[OE-core] [PATCH 02/14] curl: upgrade 7.63.0 -> 7.64.0
Richard Purdie
richard.purdie at linuxfoundation.org
Thu Feb 21 12:41:18 UTC 2019
The license checksum changed as the copyright years changed.
Fixes:
- CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
- CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
- CVE-2019-3823: SMTP end-of-response out-of-bounds read
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
.../recipes-support/curl/{curl_7.63.0.bb => curl_7.64.0.bb} | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
rename meta/recipes-support/curl/{curl_7.63.0.bb => curl_7.64.0.bb} (93%)
diff --git a/meta/recipes-support/curl/curl_7.63.0.bb b/meta/recipes-support/curl/curl_7.64.0.bb
similarity index 93%
rename from meta/recipes-support/curl/curl_7.63.0.bb
rename to meta/recipes-support/curl/curl_7.64.0.bb
index f7557a2f46d..a1b5e7d5797 100644
--- a/meta/recipes-support/curl/curl_7.63.0.bb
+++ b/meta/recipes-support/curl/curl_7.64.0.bb
@@ -3,14 +3,14 @@ HOMEPAGE = "http://curl.haxx.se/"
BUGTRACKER = "http://curl.haxx.se/mail/list.cgi?list=curl-tracker"
SECTION = "console/network"
LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://COPYING;md5=ef889a37a5a874490ac7ce116396f29a"
+LIC_FILES_CHKSUM = "file://COPYING;md5=be5d9e1419c4363f4b32037a2d3b7ffa"
SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
file://0001-replace-krb5-config-with-pkg-config.patch \
"
-SRC_URI[md5sum] = "0a6c1e993bd5102bc52fc89900542644"
-SRC_URI[sha256sum] = "9bab7ed4ecff77020a312d84cc5fb7eb02d58419d218f267477a724a17fd8dd8"
+SRC_URI[md5sum] = "d0bcc586873cfef08b4b9594e5395a33"
+SRC_URI[sha256sum] = "d573ba1c2d1cf9d8533fadcce480d778417964e8d04ccddcc76e591d544cf2eb"
CVE_PRODUCT = "curl libcurl"
inherit autotools pkgconfig binconfig multilib_header
--
2.20.1
More information about the Openembedded-core
mailing list