[Buildroot] [PATCH] package/libcurl: security bump to version 7.64.0
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Wed Feb 6 19:33:00 UTC 2019
On Wed, 6 Feb 2019 17:54:35 +0100
Peter Korsgaard <peter at korsgaard.com> wrote:
> Fixes the following security issues:
>
> CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
> https://curl.haxx.se/docs/CVE-2018-16890.html
>
> CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
> https://curl.haxx.se/docs/CVE-2019-3822.html
>
> CVE-2019-3823: SMTP end-of-response out-of-bounds read
> https://curl.haxx.se/docs/CVE-2019-3823.html
>
> The copyright year changed in the COPYING file, so update the hash.
>
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> ---
> package/libcurl/libcurl.hash | 6 +++---
> package/libcurl/libcurl.mk | 2 +-
> 2 files changed, 4 insertions(+), 4 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list