patch to upgrade bundled curl in trunk

>Hi Don,
>
>My Windows build based on r1839722 and your patch applied was
>successful.
>
>First tests show no problems.
>
>Regards
>   Matthias
>
>Am 31.08.2018 um 01:12 schrieb Don Lewis:
>> The attached patch upgrades the version of curl that we bundle in
>trunk
>> from 7.50.1 to 7.61.0.  The old version has quite a few CVEs.
>> Fortunately we don't use curl for much in OpenOffice.
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]

> Can we Bundle this also with 1.4.6?
>
> Am 1. September 2018 10:02:10 MESZ schrieb Matthias Seidel <[hidden email]>:
>>Hi Don,
>>
>>My Windows build based on r1839722 and your patch applied was
>>successful.
>>
>>First tests show no problems.
>>
>>Regards
>>   Matthias
>>
>>Am 31.08.2018 um 01:12 schrieb Don Lewis:
>>> The attached patch upgrades the version of curl that we bundle in
>>trunk
>>> from 7.50.1 to 7.61.0.  The old version has quite a few CVEs.
>>> Fortunately we don't use curl for much in OpenOffice.
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [hidden email]
>>> For additional commands, e-mail: [hidden email]
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>

> That's the plan.  I need to do some test builds first.
>
> On  1 Sep, Peter Kovacs wrote:
>> Can we Bundle this also with 1.4.6?
>>
>> Am 1. September 2018 10:02:10 MESZ schrieb Matthias Seidel <[hidden email]>:
>>> Hi Don,
>>>
>>> My Windows build based on r1839722 and your patch applied was
>>> successful.
>>>
>>> First tests show no problems.
>>>
>>> Regards
>>>     Matthias
>>>
>>> Am 31.08.2018 um 01:12 schrieb Don Lewis:
>>>> The attached patch upgrades the version of curl that we bundle in
>>> trunk
>>>> from 7.50.1 to 7.61.0.  The old version has quite a few CVEs.
>>>> Fortunately we don't use curl for much in OpenOffice.
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: [hidden email]
>>>> For additional commands, e-mail: [hidden email]
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>

> On  9 Sep, Peter Kovacs wrote:
>> Hi Don,
>>
>> what is the status on this? - Do you have a bug for this activity? Can
>> some tester support you?
>
> I committed the patch here:
>
>   r1839837 | truckman | 2018-09-01 12:37:14 -0700 (Sat, 01 Sep 2018) | 3 lines
>
>   Upgrade the bundled version of curl from 7.50.1 to 7.61.0.
>
> and I committed an update to 7.61.1 within the last day in response to a
> new curl CVE.
>
> Curl isn't used for much ... I think only for access to ftp and maybe
> webdav.  I've tested the former.
>
> I'm also testing an update for 4.1.6 as well.