libcurl: security bump to version 7.58.0
Fixes CVE-2018-1000007: libcurl might leak authentication data to third parties. https://curl.haxx.se/docs/adv_2018-b3bf.html Fixes CVE-2018-1000005: libcurl contains an out bounds read in code handling HTTP/2 trailers. https://curl.haxx.se/docs/adv_2018-824a.html Update license hash due to copyright year change. [Peter: also add CVE-2018-1000005 reference] Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
parent
67170b76af
commit
e02dd5a492
@ -1,4 +1,4 @@
|
||||
# Locally calculated after checking pgp signature
|
||||
# https://curl.haxx.se/download/curl-7.57.0.tar.xz.asc
|
||||
sha256 f5f6fd3c72b7b8389969f4fb671ed8532fa9b5bb7a5cae7ca89bc1cea45c7878 curl-7.57.0.tar.xz
|
||||
sha256 cbcf511f5702f7baf5424193a792bc9c18fab22bcbec2e6a587598389dc632c2 COPYING
|
||||
# https://curl.haxx.se/download/curl-7.58.0.tar.xz.asc
|
||||
sha256 6a813875243609eb75f37fa72044e4ad618b55ec15a4eafdac2df6a7e800e3e3 curl-7.58.0.tar.xz
|
||||
sha256 5f3849ec38ddb927e79f514bf948890c41b8d1407286a49609b8fb1585931095 COPYING
|
||||
|
@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
LIBCURL_VERSION = 7.57.0
|
||||
LIBCURL_VERSION = 7.58.0
|
||||
LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz
|
||||
LIBCURL_SITE = https://curl.haxx.se/download
|
||||
LIBCURL_DEPENDENCIES = host-pkgconf \
|
||||
|
Loading…
Reference in New Issue
Block a user