]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 3ad272b) | patch
curl: fix CVE-2020-8231/8284/8285/8286
authorLee Chee Yang <chee.yang.lee@intel.com>
Wed, 13 Jan 2021 09:29:35 +0000 (17:29 +0800)
committerSteve Sakoman <steve@sakoman.com>
Tue, 19 Jan 2021 14:22:10 +0000 (04:22 -1000)
commit16ec5dea53d24cc1449d173912c1056c873fa98d
tree366fd1412cf7458716af2fa5049c0f3db070d2e3tree | snapshot
parent3ad272ba25c4eba063f372f3bf8c1d3e94e2a966commit | diff
curl: fix CVE-2020-8231/8284/8285/8286

backport CVE-2020-8284 fixes from upstream, but drop
binary file tests/data/test1465.

upstream fixes for CVE-2020-8231, CVE-2020-8285 and CVE-2020-8286
does not applies cleanly to 7.69.1, fedora have working patch
hence import patch from Fedora.
https://koji.fedoraproject.org/koji/rpminfo?rpmID=24270817

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-support/curl/curl/CVE-2020-8231.patch [new file with mode: 0644] blob
meta/recipes-support/curl/curl/CVE-2020-8284.patch [new file with mode: 0644] blob
meta/recipes-support/curl/curl/CVE-2020-8285.patch [new file with mode: 0644] blob
meta/recipes-support/curl/curl/CVE-2020-8286.patch [new file with mode: 0644] blob
meta/recipes-support/curl/curl_7.69.1.bb diff | blob | history
Mirror of the official openembedded-core repository