Add harmony/ repo for packages still being discussed

See https://wiki.adelielinux.org/wiki/Project:Harmony
author: A. Wilcox <AWilcox@Wilcox-Tech.com> 2018-02-27 14:34:02 -0600
committer: A. Wilcox <AWilcox@Wilcox-Tech.com> 2018-02-27 14:34:02 -0600
commit: 7553795ec2d735c01dbdde129a65b7f45d5aa999 (patch)
tree: b3970009a8246b0c17a105fe6b10c8077fc2b763 /harmony/curl
parent: e2b01859c88d221992403d1293d42da33002be4d (diff)
download: packages-7553795ec2d735c01dbdde129a65b7f45d5aa999.tar.gz
packages-7553795ec2d735c01dbdde129a65b7f45d5aa999.tar.bz2
packages-7553795ec2d735c01dbdde129a65b7f45d5aa999.tar.xz
packages-7553795ec2d735c01dbdde129a65b7f45d5aa999.zip
2 files changed, 125 insertions, 0 deletions
diff --git a/harmony/curl/APKBUILD b/harmony/curl/APKBUILD
new file mode 100644
index 000000000..fd20e55dd
--- /dev/null
+++ b/harmony/curl/APKBUILD
@@ -0,0 +1,93 @@
+# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
+# Contributor: Valery Kartel <valery.kartel@gmail.com>
+# Contributor: Łukasz Jendrysik <scadu@yandex.com>
+# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
+pkgname=curl
+pkgver=7.56.1
+pkgrel=0
+pkgdesc="An URL retrival utility and library"
+url="http://curl.haxx.se"
+arch="all"
+license="MIT"
+depends="ca-certificates"
+makedepends_build="groff perl"
+makedepends_host="zlib-dev openssl-dev libssh2-dev"
+makedepends="$makedepends_build $makedepends_host"
+source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2
+	"
+subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev libcurl"
+
+# secfixes:
+#   7.56.1-r0:
+#     - CVE-2017-1000257
+#   7.55.0-r0:
+#     - CVE-2017-1000099
+#     - CVE-2017-1000100
+#     - CVE-2017-1000101
+#   7.54.0-r0:
+#     - CVE-2017-7468
+#   7.53.1-r2:
+#     - CVE-2017-7407
+#   7.53.0:
+#     - CVE-2017-2629
+#   7.52.1:
+#     - CVE-2016-9594
+#   7.51.0:
+#     - CVE-2016-8615
+#     - CVE-2016-8616
+#     - CVE-2016-8617
+#     - CVE-2016-8618
+#     - CVE-2016-8619
+#     - CVE-2016-8620
+#     - CVE-2016-8621
+#     - CVE-2016-8622
+#     - CVE-2016-8623
+#     - CVE-2016-8624
+#     - CVE-2016-8625
+#   7.50.3:
+#     - CVE-2016-7167
+#   7.50.2:
+#     - CVE-2016-7141
+#   7.50.1:
+#     - CVE-2016-5419
+#     - CVE-2016-5420
+#     - CVE-2016-5421
+#   7.36.0:
+#     - CVE-2014-0138
+#     - CVE-2014-0139
+
+builddir="$srcdir/$pkgname-$pkgver"
+
+build() {
+	cd "$builddir"
+	./configure \
+		--build=$CBUILD \
+		--host=$CHOST \
+		--prefix=/usr \
+		--enable-ipv6 \
+		--enable-unix-sockets \
+		--without-libidn \
+		--without-libidn2 \
+		--disable-ldap \
+		--with-pic \
+		|| return 1
+	make || return 1
+}
+
+check() {
+	cd "$builddir"
+	make check
+}
+
+package() {
+	make DESTDIR="$pkgdir" \
+		-C "$builddir" install || return 1
+}
+
+libcurl() {
+	pkgdesc="The multiprotocol file transfer library"
+	mkdir -p "$subpkgdir"/usr
+	mv "$pkgdir"/usr/lib "$subpkgdir"/usr
+}
+
+sha512sums="f8a602e6890b2791ea9199c80801ffd027980de3733d4ab001ee80b5167f840cc821c6fe7852087c88a471edc9d3f328cf660af3e2c6f7139d6c8de62b0ade68  curl-7.56.1.tar.bz2"
diff --git a/harmony/curl/curl-do-bounds-check-using-a-double-comparison.patch b/harmony/curl/curl-do-bounds-check-using-a-double-comparison.patch
new file mode 100644
index 000000000..34e2b6c71
--- /dev/null
+++ b/harmony/curl/curl-do-bounds-check-using-a-double-comparison.patch
@@ -0,0 +1,32 @@
+From 45a560390c4356bcb81d933bbbb229c8ea2acb63 Mon Sep 17 00:00:00 2001
+From: Adam Sampson <ats@offog.org>
+Date: Wed, 9 Aug 2017 14:11:17 +0100
+Subject: [PATCH] curl: do bounds check using a double comparison
+
+The fix for this in 8661a0aacc01492e0436275ff36a21734f2541bb wasn't
+complete: if the parsed number in num is larger than will fit in a long,
+the conversion is undefined behaviour (causing test1427 to fail for me
+on IA32 with GCC 7.1, although it passes on AMD64 and ARMv7).  Getting
+rid of the cast means the comparison will be done using doubles.
+
+It might make more sense for the max argument to also be a double...
+
+Fixes #1750
+Closes #1749
+---
+ src/tool_paramhlp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
+index b9dedc989e..85c5e79a7e 100644
+--- a/src/tool_paramhlp.c
++++ b/src/tool_paramhlp.c
+@@ -218,7 +218,7 @@ static ParameterError str2double(double *val, const char *str, long max)
+     num = strtod(str, &endptr);
+     if(errno == ERANGE)
+       return PARAM_NUMBER_TOO_LARGE;
+-    if((long)num > max) {
++    if(num > max) {
+       /* too large */
+       return PARAM_NUMBER_TOO_LARGE;
+     }
author	A. Wilcox <AWilcox@Wilcox-Tech.com>	2018-02-27 14:34:02 -0600
committer	A. Wilcox <AWilcox@Wilcox-Tech.com>	2018-02-27 14:34:02 -0600
commit	7553795ec2d735c01dbdde129a65b7f45d5aa999 (patch)
tree	b3970009a8246b0c17a105fe6b10c8077fc2b763 /harmony/curl
parent	e2b01859c88d221992403d1293d42da33002be4d (diff)
download	packages-7553795ec2d735c01dbdde129a65b7f45d5aa999.tar.gz packages-7553795ec2d735c01dbdde129a65b7f45d5aa999.tar.bz2 packages-7553795ec2d735c01dbdde129a65b7f45d5aa999.tar.xz packages-7553795ec2d735c01dbdde129a65b7f45d5aa999.zip