Please set up git to detect file renames, otherwise the patch is impossible to review.
Alex On Tue, 22 Dec 2020 at 21:33, Jamaluddin, Khairul Rohaizzat < [email protected]> wrote: > From: Khairul Rohaizzat Jamaluddin <[email protected] > > > > update to version 7.74.0 > > curl 7.74.0 hsts: add experimental support for Strict-Transport-Security > with various bug fixes > > Reference: > https://curl.se/changes.html#7_74_0 > > update includes fix for CVE: > CVE-2020-8284 > CVE-2020-8285 > CVE-2020-8286 > > Signed-off-by: Khairul Rohaizzat Jamaluddin < > [email protected]> > --- > meta/recipes-support/curl/curl_7.73.0.bb | 85 > -------------------------------- > meta/recipes-support/curl/curl_7.74.0.bb | 85 > ++++++++++++++++++++++++++++++++ > 2 files changed, 85 insertions(+), 85 deletions(-) > delete mode 100644 meta/recipes-support/curl/curl_7.73.0.bb > create mode 100644 meta/recipes-support/curl/curl_7.74.0.bb > > diff --git a/meta/recipes-support/curl/curl_7.73.0.bb > b/meta/recipes-support/curl/curl_7.73.0.bb > deleted file mode 100644 > index 0f26b0f..0000000 > --- a/meta/recipes-support/curl/curl_7.73.0.bb > +++ /dev/null > @@ -1,85 +0,0 @@ > -SUMMARY = "Command line tool and library for client-side URL transfers" > -HOMEPAGE = "http://curl.haxx.se/"; > -BUGTRACKER = "http://curl.haxx.se/mail/list.cgi?list=curl-tracker"; > -SECTION = "console/network" > -LICENSE = "MIT" > -LIC_FILES_CHKSUM = "file://COPYING;md5=2e9fb35867314fe31c6a4977ef7dd531" > - > -SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ > - file://0001-replace-krb5-config-with-pkg-config.patch \ > -" > - > -SRC_URI[sha256sum] = > "cf34fe0b07b800f1c01a499a6e8b2af548f6d0e044dca4a29d88a4bee146d131" > - > -# Curl has used many names over the years... > -CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl > libcurl:libcurl daniel_stenberg:curl" > - > -inherit autotools pkgconfig binconfig multilib_header > - > -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} > gnutls libidn proxy threaded-resolver verbose zlib" > -PACKAGECONFIG_class-native = "ipv6 proxy ssl threaded-resolver verbose > zlib" > -PACKAGECONFIG_class-nativesdk = "ipv6 proxy ssl threaded-resolver verbose > zlib" > - > -# 'ares' and 'threaded-resolver' are mutually exclusive > -PACKAGECONFIG[ares] = > "--enable-ares,--disable-ares,c-ares,,,threaded-resolver" > -PACKAGECONFIG[brotli] = "--with-brotli,--without-brotli,brotli" > -PACKAGECONFIG[builtinmanual] = "--enable-manual,--disable-manual" > -PACKAGECONFIG[dict] = "--enable-dict,--disable-dict," > -PACKAGECONFIG[gnutls] = "--with-gnutls,--without-gnutls,gnutls" > -PACKAGECONFIG[gopher] = "--enable-gopher,--disable-gopher," > -PACKAGECONFIG[imap] = "--enable-imap,--disable-imap," > -PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," > -PACKAGECONFIG[krb5] = "--with-gssapi,--without-gssapi,krb5" > -PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap," > -PACKAGECONFIG[ldaps] = "--enable-ldaps,--disable-ldaps," > -PACKAGECONFIG[libidn] = "--with-libidn2,--without-libidn2,libidn2" > -PACKAGECONFIG[libssh2] = "--with-libssh2,--without-libssh2,libssh2" > -PACKAGECONFIG[mbedtls] = > "--with-mbedtls=${STAGING_DIR_TARGET},--without-mbedtls,mbedtls" > -PACKAGECONFIG[mqtt] = "--enable-mqtt,--disable-mqtt," > -PACKAGECONFIG[nghttp2] = "--with-nghttp2,--without-nghttp2,nghttp2" > -PACKAGECONFIG[pop3] = "--enable-pop3,--disable-pop3," > -PACKAGECONFIG[proxy] = "--enable-proxy,--disable-proxy," > -PACKAGECONFIG[rtmpdump] = "--with-librtmp,--without-librtmp,rtmpdump" > -PACKAGECONFIG[rtsp] = "--enable-rtsp,--disable-rtsp," > -PACKAGECONFIG[smb] = "--enable-smb,--disable-smb," > -PACKAGECONFIG[smtp] = "--enable-smtp,--disable-smtp," > -PACKAGECONFIG[ssl] = "--with-ssl > --with-random=/dev/urandom,--without-ssl,openssl" > -PACKAGECONFIG[nss] = "--with-nss,--without-nss,nss" > -PACKAGECONFIG[telnet] = "--enable-telnet,--disable-telnet," > -PACKAGECONFIG[tftp] = "--enable-tftp,--disable-tftp," > -PACKAGECONFIG[threaded-resolver] = > "--enable-threaded-resolver,--disable-threaded-resolver,,,,ares" > -PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose" > -PACKAGECONFIG[zlib] = > "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib" > - > -EXTRA_OECONF = " \ > - --disable-libcurl-option \ > - --disable-ntlm-wb \ > - --enable-crypto-auth \ > - --with-ca-bundle=${sysconfdir}/ssl/certs/ca-certificates.crt \ > - --without-libmetalink \ > - --without-libpsl \ > - --enable-debug \ > - --enable-optimize \ > - --disable-curldebug \ > -" > - > -do_install_append_class-target() { > - # cleanup buildpaths from curl-config > - sed -i \ > - -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \ > - -e 's,--with-libtool-sysroot=${STAGING_DIR_TARGET},,g' \ > - -e 's|${DEBUG_PREFIX_MAP}||g' \ > - ${D}${bindir}/curl-config > -} > - > -PACKAGES =+ "lib${BPN}" > - > -FILES_lib${BPN} = "${libdir}/lib*.so.*" > -RRECOMMENDS_lib${BPN} += "ca-certificates" > - > -FILES_${PN} += "${datadir}/zsh" > - > -inherit multilib_script > -MULTILIB_SCRIPTS = "${PN}-dev:${bindir}/curl-config" > - > -BBCLASSEXTEND = "native nativesdk" > diff --git a/meta/recipes-support/curl/curl_7.74.0.bb > b/meta/recipes-support/curl/curl_7.74.0.bb > new file mode 100644 > index 0000000..873bbe8 > --- /dev/null > +++ b/meta/recipes-support/curl/curl_7.74.0.bb > @@ -0,0 +1,85 @@ > +SUMMARY = "Command line tool and library for client-side URL transfers" > +HOMEPAGE = "http://curl.haxx.se/"; > +BUGTRACKER = "http://curl.haxx.se/mail/list.cgi?list=curl-tracker"; > +SECTION = "console/network" > +LICENSE = "MIT" > +LIC_FILES_CHKSUM = "file://COPYING;md5=2e9fb35867314fe31c6a4977ef7dd531" > + > +SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ > + file://0001-replace-krb5-config-with-pkg-config.patch \ > +" > + > +SRC_URI[sha256sum] = > "0f4d63e6681636539dc88fa8e929f934cd3a840c46e0bf28c73be11e521b77a5" > + > +# Curl has used many names over the years... > +CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl > libcurl:libcurl daniel_stenberg:curl" > + > +inherit autotools pkgconfig binconfig multilib_header > + > +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} > gnutls libidn proxy threaded-resolver verbose zlib" > +PACKAGECONFIG_class-native = "ipv6 proxy ssl threaded-resolver verbose > zlib" > +PACKAGECONFIG_class-nativesdk = "ipv6 proxy ssl threaded-resolver verbose > zlib" > + > +# 'ares' and 'threaded-resolver' are mutually exclusive > +PACKAGECONFIG[ares] = > "--enable-ares,--disable-ares,c-ares,,,threaded-resolver" > +PACKAGECONFIG[brotli] = "--with-brotli,--without-brotli,brotli" > +PACKAGECONFIG[builtinmanual] = "--enable-manual,--disable-manual" > +PACKAGECONFIG[dict] = "--enable-dict,--disable-dict," > +PACKAGECONFIG[gnutls] = "--with-gnutls,--without-gnutls,gnutls" > +PACKAGECONFIG[gopher] = "--enable-gopher,--disable-gopher," > +PACKAGECONFIG[imap] = "--enable-imap,--disable-imap," > +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," > +PACKAGECONFIG[krb5] = "--with-gssapi,--without-gssapi,krb5" > +PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap," > +PACKAGECONFIG[ldaps] = "--enable-ldaps,--disable-ldaps," > +PACKAGECONFIG[libidn] = "--with-libidn2,--without-libidn2,libidn2" > +PACKAGECONFIG[libssh2] = "--with-libssh2,--without-libssh2,libssh2" > +PACKAGECONFIG[mbedtls] = > "--with-mbedtls=${STAGING_DIR_TARGET},--without-mbedtls,mbedtls" > +PACKAGECONFIG[mqtt] = "--enable-mqtt,--disable-mqtt," > +PACKAGECONFIG[nghttp2] = "--with-nghttp2,--without-nghttp2,nghttp2" > +PACKAGECONFIG[pop3] = "--enable-pop3,--disable-pop3," > +PACKAGECONFIG[proxy] = "--enable-proxy,--disable-proxy," > +PACKAGECONFIG[rtmpdump] = "--with-librtmp,--without-librtmp,rtmpdump" > +PACKAGECONFIG[rtsp] = "--enable-rtsp,--disable-rtsp," > +PACKAGECONFIG[smb] = "--enable-smb,--disable-smb," > +PACKAGECONFIG[smtp] = "--enable-smtp,--disable-smtp," > +PACKAGECONFIG[ssl] = "--with-ssl > --with-random=/dev/urandom,--without-ssl,openssl" > +PACKAGECONFIG[nss] = "--with-nss,--without-nss,nss" > +PACKAGECONFIG[telnet] = "--enable-telnet,--disable-telnet," > +PACKAGECONFIG[tftp] = "--enable-tftp,--disable-tftp," > +PACKAGECONFIG[threaded-resolver] = > "--enable-threaded-resolver,--disable-threaded-resolver,,,,ares" > +PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose" > +PACKAGECONFIG[zlib] = > "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib" > + > +EXTRA_OECONF = " \ > + --disable-libcurl-option \ > + --disable-ntlm-wb \ > + --enable-crypto-auth \ > + --with-ca-bundle=${sysconfdir}/ssl/certs/ca-certificates.crt \ > + --without-libmetalink \ > + --without-libpsl \ > + --enable-debug \ > + --enable-optimize \ > + --disable-curldebug \ > +" > + > +do_install_append_class-target() { > + # cleanup buildpaths from curl-config > + sed -i \ > + -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \ > + -e 's,--with-libtool-sysroot=${STAGING_DIR_TARGET},,g' \ > + -e 's|${DEBUG_PREFIX_MAP}||g' \ > + ${D}${bindir}/curl-config > +} > + > +PACKAGES =+ "lib${BPN}" > + > +FILES_lib${BPN} = "${libdir}/lib*.so.*" > +RRECOMMENDS_lib${BPN} += "ca-certificates" > + > +FILES_${PN} += "${datadir}/zsh" > + > +inherit multilib_script > +MULTILIB_SCRIPTS = "${PN}-dev:${bindir}/curl-config" > + > +BBCLASSEXTEND = "native nativesdk" > -- > 2.7.4 > > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#146071): https://lists.openembedded.org/g/openembedded-core/message/146071 Mute This Topic: https://lists.openembedded.org/mt/79158366/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
