NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/libcurl: security bump version to 7.87.0

Browse Source 
Fixes the following security issues:

- CVE-2022-43551: Another HSTS bypass via IDN
  https://curl.se/docs/CVE-2022-43551.html

- CVE-2022-43552: HTTP Proxy deny use-after-free
  https://curl.se/docs/CVE-2022-43552.html

Changelog: https://curl.se/changes.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Bernd Kuhls 2022-12-21 22:07:04 +01:00 committed by Peter Korsgaard
parent d18176396a
commit 3b91fd7501
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/libcurl/libcurl.hash
View File

@ -1,5 +1,5 @@
# Locally calculated after checking pgp signature
# https://curl.se/download/curl-7.84.0.tar.xz.asc
# https://curl.se/download/curl-7.87.0.tar.xz.asc
# signed with key 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2
sha256 2d61116e5f485581f6d59865377df4463f2e788677ac43222b496d4e49fb627b curl-7.86.0.tar.xz
sha256 ee5f1a1955b0ed413435ef79db28b834ea5f0fb7c8cfb1ce47175cc3bee08fff curl-7.87.0.tar.xz
sha256 321b1a09ebc30410f2e837c072e5521cf7095b757193af4a7dae1086e36ed31a COPYING

2
package/libcurl/libcurl.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
LIBCURL_VERSION = 7.86.0
LIBCURL_VERSION = 7.87.0
LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz
LIBCURL_SITE = https://curl.se/download
LIBCURL_DEPENDENCIES = host-pkgconf \