You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openoffice.apache.org by Don Lewis <tr...@apache.org> on 2018/08/30 23:12:57 UTC
patch to upgrade bundled curl in trunk
The attached patch upgrades the version of curl that we bundle in trunk
from 7.50.1 to 7.61.0. The old version has quite a few CVEs.
Fortunately we don't use curl for much in OpenOffice.
Re: patch to upgrade bundled curl in trunk
Posted by Don Lewis <tr...@apache.org>.
On 9 Sep, Don Lewis wrote:
> On 9 Sep, Peter Kovacs wrote:
>> Hi Don,
>>
>> what is the status on this? - Do you have a bug for this activity? Can
>> some tester support you?
>
> I committed the patch here:
>
> r1839837 | truckman | 2018-09-01 12:37:14 -0700 (Sat, 01 Sep 2018) | 3 lines
>
> Upgrade the bundled version of curl from 7.50.1 to 7.61.0.
>
> and I committed an update to 7.61.1 within the last day in response to a
> new curl CVE.
>
> Curl isn't used for much ... I think only for access to ftp and maybe
> webdav. I've tested the former.
>
> I'm also testing an update for 4.1.6 as well.
The bug report for 4.1.6 is here:
https://bz.apache.org/ooo/show_bug.cgi?id=127886
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: patch to upgrade bundled curl in trunk
Posted by Don Lewis <tr...@apache.org>.
On 9 Sep, Peter Kovacs wrote:
> Hi Don,
>
> what is the status on this? - Do you have a bug for this activity? Can
> some tester support you?
I committed the patch here:
r1839837 | truckman | 2018-09-01 12:37:14 -0700 (Sat, 01 Sep 2018) | 3 lines
Upgrade the bundled version of curl from 7.50.1 to 7.61.0.
and I committed an update to 7.61.1 within the last day in response to a
new curl CVE.
Curl isn't used for much ... I think only for access to ftp and maybe
webdav. I've tested the former.
I'm also testing an update for 4.1.6 as well.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: patch to upgrade bundled curl in trunk
Posted by Peter Kovacs <le...@posteo.de>.
Hi Don,
what is the status on this? - Do you have a bug for this activity? Can
some tester support you?
All the best
Peter
On 9/1/18 9:09 PM, Don Lewis wrote:
> That's the plan. I need to do some test builds first.
>
> On 1 Sep, Peter Kovacs wrote:
>> Can we Bundle this also with 1.4.6?
>>
>> Am 1. September 2018 10:02:10 MESZ schrieb Matthias Seidel <ma...@hamburg.de>:
>>> Hi Don,
>>>
>>> My Windows build based on r1839722 and your patch applied was
>>> successful.
>>>
>>> First tests show no problems.
>>>
>>> Regards
>>> Matthias
>>>
>>> Am 31.08.2018 um 01:12 schrieb Don Lewis:
>>>> The attached patch upgrades the version of curl that we bundle in
>>> trunk
>>>> from 7.50.1 to 7.61.0. The old version has quite a few CVEs.
>>>> Fortunately we don't use curl for much in OpenOffice.
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: patch to upgrade bundled curl in trunk
Posted by Don Lewis <tr...@apache.org>.
That's the plan. I need to do some test builds first.
On 1 Sep, Peter Kovacs wrote:
> Can we Bundle this also with 1.4.6?
>
> Am 1. September 2018 10:02:10 MESZ schrieb Matthias Seidel <ma...@hamburg.de>:
>>Hi Don,
>>
>>My Windows build based on r1839722 and your patch applied was
>>successful.
>>
>>First tests show no problems.
>>
>>Regards
>> Matthias
>>
>>Am 31.08.2018 um 01:12 schrieb Don Lewis:
>>> The attached patch upgrades the version of curl that we bundle in
>>trunk
>>> from 7.50.1 to 7.61.0. The old version has quite a few CVEs.
>>> Fortunately we don't use curl for much in OpenOffice.
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: patch to upgrade bundled curl in trunk
Posted by Peter Kovacs <pe...@posteo.de>.
Can we Bundle this also with 1.4.6?
Am 1. September 2018 10:02:10 MESZ schrieb Matthias Seidel <ma...@hamburg.de>:
>Hi Don,
>
>My Windows build based on r1839722 and your patch applied was
>successful.
>
>First tests show no problems.
>
>Regards
> Matthias
>
>Am 31.08.2018 um 01:12 schrieb Don Lewis:
>> The attached patch upgrades the version of curl that we bundle in
>trunk
>> from 7.50.1 to 7.61.0. The old version has quite a few CVEs.
>> Fortunately we don't use curl for much in OpenOffice.
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>> For additional commands, e-mail: dev-help@openoffice.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: patch to upgrade bundled curl in trunk
Posted by Matthias Seidel <ma...@hamburg.de>.
Hi Don,
My Windows build based on r1839722 and your patch applied was successful.
First tests show no problems.
Regards
Matthias
Am 31.08.2018 um 01:12 schrieb Don Lewis:
> The attached patch upgrades the version of curl that we bundle in trunk
> from 7.50.1 to 7.61.0. The old version has quite a few CVEs.
> Fortunately we don't use curl for much in OpenOffice.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org