]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 742eca9) | patch
curl: upgrade 8.12.1 -> 8.14.1
authorPeter Marko <peter.marko@siemens.com>
Sat, 7 Jun 2025 21:34:17 +0000 (23:34 +0200)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 9 Jun 2025 16:43:20 +0000 (17:43 +0100)
commitd990ee6c49e3fcf969e54688397d47f0d0892ba1
tree217ee082a706ed742f854be203e9fb621d622ff8tree | snapshot
parent742eca9cb56ab4ad10534181d28de1fdf3880b9fcommit | diff
curl: upgrade 8.12.1 -> 8.14.1

Handle CVE-2025-4947 and CVE-2025-5025.

CVE-2025-5399 fixed in 8.14.1 was introduced only in 8.13.0, so Yocto
never had version vulnerable to it.

Rebase patches.

Add openssl-native dependency fo ptest to fix following error:

    Missing or broken 'openssl' tool. openssl 1.0.2+ is required.
    Without it, this script cannot generate the necessary certificates
    the curl test suite needs for all its TLS related tests. at
    ../../../curl-8.14.0/tests/certs/genserv.pl line 33.

Install curlinfo for tests required since 8.14.0
https://github.com/curl/curl/commit/7a1211d474afd4e36bfb39f2b870a418bce42138

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/curl/curl/no-test-timeout.patch diff | blob | blame | history
meta/recipes-support/curl/curl_8.14.1.bb [moved from meta/recipes-support/curl/curl_8.12.1.bb with 95% similarity] diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib