diff options
author | Anthony G. Basile <blueness@gentoo.org> | 2017-02-01 09:39:23 -0500 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2017-02-01 09:45:05 -0500 |
commit | 9e75d3a6bdc959f548f8d5f14342b13e41bc26fa (patch) | |
tree | 40ccc97c69723cec6566730f2f5acf8159d814df /net-misc/curl | |
parent | sys-libs/libcap: Patch & research by Mike "floppym" Gilbert to allow compilat... (diff) | |
download | gentoo-9e75d3a6bdc959f548f8d5f14342b13e41bc26fa.tar.gz gentoo-9e75d3a6bdc959f548f8d5f14342b13e41bc26fa.tar.bz2 gentoo-9e75d3a6bdc959f548f8d5f14342b13e41bc26fa.zip |
net-misc/curl: remove older vulnerable versions, bug #603574
Package-Manager: portage-2.3.3
Diffstat (limited to 'net-misc/curl')
-rw-r--r-- | net-misc/curl/Manifest | 2 | ||||
-rw-r--r-- | net-misc/curl/curl-7.50.3.ebuild | 251 | ||||
-rw-r--r-- | net-misc/curl/curl-7.51.0.ebuild | 253 |
3 files changed, 0 insertions, 506 deletions
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest index 8d0247593fa3..642d9ae19748 100644 --- a/net-misc/curl/Manifest +++ b/net-misc/curl/Manifest @@ -1,3 +1 @@ -DIST curl-7.50.3.tar.bz2 7478393 SHA256 7b7347d976661d02c84a1f4d6daf40dee377efdc45b9e2c77dedb8acf140d8ec SHA512 59012f0d9abd38d00e0b2db0cd5d8b513c08000354d31e7318007b688dc1eb71a0ac71a13acd40b0becc6199299091697b448d2e6895f90e103a23cd23f7f621 WHIRLPOOL 90d45150dd82433d29ac3eeaab1ed3a58a8e6ca20b41039a9988d4a73ceaf5b11b5b9c7ba7c9cce05e13056350691d80e52f5c12ae11ac7ffa91e32d56e0c056 -DIST curl-7.51.0.tar.bz2 2570046 SHA256 7f8240048907e5030f67be0a6129bc4b333783b9cca1391026d700835a788dde SHA512 f4da06a5ea8ef1553130cec9c162ecf51153208106473b52924dc75d57b564ef845347eb252942c138db4b5ccbc17b4fb3d026afc2d1cbec2ee1566046d11cbf WHIRLPOOL 0826e0f4bf4b644b16de11df934edab09aaa29548abb757c1904398c4b3de3d80cabc42efc7acdff0e158f6a586d347eed259354674d51822770380b9d498e9f DIST curl-7.52.1.tar.bz2 2600476 SHA256 d16185a767cb2c1ba3d5b9096ec54e5ec198b213f45864a38b3bda4bbf87389b SHA512 cf36563c77d096f2c6084354ed6d45ccca7c557828ceab21204e4e8be0d4f0d287839c8cfac906174b86d51a1ee816c2769fc78ef88f039c9645bd2c27982a75 WHIRLPOOL cb0bb74de3fb650e627cf66e23b8126837ddd6d3006934aa1b1a8597182f992b29e80e0c76aef1234f62cfa9688c5b10b781f6b2bc7e5127f8bc5a67d57665c1 diff --git a/net-misc/curl/curl-7.50.3.ebuild b/net-misc/curl/curl-7.50.3.ebuild deleted file mode 100644 index c7e5ce25ac57..000000000000 --- a/net-misc/curl/curl-7.50.3.ebuild +++ /dev/null @@ -1,251 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="5" - -inherit autotools eutils prefix multilib-minimal - -DESCRIPTION="A Client that groks URLs" -HOMEPAGE="https://curl.haxx.se/" -SRC_URI="https://curl.haxx.se/download/${P}.tar.bz2" - -LICENSE="MIT" -SLOT="0" -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="adns http2 idn ipv6 kerberos ldap metalink rtmp samba ssh ssl static-libs test threads" -IUSE+=" curl_ssl_axtls curl_ssl_gnutls curl_ssl_libressl curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_polarssl curl_ssl_winssl" -IUSE+=" elibc_Winnt" - -#lead to lots of false negatives, bug #285669 -RESTRICT="test" - -RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) - ssl? ( - curl_ssl_axtls? ( - net-libs/axtls[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - curl_ssl_gnutls? ( - net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}] - dev-libs/nettle:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - curl_ssl_libressl? ( - dev-libs/libressl:0=[static-libs?,${MULTILIB_USEDEP}] - ) - curl_ssl_mbedtls? ( - net-libs/mbedtls:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - curl_ssl_openssl? ( - dev-libs/openssl:0=[static-libs?,${MULTILIB_USEDEP}] - ) - curl_ssl_nss? ( - dev-libs/nss:0[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - curl_ssl_polarssl? ( - net-libs/polarssl:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - ) - http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] ) - idn? ( net-dns/libidn:0[static-libs?,${MULTILIB_USEDEP}] ) - adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] ) - rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( net-libs/libssh2[static-libs?,${MULTILIB_USEDEP}] ) - sys-libs/zlib[${MULTILIB_USEDEP}] - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508-r13 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - )" - -# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303 -# rtmp? ( -# media-video/rtmpdump -# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] ) -# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] ) -# ) - -# ssl providers to be added: -# fbopenssl $(use_with spnego) - -DEPEND="${RDEPEND} - >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}] - test? ( - sys-apps/diffutils - dev-lang/perl - )" - -# c-ares must be disabled for threads -# only one ssl provider can be enabled -REQUIRED_USE=" - curl_ssl_winssl? ( elibc_Winnt ) - threads? ( !adns ) - ssl? ( - ^^ ( - curl_ssl_axtls - curl_ssl_gnutls - curl_ssl_libressl - curl_ssl_mbedtls - curl_ssl_nss - curl_ssl_openssl - curl_ssl_polarssl - curl_ssl_winssl - ) - )" - -DOCS=( CHANGES README docs/FEATURES docs/INTERNALS.md \ - docs/MANUAL docs/FAQ docs/BUGS docs/CONTRIBUTE.md ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/curl/curlbuild.h -) - -MULTILIB_CHOST_TOOLS=( - /usr/bin/curl-config -) - -src_prepare() { - epatch \ - "${FILESDIR}"/${PN}-7.30.0-prefix.patch \ - "${FILESDIR}"/${PN}-respect-cflags-3.patch \ - "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch - - sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241 - - epatch_user - eprefixify curl-config.in - eautoreconf -} - -multilib_src_configure() { - # We make use of the fact that later flags override earlier ones - # So start with all ssl providers off until proven otherwise - local myconf=() - myconf+=( --without-axtls --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl ) - myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) - if use ssl ; then - if use curl_ssl_axtls; then - einfo "SSL provided by axtls" - myconf+=( --with-axtls ) - elif use curl_ssl_gnutls; then - einfo "SSL provided by gnutls" - myconf+=( --with-gnutls --with-nettle ) - elif use curl_ssl_libressl; then - einfo "SSL provided by LibreSSL" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - elif use curl_ssl_mbedtls; then - einfo "SSL provided by mbedtls" - myconf+=( --with-mbedtls ) - elif use curl_ssl_nss; then - einfo "SSL provided by nss" - myconf+=( --with-nss ) - elif use curl_ssl_polarssl; then - einfo "SSL provided by polarssl" - myconf+=( --with-polarssl ) - elif use curl_ssl_openssl; then - einfo "SSL provided by openssl" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - elif use curl_ssl_winssl; then - einfo "SSL provided by Windows" - myconf+=( --with-winssl ) - else - eerror "We can't be here because of REQUIRED_USE." - fi - else - einfo "SSL disabled" - fi - - # These configuration options are organized alphabetically - # within each category. This should make it easier if we - # ever decide to make any of them contingent on USE flags: - # 1) protocols first. To see them all do - # 'grep SUPPORT_PROTOCOLS configure.ac' - # 2) --enable/disable options second. - # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort - # 3) --with/without options third. - # grep -- --with configure | grep Check | awk '{ print $4 }' | sort - ECONF_SOURCE="${S}" \ - econf \ - --enable-crypto-auth \ - --enable-dict \ - --enable-file \ - --enable-ftp \ - --enable-gopher \ - --enable-http \ - --enable-imap \ - $(use_enable ldap) \ - $(use_enable ldap ldaps) \ - --disable-ntlm-wb \ - --enable-pop3 \ - --enable-rt \ - --enable-rtsp \ - $(use_enable samba smb) \ - $(use_with ssh libssh2) \ - --enable-smtp \ - --enable-telnet \ - --enable-tftp \ - --enable-tls-srp \ - $(use_enable adns ares) \ - --enable-cookies \ - --enable-hidden-symbols \ - $(use_enable ipv6) \ - --enable-largefile \ - --without-libpsl \ - --enable-manual \ - --enable-proxy \ - --disable-soname-bump \ - --disable-sspi \ - $(use_enable static-libs static) \ - $(use_enable threads threaded-resolver) \ - --disable-versioned-symbols \ - --without-cyassl \ - --without-darwinssl \ - $(use_with idn libidn) \ - $(use_with kerberos gssapi "${EPREFIX}"/usr) \ - $(use_with metalink libmetalink) \ - $(use_with http2 nghttp2) \ - $(use_with rtmp librtmp) \ - --without-spnego \ - --without-winidn \ - --with-zlib \ - "${myconf[@]}" - - if ! multilib_is_native_abi; then - # avoid building the client - sed -i -e '/SUBDIRS/s:src::' Makefile || die - sed -i -e '/SUBDIRS/s:scripts::' Makefile || die - fi - - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc -} - -multilib_src_install_all() { - einstalldocs - prune_libtool_files --all - - rm -rf "${ED}"/etc/ -} diff --git a/net-misc/curl/curl-7.51.0.ebuild b/net-misc/curl/curl-7.51.0.ebuild deleted file mode 100644 index 142834f4ee72..000000000000 --- a/net-misc/curl/curl-7.51.0.ebuild +++ /dev/null @@ -1,253 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="5" - -inherit autotools eutils prefix multilib-minimal - -DESCRIPTION="A Client that groks URLs" -HOMEPAGE="https://curl.haxx.se/" -SRC_URI="https://curl.haxx.se/download/${P}.tar.bz2" - -LICENSE="MIT" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ~mips ppc ppc64 x86 ~ppc-aix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="adns http2 idn ipv6 kerberos ldap metalink rtmp samba ssh ssl static-libs test threads" -IUSE+=" curl_ssl_axtls curl_ssl_gnutls curl_ssl_libressl curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_polarssl curl_ssl_winssl" -IUSE+=" elibc_Winnt" - -#lead to lots of false negatives, bug #285669 -RESTRICT="test" - -RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) - ssl? ( - curl_ssl_axtls? ( - net-libs/axtls[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - curl_ssl_gnutls? ( - net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}] - dev-libs/nettle:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - curl_ssl_libressl? ( - dev-libs/libressl:0=[static-libs?,${MULTILIB_USEDEP}] - ) - curl_ssl_mbedtls? ( - net-libs/mbedtls:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - curl_ssl_openssl? ( - dev-libs/openssl:0=[static-libs?,${MULTILIB_USEDEP}] - ) - curl_ssl_nss? ( - dev-libs/nss:0[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - curl_ssl_polarssl? ( - net-libs/polarssl:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - ) - http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] ) - idn? ( net-dns/libidn2:0[static-libs?,${MULTILIB_USEDEP}] ) - adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] ) - rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( net-libs/libssh2[static-libs?,${MULTILIB_USEDEP}] ) - sys-libs/zlib[${MULTILIB_USEDEP}] - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508-r13 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - )" - -# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303 -# rtmp? ( -# media-video/rtmpdump -# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] ) -# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] ) -# ) - -# ssl providers to be added: -# fbopenssl $(use_with spnego) - -DEPEND="${RDEPEND} - >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}] - test? ( - sys-apps/diffutils - dev-lang/perl - )" - -# c-ares must be disabled for threads -# only one ssl provider can be enabled -REQUIRED_USE=" - curl_ssl_winssl? ( elibc_Winnt ) - threads? ( !adns ) - ssl? ( - ^^ ( - curl_ssl_axtls - curl_ssl_gnutls - curl_ssl_libressl - curl_ssl_mbedtls - curl_ssl_nss - curl_ssl_openssl - curl_ssl_polarssl - curl_ssl_winssl - ) - )" - -DOCS=( CHANGES README docs/FEATURES docs/INTERNALS.md \ - docs/MANUAL docs/FAQ docs/BUGS docs/CONTRIBUTE.md ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/curl/curlbuild.h -) - -MULTILIB_CHOST_TOOLS=( - /usr/bin/curl-config -) - -src_prepare() { - epatch \ - "${FILESDIR}"/${PN}-7.30.0-prefix.patch \ - "${FILESDIR}"/${PN}-respect-cflags-3.patch \ - "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch \ - "${FILESDIR}"/${PN}-fix-mbedtls.patch - - sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241 - - epatch_user - eprefixify curl-config.in - eautoreconf -} - -multilib_src_configure() { - # We make use of the fact that later flags override earlier ones - # So start with all ssl providers off until proven otherwise - local myconf=() - myconf+=( --without-axtls --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl ) - myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) - if use ssl ; then - if use curl_ssl_axtls; then - einfo "SSL provided by axtls" - myconf+=( --with-axtls ) - elif use curl_ssl_gnutls; then - einfo "SSL provided by gnutls" - myconf+=( --with-gnutls --with-nettle ) - elif use curl_ssl_libressl; then - einfo "SSL provided by LibreSSL" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - elif use curl_ssl_mbedtls; then - einfo "SSL provided by mbedtls" - myconf+=( --with-mbedtls ) - elif use curl_ssl_nss; then - einfo "SSL provided by nss" - myconf+=( --with-nss ) - elif use curl_ssl_polarssl; then - einfo "SSL provided by polarssl" - myconf+=( --with-polarssl ) - elif use curl_ssl_openssl; then - einfo "SSL provided by openssl" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - elif use curl_ssl_winssl; then - einfo "SSL provided by Windows" - myconf+=( --with-winssl ) - else - eerror "We can't be here because of REQUIRED_USE." - fi - else - einfo "SSL disabled" - fi - - # These configuration options are organized alphabetically - # within each category. This should make it easier if we - # ever decide to make any of them contingent on USE flags: - # 1) protocols first. To see them all do - # 'grep SUPPORT_PROTOCOLS configure.ac' - # 2) --enable/disable options second. - # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort - # 3) --with/without options third. - # grep -- --with configure | grep Check | awk '{ print $4 }' | sort - ECONF_SOURCE="${S}" \ - econf \ - --enable-crypto-auth \ - --enable-dict \ - --enable-file \ - --enable-ftp \ - --enable-gopher \ - --enable-http \ - --enable-imap \ - $(use_enable ldap) \ - $(use_enable ldap ldaps) \ - --disable-ntlm-wb \ - --enable-pop3 \ - --enable-rt \ - --enable-rtsp \ - $(use_enable samba smb) \ - $(use_with ssh libssh2) \ - --enable-smtp \ - --enable-telnet \ - --enable-tftp \ - --enable-tls-srp \ - $(use_enable adns ares) \ - --enable-cookies \ - --enable-hidden-symbols \ - $(use_enable ipv6) \ - --enable-largefile \ - --without-libpsl \ - --enable-manual \ - --enable-proxy \ - --disable-soname-bump \ - --disable-sspi \ - $(use_enable static-libs static) \ - $(use_enable threads threaded-resolver) \ - --disable-versioned-symbols \ - --without-cyassl \ - --without-darwinssl \ - $(use_with idn libidn2) \ - $(use_with kerberos gssapi "${EPREFIX}"/usr) \ - $(use_with metalink libmetalink) \ - $(use_with http2 nghttp2) \ - $(use_with rtmp librtmp) \ - --without-spnego \ - --without-winidn \ - --with-zlib \ - "${myconf[@]}" - - if ! multilib_is_native_abi; then - # avoid building the client - sed -i -e '/SUBDIRS/s:src::' Makefile || die - sed -i -e '/SUBDIRS/s:scripts::' Makefile || die - fi - - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc -} - -multilib_src_install_all() { - einstalldocs - prune_libtool_files --all - - rm -rf "${ED}"/etc/ -} |