[Buildroot] [PATCH] package/libcurl: security bump to version 7.64.0

Thomas Petazzoni thomas.petazzoni at bootlin.com
Wed Feb 6 19:33:00 UTC 2019


On Wed,  6 Feb 2019 17:54:35 +0100
Peter Korsgaard <peter at korsgaard.com> wrote:

> Fixes the following security issues:
> 
> CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
> https://curl.haxx.se/docs/CVE-2018-16890.html
> 
> CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
> https://curl.haxx.se/docs/CVE-2019-3822.html
> 
> CVE-2019-3823: SMTP end-of-response out-of-bounds read
> https://curl.haxx.se/docs/CVE-2019-3823.html
> 
> The copyright year changed in the COPYING file, so update the hash.
> 
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> ---
>  package/libcurl/libcurl.hash | 6 +++---
>  package/libcurl/libcurl.mk   | 2 +-
>  2 files changed, 4 insertions(+), 4 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com



More information about the buildroot mailing list