mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-08 05:09:24 +00:00
Code Issues Projects Releases Wiki Activity

curl: Update to version 7.51.0

Browse Source 
CVE fixed in 7.51.0:

  CVE-2016-8615: cookie injection for other servers
  CVE-2016-8616: case insensitive password comparison
  CVE-2016-8617: OOB write via unchecked multiplication
  CVE-2016-8618: double-free in curl_maprintf
  CVE-2016-8619: double-free in krb5 code
  CVE-2016-8620: glob parser write/read out of bounds
  CVE-2016-8621: curl_getdate read out of bounds
  CVE-2016-8622: URL unescape heap overflow via integer truncation
  CVE-2016-8623: Use-after-free via shared cookies
  CVE-2016-8624: invalid URL parsing with '#'
  CVE-2016-8625: IDNA 2003 makes curl use wrong host

To see complete log access link bellow:
  https://curl.haxx.se/changes.html#7_51_0

(From OE-Core rev: 0154ff997db8021f93e6ffe8f7a0627d7a1d9b89)

Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Fabio Berton
2016-11-03 18:41:58 -02:00
committed by Richard Purdie
parent 4229555e04
commit 0bb2d92e1c
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-support/curl/curl_7.50.1.bb → meta/recipes-support/curl/curl_7.51.0.bb
+2 -2
View File
@@ -14,8 +14,8 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
#
SRC_URI += " file://configure_ac.patch"
SRC_URI[md5sum] = "015f6a0217ca6f2c5442ca406476920b"
SRC_URI[sha256sum] = "3c12c5f54ccaa1d40abc65d672107dcc75d3e1fcb38c267484334280096e5156"
SRC_URI[md5sum] = "09a7c5769a7eae676d5e2c86d51f167e"
SRC_URI[sha256sum] = "7f8240048907e5030f67be0a6129bc4b333783b9cca1391026d700835a788dde"
inherit autotools pkgconfig binconfig multilib_header