NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f544f572c7
kumquat-buildroot/package/libcurl
History
Peter Korsgaard 7d68013a8a package/libcurl: security bump to version 7.77.0 
Fixes the following security issues:

- CVE-2021-22897: schannel cipher selection surprise
  https://curl.se/docs/CVE-2021-22897.html

- CVE-2021-22898: TELNET stack contents disclosure
  https://curl.se/docs/CVE-2021-22898.html

- CVE-2021-22901: TLS session caching disaster
  https://curl.se/docs/CVE-2021-22901.html

Unconditionally disable the ldap(s) options.  These require external
libraries, but the options were ignored if the needed libraries weren't
available. This is now changed to be a fatal error since

dae382a1a1

Additionally, add a post-7.77.0 upstream patch to fix compilation with
bearssl.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: annotate the patch, that it is a backport]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit eae15d62c6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-09 23:17:35 +02:00
..
0001-bearssl-remove-incorrect-const-on-variable-that-is-m.patch package/libcurl: security bump to version 7.77.0 2021-06-09 23:17:35 +02:00
Config.in
libcurl.hash package/libcurl: security bump to version 7.77.0 2021-06-09 23:17:35 +02:00
libcurl.mk package/libcurl: security bump to version 7.77.0 2021-06-09 23:17:35 +02:00