]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 6dadb64) | patch
curl: Update to version 7.51.0
authorFabio Berton <fabio.berton@ossystems.com.br>
Thu, 3 Nov 2016 20:41:58 +0000 (18:41 -0200)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 15 Nov 2016 15:18:48 +0000 (15:18 +0000)
commit0154ff997db8021f93e6ffe8f7a0627d7a1d9b89
tree47ec1ee507766e1310b7225b8f974228b2ee5176tree | snapshot
parent6dadb648494c76b6326874731b4e918f62741b62commit | diff
curl: Update to version 7.51.0

CVE fixed in 7.51.0:

  CVE-2016-8615: cookie injection for other servers
  CVE-2016-8616: case insensitive password comparison
  CVE-2016-8617: OOB write via unchecked multiplication
  CVE-2016-8618: double-free in curl_maprintf
  CVE-2016-8619: double-free in krb5 code
  CVE-2016-8620: glob parser write/read out of bounds
  CVE-2016-8621: curl_getdate read out of bounds
  CVE-2016-8622: URL unescape heap overflow via integer truncation
  CVE-2016-8623: Use-after-free via shared cookies
  CVE-2016-8624: invalid URL parsing with '#'
  CVE-2016-8625: IDNA 2003 makes curl use wrong host

To see complete log access link bellow:
  https://curl.haxx.se/changes.html#7_51_0

Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta/recipes-support/curl/curl_7.51.0.bb [moved from meta/recipes-support/curl/curl_7.50.1.bb with 94% similarity] diff | blob | history
Mirror of the official openembedded-core repository