summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/curl
Commit message (Collapse)AuthorAgeFilesLines
* curl: fix CVESMingli Yu2021-08-144-0/+833
| | | | | | | | | | | | | Backport patches to fix below CVEs: CVE-2021-22901 CVE-2021-22924 CVE-2021-22926 (From OE-Core rev: 8a01fe853c151ba787802b8d5895273c6da8bc78) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: fix CVE-2021-22925Mingli Yu2021-08-142-0/+51
| | | | | | | | | | | | | CVE-2021-22925 Reported-by: Red Hat Product Security Bug: https://curl.se/docs/CVE-2021-22925.html (From OE-Core rev: ee0340c35f811dd1c0926480673a7fec7bbb985b) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Fix CVE-2021-22897Khairul Rohaizzat Jamaluddin2021-07-202-0/+73
| | | | | | | | | | | CVE: CVE-2021-22897 (From OE-Core rev: 718d6ca70b99fa4bef4c88114c1bd511b6df121e) Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Fix CVE-2021-22898Khairul Rohaizzat Jamaluddin2021-07-202-0/+33
| | | | | | | | | | | CVE: CVE-2021-22898 (From OE-Core rev: 4d703dd86c6b27790e1e34d3127652657243d20d) Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: fix build when proxy is not enabled in PACKAGECONFIGAnuj Mittal2021-07-063-0/+73
| | | | | | | | | | | | | | | | | | Backport upstream patches to fix issues introduced by a backported CVE patch. Fixes: | ../../curl-7.75.0/lib/vtls/vtls.c: In function ‘Curl_ssl_addsessionid’: | ../../curl-7.75.0/lib/vtls/vtls.c:508:14: error: ‘isProxy’ redeclared as different kind of symbol | 508 | const bool isProxy = FALSE; | | ^~~~~~~ | ../../curl-7.75.0/lib/vtls/vtls.c:488:37: note: previous definition of ‘isProxy’ with type ‘_Bool’ | 488 | bool isProxy, | | ^ (From OE-Core rev: e900a44e76dc2bb20ff725f24333c1c2b330bf41) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: cleanup CVE patches for hardknottTrevor Gamblin2021-06-262-9/+12
| | | | | | | | | | | | | | | | The patch backported to address CVE-2021-22890 was missing a bracket to properly close out the logic in lib/vtls/wolfssl.c. Fix this so to avoid any surprise failures when using curl with hardknott. Also fix the CVE designation in the patch descriptions for CVEs CVE-2021-22890 and CVE-2021-22876 so that CVE checks run with bitbake correctly detect that they are patched. (From OE-Core rev: 456ba1717fc3ebb9d10cc6a3c916b07f7c4e8a22) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: fix CVE-2021-22876Trevor Gamblin2021-06-032-0/+153
| | | | | | | | | | | | Backport and modify the patch for CVE-2021-22876 from curl 7.76 to make it apply cleanly on 7.75. CVE: CVE-2021-22876 (From OE-Core rev: 7c39b71b78ffc64a456872769b341cfc662e747d) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: fix CVE-2021-22890Trevor Gamblin2021-06-032-0/+518
| | | | | | | | | | | | Backport and modify the patch for CVE-2021-22890 from curl 7.76 to make it apply cleanly on 7.75. CVE: CVE-2021-22890 (From OE-Core rev: b11dc35cce0449623182ecf044c4a49664119b9c) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes-support: Add missing HOMEPAGE and DESCRIPTION for recipesMeh Mbeh Ida Delphine2021-03-021-0/+4
| | | | | | | | | Fixes: [YOCTO #13471] (From OE-Core rev: 6db24928d62aeb093a0e6da6619713eaca57a96f) Signed-off-by: Ida Delphine <idadelm@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.74.0 -> 7.75.0Anuj Mittal2021-02-191-2/+2
| | | | | | | | | License-Update: copyright years changed (From OE-Core rev: c1e278cbcf193fc647557018b8d7ee7997817219) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Update 7.73.0 -> 7.74.0Khairul Rohaizzat Jamaluddin2020-12-241-1/+1
| | | | | | | | | | | | | | | | | | | update to version 7.74.0 curl 7.74.0 hsts: add experimental support for Strict-Transport-Security with various bug fixes Reference: https://curl.se/changes.html#7_74_0 update includes fix for CVE: CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 (From OE-Core rev: 0461baec8bef003a0bfcc9939e4e40654be36f10) Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.72.0 -> 7.73.0Alexander Kanavin2020-11-031-1/+1
| | | | | | | (From OE-Core rev: f9aa9f075674e3908d950c3107be3e6230786f0b) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Change SRC_URI from http to httpsRandy MacLeod2020-09-231-1/+1
| | | | | | | | | | | | The official links on: https://curl.haxx.se/download.html use https now and we're seeing this warning: WARNING: curl-native-7.72.0-r0 do_fetch: Failed to fetch URL http://curl.haxx.se/download/curl-7.72.0.tar.bz2, attempting MIRRORS if available (From OE-Core rev: 0aa24abf6c4d68efa63026d2496b6adc16734d35) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: add vendors to CVE_PRODUCT to exclude false positivesRoss Burton2020-09-081-1/+3
| | | | | | | | | | To avoid false positives (such as CVE-2010-0734, rubygems:curl), expand the CVE_PRODUCT list to include all the vendors that have been used. (From OE-Core rev: bb265122cccea9466405fdd924ad10ce8cda0dec) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Upgrade to 7.72.0Khem Raj2020-08-211-1/+1
| | | | | | | (From OE-Core rev: f3fc6de9de6b6a24649864c598d5ee9abfae4af3) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.71.0 -> 7.71.1Pierre-Jean Texier2020-07-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This release includes the following bugfixes: - cirrus-ci: disable FreeBSD 13 (again) - Curl_inet_ntop: always check the return code - CURLOPT_READFUNCTION.3: provide the upload data size up front - DYNBUF.md: fix a typo: trail => tail - escape: make the URL decode able to reject only %00-bytes - escape: zero length input should return a zero length output - examples/multithread.c: call curl_global_cleanup() - http2: set the correct URL in pushed transfers - http: fix proxy auth with blank password - mbedtls: fix build with disabled proxy support - ngtcp2: sync with current master - openssl: Fix compilation on Windows when ngtcp2 is enabled - Revert "multi: implement wait using winsock events" - sendf: improve the message on client write errors - terminology: call them null-terminated strings - tool_cb_hdr: Fix etag warning output and return code - url: allow user + password to contain "control codes" for HTTP(S) - vtls: compare cert blob when finding a connection to reuse (From OE-Core rev: 4fde94448495a7957bb6ce76c15fda67c73248d3) Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.70.0 -> 7.71.0Pierre-Jean Texier2020-06-251-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | This release includes the following changes: - CURLOPT_SSL_OPTIONS: optional use of Windows' CA store (with openssl) [10] - setopt: add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherency [31] - setopt: support certificate options in memory with struct curl_blob [41] - tool: Add option --retry-all-errors to retry on any error [27] This release includes the following bugfixes: - CVE-2020-8177: curl overwrite local file with -J [111] - CVE-2020-8169: Partial password leak over DNS on HTTP redirect [48] - *_sspi: fix bad uses of CURLE_NOT_BUILT_IN [21] - all: fix codespell errors [75] - altsvc: bump to h3-29 [114] ... See full changelog: https://curl.haxx.se/changes.html#7_71_0 (From OE-Core rev: 63a28e9fc262c8da692d18b38eeb0b85dd597a9b) Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: add debug infoRasmus Villemoes2020-06-171-0/+3
| | | | | | | | | | | | | | | | | | | | | | Currently, curl (and libcurl) is built without debug info, making the curl-dbg package rather useless. Since debug symbols are automatically stripped and put in that package by the build system, making sure that curl is built with -g shouldn't hurt anything, but will help those that try to debug a libcurl-using application and hence explicitly include curl-dbg in their rootfs. Unfortunately, setting --enable-debug then changes the default value of the optimize option from (assume yes) to (assume no), while also changing the default value of the curldebug option [which is a separate thing that actually changes generated code to add some memory tracking] from (assume no) to (assume yes). So explicitly pass the appropriate options that make those two have the same value as they used to have by default. (From OE-Core rev: 278242619eec5f5f143d57e92b109012001f1f91) Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: support mqtt in PACKAGECONFIGPierre-Jean Texier2020-05-031-0/+1
| | | | | | | | | | | | | | | | The version 7.70.0 of curl add experimental support for this protocol. So, add PACKAGECONFIG for mqtt. See [1] for more informations. [1] - https://github.com/curl/curl/blob/master/docs/MQTT.md (From OE-Core rev: aaf4054cb9e2c73d34e6fab12bf140808b2612ac) Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.69.1 -> 7.70.0Pierre-Jean Texier2020-05-031-2/+2
| | | | | | | | | See full changelog https://curl.haxx.se/changes.html#7_70_0 (From OE-Core rev: bbb2d451d6290d8ec312890fd5d3bc5c6d0e7468) Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.69.0 -> 7.69.1Pierre-Jean Texier2020-03-121-2/+2
| | | | | | | | | | | | Contains a number of fixes for issues discovered post-7.69.0. For details, see full changelog: https://curl.haxx.se/changes.html#7_69_1 (From OE-Core rev: d3af3cf801ab5b235bce427bc73d2e6b29083368) Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glew/curl: specify exclusive package configsKai Kang2020-03-121-2/+2
| | | | | | | | | | Specify exclusive package configs for glew and curl to make sure that conflict package configs will NOT set at same time. (From OE-Core rev: 8579673bdb314dbc554f40fc4c4c1db3d0bb0d63) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.68.0 -> 7.69.0Pierre-Jean Texier2020-03-071-2/+2
| | | | | | | | | | | Bugfix release. For details, see full changelog - https://curl.haxx.se/changes.html#7_69_0 (From OE-Core rev: 2d6a9904a838c5e498c0e2a2e34169cd2877a785) Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.67.0 -> 7.68.0Pierre-Jean Texier2020-01-161-3/+3
| | | | | | | | | | | | | | | See full changelog https://curl.haxx.se/changes.html#7_68_0 The hash of the license is updated because the copyright year was updated in COPYING file: -Copyright (c) 1996 - 2019, Daniel Stenberg, <daniel@haxx.se>, and many +Copyright (c) 1996 - 2020, Daniel Stenberg, <daniel@haxx.se>, and many (From OE-Core rev: 887b16b653140b6ce6293863334b1d000ec6a9ed) Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl:upgrade 7.66.0 -> 7.67.0Zang Ruochen2019-11-141-2/+2
| | | | | | | (From OE-Core rev: 3fda2e0dda6823623cb6af2ce28bce9569816e95) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: update to 7.66.0Oleksandr Kravchuk2019-09-161-2/+2
| | | | | | | (From OE-Core rev: dec1616af9c2709c2ad78722cc4075b765de332d) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.65.2 -> 7.65.3Zang Ruochen2019-07-261-2/+2
| | | | | | | (From OE-Core rev: e3043b2c86556d91387dfbdf155e9b5547cc20c4) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.65.1 -> 7.65.2Anuj Mittal2019-07-191-2/+2
| | | | | | | | | | Changelog: https://curl.haxx.se/changes.html#7_65_2 (From OE-Core rev: 54b91da2bd07e8c3a40e61d90af251a1bfbf50f4) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl:upgrade 7.64.1 -> 7.65.1Zang Ruochen2019-06-191-2/+2
| | | | | | | | | -Upgrade from curl_7.64.1.bb to curl_7.65.1.bb. (From OE-Core rev: e3b7cb02a86b5040b3dc1439b142f25f0f8df8a0) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: update to 7.64.1Oleksandr Kravchuk2019-04-121-2/+2
| | | | | | | (From OE-Core rev: 1d3f15fb928981ea094773c921b6829d6df45e45) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.63.0 -> 7.64.0Richard Purdie2019-02-251-3/+3
| | | | | | | | | | | | | The license checksum changed as the copyright years changed. Fixes: - CVE-2018-16890: NTLM type-2 out-of-bounds buffer read - CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow - CVE-2019-3823: SMTP end-of-response out-of-bounds read (From OE-Core rev: 41c3ee4fe87a181786c47da044da700e8f605540) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: update to 7.63Armin Kuster2019-01-031-2/+2
| | | | | | | | | | | | | | | | Changes: curl: add %{stderr} and %{stdout} for --write-out curl: add undocumented option --dump-module-paths for win32 setopt: add CURLOPT_CURLU For full list of changes see: https://curl.haxx.se/changes.html (From OE-Core rev: 2837266edbe097dcd9ff5fcdf29bb56f38bf564d) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Add PACKAGECONFIG to enable NSS supportOtavio Salvador2018-12-131-0/+1
| | | | | | | (From OE-Core rev: 72e542f564691d892d140a69d7fcc6b442897cf8) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: update to 7.62.0Armin Kuster2018-11-205-156/+2
| | | | | | | | | | | Drop all CVE patches now included in update. For details see: https://curl.haxx.se/changes.html (From OE-Core rev: 43a802c2605cd2f6095a7738347338492eafe722) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: actually apply latest CVE patchesRoss Burton2018-11-091-0/+3
| | | | | | | (From OE-Core rev: f0394e80a37f1da47042a1aa0487594f390603f9) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: fix for CVE-2018-16839/CVE-2018-16840/CVE-2018-16842Changqing Li2018-11-073-0/+113
| | | | | | | (From OE-Core rev: 0f0db9fc8512a0ecd0cdba3304a195cd925a5029) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: extend CVE_PRODUCTGrygorii Tertychnyi2018-10-291-1/+1
| | | | | | | | | | | | | There are both "curl" and "libcurl" CPEs in NVD. All "curl" CVEs are now missed in the reports. Hence, switch "CVE_PRODUCT" to a space separated list of the items. (From OE-Core rev: 69ff709c2450c42139fd9705e3a74464221ad754) Signed-off-by: Grygorii Tertychnyi <gtertych@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Include the complete license informationPeter Kjellerstedt2018-10-091-1/+1
| | | | | | | | | | | | | For some reason, the copyright part was left out of the license information included in LIC_FILES_CHKSUM, preventing it from being used in, e.g., documentation to satisfy the requirements of the license. License-Update: Include the complete license information (From OE-Core rev: 390becd2dcf4fe791ec3715a74e34a46bd457e7a) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: CVE-2018-14618Zhixiong Chi2018-09-202-0/+38
| | | | | | | | | | | | | Backport the CVE patch from the upstream https://github.com/curl/curl/commit/57d299a499155d4b327e341c6024e293b0418243.patch https://curl.haxx.se/docs/CVE-2018-14618.html https://nvd.nist.gov/vuln/detail/CVE-2018-14618 (From OE-Core rev: b76903b4b7bfec71be0a8a14e2cab4e2ec852222) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: support multilib installation of curl-configChangqing Li2018-08-141-0/+3
| | | | | | | (From OE-Core rev: b3fe71af20997921360b6ac7d100b5baf9708d53) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: enable libidnRoss Burton2018-07-301-1/+1
| | | | | | | | | Now that oe-core has libidn2 we can enable it by default in target curl builds. (From OE-Core rev: aae20d0277feb768ca290492ccfad30962bb8706) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: disable C source code generatorAndre McCurdy2018-07-261-0/+1
| | | | | | | | | | | | | | | | | | The --libcurl command line option causes curl to generate C source code which, when compiled and linked with libcurl, creates a binary which behaves in the same way as curl when run with the other options passed on the curl command line. https://curl.haxx.se/docs/manpage.html#--libcurl It's a development tool and not generally useful on the target, especially if the target doesn't contain a toolchain etc. (From OE-Core rev: a1cda48761f70b5989bb8b9c91d71c0b3a03466e) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: add PACKAGECONFIG options for brotli, built-in manpages, etcAndre McCurdy2018-07-181-3/+7
| | | | | | | | | | | | | | | | | | | - Add PACKAGECONFIG option for brotli (disable by default) - Add PACKAGECONFIG option for built-in manpages (disabled by default). Embedding a copy of the manpages within the curl binary adds approx 60k of gzipped data and duplicates the contents of the curl-doc package. - Add PACKAGECONFIG option for verbose error messages (enabled by default) - Disable legacy NTLM http authentication via delegation to the external winbind ntlm_auth helper (which isn't going to work without a runtime dependency on samba). (From OE-Core rev: 0bf3637a07228576d78cf4c71de92781ec143d7f) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: update 7.60.0 -> 7.61.0Andre McCurdy2018-07-181-2/+2
| | | | | | | | | | https://curl.haxx.se/changes.html#7_61_0 (From OE-Core rev: b26ca91574a88745910d44777bb17ac0616baf3e) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: support mbedtls in PACKAGECONFIGBinghua Guan2018-07-061-0/+1
| | | | | | | | (From OE-Core rev: 65b86e87a693fc7a76e163734cd2da56494302c8) Signed-off-by: Binghua Guan <freebendy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: update 7.59.0 -> 7.60.0Andre McCurdy2018-05-293-32/+13
| | | | | | | | | | | | | | | | https://curl.haxx.se/changes.html#7_60_0 Also refresh 0001-replace-krb5-config-with-pkg-config.patch and drop configure_ac.patch, which we've apparently been dragging along unnecessarily for the past 5 years: https://github.com/curl/curl/commit/c277bd6ce7069819484eb3dc30b5858735fde377 (From OE-Core rev: 4063c1e4b233b28ae14420a83960fd93b437a4a4) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: update to 7.59.0Armin Kuster2018-05-041-2/+2
| | | | | | | (From OE-Core rev: 4c1ed0a1a265add8d856a6d2c6f04562b975c180) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: DEPENDS on libidn2 (not libidn)André Draszik2018-04-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since v7.51.0, libidn2 is the only available option, libidn support was dropped. The configure option was renamed as of v7.53.0 Therefore, curl unconditionally tries to build against libidn2, which in particular is a problem for curl-native, as that might or might not build against the build-machine's libidn2 now, which furthermore causes problems when trying to share sstate between multiple build machines. We therefore see the following in the config log: ... checking whether to build with libidn2... (assumed) yes ... checking for libidn2 options with pkg-config... no configure: IDN_LIBS: "-lidn2" configure: IDN_LDFLAGS: "" configure: IDN_CPPFLAGS: "" configure: IDN_DIR: "" checking if idn2_lookup_ul can be linked... yes checking idn2.h usability... yes checking idn2.h presence... yes checking for idn2.h... yes ... IDN support: enabled (libidn2) ... even though this recipe tries to disable that. While libidn2 isn't available in OE, this change at least: * prevents curl-native to silently build against libidn2 if that is installed on build machine, even if not requested * alerts people who use the PACKAGECONFIG option that it's not actually doing what they intend to do (From OE-Core rev: 705eaea991622bdbb2ee83eefa8df8e665e3efe4) Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade to 7.58.0Oleksandr Kravchuk2018-02-241-2/+2
| | | | | | | | (From OE-Core rev: 9763c9d649a22f9024d832eb625bee35b583e717) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: 7.54.1 -> 7.57.0Huang Qiyu2018-01-266-373/+2
| | | | | | | | | | | | 1.Upgrade curl from 7.54.1 to 7.57.0. 2.Delete CVE-2017-1000099.patch, CVE-2017-1000100.patch, CVE-2017-1000101.patch, CVE-2017-1000254.patch, reproducible-mkhelp.patch, since it is integrated upstream. 3.Remove "do_install_append()" from curl_7.57.0.bb, since curl/curlbuild.h has been removed. (From OE-Core rev: 215d5677004537fc190b5381157ac8b94db6d7e8) Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-26 12:23:09 +0000