25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-20 16:15:59 +01:00

make-binaries: Bump zlib version to 1.2.13

Update zlib to 1.2.13 to address CVE-2022-37434

Also change zlib download to use archive URL so builds do not fail
when specified version is no longer the current version
This commit is contained in:
Stu Tomlinson 2022-11-16 09:42:36 +00:00
parent c6513fcfc6
commit aa8d800577

View File

@ -68,7 +68,7 @@ mix_vsn=$(mix_version "$rel_vsn")
crosstool_vsn='1.25.0' crosstool_vsn='1.25.0'
termcap_vsn='1.3.1' termcap_vsn='1.3.1'
expat_vsn='2.4.9' expat_vsn='2.4.9'
zlib_vsn='1.2.12' zlib_vsn='1.2.13'
yaml_vsn='0.2.5' yaml_vsn='0.2.5'
ssl_vsn='1.1.1q' ssl_vsn='1.1.1q'
otp_vsn='24.3.4.5' otp_vsn='24.3.4.5'
@ -461,6 +461,8 @@ build_toolchain()
cd "$root_dir" cd "$root_dir"
create_${arch}_config 'defconfig' create_${arch}_config 'defconfig'
ct-ng defconfig ct-ng defconfig
sed -i -e "s|^CT_ZLIB_VERSION=.*|CT_ZLIB_VERSION=\"$zlib_vsn\"|" .config
sed -i -e 's|^CT_ZLIB_MIRRORS=.*|CT_ZLIB_MIRRORS="https://github.com/madler/zlib/releases/download/v${CT_ZLIB_VERSION} https://www.zlib.net/ https://www.zlib.net/fossils/"|' .config
ct-ng build CT_PREFIX="$ct_prefix_dir" CT_JOBS="$ct_jobs" ct-ng build CT_PREFIX="$ct_prefix_dir" CT_JOBS="$ct_jobs"
rm -rf '.config' '.build' 'build.log' rm -rf '.config' '.build' 'build.log'
cd "$OLDPWD" cd "$OLDPWD"
@ -844,7 +846,7 @@ else
curl -LO "http://crosstool-ng.org/download/crosstool-ng/$crosstool_tar" curl -LO "http://crosstool-ng.org/download/crosstool-ng/$crosstool_tar"
curl -LO "https://ftp.gnu.org/gnu/termcap/$termcap_tar" curl -LO "https://ftp.gnu.org/gnu/termcap/$termcap_tar"
curl -LO "https://github.com/libexpat/libexpat/releases/download/R_$(printf '%s' "$expat_vsn" | sed 's/\./_/g')/$expat_tar" curl -LO "https://github.com/libexpat/libexpat/releases/download/R_$(printf '%s' "$expat_vsn" | sed 's/\./_/g')/$expat_tar"
curl -LO "https://zlib.net/$zlib_tar" curl -LO "https://zlib.net/fossils/$zlib_tar"
curl -LO "https://pyyaml.org/download/libyaml/$yaml_tar" curl -LO "https://pyyaml.org/download/libyaml/$yaml_tar"
curl -LO "https://www.openssl.org/source/$ssl_tar" curl -LO "https://www.openssl.org/source/$ssl_tar"
curl -LO "https://github.com/erlang/otp/releases/download/OTP-$otp_vsn/$otp_tar" curl -LO "https://github.com/erlang/otp/releases/download/OTP-$otp_vsn/$otp_tar"