diff options
Diffstat (limited to 'main/curl/APKBUILD')
| -rw-r--r-- | main/curl/APKBUILD | 176 |
1 files changed, 142 insertions, 34 deletions
diff --git a/main/curl/APKBUILD b/main/curl/APKBUILD index 32108def905..b434ea1ec7e 100644 --- a/main/curl/APKBUILD +++ b/main/curl/APKBUILD @@ -2,21 +2,121 @@ # Contributor: Valery Kartel <valery.kartel@gmail.com> # Contributor: Ćukasz Jendrysik <scadu@yandex.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> + +# RESTRICTED: Do NOT enable the rustls or hyper backends, as they depend on Rust +# and Rust is not yet available on all architectures. Any commit which changes +# this aport from arch=all WILL be reverted. + pkgname=curl -pkgver=7.66.0 +pkgver=8.7.1 pkgrel=0 pkgdesc="URL retrival utility and library" -url="https://curl.haxx.se/" +url="https://curl.se/" arch="all" -license="MIT" +license="curl" depends="ca-certificates" -depends_dev="openssl-dev nghttp2-dev zlib-dev" -checkdepends="python3" -makedepends="$depends_dev autoconf automake groff libtool perl" +depends_dev=" + brotli-dev + c-ares-dev + libidn2-dev + libpsl-dev + nghttp2-dev + openssl-dev>3 + zlib-dev + zstd-dev + " +checkdepends="nghttp2 python3" +makedepends_host="$depends_dev" +makedepends_build="groff perl" subpackages="$pkgname-dbg $pkgname-static $pkgname-doc $pkgname-dev libcurl" -source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz" +[ -z "$BOOTSTRAP" ] && subpackages="$subpackages $pkgname-zsh-completion $pkgname-fish-completion" +source="https://curl.se/download/curl-$pkgver.tar.xz" +options="net" # Required for running tests +[ -n "$BOOTSTRAP" ] && options="$options !check" # remove python3 dependency # secfixes: +# 8.7.1-r0: +# - CVE-2024-2004 +# - CVE-2024-2379 +# - CVE-2024-2398 +# - CVE-2024-2466 +# 8.6.0-r0: +# - CVE-2024-0853 +# 8.5.0-r0: +# - CVE-2023-46218 +# - CVE-2023-46219 +# 8.4.0-r0: +# - CVE-2023-38545 +# - CVE-2023-38546 +# 8.3.0-r0: +# - CVE-2023-38039 +# 8.1.0-r0: +# - CVE-2023-28319 +# - CVE-2023-28320 +# - CVE-2023-28321 +# - CVE-2023-28322 +# 8.0.0-r0: +# - CVE-2023-27533 +# - CVE-2023-27534 +# - CVE-2023-27535 +# - CVE-2023-27536 +# - CVE-2023-27537 +# - CVE-2023-27538 +# 7.88.0-r0: +# - CVE-2023-23914 +# - CVE-2023-23915 +# - CVE-2023-23916 +# 7.87.0-r0: +# - CVE-2022-43551 +# - CVE-2022-43552 +# 7.86.0-r0: +# - CVE-2022-32221 +# - CVE-2022-35260 +# - CVE-2022-42915 +# - CVE-2022-42916 +# 7.85.0-r0: +# - CVE-2022-35252 +# 7.84.0-r0: +# - CVE-2022-32205 +# - CVE-2022-32206 +# - CVE-2022-32207 +# - CVE-2022-32208 +# 7.83.1-r0: +# - CVE-2022-27778 +# - CVE-2022-27779 +# - CVE-2022-27780 +# - CVE-2022-27781 +# - CVE-2022-27782 +# - CVE-2022-30115 +# 7.83.0-r0: +# - CVE-2022-22576 +# - CVE-2022-27774 +# - CVE-2022-27775 +# - CVE-2022-27776 +# 7.79.0-r0: +# - CVE-2021-22945 +# - CVE-2021-22946 +# - CVE-2021-22947 +# 7.78.0-r0: +# - CVE-2021-22922 +# - CVE-2021-22923 +# - CVE-2021-22924 +# - CVE-2021-22925 +# 7.77.0-r0: +# - CVE-2021-22898 +# - CVE-2021-22901 +# 7.76.0-r0: +# - CVE-2021-22876 +# - CVE-2021-22890 +# 7.74.0-r0: +# - CVE-2020-8284 +# - CVE-2020-8285 +# - CVE-2020-8286 +# 7.72.0-r0: +# - CVE-2020-8231 +# 7.71.0-r0: +# - CVE-2020-8169 +# - CVE-2020-8177 # 7.66.0-r0: # - CVE-2019-5481 # - CVE-2019-5482 @@ -56,11 +156,11 @@ source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz" # - CVE-2017-7468 # 7.53.1-r2: # - CVE-2017-7407 -# 7.53.0: +# 7.53.0-r0: # - CVE-2017-2629 -# 7.52.1: +# 7.52.1-r0: # - CVE-2016-9594 -# 7.51.0: +# 7.51.0-r0: # - CVE-2016-8615 # - CVE-2016-8616 # - CVE-2016-8617 @@ -72,62 +172,70 @@ source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz" # - CVE-2016-8623 # - CVE-2016-8624 # - CVE-2016-8625 -# 7.50.3: +# 7.50.3-r0: # - CVE-2016-7167 -# 7.50.2: +# 7.50.2-r0: # - CVE-2016-7141 -# 7.50.1: +# 7.50.1-r0: # - CVE-2016-5419 # - CVE-2016-5420 # - CVE-2016-5421 -# 7.36.0: +# 7.36.0-r0: # - CVE-2014-0138 # - CVE-2014-0139 - -prepare() { - default_prepare - autoreconf -vfi -} +# 0: +# - CVE-2021-22897 build() { ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ + --enable-ares \ --enable-ipv6 \ --enable-unix-sockets \ --enable-static \ - --without-libidn \ - --without-libidn2 \ + --with-libidn2 \ --with-nghttp2 \ + --with-openssl \ + --with-zsh-functions-dir \ + --with-fish-functions-dir \ --disable-ldap \ --with-pic \ + --enable-websockets \ --without-libssh2 # https://bugs.alpinelinux.org/issues/10222 make + + # generation of completions is not supported when cross-compiling. + if [ -z "$BOOTSTRAP" ]; then + make -C scripts/ + fi } check() { - cd "$builddir" - make -C tests nonflaky-test + make -C tests + make -j1 -C tests TFLAGS="-j$JOBS" nonflaky-test } package() { - cd "$builddir" + # depends on exactly the same build of libcurl + depends="libcurl=$pkgver-r$pkgrel" + make install DESTDIR="$pkgdir" + if [ -z "$BOOTSTRAP" ]; then + install -Dm644 scripts/_curl -t \ + "$pkgdir"/usr/share/zsh/site-functions/ + install -Dm644 scripts/curl.fish -t \ + "$pkgdir"/usr/share/fish/vendor_completions.d/ + fi } libcurl() { pkgdesc="The multiprotocol file transfer library" - mkdir -p "$subpkgdir"/usr - mv "$pkgdir"/usr/lib "$subpkgdir"/usr -} - -static() { - pkgdesc="$pkgdesc (static library)" - - mkdir -p "$subpkgdir"/usr/lib - mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib + amove usr/lib } -sha512sums="81170e7e4fa9d99ee2038d96d7f2ab10dcf52435331c818c7565c1a733891720f845a08029915e52ba532c6a344c346e1678474624aac1cc333aea6d1eacde35 curl-7.66.0.tar.xz" +sha512sums=" +5bbde9d5648e9226f5490fa951690aaf159149345f3a315df2ba58b2468f3e59ca32e8a49734338afc861803a4f81caac6d642a4699b72c6310ebfb1f618aad2 curl-8.7.1.tar.xz +" |