NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

libcurl: security bump to version 7.62.0

Browse Source 
Fixes the following security issues:

CVE-2018-16839: SASL password overflow via integer overflow
https://curl.haxx.se/docs/CVE-2018-16839.html

CVE-2018-16840: use-after-free in handle close
https://curl.haxx.se/docs/CVE-2018-16840.html

CVE-2018-16842: warning message out-of-buffer read
https://curl.haxx.se/docs/CVE-2018-16842.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit is contained in:
Peter Korsgaard 2018-10-31 09:40:55 +01:00 committed by Thomas Petazzoni
parent 074ca5a45e
commit c1a01ac2f1
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/libcurl/libcurl.hash
View File

@ -1,5 +1,5 @@
# Locally calculated after checking pgp signature
# https://curl.haxx.se/download/curl-7.61.1.tar.xz.asc
# https://curl.haxx.se/download/curl-7.62.0.tar.xz.asc
# with key 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2
sha256 3d5913d6a39bd22e68e34dff697fd6e4c3c81563f580c76fca2009315cd81891 curl-7.61.1.tar.xz
sha256 dab5643a5fe775ae92570b9f3df6b0ef4bc2a827a959361fb130c73b721275c1 curl-7.62.0.tar.xz
sha256 5f3849ec38ddb927e79f514bf948890c41b8d1407286a49609b8fb1585931095 COPYING

2
package/libcurl/libcurl.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
LIBCURL_VERSION = 7.61.1
LIBCURL_VERSION = 7.62.0
LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz
LIBCURL_SITE = https://curl.haxx.se/download
LIBCURL_DEPENDENCIES = host-pkgconf \