projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 97a1f0d) | patch
package/libcurl: security bump to version 7.64.0
authorPeter Korsgaard <peter@korsgaard.com>
Wed, 6 Feb 2019 16:54:35 +0000 (17:54 +0100)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Wed, 6 Feb 2019 19:32:55 +0000 (20:32 +0100)
commite8a361b8d770683a7c9aa27c5921350df3d66422
tree8df442cdd9b5f3356d382b935c5eb02c273c5d3btree
parent97a1f0dd3f99442f33d48fe42e7ddbed1d75ee12commit | diff
package/libcurl: security bump to version 7.64.0

Fixes the following security issues:

CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
https://curl.haxx.se/docs/CVE-2018-16890.html

CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
https://curl.haxx.se/docs/CVE-2019-3822.html

CVE-2019-3823: SMTP end-of-response out-of-bounds read
https://curl.haxx.se/docs/CVE-2019-3823.html

The copyright year changed in the COPYING file, so update the hash.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/libcurl/libcurl.hash diff | blob | history
package/libcurl/libcurl.mk diff | blob | history