main/curl: upgrade to 7.57.0

2 files changed, 11 insertions, 41 deletions

diff --git a/main/curl/APKBUILD b/main/curl/APKBUILD
index 1594b1979d..e7b8b5695a 100644
--- a/main/curl/APKBUILD
+++ b/main/curl/APKBUILD
@@ -3,19 +3,22 @@
 # Contributor: Łukasz Jendrysik <scadu@yandex.com>
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=curl
-pkgver=7.56.1
-pkgrel=1
+pkgver=7.57.0
+pkgrel=0
 pkgdesc="An URL retrival utility and library"
 url="http://curl.haxx.se"
 arch="all"
 license="MIT"
 depends="ca-certificates"
 makedepends="zlib-dev libressl-dev libssh2-dev groff perl"
-source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2
-        "
+source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2"
 subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev libcurl"
 
 # secfixes:
+#   7.57.0-r0:
+#     - CVE-2017-8816
+#     - CVE-2017-8817
+#     - CVE-2017-8818
 #   7.56.1-r0:
 #     - CVE-2017-1000257
 #   7.55.0-r0:
@@ -67,9 +70,8 @@ build() {
                 --without-libidn \
                 --without-libidn2 \
                 --disable-ldap \
-                --with-pic \
-                || return 1
-        make || return 1
+                --with-pic
+        make
 }
 
 check() {
@@ -79,7 +81,7 @@ check() {
 
 package() {
         make DESTDIR="$pkgdir" \
-                -C "$builddir" install || return 1
+                -C "$builddir" install
 }
 
 libcurl() {
@@ -88,4 +90,4 @@ libcurl() {
         mv "$pkgdir"/usr/lib "$subpkgdir"/usr
 }
 
-sha512sums="f8a602e6890b2791ea9199c80801ffd027980de3733d4ab001ee80b5167f840cc821c6fe7852087c88a471edc9d3f328cf660af3e2c6f7139d6c8de62b0ade68  curl-7.56.1.tar.bz2"
+sha512sums="f366d2e931d7aff63bac0e1f760ced32c849252947d522427ba92124566906a7e6bd081b6d1630df36895dda2a00ac4cf1bed1470740693ef47ab90c6a270377  curl-7.57.0.tar.bz2"
diff --git a/main/curl/curl-do-bounds-check-using-a-double-comparison.patch b/main/curl/curl-do-bounds-check-using-a-double-comparison.patch
deleted file mode 100644
index 34e2b6c717..0000000000
--- a/main/curl/curl-do-bounds-check-using-a-double-comparison.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 45a560390c4356bcb81d933bbbb229c8ea2acb63 Mon Sep 17 00:00:00 2001
-From: Adam Sampson <ats@offog.org>
-Date: Wed, 9 Aug 2017 14:11:17 +0100
-Subject: [PATCH] curl: do bounds check using a double comparison
-
-The fix for this in 8661a0aacc01492e0436275ff36a21734f2541bb wasn't
-complete: if the parsed number in num is larger than will fit in a long,
-the conversion is undefined behaviour (causing test1427 to fail for me
-on IA32 with GCC 7.1, although it passes on AMD64 and ARMv7).  Getting
-rid of the cast means the comparison will be done using doubles.
-
-It might make more sense for the max argument to also be a double...
-
-Fixes #1750
-Closes #1749
----
- src/tool_paramhlp.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
-index b9dedc989e..85c5e79a7e 100644
---- a/src/tool_paramhlp.c
-+++ b/src/tool_paramhlp.c
-@@ -218,7 +218,7 @@ static ParameterError str2double(double *val, const char *str, long max)
-     num = strtod(str, &endptr);
-     if(errno == ERANGE)
-       return PARAM_NUMBER_TOO_LARGE;
--    if((long)num > max) {
-+    if(num > max) {
-       /* too large */
-       return PARAM_NUMBER_TOO_LARGE;
-     }