fix url o darwinssl: disable RC4 cipher-suite support o CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting o openssl: don’t call CRYTPO_cleanup_all_ex_data [5] o libressl: fix version output [6] o easy: Reset all statistical session info in curl_easy_reset [7] o curl_global_cleanup.3: don't unload the lib with sub threads running [8] o dist: add CurlSymbolHiding.cmake to the tarball o docs: Remove that --proto is just used for initial retrieval [9] o configure: Fixed builds with libssh2 in a custom location o curl.1: --trace supports % for sending to stderr! o cookies: same domain handling changed to match browser behavior [11] o formpost: trying to attach a directory no longer crashes [12] o CURLOPT_DEBUGFUNCTION.3: fixed unused argument warning [13] o formpost: avoid silent snprintf() truncation o ftp: fix Curl_ftpsendf o mprintf: return error on too many arguments o smb: properly check incoming packet boundaries [14] o GIT-INFO: remove the Mac 10.1-specific details [15] o resolve: add error message when resolving using SIGALRM [16] o cmake: add nghttp2 support [17] o dist: remove PDF and HTML converted docs from the releases [18] o configure: disable poll() in macOS builds [19] o vtls: only re-use session-ids using the same scheme o pipelining: skip to-be-closed connections when pipelining [20] o win: fix Universal Windows Platform build [21] o curl: do not set CURLOPT_SSLENGINE to DEFAULT automatically [22] o maketgz: make it support "only" generating version info o Curl_socket_check: add extra check to avoid integer overflow o gopher: properly return error for poll failures o curl: set INTERLEAVEDATA too o polarssl: clear thread array at init o polarssl: fix unaligned SSL session-id lock o polarssl: reduce #ifdef madness with a macro o curl_multi_add_handle: set timeouts in closure handles [23] o configure: set min version flags for builds on mac [24] o INSTALL: converted to markdown => INSTALL.md o curl_multi_remove_handle: fix a double-free [25] o multi: fix inifinte loop in curl_multi_cleanup() [26] o nss: fix tight loop in non-blocking TLS handhsake over proxy [27] o mk-ca-bundle: Change URL retrieval to HTTPS-only by default [39] o mbedtls: stop using deprecated include file [40] o docs: fix req->data in multi-uv example [41] o configure: Fix test syntax for monotonic clock_gettime o CURLMOPT_MAX_PIPELINE_LENGTH.3: Clarify it's not for HTTP/2 [42] This release includes the following known bugs: o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html) This release would not have looked like this without help, code, reports and advice from friends like these: Akshay Vernekar, Alexander Sinditskiy, Anders Bakken, Andreas Streichardt, Andrei Sedoi, Bernard Spil, Christian Heimes, Dan Fandrich, Daniel Gustafsson, Daniel Stenberg, Darío Hereñú, David Woodhouse, Fernando Muñoz, Gregory Szorc, Jeroen Ooms, Kamil Dudka, Luật Nguyễn, lukaszgn on github, Marcel Raad, Martin Frodl, Martin Storsjö, Michael Kaufmann, Michael Osipov, Miloš Ljumović, Nick Zitzmann, nopjmp on github, Paul Joyce, Rainer Müller, Ray Satiro, Remo E, Rider Linden, Sebastian Mundry, Sergei Kuzmin, Stephen Brokenshire, Tobias Stoeckmann, Toby Peterson, Todd Short, Tony Kelman, Torben Dannhauer, Valentin David, (40 contributors) Thanks! (and sorry if I forgot to mention someone) References to bug reports and discussions on issues: [1] = https://curl.haxx.se/bug/?i=964 [2] = https://curl.haxx.se/bug/?i=1013 [3] = https://curl.haxx.se/bug/?i=1019 [4] = https://curl.haxx.se/bug/?i=1011 [5] = https://curl.haxx.se/mail/lib-2016-09/0045.html [6] = https://curl.haxx.se/bug/?i=1029 [7] = https://curl.haxx.se/bug/?i=1017 [8] = https://curl.haxx.se/bug/?i=997 [9] = https://curl.haxx.se/bug/?i=1031 [10] = https://curl.haxx.se/libcurl/c/CURLOPT_KEEP_SENDING_ON_ERROR.html [11] = https://curl.haxx.se/bug/?i=1050 [12] = https://curl.haxx.se/bug/?i=1053 [13] = https://curl.haxx.se/bug/?i=1056 [14] = https://curl.haxx.se/bug/?i=1052 [15] = https://curl.haxx.se/bug/?i=1049 [16] = https://curl.haxx.se/bug/?i=1066 [17] = https://curl.haxx.se/bug/?i=922 [18] = https://curl.haxx.se/mail/lib-2016-10/0040.html [19] = https://curl.haxx.se/bug/?i=1057 [20] = https://curl.haxx.se/bug/?i=1075 [21] = https://curl.haxx.se/bug/?i=1048 [22] = https://curl.haxx.se/bug/?i=1042 [23] = https://curl.haxx.se/bug/?i=739 [24] = https://curl.haxx.se/bug/?i=1069 [25] = https://curl.haxx.se/bug/?i=1083 [26] = https://curl.haxx.se/mail/lib-2016-10/0011.html [27] = https://bugzilla.redhat.com/1388162 [28] = https://curl.haxx.se/docs/adv_20161102A.html [29] = https://curl.haxx.se/docs/adv_20161102B.html [30] = https://curl.haxx.se/docs/adv_20161102C.html [31] = https://curl.haxx.se/docs/adv_20161102D.html [32] = https://curl.haxx.se/docs/adv_20161102E.html [33] = https://curl.haxx.se/docs/adv_20161102F.html [34] = https://curl.haxx.se/docs/adv_20161102G.html [35] = https://curl.haxx.se/docs/adv_20161102H.html [36] = https://curl.haxx.se/docs/adv_20161102I.html [37] = https://curl.haxx.se/docs/adv_20161102J.html [38] = https://curl.haxx.se/docs/adv_20161102K.html [39] = https://curl.haxx.se/bug/?i=1012 [40] = https://curl.haxx.se/bug/?i=1087 [41] = https://curl.haxx.se/bug/?i=1088 [42] = https://curl.haxx.se/bug/?i=1059
Diffstat (limited to 'www/curl/patches')
-rw-r--r--www/curl/patches/patch-aa21
1 files changed, 6 insertions, 15 deletions
diff --git a/www/curl/patches/patch-aa b/www/curl/patches/patch-aa
index 5d8432a566c..fba102ff06f 100644
--- a/www/curl/patches/patch-aa
+++ b/www/curl/patches/patch-aa
@@ -1,11 +1,11 @@
-$NetBSD: patch-aa,v 1.34 2015/08/17 15:43:27 wiz Exp $
+$NetBSD: patch-aa,v 1.35 2016/11/02 07:09:39 maya Exp $
builtin krb5-config in platforms such as solaris do not support
the gssapi option, and need an explicit -lgss
---- configure.orig 2015-08-10 12:54:00.000000000 +0000
+--- configure.orig 2016-10-31 09:41:43.000000000 +0000
+++ configure
-@@ -3737,6 +3737,7 @@ $as_echo "$as_me: $xc_bad_var_msg librar
+@@ -3817,6 +3817,7 @@ $as_echo "$as_me: $xc_bad_var_msg librar
;;
esac
done
@@ -13,7 +13,7 @@ the gssapi option, and need an explicit -lgss
if test $xc_bad_var_cflags = yes; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: using CFLAGS: $CFLAGS" >&5
$as_echo "$as_me: using CFLAGS: $CFLAGS" >&6;}
-@@ -16723,7 +16724,7 @@ squeeze() {
+@@ -17278,7 +17279,7 @@ squeeze() {
#
@@ -22,16 +22,7 @@ the gssapi option, and need an explicit -lgss
#
if test "$compiler_id" = "GNU_C" ||
test "$compiler_id" = "CLANG"; then
-@@ -19971,7 +19972,7 @@ done
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for monotonic clock_gettime" >&5
- $as_echo_n "checking for monotonic clock_gettime... " >&6; }
- #
-- if test "x$dontwant_rt" == "xno" ; then
-+ if test "x$dontwant_rt" = "xno" ; then
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h. */
-
-@@ -21174,7 +21175,11 @@ $as_echo "yes" >&6; }
+@@ -21820,7 +21821,11 @@ $as_echo "yes" >&6; }
if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi`
elif test -f "$KRB5CONFIG"; then
@@ -44,7 +35,7 @@ the gssapi option, and need an explicit -lgss
elif test "$GSSAPI_ROOT" != "yes"; then
GSSAPI_INCS="-I$GSSAPI_ROOT/include"
fi
-@@ -21347,7 +21352,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd
+@@ -21993,7 +21998,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd
LIBS="-lgss $LIBS"
;;
*)