[PR PATCH] curl: update to 7.77.0.

[PR PATCH] curl: update to 7.77.0.

[sgn]

[-- Attachment #1: Type: text/plain, Size: 1599 bytes --]

There is a new pull request by sgn against master on the void-packages repository

https://github.com/sgn/void-packages curl-update
https://github.com/void-linux/void-packages/pull/31132

curl: update to 7.77.0.
CVE-2021-22901

<!-- Mark items with [x] where applicable -->

#### General
- [ ] This is a new package and it conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements)

#### Have the results of the proposed changes been tested?
- [ ] I use the packages affected by the proposed changes on a regular basis and confirm this PR works for me
- [ ] I generally don't use the affected packages but briefly tested this PR

<!--
If GitHub CI cannot be used to validate the build result (for example, if the
build is likely to take several hours), make sure to
[skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration).
When skipping CI, uncomment and fill out the following section.
Note: for builds that are likely to complete in less than 2 hours, it is not
acceptable to skip CI.
-->
<!-- 
#### Does it build and run successfully? 
(Please choose at least one native build and, if supported, at least one cross build. More are better.)
- [ ] I built this PR locally for my native architecture, (ARCH-LIBC)
- [ ] I built this PR locally for these architectures (if supported. mark crossbuilds):
  - [ ] aarch64-musl
  - [ ] armv7l
  - [ ] armv6l-musl
-->


A patch file from https://github.com/void-linux/void-packages/pull/31132.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-curl-update-31132.patch --]
[-- Type: text/x-diff, Size: 1384 bytes --]

From 69adf1773097f777aa2b6d53f2937bd20098c873 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C4=90o=C3=A0n=20Tr=E1=BA=A7n=20C=C3=B4ng=20Danh?=
 <congdanhqx@gmail.com>
Date: Wed, 26 May 2021 15:26:42 +0700
Subject: [PATCH] curl: update to 7.77.0.

CVE-2021-22901
---
 srcpkgs/curl/template | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/srcpkgs/curl/template b/srcpkgs/curl/template
index 7a9d588d9ecb..46a1388c000c 100644
--- a/srcpkgs/curl/template
+++ b/srcpkgs/curl/template
@@ -1,6 +1,6 @@
 # Template file for 'curl'
 pkgname=curl
-version=7.76.1
+version=7.77.0
 revision=1
 build_style=gnu-configure
 configure_args="ac_cv_sizeof_off_t=8 --enable-threaded-resolver --enable-ipv6
@@ -21,7 +21,7 @@ license="MIT"
 homepage="https://curl.haxx.se"
 changelog="https://curl.haxx.se/changes.html#${version//./_}"
 distfiles="${homepage}/download/${pkgname}-${version}.tar.bz2"
-checksum=7a8e184d7d31312c4ebf6a8cb59cd757e61b2b2833a9ed4f9bf708066e7695e9
+checksum=6c0c28868cb82593859fc43b9c8fdb769314c855c05cf1b56b023acf855df8ea
 patch_args="-Np1"
 build_options="gnutls gssapi ldap rtmp ssh ssl zstd"
 build_options_default="ssh ssl zstd"
@@ -33,6 +33,10 @@ pre_configure() {
 	export CPPFLAGS="-D_FORTIFY_SOURCE=2"
 }
 
+pre_check() {
+	export USER=nobody
+}
+
 post_install() {
 	# Fix linker search paths when necessary
 	if [ -n "$XBPS_CROSS_BASE" ]; then

Re: curl: update to 7.77.0.

[ericonr]

[-- Attachment #1: Type: text/plain, Size: 172 bytes --]

New comment by ericonr on void-packages repository

https://github.com/void-linux/void-packages/pull/31132#issuecomment-848892418

Comment:
Fixes CVE-2021-22898 too. LGTM.

Re: curl: update to 7.77.0.

[sgn]

[-- Attachment #1: Type: text/plain, Size: 190 bytes --]

New comment by sgn on void-packages repository

https://github.com/void-linux/void-packages/pull/31132#issuecomment-848935300

Comment:
telnet is not that common, and it's medium anyway :-p

Re: [PR PATCH] [Merged]: curl: update to 7.77.0.

[sgn]

[-- Attachment #1: Type: text/plain, Size: 1452 bytes --]

There's a merged pull request on the void-packages repository

curl: update to 7.77.0.
https://github.com/void-linux/void-packages/pull/31132

Description:
CVE-2021-22901

<!-- Mark items with [x] where applicable -->

#### General
- [ ] This is a new package and it conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements)

#### Have the results of the proposed changes been tested?
- [ ] I use the packages affected by the proposed changes on a regular basis and confirm this PR works for me
- [ ] I generally don't use the affected packages but briefly tested this PR

<!--
If GitHub CI cannot be used to validate the build result (for example, if the
build is likely to take several hours), make sure to
[skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration).
When skipping CI, uncomment and fill out the following section.
Note: for builds that are likely to complete in less than 2 hours, it is not
acceptable to skip CI.
-->
<!-- 
#### Does it build and run successfully? 
(Please choose at least one native build and, if supported, at least one cross build. More are better.)
- [ ] I built this PR locally for my native architecture, (ARCH-LIBC)
- [ ] I built this PR locally for these architectures (if supported. mark crossbuilds):
  - [ ] aarch64-musl
  - [ ] armv7l
  - [ ] armv6l-musl
-->