aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChris Novakovic <chris@chrisn.me.uk>2021-05-26 23:42:30 +0100
committerChris Novakovic <chris@chrisn.me.uk>2021-05-26 23:42:30 +0100
commit86df50f329bf28baee9a007ed436cec59862ea93 (patch)
tree128913d2d8a5a78feee94ac871c8a0b73ed36936
parenta8c8ed93d2ac9734bfa1b8e9e6faba7312f2e0b3 (diff)
downloadaports-86df50f329bf28baee9a007ed436cec59862ea93.tar.gz
aports-86df50f329bf28baee9a007ed436cec59862ea93.tar.bz2
aports-86df50f329bf28baee9a007ed436cec59862ea93.tar.xz
main/curl: security upgrade to 7.77.0
Contains fixes for the following vulnerabilities in 7.76.1: * CVE-2021-22897 * CVE-2021-22898 * CVE-2021-22901 Also explicitly use OpenSSL as the TLS library, which is necessary following the merge of https://github.com/curl/curl/pull/6897.
-rw-r--r--main/curl/APKBUILD8
1 files changed, 6 insertions, 2 deletions
diff --git a/main/curl/APKBUILD b/main/curl/APKBUILD
index 997242e670..88d698aa5a 100644
--- a/main/curl/APKBUILD
+++ b/main/curl/APKBUILD
@@ -3,7 +3,7 @@
# Contributor: Ɓukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=curl
-pkgver=7.76.1
+pkgver=7.77.0
pkgrel=0
pkgdesc="URL retrival utility and library"
url="https://curl.se/"
@@ -17,6 +17,9 @@ subpackages="$pkgname-dbg $pkgname-static $pkgname-doc $pkgname-dev libcurl"
source="https://curl.se/download/curl-$pkgver.tar.xz"
# secfixes:
+# - CVE-2021-22897
+# - CVE-2021-22898
+# - CVE-2021-22901
# 7.76.0-r0:
# - CVE-2021-22876
# - CVE-2021-22890
@@ -110,6 +113,7 @@ build() {
--enable-ipv6 \
--enable-unix-sockets \
--enable-static \
+ --with-openssl \
--without-libidn \
--without-libidn2 \
--with-nghttp2 \
@@ -141,4 +145,4 @@ static() {
mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib
}
-sha512sums="5fe85d2e776789aa8117c57fe7648e375b7fa92d5ead5d69855f19ca9a2624d77a1f9ab91766ecb72bbc17e82862248cd07e48917884d6fd856b93fb00d83e28 curl-7.76.1.tar.xz"
+sha512sums="aef92a0e3f8ce8491b258a9a1c4dcea3c07c29b139a1f68f08619caa0295cfde76335d2dfb9cdf434525daea7dd05d8acd22f203f5ccc7735bd317964ec1da76 curl-7.77.0.tar.xz"