]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b451e3e) | patch
curl: update 7.46.0 -> 7.47.0 ( CVE-2016-0754 CVE-2016-0755 )
authorAndre McCurdy <armccurdy@gmail.com>
Thu, 28 Jan 2016 21:31:38 +0000 (13:31 -0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 29 Jan 2016 18:14:58 +0000 (18:14 +0000)
commit6600190d7efb69dd5121b9ca082ad4c0dbc5e17e
treeb7a6cd044bb76538ac19f7f15ccca95d47685ff1tree | snapshot
parentb451e3efc79d29c39c85f7da2dc75becf3fdf5a2commit | diff
curl: update 7.46.0 -> 7.47.0 ( CVE-2016-0754 CVE-2016-0755 )

Full changelog: http://curl.haxx.se/changes.html#7_47_0
Security fixes: http://curl.haxx.se/docs/vulnerabilities.html

CVE-2016-0754 : remote file name path traversal in curl tool for Windows
CVE-2016-0755 : NTLM credentials not-checked for proxy connection re-use

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta/recipes-support/curl/curl_7.47.0.bb [moved from meta/recipes-support/curl/curl_7.46.0.bb with 93% similarity] diff | blob | history
Mirror of the official openembedded-core repository