summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPeter Marko <peter.marko@siemens.com>2024-12-11 19:09:52 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2024-12-13 12:26:01 +0000
commitd74dd7843428d6c39bb0ef7bc63d3c381705535f (patch)
tree560546470719d819ee9c12f089a8543c3c160973
parent13dbaba5692e8d9c444cddedfa236d8ef495f57b (diff)
downloadpoky-d74dd7843428d6c39bb0ef7bc63d3c381705535f.tar.gz
curl: upgrade 8.10.1 -> 8.11.0
Solves CVE-2024-9681 * refresh patch * add patch for buildpaths issue * add new options for ipfs and websockets, keep them configure as they were previously configures * drop notexists.pl from ptest install as it was removed and code was integrated into the test framework in [1] * add ptest dependency on perl-module-i18n-langinfo due to [2] [1] https://github.com/curl/curl/commit/56183c1d6f7f4d0c18d9065cf870c4cd3fc329eb [2] https://github.com/curl/curl/commit/0b70b23ef4d007031bc2ae4fc63d5ed9136bc2b5 (From OE-Core rev: 86dd3aca63248e1982c2d8c9dc68ae34a358cf8b) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat
-rw-r--r--meta/recipes-support/curl/curl/0001-libcurl.pc.in-drop-LDFLAGS-from-Libs.private.patch39
-rw-r--r--meta/recipes-support/curl/curl/no-test-timeout.patch2
-rw-r--r--meta/recipes-support/curl/curl_8.11.0.bb (renamed from meta/recipes-support/curl/curl_8.10.1.bb)9
3 files changed, 46 insertions, 4 deletions
diff --git a/meta/recipes-support/curl/curl/0001-libcurl.pc.in-drop-LDFLAGS-from-Libs.private.patch b/meta/recipes-support/curl/curl/0001-libcurl.pc.in-drop-LDFLAGS-from-Libs.private.patch
new file mode 100644
index 0000000000..79fc0b316e
--- /dev/null
+++ b/meta/recipes-support/curl/curl/0001-libcurl.pc.in-drop-LDFLAGS-from-Libs.private.patch
@@ -0,0 +1,39 @@
1From cfd5d794fdfcc12e386fdbb14161babf54d2a5ee Mon Sep 17 00:00:00 2001
2From: Peter Marko <peter.marko@siemens.com>
3Date: Sat, 9 Nov 2024 22:26:58 +0100
4Subject: [PATCH] libcurl.pc.in: drop LDFLAGS from Libs.private
5
6Stop passing linker flags to pkg-config.
7
8This was added in v8.11.0 with commit [1].
9There are several problems with this, especially:
10* user may want to link curl and application with different flags
11* user usually adds the same or similar flags in all components, so this
12 will double the flags when linking application
13* when building components in temporary directories, these directories
14 are preserved in pkg-config linker flags and are invalid when building
15 application
16
17[1] https://github.com/curl/curl/commit/9f56bb608ecfbb8978c6cb72a04d9e8b23162d82
18
19Upstream-Status: Submitted [https://github.com/curl/curl/pull/15533]
20Signed-off-by: Peter Marko <peter.marko@siemens.com>
21---
22 libcurl.pc.in | 2 +-
23 1 file changed, 1 insertion(+), 1 deletion(-)
24
25diff --git a/libcurl.pc.in b/libcurl.pc.in
26index 4c60a7ec7..7898dae35 100644
27--- a/libcurl.pc.in
28+++ b/libcurl.pc.in
29@@ -36,6 +36,6 @@ Version: @CURLVERSION@
30 Requires: @LIBCURL_PC_REQUIRES@
31 Requires.private: @LIBCURL_PC_REQUIRES_PRIVATE@
32 Libs: -L${libdir} -lcurl @LIBCURL_PC_LIBS@
33-Libs.private: @LDFLAGS@ @LIBCURL_PC_LIBS_PRIVATE@
34+Libs.private: @LIBCURL_PC_LIBS_PRIVATE@
35 Cflags: -I${includedir} @LIBCURL_PC_CFLAGS@
36 Cflags.private: @LIBCURL_PC_CFLAGS_PRIVATE@
37--
382.30.2
39
diff --git a/meta/recipes-support/curl/curl/no-test-timeout.patch b/meta/recipes-support/curl/curl/no-test-timeout.patch
index 7122b6f043..fe8efbe612 100644
--- a/meta/recipes-support/curl/curl/no-test-timeout.patch
+++ b/meta/recipes-support/curl/curl/no-test-timeout.patch
@@ -14,7 +14,7 @@ diff --git a/tests/servers.pm b/tests/servers.pm
14index d4472d5..9999938 100644 14index d4472d5..9999938 100644
15--- a/tests/servers.pm 15--- a/tests/servers.pm
16+++ b/tests/servers.pm 16+++ b/tests/servers.pm
17@@ -120,7 +120,7 @@ my $sshdverstr; # for socks server, ssh daemon version string 17@@ -122,7 +122,7 @@ my $sshdverstr; # for socks server, ssh daemon version string
18 my $sshderror; # for socks server, ssh daemon version error 18 my $sshderror; # for socks server, ssh daemon version error
19 my %doesntrun; # servers that don't work, identified by pidfile 19 my %doesntrun; # servers that don't work, identified by pidfile
20 my %PORT = (nolisten => 47); # port we use for a local non-listening service 20 my %PORT = (nolisten => 47); # port we use for a local non-listening service
diff --git a/meta/recipes-support/curl/curl_8.10.1.bb b/meta/recipes-support/curl/curl_8.11.0.bb
index 0252d4475e..a512aa443c 100644
--- a/meta/recipes-support/curl/curl_8.10.1.bb
+++ b/meta/recipes-support/curl/curl_8.11.0.bb
@@ -14,8 +14,9 @@ SRC_URI = " \
14 file://run-ptest \ 14 file://run-ptest \
15 file://disable-tests \ 15 file://disable-tests \
16 file://no-test-timeout.patch \ 16 file://no-test-timeout.patch \
17 file://0001-libcurl.pc.in-drop-LDFLAGS-from-Libs.private.patch \
17" 18"
18SRC_URI[sha256sum] = "73a4b0e99596a09fa5924a4fb7e4b995a85fda0d18a2c02ab9cf134bebce04ee" 19SRC_URI[sha256sum] = "db59cf0d671ca6e7f5c2c5ec177084a33a79e04c97e71cf183a5cdea235054eb"
19 20
20# Curl has used many names over the years... 21# Curl has used many names over the years...
21CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl" 22CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl"
@@ -23,7 +24,7 @@ CVE_STATUS[CVE-2024-32928] = "ignored: CURLOPT_SSL_VERIFYPEER was disabled on go
23 24
24inherit autotools pkgconfig binconfig multilib_header ptest 25inherit autotools pkgconfig binconfig multilib_header ptest
25 26
26COMMON_PACKAGECONFIG = "basic-auth bearer-auth digest-auth negotiate-auth openssl proxy threaded-resolver verbose zlib" 27COMMON_PACKAGECONFIG = "basic-auth bearer-auth digest-auth ipfs negotiate-auth openssl proxy threaded-resolver verbose zlib"
27PACKAGECONFIG ??= "${COMMON_PACKAGECONFIG} ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} aws libidn" 28PACKAGECONFIG ??= "${COMMON_PACKAGECONFIG} ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} aws libidn"
28PACKAGECONFIG:class-native = "${COMMON_PACKAGECONFIG} ipv6" 29PACKAGECONFIG:class-native = "${COMMON_PACKAGECONFIG} ipv6"
29PACKAGECONFIG:class-nativesdk = "${COMMON_PACKAGECONFIG} ipv6" 30PACKAGECONFIG:class-nativesdk = "${COMMON_PACKAGECONFIG} ipv6"
@@ -43,6 +44,7 @@ PACKAGECONFIG[gnutls] = "--with-gnutls,--without-gnutls,gnutls"
43PACKAGECONFIG[gopher] = "--enable-gopher,--disable-gopher," 44PACKAGECONFIG[gopher] = "--enable-gopher,--disable-gopher,"
44PACKAGECONFIG[imap] = "--enable-imap,--disable-imap," 45PACKAGECONFIG[imap] = "--enable-imap,--disable-imap,"
45PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," 46PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
47PACKAGECONFIG[ipfs] = "--enable-ipfs,--disable-ipfs,"
46PACKAGECONFIG[kerberos-auth] = "--enable-kerberos-auth,--disable-kerberos-auth" 48PACKAGECONFIG[kerberos-auth] = "--enable-kerberos-auth,--disable-kerberos-auth"
47PACKAGECONFIG[krb5] = "--with-gssapi,--without-gssapi,krb5" 49PACKAGECONFIG[krb5] = "--with-gssapi,--without-gssapi,krb5"
48PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,openldap" 50PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,openldap"
@@ -65,6 +67,7 @@ PACKAGECONFIG[telnet] = "--enable-telnet,--disable-telnet,"
65PACKAGECONFIG[tftp] = "--enable-tftp,--disable-tftp," 67PACKAGECONFIG[tftp] = "--enable-tftp,--disable-tftp,"
66PACKAGECONFIG[threaded-resolver] = "--enable-threaded-resolver,--disable-threaded-resolver,,,,ares" 68PACKAGECONFIG[threaded-resolver] = "--enable-threaded-resolver,--disable-threaded-resolver,,,,ares"
67PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose" 69PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose"
70PACKAGECONFIG[websockets] = "--enable-websockets,--disable-websockets"
68PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib" 71PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib"
69PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd" 72PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd"
70 73
@@ -106,7 +109,6 @@ do_install_ptest() {
106 for name in $(makefile-getvar ${B}/tests/libtest/Makefile noinst_PROGRAMS noinst_LTLIBRARIES); do 109 for name in $(makefile-getvar ${B}/tests/libtest/Makefile noinst_PROGRAMS noinst_LTLIBRARIES); do
107 ${B}/libtool --mode=install install ${B}/tests/libtest/$name ${D}${PTEST_PATH}/tests/libtest 110 ${B}/libtool --mode=install install ${B}/tests/libtest/$name ${D}${PTEST_PATH}/tests/libtest
108 done 111 done
109 cp ${S}/tests/libtest/notexists.pl ${D}${PTEST_PATH}/tests/libtest
110 rm -f ${D}${PTEST_PATH}/tests/libtest/libhostname.la 112 rm -f ${D}${PTEST_PATH}/tests/libtest/libhostname.la
111 113
112 install -d ${D}${PTEST_PATH}/tests/server 114 install -d ${D}${PTEST_PATH}/tests/server
@@ -131,6 +133,7 @@ RDEPENDS:${PN}-ptest += " \
131 perl-module-file-basename \ 133 perl-module-file-basename \
132 perl-module-file-spec \ 134 perl-module-file-spec \
133 perl-module-file-temp \ 135 perl-module-file-temp \
136 perl-module-i18n-langinfo \
134 perl-module-io-socket \ 137 perl-module-io-socket \
135 perl-module-ipc-open2 \ 138 perl-module-ipc-open2 \
136 perl-module-list-util \ 139 perl-module-list-util \
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-06-14 10:42:48 +0000