aboutsummaryrefslogtreecommitdiffstats
path: root/main/curl/APKBUILD
blob: 28c58b595196f1f34fbf79954e9608e9fd790ade (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=curl
pkgver=7.67.0
pkgrel=4
pkgdesc="URL retrival utility and library"
url="https://curl.haxx.se/"
arch="all"
license="MIT"
depends="ca-certificates"
depends_dev="openssl-dev nghttp2-dev zlib-dev"
checkdepends="python3"
makedepends="$depends_dev autoconf automake groff libtool perl"
subpackages="$pkgname-dbg $pkgname-static $pkgname-doc $pkgname-dev libcurl"
source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz
	CVE-2020-8169.patch
	CVE-2020-8177.patch
	CVE-2020-8231.patch
	CVE-2020-8285.patch
	CVE-2020-8286.patch
	CVE-2021-22898.patch
	"

# secfixes:
#   7.67.0-r4:
#     - CVE-2021-22898
#   7.67.0-r3:
#     - CVE-2020-8285
#     - CVE-2020-8286
#   7.67.0-r2:
#     - CVE-2020-8231
#   7.67.0-r1:
#     - CVE-2020-8169
#     - CVE-2020-8177
#   7.66.0-r0:
#     - CVE-2019-5481
#     - CVE-2019-5482
#   7.65.0-r0:
#     - CVE-2019-5435
#     - CVE-2019-5436
#   7.64.0-r0:
#     - CVE-2018-16890
#     - CVE-2019-3822
#     - CVE-2019-3823
#   7.62.0-r0:
#     - CVE-2018-16839
#     - CVE-2018-16840
#     - CVE-2018-16842
#   7.61.1-r0:
#     - CVE-2018-14618
#   7.61.0-r0:
#     - CVE-2018-0500
#   7.60.0-r0:
#     - CVE-2018-1000300
#     - CVE-2018-1000301
#   7.59.0-r0:
#     - CVE-2018-1000120
#     - CVE-2018-1000121
#     - CVE-2018-1000122
#   7.57.0-r0:
#     - CVE-2017-8816
#     - CVE-2017-8817
#     - CVE-2017-8818
#   7.56.1-r0:
#     - CVE-2017-1000257
#   7.55.0-r0:
#     - CVE-2017-1000099
#     - CVE-2017-1000100
#     - CVE-2017-1000101
#   7.54.0-r0:
#     - CVE-2017-7468
#   7.53.1-r2:
#     - CVE-2017-7407
#   7.53.0:
#     - CVE-2017-2629
#   7.52.1:
#     - CVE-2016-9594
#   7.51.0:
#     - CVE-2016-8615
#     - CVE-2016-8616
#     - CVE-2016-8617
#     - CVE-2016-8618
#     - CVE-2016-8619
#     - CVE-2016-8620
#     - CVE-2016-8621
#     - CVE-2016-8622
#     - CVE-2016-8623
#     - CVE-2016-8624
#     - CVE-2016-8625
#   7.50.3:
#     - CVE-2016-7167
#   7.50.2:
#     - CVE-2016-7141
#   7.50.1:
#     - CVE-2016-5419
#     - CVE-2016-5420
#     - CVE-2016-5421
#   7.36.0:
#     - CVE-2014-0138
#     - CVE-2014-0139
#   0:
#     - CVE-2021-22897

prepare() {
	default_prepare
	autoreconf -vfi
}

build() {
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--enable-ipv6 \
		--enable-unix-sockets \
		--enable-static \
		--without-libidn \
		--without-libidn2 \
		--with-nghttp2 \
		--disable-ldap \
		--with-pic \
		--without-libssh2 # https://bugs.alpinelinux.org/issues/10222
	make
}

check() {
	cd "$builddir"
	make -C tests nonflaky-test
}

package() {
	cd "$builddir"
	make install DESTDIR="$pkgdir"
}

libcurl() {
	pkgdesc="The multiprotocol file transfer library"

	mkdir -p "$subpkgdir"/usr
	mv "$pkgdir"/usr/lib "$subpkgdir"/usr
}

static() {
	pkgdesc="$pkgdesc (static library)"

	mkdir -p "$subpkgdir"/usr/lib
	mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib
}

sha512sums="1d5a344be92dd61b1ba5189eff0fe337e492f2e850794943570fe71c985d0af60bd412082be646e07aaa8639908593e1ce4bb2d07db35394ec377e8ce8b9ae29  curl-7.67.0.tar.xz
4950975d59bdf8398dd5f4b8338e5f76ae3752247be9054a28753351bcddb46f71a8bd601dba31da1b6b3fbbfbe6192f33a6500144d89f2cfdfb47161e3addba  CVE-2020-8169.patch
d43f92378c11824e73204b55a8e0952294e5cb17c89503e6fcd4932f812dda244a66c81e20606b4ececed7198bda37e0ca511631bf2ba91e2e9f336290ba5d4b  CVE-2020-8177.patch
d5f4421e5ac6f89220d00fb156c803edbb64679e9064ca8328269eea3582ee7780f77522b5069a1288cc09e968567175c94139249cc337906243c95d0bc3e684  CVE-2020-8231.patch
2765302f147ad29b7187d334edfb66076ab81088583dd681ba37aed96eee6a5108ca8281fe185e60494d4aeda003216319d15e05a341f5796698452816fe0f97  CVE-2020-8285.patch
6c42a589a8bc7b588dcd2c3e656a221000608841b6347c66e640ba818f6ff73fcfaf1ae1948dcbd446689559f54476b0ca5e340fb00f44da1defb7c2573d4a8c  CVE-2020-8286.patch
c52275bc8ce1463b5a05c5387144b743462a2f551853134254317023ad39445eb53119d88bfb58d17aaa6e5f86985c2f2b540980337eaca1f385ac15818546e6  CVE-2021-22898.patch"