Skip to content

Commit

Permalink
Use curl >=8.5.0 to align with conda-forge and avoid CVEs. (#574)
Browse files Browse the repository at this point in the history
This PR uses `libcurl` 8.5.0 at build time, and should permit
`>=8.5.0,<9.0a0` at runtime. This is needed to align with conda-forge
which uses `libcurl` 8, and also gets a new enough minor version to
avoid some known CVEs.

---------

Co-authored-by: jakirkham <jakirkham@gmail.com>
  • Loading branch information
bdice and jakirkham authored Dec 10, 2024
1 parent dc6c0c1 commit e900177
Show file tree
Hide file tree
Showing 8 changed files with 9 additions and 9 deletions.
2 changes: 1 addition & 1 deletion conda/environments/all_cuda-118_arch-aarch64.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ dependencies:
- cython>=3.0.0
- doxygen=1.9.1
- gcc_linux-aarch64=11.*
- libcurl>=7.87.0
- libcurl>=8.5.0,<9.0a0
- moto>=4.0.8
- ninja
- numcodecs !=0.12.0
Expand Down
2 changes: 1 addition & 1 deletion conda/environments/all_cuda-118_arch-x86_64.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ dependencies:
- gcc_linux-64=11.*
- libcufile-dev=1.4.0.31
- libcufile=1.4.0.31
- libcurl>=7.87.0
- libcurl>=8.5.0,<9.0a0
- moto>=4.0.8
- ninja
- numcodecs !=0.12.0
Expand Down
2 changes: 1 addition & 1 deletion conda/environments/all_cuda-125_arch-aarch64.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ dependencies:
- doxygen=1.9.1
- gcc_linux-aarch64=11.*
- libcufile-dev
- libcurl>=7.87.0
- libcurl>=8.5.0,<9.0a0
- moto>=4.0.8
- ninja
- numcodecs !=0.12.0
Expand Down
2 changes: 1 addition & 1 deletion conda/environments/all_cuda-125_arch-x86_64.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ dependencies:
- doxygen=1.9.1
- gcc_linux-64=11.*
- libcufile-dev
- libcurl>=7.87.0
- libcurl>=8.5.0,<9.0a0
- moto>=4.0.8
- ninja
- numcodecs !=0.12.0
Expand Down
2 changes: 1 addition & 1 deletion conda/recipes/kvikio/conda_build_config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ cuda11_libcufile_run_version:
- ">=1.0.0.82,<=1.4.0.31"

libcurl_version:
- "==7.87.0"
- "==8.5.0"

nvcomp_version:
- "=4.1.0.6"
2 changes: 1 addition & 1 deletion conda/recipes/libkvikio/conda_build_config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,4 @@ cuda11_libcufile_run_version:
- ">=1.0.0.82,<=1.4.0.31"

libcurl_version:
- "==7.87.0"
- "==8.5.0"
4 changes: 2 additions & 2 deletions cpp/cmake/thirdparty/get_libcurl.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -22,13 +22,13 @@ function(find_and_configure_libcurl)
endif()

rapids_cpm_find(
CURL 7.87.0
CURL 8.5.0
GLOBAL_TARGETS libcurl
BUILD_EXPORT_SET kvikio-exports
INSTALL_EXPORT_SET kvikio-exports
CPM_ARGS
GIT_REPOSITORY https://github.com/curl/curl
GIT_TAG curl-7_87_0
GIT_TAG curl-8_5_0
OPTIONS "BUILD_CURL_EXE OFF" "BUILD_SHARED_LIBS OFF" "BUILD_TESTING OFF" "CURL_USE_LIBPSL OFF"
"CURL_DISABLE_LDAP ON" "CMAKE_POSITION_INDEPENDENT_CODE ON"
EXCLUDE_FROM_ALL YES # Don't install libcurl.a (only needed when building libkvikio.so)
Expand Down
2 changes: 1 addition & 1 deletion dependencies.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ dependencies:
packages:
- c-compiler
- cxx-compiler
- libcurl>=7.87.0 # Need CURL_WRITEFUNC_ERROR <https://curl.se/libcurl/c/CURLOPT_WRITEFUNCTION.html>
- libcurl>=8.5.0,<9.0a0
specific:
- output_types: conda
matrices:
Expand Down

0 comments on commit e900177

Please sign in to comment.