From 0154ff997db8021f93e6ffe8f7a0627d7a1d9b89 Mon Sep 17 00:00:00 2001 From: Fabio Berton Date: Thu, 3 Nov 2016 18:41:58 -0200 Subject: [PATCH] curl: Update to version 7.51.0 CVE fixed in 7.51.0: CVE-2016-8615: cookie injection for other servers CVE-2016-8616: case insensitive password comparison CVE-2016-8617: OOB write via unchecked multiplication CVE-2016-8618: double-free in curl_maprintf CVE-2016-8619: double-free in krb5 code CVE-2016-8620: glob parser write/read out of bounds CVE-2016-8621: curl_getdate read out of bounds CVE-2016-8622: URL unescape heap overflow via integer truncation CVE-2016-8623: Use-after-free via shared cookies CVE-2016-8624: invalid URL parsing with '#' CVE-2016-8625: IDNA 2003 makes curl use wrong host To see complete log access link bellow: https://curl.haxx.se/changes.html#7_51_0 Signed-off-by: Fabio Berton Signed-off-by: Ross Burton --- meta/recipes-support/curl/{curl_7.50.1.bb => curl_7.51.0.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-support/curl/{curl_7.50.1.bb => curl_7.51.0.bb} (94%) diff --git a/meta/recipes-support/curl/curl_7.50.1.bb b/meta/recipes-support/curl/curl_7.51.0.bb similarity index 94% rename from meta/recipes-support/curl/curl_7.50.1.bb rename to meta/recipes-support/curl/curl_7.51.0.bb index a21419a4d8..e1a996bbeb 100644 --- a/meta/recipes-support/curl/curl_7.50.1.bb +++ b/meta/recipes-support/curl/curl_7.51.0.bb @@ -14,8 +14,8 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ # SRC_URI += " file://configure_ac.patch" -SRC_URI[md5sum] = "015f6a0217ca6f2c5442ca406476920b" -SRC_URI[sha256sum] = "3c12c5f54ccaa1d40abc65d672107dcc75d3e1fcb38c267484334280096e5156" +SRC_URI[md5sum] = "09a7c5769a7eae676d5e2c86d51f167e" +SRC_URI[sha256sum] = "7f8240048907e5030f67be0a6129bc4b333783b9cca1391026d700835a788dde" inherit autotools pkgconfig binconfig multilib_header -- 2.40.1