[oe-commits] [openembedded-core] 06/53: curl: upgrade 7.63.0 -> 7.64.0

git at git.openembedded.org git at git.openembedded.org
Sat Feb 23 07:46:27 UTC 2019 

This is an automated email from the git hooks/post-receive script.

rpurdie pushed a commit to branch master-next
in repository openembedded-core.

commit 397afb1f4d862e11c78a857d1a184856d5b7f024
Author: Richard Purdie <richard.purdie at linuxfoundation.org>
AuthorDate: Mon Feb 18 08:21:58 2019 -0800

    curl: upgrade 7.63.0 -> 7.64.0
    
    The license checksum changed as the copyright years changed.
    
    Fixes:
     - CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
     - CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
     - CVE-2019-3823: SMTP end-of-response out-of-bounds read
    
    Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
 meta/recipes-support/curl/{curl_7.63.0.bb => curl_7.64.0.bb} | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-support/curl/curl_7.63.0.bb b/meta/recipes-support/curl/curl_7.64.0.bb
similarity index 93%
rename from meta/recipes-support/curl/curl_7.63.0.bb
rename to meta/recipes-support/curl/curl_7.64.0.bb
index f7557a2..a1b5e7d 100644
--- a/meta/recipes-support/curl/curl_7.63.0.bb
+++ b/meta/recipes-support/curl/curl_7.64.0.bb
@@ -3,14 +3,14 @@ HOMEPAGE = "http://curl.haxx.se/"
 BUGTRACKER = "http://curl.haxx.se/mail/list.cgi?list=curl-tracker"
 SECTION = "console/network"
 LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://COPYING;md5=ef889a37a5a874490ac7ce116396f29a"
+LIC_FILES_CHKSUM = "file://COPYING;md5=be5d9e1419c4363f4b32037a2d3b7ffa"
 
 SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
            file://0001-replace-krb5-config-with-pkg-config.patch \
 "
 
-SRC_URI[md5sum] = "0a6c1e993bd5102bc52fc89900542644"
-SRC_URI[sha256sum] = "9bab7ed4ecff77020a312d84cc5fb7eb02d58419d218f267477a724a17fd8dd8"
+SRC_URI[md5sum] = "d0bcc586873cfef08b4b9594e5395a33"
+SRC_URI[sha256sum] = "d573ba1c2d1cf9d8533fadcce480d778417964e8d04ccddcc76e591d544cf2eb"
 
 CVE_PRODUCT = "curl libcurl"
 inherit autotools pkgconfig binconfig multilib_header

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the Openembedded-commits mailing list