aboutsummaryrefslogtreecommitdiffstats
path: root/main/curl/APKBUILD
blob: 8eca07c6a4ee71dd7203c46cfb2cb3130a26ee4b (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Contributor: Ɓukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=curl
pkgver=7.69.1
pkgrel=1
pkgdesc="URL retrival utility and library"
url="https://curl.haxx.se/"
arch="all"
license="MIT"
depends="ca-certificates"
depends_dev="openssl-dev nghttp2-dev zlib-dev"
checkdepends="python3"
makedepends="$depends_dev autoconf automake groff libtool perl"
subpackages="$pkgname-dbg $pkgname-static $pkgname-doc $pkgname-dev libcurl"
source="https://curl.haxx.se/download/curl-$pkgver.tar.xz
	CVE-2020-8169.patch
	CVE-2020-8177.patch
	"

# secfixes:
#   7.69.1-r1:
#     - CVE-2020-8169
#     - CVE-2020-8177
#   7.66.0-r0:
#     - CVE-2019-5481
#     - CVE-2019-5482
#   7.65.0-r0:
#     - CVE-2019-5435
#     - CVE-2019-5436
#   7.64.0-r0:
#     - CVE-2018-16890
#     - CVE-2019-3822
#     - CVE-2019-3823
#   7.62.0-r0:
#     - CVE-2018-16839
#     - CVE-2018-16840
#     - CVE-2018-16842
#   7.61.1-r0:
#     - CVE-2018-14618
#   7.61.0-r0:
#     - CVE-2018-0500
#   7.60.0-r0:
#     - CVE-2018-1000300
#     - CVE-2018-1000301
#   7.59.0-r0:
#     - CVE-2018-1000120
#     - CVE-2018-1000121
#     - CVE-2018-1000122
#   7.57.0-r0:
#     - CVE-2017-8816
#     - CVE-2017-8817
#     - CVE-2017-8818
#   7.56.1-r0:
#     - CVE-2017-1000257
#   7.55.0-r0:
#     - CVE-2017-1000099
#     - CVE-2017-1000100
#     - CVE-2017-1000101
#   7.54.0-r0:
#     - CVE-2017-7468
#   7.53.1-r2:
#     - CVE-2017-7407
#   7.53.0-r0:
#     - CVE-2017-2629
#   7.52.1-r0:
#     - CVE-2016-9594
#   7.51.0-r0:
#     - CVE-2016-8615
#     - CVE-2016-8616
#     - CVE-2016-8617
#     - CVE-2016-8618
#     - CVE-2016-8619
#     - CVE-2016-8620
#     - CVE-2016-8621
#     - CVE-2016-8622
#     - CVE-2016-8623
#     - CVE-2016-8624
#     - CVE-2016-8625
#   7.50.3-r0:
#     - CVE-2016-7167
#   7.50.2-r0:
#     - CVE-2016-7141
#   7.50.1-r0:
#     - CVE-2016-5419
#     - CVE-2016-5420
#     - CVE-2016-5421
#   7.36.0-r0:
#     - CVE-2014-0138
#     - CVE-2014-0139

prepare() {
	default_prepare
	autoreconf -vfi
}

build() {
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--enable-ipv6 \
		--enable-unix-sockets \
		--enable-static \
		--without-libidn \
		--without-libidn2 \
		--with-nghttp2 \
		--disable-ldap \
		--with-pic \
		--without-libssh2 # https://bugs.alpinelinux.org/issues/10222
	make
}

check() {
	make -C tests nonflaky-test
}

package() {
	make install DESTDIR="$pkgdir"
}

libcurl() {
	pkgdesc="The multiprotocol file transfer library"

	mkdir -p "$subpkgdir"/usr
	mv "$pkgdir"/usr/lib "$subpkgdir"/usr
}

static() {
	pkgdesc="$pkgdesc (static library)"

	mkdir -p "$subpkgdir"/usr/lib
	mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib
}

sha512sums="dcb917ce9a6f34b30adae10e2e635d7a8c67781d69789cc5617ab2b49e898394ecfeee546453b14ab168d4b3b52baf974b2ec07e7a4b199addbc1ba57274d8fa  curl-7.69.1.tar.xz
4950975d59bdf8398dd5f4b8338e5f76ae3752247be9054a28753351bcddb46f71a8bd601dba31da1b6b3fbbfbe6192f33a6500144d89f2cfdfb47161e3addba  CVE-2020-8169.patch
7b69b82eee160561b27c273e143bae0592273697d73971c85df9fb51dd37de5f06a2884b770cf016563f1e5364c46dd42139423e67fef16a822bbb95fb607698  CVE-2020-8177.patch"