package/libcurl: security bump to version 8.12.0

Changelog:
https://curl.se/ch/8.12.0.html

Fixes the following security issues:
- CVE-2025-0167: netrc and default credential leak.
  https://curl.se/docs/CVE-2025-0167.html
- CVE-2025-0665: eventfd double close.
  https://curl.se/docs/CVE-2025-0665.html
- CVE-2025-0725: gzip integer overflow.
  https://curl.se/docs/CVE-2025-0725.html

Drop upstream patch - 0001-curl_trc-fix-build-with-verbose-messages-disabled.patch
see https://github.com/curl/curl/commit/80257779179ce994b647daca60d7b1c4980b130b

Updated hash of the COPYING file (copyright year bump)

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libcurl/0001-curl_trc-fix-build-with-verbose-messages-disabled.patch

@@ -1,44 +0,0 @@
-From 58d490091d097ba2ad108cc66c97e242e5aacb9c Mon Sep 17 00:00:00 2001
-Message-ID: <58d490091d097ba2ad108cc66c97e242e5aacb9c.1727153835.git.baruch@tkos.co.il>
-From: Baruch Siach <baruch@tkos.co.il>
-Date: Tue, 24 Sep 2024 07:52:13 +0300
-Subject: [PATCH] curl_trc: fix build with verbose messages disabled
-
-Add empty definition of Curl_trc_ws() to fix this following build error:
-
-In file included from sendf.h:29,
-                 from ws.c:35:
-ws.c: In function 'Curl_ws_accept':
-curl_trc.h:100:10: error: implicit declaration of function 'Curl_trc_ws'; did you mean 'Curl_trc_ftp'? [-Wimplicit-function-declaration]
-  100 |          Curl_trc_ws(data, __VA_ARGS__); } while(0)
-      |          ^~~~~~~~~~~
-ws.c:779:5: note: in expansion of macro 'CURL_TRC_WS'
-  779 |     CURL_TRC_WS(data, "WS, using chunk size %zu", chunk_size);
-      |     ^~~~~~~~~~~
-
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
-Upstream: https://github.com/curl/curl/pull/15026
----
- lib/curl_trc.h | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/lib/curl_trc.h b/lib/curl_trc.h
-index 5f675b453fd3..1801d33cea7c 100644
---- a/lib/curl_trc.h
-+++ b/lib/curl_trc.h
-@@ -226,6 +226,12 @@ static void Curl_trc_smtp(struct Curl_easy *data, const char *fmt, ...)
-   (void)data; (void)fmt;
- }
- #endif
-+#if defined(USE_WEBSOCKETS) && !defined(CURL_DISABLE_HTTP)
-+static void Curl_trc_ws(struct Curl_easy *data, const char *fmt, ...)
-+{
-+  (void)data; (void)fmt;
-+}
-+#endif
- 
- #endif /* !defined(CURL_DISABLE_VERBOSE_STRINGS) */
- 
--- 
-2.45.2
-

package/libcurl/libcurl.hash

@@ -1,5 +1,5 @@
 # Locally calculated after checking pgp signature
-# https://curl.se/download/curl-8.11.1.tar.xz.asc
+# https://curl.se/download/curl-8.12.0.tar.xz.asc
 # signed with key 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2
-sha256  c7ca7db48b0909743eaef34250da02c19bc61d4f1dcedd6603f109409536ab56  curl-8.11.1.tar.xz
-sha256  adb1fc06547fd136244179809f7b7c2d2ae6c4534f160aa513af9b6a12866a32  COPYING
+sha256  9a4628c764be6b1a9909567c13e8e771041609df43b2158fcac4e05ea7097e5d  curl-8.12.0.tar.xz
+sha256  e18f1989333b70044b2adfb7dc2f905d0119dbdcac3bc9f4bc9d540e3a29de5b  COPYING

package/libcurl/libcurl.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBCURL_VERSION = 8.11.1
+LIBCURL_VERSION = 8.12.0
 LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz
 LIBCURL_SITE = https://curl.se/download
 LIBCURL_DEPENDENCIES = host-pkgconf \