summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2016-05-18 08:26:40 -0400
committerAnthony G. Basile <blueness@gentoo.org>2016-05-18 08:27:09 -0400
commit80c4532dd61fbe55ed7496ef00efa3e439da7309 (patch)
tree0f52da1eeaf2c466ca976f797b167f77ac309db0
parentnet-misc/curl: bump for CVE-2016-3739, bug #583394 (diff)
downloadgentoo-80c4532dd61fbe55ed7496ef00efa3e439da7309.tar.gz
gentoo-80c4532dd61fbe55ed7496ef00efa3e439da7309.tar.bz2
gentoo-80c4532dd61fbe55ed7496ef00efa3e439da7309.zip
net-misc/curl: remove older unstable version for CVE-2016-3739
Package-Manager: portage-2.2.26
-rw-r--r--net-misc/curl/Manifest1
-rw-r--r--net-misc/curl/curl-7.48.0.ebuild238
-rw-r--r--net-misc/curl/files/curl-7.48.0-libressl.patch27
3 files changed, 0 insertions, 266 deletions
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
index 08095859e126..5e2aac6f3a6e 100644
--- a/net-misc/curl/Manifest
+++ b/net-misc/curl/Manifest
@@ -1,4 +1,3 @@
DIST curl-7.45.0.tar.bz2 3473632 SHA256 65154e66b9f8a442b57c436904639507b4ac37ec13d6f8a48248f1b4012b98ea SHA512 71c557c69eb8d160f74a9b76ef83a46ce33ef4e8a66a261699329583dadf10205b4ba4783f92d4e6c8724f6610ffade5b0a9f189b0a7b9169ff839dfc8980481 WHIRLPOOL afc1627cebb64c9111f943fe63d95c8a998934fd02e3b8d12f061d23b174b7475c48451ecc1713ce54771455a6465238aa3b818b0eb9ba5c86ffd06eb1f2bc76
DIST curl-7.47.1.tar.bz2 3506256 SHA256 ddc643ab9382e24bbe4747d43df189a0a6ce38fcb33df041b9cb0b3cd47ae98f SHA512 e99d94dfdd349df0603de21687039c69765d40ae6bd73bd8ccdb6d046903a94e590a9cc903f378f8d030997a29bf0394ac5e342c9989a815679f9ea4fa79913f WHIRLPOOL d8a77d9c693a7b72066d5289107a5a5afc798b4736795569350840bd41a2166fec700138244ddcb24558fdd94d91b919ff385e1bc8abcdcdad65cba842076b3d
-DIST curl-7.48.0.tar.bz2 7408757 SHA256 864e7819210b586d42c674a1fdd577ce75a78b3dda64c63565abe5aefd72c753 SHA512 9bb554eaf4ccaced0fa9b38de4f381eab84b96c1aa07a45d83ddfd38a925044d0fe9fac517263f67f009d2294a31c33dedb2267defbab0cb14f96091bbed5f92 WHIRLPOOL ffdc621510f71d039544e7d646f198cd1bcbb96ad114f2a685093d7a6d4431d38949c7a3557c3f4a38f54843ba217a04e3fde8a27a56b40e30d6552ef8c2a02b
DIST curl-7.49.0.tar.bz2 7458465 SHA256 14f44ed7b5207fea769ddb2c31bd9e720d37312e1c02315def67923a4a636078 SHA512 57a82185c082ea872a54c6f5a11ca24fe6131108c16255278671504afca848b9298681de9c9bb5905b9655295edf25c104d1301c4bbdb1f261d952a020d77111 WHIRLPOOL f5c4d15b7072d98e0760d7e5de59c307fb4e7f84125db7ebb2fc9f9d19e3ed35f937244579c00d9fb1e86604df277eab2a1eb14d7b339182e484a4925103dff7
diff --git a/net-misc/curl/curl-7.48.0.ebuild b/net-misc/curl/curl-7.48.0.ebuild
deleted file mode 100644
index 9bc5b8eb8bcc..000000000000
--- a/net-misc/curl/curl-7.48.0.ebuild
+++ /dev/null
@@ -1,238 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-
-inherit autotools eutils prefix multilib-minimal
-
-DESCRIPTION="A Client that groks URLs"
-HOMEPAGE="http://curl.haxx.se/"
-SRC_URI="http://curl.haxx.se/download/${P}.tar.bz2"
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="adns http2 idn ipv6 kerberos ldap metalink rtmp samba ssh ssl static-libs test threads"
-IUSE+=" curl_ssl_axtls curl_ssl_gnutls curl_ssl_libressl curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_polarssl curl_ssl_winssl"
-IUSE+=" elibc_Winnt"
-
-#lead to lots of false negatives, bug #285669
-RESTRICT="test"
-
-RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
- ssl? (
- curl_ssl_axtls? (
- net-libs/axtls[${MULTILIB_USEDEP}]
- app-misc/ca-certificates
- )
- curl_ssl_gnutls? (
- net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
- dev-libs/nettle:0=[${MULTILIB_USEDEP}]
- app-misc/ca-certificates
- )
- curl_ssl_libressl? (
- dev-libs/libressl:0=[static-libs?,${MULTILIB_USEDEP}]
- )
- curl_ssl_mbedtls? (
- net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
- app-misc/ca-certificates
- )
- curl_ssl_openssl? (
- dev-libs/openssl:0=[static-libs?,${MULTILIB_USEDEP}]
- )
- curl_ssl_nss? (
- dev-libs/nss:0[${MULTILIB_USEDEP}]
- app-misc/ca-certificates
- )
- curl_ssl_polarssl? (
- net-libs/polarssl:0=[${MULTILIB_USEDEP}]
- app-misc/ca-certificates
- )
- )
- http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] )
- idn? ( net-dns/libidn:0[static-libs?,${MULTILIB_USEDEP}] )
- adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] )
- kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
- metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] )
- rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
- ssh? ( net-libs/libssh2[static-libs?,${MULTILIB_USEDEP}] )
- sys-libs/zlib[${MULTILIB_USEDEP}]
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20140508-r13
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )"
-
-# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
-# rtmp? (
-# media-video/rtmpdump
-# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
-# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
-# )
-
-# ssl providers to be added:
-# fbopenssl $(use_with spnego)
-
-DEPEND="${RDEPEND}
- >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]
- test? (
- sys-apps/diffutils
- dev-lang/perl
- )"
-
-# c-ares must be disabled for threads
-# only one ssl provider can be enabled
-REQUIRED_USE="
- curl_ssl_winssl? ( elibc_Winnt )
- threads? ( !adns )
- ssl? (
- ^^ (
- curl_ssl_axtls
- curl_ssl_gnutls
- curl_ssl_libressl
- curl_ssl_mbedtls
- curl_ssl_nss
- curl_ssl_openssl
- curl_ssl_polarssl
- curl_ssl_winssl
- )
- )"
-
-DOCS=( CHANGES README docs/FEATURES docs/INTERNALS \
- docs/MANUAL docs/FAQ docs/BUGS docs/CONTRIBUTE )
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/curl/curlbuild.h
-)
-
-MULTILIB_CHOST_TOOLS=(
- /usr/bin/curl-config
-)
-
-src_prepare() {
- epatch \
- "${FILESDIR}"/${PN}-7.30.0-prefix.patch \
- "${FILESDIR}"/${PN}-respect-cflags-3.patch \
- "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch \
- "${FILESDIR}"/${P}-libressl.patch
-
- sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241
-
- epatch_user
- eprefixify curl-config.in
- eautoreconf
-}
-
-multilib_src_configure() {
- einfo "\033[1;32m**************************************************\033[00m"
-
- # We make use of the fact that later flags override earlier ones
- # So start with all ssl providers off until proven otherwise
- local myconf=()
- myconf+=( --without-axtls --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )
- myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
- if use ssl ; then
- if use curl_ssl_axtls; then
- einfo "SSL provided by axtls"
- myconf+=( --with-axtls )
- elif use curl_ssl_gnutls; then
- einfo "SSL provided by gnutls"
- myconf+=( --with-gnutls --with-nettle )
- elif use curl_ssl_libressl; then
- einfo "SSL provided by LibreSSL"
- myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
- elif use curl_ssl_mbedtls; then
- einfo "SSL provided by mbedtls"
- myconf+=( --with-mbedtls )
- elif use curl_ssl_nss; then
- einfo "SSL provided by nss"
- myconf+=( --with-nss )
- elif use curl_ssl_polarssl; then
- einfo "SSL provided by polarssl"
- myconf+=( --with-polarssl )
- elif use curl_ssl_openssl; then
- einfo "SSL provided by openssl"
- myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
- elif use curl_ssl_winssl; then
- einfo "SSL provided by Windows"
- myconf+=( --with-winssl )
- else
- eerror "We can't be here because of REQUIRED_USE."
- fi
- else
- einfo "SSL disabled"
- fi
- einfo "\033[1;32m**************************************************\033[00m"
-
- # These configuration options are organized alphabetically
- # within each category. This should make it easier if we
- # ever decide to make any of them contingent on USE flags:
- # 1) protocols first. To see them all do
- # 'grep SUPPORT_PROTOCOLS configure.ac'
- # 2) --enable/disable options second.
- # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
- # 3) --with/without options third.
- # grep -- --with configure | grep Check | awk '{ print $4 }' | sort
- ECONF_SOURCE="${S}" \
- econf \
- --enable-crypto-auth \
- --enable-dict \
- --enable-file \
- --enable-ftp \
- --enable-gopher \
- --enable-http \
- --enable-imap \
- $(use_enable ldap) \
- $(use_enable ldap ldaps) \
- --disable-ntlm-wb \
- --enable-pop3 \
- --enable-rt \
- --enable-rtsp \
- $(use_enable samba smb) \
- $(use_with ssh libssh2) \
- --enable-smtp \
- --enable-telnet \
- --enable-tftp \
- --enable-tls-srp \
- $(use_enable adns ares) \
- --enable-cookies \
- --enable-hidden-symbols \
- $(use_enable ipv6) \
- --enable-largefile \
- --without-libpsl \
- --enable-manual \
- --enable-proxy \
- --disable-soname-bump \
- --disable-sspi \
- $(use_enable static-libs static) \
- $(use_enable threads threaded-resolver) \
- --disable-versioned-symbols \
- --without-cyassl \
- --without-darwinssl \
- $(use_with idn libidn) \
- $(use_with kerberos gssapi "${EPREFIX}"/usr) \
- $(use_with metalink libmetalink) \
- $(use_with http2 nghttp2) \
- $(use_with rtmp librtmp) \
- --without-spnego \
- --without-winidn \
- --with-zlib \
- "${myconf[@]}"
-
- if ! multilib_is_native_abi; then
- # avoid building the client
- sed -i -e '/SUBDIRS/s:src::' Makefile || die
- sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
- fi
-}
-
-multilib_src_install_all() {
- einstalldocs
- prune_libtool_files --all
-
- rm -rf "${ED}"/etc/
-
- # https://sourceforge.net/tracker/index.php?func=detail&aid=1705197&group_id=976&atid=350976
- insinto /usr/share/aclocal
- doins docs/libcurl/libcurl.m4
-}
diff --git a/net-misc/curl/files/curl-7.48.0-libressl.patch b/net-misc/curl/files/curl-7.48.0-libressl.patch
deleted file mode 100644
index 3a3fe83a22f0..000000000000
--- a/net-misc/curl/files/curl-7.48.0-libressl.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-See: https://bugs.gentoo.org/show_bug.cgi?id=578098
-
-commit 240cd84b494e0ffee8ad261c43b927d246cf6be1
-Author: Daniel Stenberg <daniel@haxx.se>
-Date: Wed Mar 23 10:04:48 2016 +0100
-
- openssl: fix ERR_remove_thread_state() for boringssl/libressl
-
- The removed arg is only done in OpenSSL
-
- Bug: https://twitter.com/xtraemeat/status/712564874098917376
-
-diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
-index cbf2d21..b7e4462 100644
---- a/lib/vtls/openssl.c
-+++ b/lib/vtls/openssl.c
-@@ -95,7 +95,9 @@
-
- #if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
- #define HAVE_ERR_REMOVE_THREAD_STATE 1
--#if (OPENSSL_VERSION_NUMBER >= 0x10100004L)
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100004L) && \
-+ !defined(LIBRESSL_VERSION_NUMBER) && \
-+ !defined(OPENSSL_IS_BORINGSSL)
- /* OpenSSL 1.1.0-pre4 removed the argument! */
- #define HAVE_ERR_REMOVE_THREAD_STATE_NOARG 1
- #endif