From patchwork Sat Feb  9 20:37:22 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Matthias Fischer <matthias.fischer@ipfire.org>
X-Patchwork-Id: 2079
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (unknown [172.28.1.200])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256
	bits)) (Client CN "mail01.ipfire.org",
	Issuer "Let's Encrypt Authority X3" (verified OK))
	by web07.i.ipfire.org (Postfix) with ESMTPS id 10E0088B606
	for <patchwork@web07.i.ipfire.org>;
	Sat,  9 Feb 2019 09:37:31 +0000 (GMT)
Received: from mail01.i.ipfire.org (localhost [IPv6:::1])
	by mail01.ipfire.org (Postfix) with ESMTP id 43xRmB01PTz5HDM9;
	Sat,  9 Feb 2019 09:37:29 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801;
	t=1549705050;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	message-id:message-id:to:to:cc:mime-version:content-type:
	content-transfer-encoding:in-reply-to:references:list-id:
	list-unsubscribe:list-subscribe:list-post;
	bh=mSlRF+S/4CDCwTLDxG8fI683rYcgCBjZ42dHYXYrAk4=;
	b=vdPxXK35EP/mziGzH1mPn1lcC3VYw6tcXShRK0hunxKs1qJf5dw//ms15ans/H7arRcFfP
	7BB5OWFqtN0XmS8BWzc4rZxPrV0L7IYj//nfPFJFlvKZ5XFUMoBYfpeAFR+lAqN2HKDCHe
	M5Qs/OQ7D1DTE2V2/GZAkYIbjt8B6ED3Btl6rV2P2Lt/OdPNts+5A3iZy7EVsF/5RR8CcR
	RKFb8MG9POX3b2l7MCghiWouAjqV3VRH9ctuh10XXQnlaHWvKrDmJYsja0cnAiNLg9TFT6
	lT/1fQ8F1MoXP3Z90IMq9umOo8fhZu4IQe5FqDYb3P2U41uqONL1KOQNVIHLjw==
Received: from Devel.localdomain (p4FF5633E.dip0.t-ipconnect.de
	[79.245.99.62])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (Client did not present a certificate)
	by mail01.ipfire.org (Postfix) with ESMTPSA id 43xRm64Ytdz5HDLs
	for <development@lists.ipfire.org>;
	Sat,  9 Feb 2019 09:37:26 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801;
	t=1549705046;
	h=from:from:sender:reply-to:subject:subject:date:date:
	message-id:message-id:to:to:cc:mime-version:content-type:
	content-transfer-encoding:in-reply-to:references;
	bh=mSlRF+S/4CDCwTLDxG8fI683rYcgCBjZ42dHYXYrAk4=;
	b=IwremjCwpBV3vEqpvczgmu86lGanNzp4Et2fkmu+rhqx30P5yh7HnZK/OW9RlzIiCi0F0W
	6g6p+mZm2fgJJpEf7XaUnkCstXf35dTAcOcL/CfJA0W3+ljzcW5hBQ3XywJ7I0Gq0gIcg9
	d0pER7GohIWxySXaZwVZsvkatiRwG6vu/ydJ8bUt4MXcxNNGLBcfciKaoqHcQhs7HT41hx
	EBxB6f0UAvHGLW1rRQ0hLvmYeY66PzpSQ5292QuMLTKwH0Z/0eOCPpGs1/vyFrHWscuFRQ
	WN6KgIWrULNNP6JhFaBs+MeSDshzkaf8p1WjJy0Qs81UPv58egyZj4lA8yWSzA==
From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] curl: Update to 7.64.0
Date: Sat,  9 Feb 2019 10:37:22 +0100
Message-Id: <20190209093722.11080-1-matthias.fischer@ipfire.org>
X-Mailer: git-send-email 2.18.0
Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=mfischer
	smtp.mailfrom=matthias.fischer@ipfire.org
X-Spamd-Result: default: False [-5.01 / 11.00]; ARC_NA(0.00)[];
	FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[];
	MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[];
	RCPT_COUNT_ONE(0.00)[1]; DKIM_SIGNED(0.00)[];
	MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM(-2.91)[-0.970,0];
	RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[];
	MIME_TRACE(0.00)[0:+];
	ASN(0.00)[asn:3320, ipnet:79.192.0.0/10, country:DE];
	RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%]
X-Spam-Status: No, score=-5.01
X-Rspamd-Server: mail01.i.ipfire.org
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
	<mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <https://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
	<mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

Hi,

For details see:
https://curl.haxx.se/changes.html

This came rather unexpected - if I'd known, I'd have waited with 7.63.0.

"Changes:
cookies: leave secure cookies alone
hostip: support wildcard hosts
http: Implement trailing headers for chunked transfers
http: added options for allowing HTTP/0.9 responses
timeval: Use high resolution timestamps on Windows

Bugfixes:
CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
CVE-2019-3823: SMTP end-of-response out-of-bounds read
FAQ: remove mention of sourceforge for github
OS400: handle memory error in list conversion
OS400: upgrade ILE/RPG binding.
README: add codacy code quality badge
Revert http_negotiate: do not close connection
THANKS: added several missing names from year <= 2000
build: make 'tidy' target work for metalink builds
cmake: added checks for variadic macros
cmake: updated check for HAVE_POLL_FINE to match autotools
cmake: use lowercase for function name like the rest of the code
configure: detect xlclang separately from clang
configure: fix recv/send/select detection on Android
configure: rewrite --enable-code-coverage
conncache_unlock: avoid indirection by changing input argument type
cookie: fix comment typo
cookies: allow secure override when done over HTTPS
cookies: extend domain checks to non psl builds
cookies: skip custom cookies when redirecting cross-site
curl --xattr: strip credentials from any URL that is stored
curl -J: refuse to append to the destination file
curl/urlapi.h: include "curl.h" first
curl_multi_remove_handle() don't block terminating c-ares requests
darwinssl: accept setting max-tls with default min-tls
disconnect: separate connections and easy handles better
disconnect: set conn->data for protocol disconnect
docs/version.d: mention MultiSSL
docs: fix the --tls-max description
docs: use $(INSTALL_DATA) to install man page
docs: use meaningless port number in CURLOPT_LOCALPORT example
gopher: always include the entire gopher-path in request
http2: clear pause stream id if it gets closed
if2ip: remove unused function Curl_if_is_interface_name
libssh: do not let libssh create socket
libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh
libssh: free sftp_canonicalize_path() data correctly
libtest/stub_gssapi: use "real" snprintf
mbedtls: use VERIFYHOST
multi: multiplexing improvements
multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
ntlm: fix NTMLv2 compliance
ntlm_sspi: add support for channel binding
openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
openssl: fix the SSL_get_tlsext_status_ocsp_resp call
openvms: fix OpenSSL discovery on VAX
openvms: fix typos in documentation
os400: add a missing closing bracket
os400: fix extra parameter syntax error
pingpong: change default response timeout to 120 seconds
pingpong: ignore regular timeout in disconnect phase
printf: fix format specifiers
runtests.pl: Fix perl call to include srcdir
schannel: fix compiler warning
schannel: preserve original certificate path parameter
schannel: stop calling it "winssl"
sigpipe: if mbedTLS is used, ignore SIGPIPE
smb: fix incorrect path in request if connection reused
ssh: log the libssh2 error message when ssh session startup fails
test1558: verify CURLINFO_PROTOCOL on file:// transfer
test1561: improve test name
test1653: make it survive torture tests
tests: allow tests to pass by 2037-02-12
tests: move objnames-* from lib into tests
timediff: fix math for unsigned time_t
timeval: Disable MSVC Analyzer GetTickCount warning
tool_cb_prg: avoid integer overflow
travis: added cmake build for osx
urlapi: Fix port parsing of eol colon
urlapi: distinguish possibly empty query
urlapi: fix parsing ipv6 with zone index
urldata: rename easy_conn to just conn
winbuild: conditionally use /DZLIB_WINAPI
wolfssl: fix memory-leak in threaded use
spnego_sspi: add support for channel binding"

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
 config/rootfiles/common/curl | 3 +++
 lfs/curl                     | 4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl
index 5c616f8da..1eb9f6f37 100644
--- a/config/rootfiles/common/curl
+++ b/config/rootfiles/common/curl
@@ -170,6 +170,7 @@ usr/lib/libcurl.so.4.5.0
 #usr/share/man/man3/CURLOPT_HEADERDATA.3
 #usr/share/man/man3/CURLOPT_HEADERFUNCTION.3
 #usr/share/man/man3/CURLOPT_HEADEROPT.3
+#usr/share/man/man3/CURLOPT_HTTP09_ALLOWED.3
 #usr/share/man/man3/CURLOPT_HTTP200ALIASES.3
 #usr/share/man/man3/CURLOPT_HTTPAUTH.3
 #usr/share/man/man3/CURLOPT_HTTPGET.3
@@ -340,6 +341,8 @@ usr/lib/libcurl.so.4.5.0
 #usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3
 #usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3
 #usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3
+#usr/share/man/man3/CURLOPT_TRAILERDATA.3
+#usr/share/man/man3/CURLOPT_TRAILERFUNCTION.3
 #usr/share/man/man3/CURLOPT_TRANSFERTEXT.3
 #usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3
 #usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3
diff --git a/lfs/curl b/lfs/curl
index f00677b5e..e57bbbf45 100644
--- a/lfs/curl
+++ b/lfs/curl
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 7.63.0
+VER        = 7.64.0
 
 THISAPP    = curl-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 6121427a7199cd6094fc48c9e31e8992
+$(DL_FILE)_MD5 = a026740d599a32bcbbe6e70679397899
 
 install : $(TARGET)