[curl] Upgrade libcurl to version 8.4.0

This version includes fixes for two CVEs affecting libcurl:
* CVE-2023-38545: severity HIGH,
* CVE-2023-38546: severity LOW.

Co-authored-by: Wojtek Porczyk <woju@invisiblethingslab.com>
Signed-off-by: Wojtek Porczyk <woju@invisiblethingslab.com>
Signed-off-by: Kailun Qin <kailun.qin@intel.com>

meson.build

@@ -229,7 +229,7 @@ mbedtls_proj = subproject('mbedtls-mbedtls-3.5.0')
 mbedtls_static_dep = mbedtls_proj.get_variable('mbedtls_static_dep')
 mbedtls_pal_dep = mbedtls_proj.get_variable('mbedtls_pal_dep')
 
-curl_proj = subproject('curl-7.84.0')
+curl_proj = subproject('curl-8.4.0')
 cjson_proj = subproject('cJSON-1.7.12')
 
 if sgx

subprojects/curl-8.4.0.wrap

@@ -0,0 +1,7 @@
+[wrap-file]
+directory = curl-8.4.0
+source_url = https://curl.se/download/curl-8.4.0.tar.gz
+source_fallback_url = https://packages.gramineproject.io/distfiles/curl-8.4.0.tar.gz
+source_filename = curl-8.4.0.tar.gz
+source_hash = 816e41809c043ff285e8c0f06a75a1fa250211bbfb2dc0a037eeef39f1a9e427
+patch_directory = curl-8.4.0

subprojects/packagefiles/curl-7.84.0/compile.sh → subprojects/packagefiles/curl-8.4.0/compile.sh

@@ -27,7 +27,7 @@ cp -ar "$CURRENT_SOURCE_DIR" "$PRIVATE_DIR"
 
     log "running configure..."
     # The list of configure options is selected based on:
-    # https://github.com/curl/curl/blob/curl-7_84_0/docs/INSTALL.md#reducing-size
+    # https://github.com/curl/curl/blob/curl-8_4_0/docs/INSTALL.md#reducing-size
     ./configure                                     \
         --disable-alt-svc                           \
         --disable-ares                              \

subprojects/packagefiles/curl-7.84.0/meson.build → subprojects/packagefiles/curl-8.4.0/meson.build

@@ -1,4 +1,4 @@
-project('curl', 'c', version: '7.84.0')
+project('curl', 'c', version: '8.4.0')
 
 curl_libs_output = [
     'libcurl.a',