From: Andre McCurdy <armccurdy@gmail.com>
Date: Thu, 28 Jan 2016 21:31:38 +0000 (-0800)
Subject: curl: update 7.46.0 -> 7.47.0 ( CVE-2016-0754 CVE-2016-0755 )
X-Git-Tag: 2016-4~1174
X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=6600190d7efb69dd5121b9ca082ad4c0dbc5e17e;p=openembedded-core.git

curl: update 7.46.0 -> 7.47.0 ( CVE-2016-0754 CVE-2016-0755 )

Full changelog: http://curl.haxx.se/changes.html#7_47_0
Security fixes: http://curl.haxx.se/docs/vulnerabilities.html

CVE-2016-0754 : remote file name path traversal in curl tool for Windows
CVE-2016-0755 : NTLM credentials not-checked for proxy connection re-use

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
---

diff --git a/meta/recipes-support/curl/curl_7.46.0.bb b/meta/recipes-support/curl/curl_7.47.0.bb
similarity index 93%
rename from meta/recipes-support/curl/curl_7.46.0.bb
rename to meta/recipes-support/curl/curl_7.47.0.bb
index f798886037..ab3c7e1e04 100644
--- a/meta/recipes-support/curl/curl_7.46.0.bb
+++ b/meta/recipes-support/curl/curl_7.47.0.bb
@@ -14,8 +14,8 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
 #
 SRC_URI += " file://configure_ac.patch"
 
-SRC_URI[md5sum] = "9979f989a2a9930d10f1b3deeabc2148"
-SRC_URI[sha256sum] = "b7d726cdd8ed4b6db0fa1b474a3c59ebbbe4dcd4c61ac5e7ade0e0270d3195ad"
+SRC_URI[md5sum] = "85c58a00412476993050cb242a3f365d"
+SRC_URI[sha256sum] = "2b096f9387fb9b2be08d17e518c62b6537b1f4d4bb59111d5b4fa0272f383f66"
 
 inherit autotools pkgconfig binconfig multilib_header