]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c89fea4) | patch
curl: Upgrade 8.6.0 -> 8.7.1
authorRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 8 Apr 2024 13:01:24 +0000 (14:01 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 8 Apr 2024 22:33:03 +0000 (23:33 +0100)
commit8e27b472d1bc872c6da2b22f57b30d36e231d745
treea3c9927c97d9b9e997b1e06a168fae4da051f912tree | snapshot
parentc89fea4ffb101e3d7079e126721b95fdf199b4aacommit | diff
curl: Upgrade 8.6.0 -> 8.7.1

This includes 4 security fixes:

CVE-2024-2466 - TLS certificate check bypass with mbedTLS
CVE-2024-2398 - HTTP/2 push headers memory-leak
CVE-2024-2379 - QUIC certificate check bypass with wolfSSL
CVE-2024-2004 - Usage of disabled protocol

Along with many other changes, mostly bugfixes: https://curl.se/changes.html

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/curl/curl/no-test-timeout.patch diff | blob | blame | history
meta/recipes-support/curl/curl_8.7.1.bb [moved from meta/recipes-support/curl/curl_8.6.0.bb with 98% similarity] diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib