git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

author	Yogita Urade <yogita.urade@windriver.com>
	Wed, 24 Sep 2025 08:26:56 +0000 (13:56 +0530)
committer	Steve Sakoman <steve@sakoman.com>
	Wed, 24 Sep 2025 14:08:08 +0000 (07:08 -0700)
commit	83420a408551688ebb298b88b16d2e384e9b7bfd
tree	850d9887c9a71502fcfc2495ec1afd1bfdfee854	tree
parent	95ab3c3e3745e7e0ca74760683e42ae7531b4199	commit \| diff

curl: fix CVE-2025-10148

curl's websocket code did not update the 32 bit mask pattern
for each new outgoing frame as the specification says. Instead
it used a fixed mask that persisted and was used throughout
the entire connection.

A predictable mask pattern allows for a malicious server to induce
traffic between the two communicating parties that could be
interpreted by an involved proxy (configured or transparent) as
genuine, real, HTTP traffic with content and thereby poison its
cache. That cached poisoned content could then be served to all
users of that proxy.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-10148

Upstream patch:
https://github.com/curl/curl/commit/84db7a9eae8468c0445b15aa806fa

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/recipes-support/curl/curl/CVE-2025-10148.patch	[new file with mode: 0644]	blob
meta/recipes-support/curl/curl_8.12.1.bb		diff \| blob \| blame \| history