[prev in list] [next in list] [prev in thread] [next in thread]
List: crux
Subject: ports/core (3.2): [notify] curl: updated to 7.51.0
From: crux () crux ! nu
Date: 2016-11-02 8:02:18
Message-ID: 20161102080218.46914E9919 () crux ! nu
[Download RAW message or body]
commit 53c6722a1e80512a1876b0629179ae54033cc8a9
Author: Fredrik Rinnestam <fredrik@crux.nu>
Date: Wed Nov 2 09:02:09 2016 +0100
[notify] curl: updated to 7.51.0
Resolves:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
https://curl.haxx.se/changes.html
diff --git a/curl/.footprint b/curl/.footprint
index 3c35548..5cb0c9c 100644
--- a/curl/.footprint
+++ b/curl/.footprint
@@ -176,6 +176,7 @@ drwxr-xr-x root/root usr/share/man/man3/
-rw-r--r-- root/root usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3.gz
-rw-r--r-- root/root usr/share/man/man3/CURLOPT_IPRESOLVE.3.gz
-rw-r--r-- root/root usr/share/man/man3/CURLOPT_ISSUERCERT.3.gz
+-rw-r--r-- root/root usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3.gz
-rw-r--r-- root/root usr/share/man/man3/CURLOPT_KEYPASSWD.3.gz
-rw-r--r-- root/root usr/share/man/man3/CURLOPT_KRBLEVEL.3.gz
-rw-r--r-- root/root usr/share/man/man3/CURLOPT_LOCALPORT.3.gz
diff --git a/curl/.md5sum b/curl/.md5sum
index 55ec8da..a427d2d 100644
--- a/curl/.md5sum
+++ b/curl/.md5sum
@@ -1 +1 @@
-6080c1eb3e72d5da6c892ba72a074ad2 curl-7.50.3.tar.lzma
+0f876ef6d5776d96b08510461d57db1b curl-7.51.0.tar.lzma
diff --git a/curl/Pkgfile b/curl/Pkgfile
index 1c90291..6ca674a 100644
--- a/curl/Pkgfile
+++ b/curl/Pkgfile
@@ -4,7 +4,7 @@
# Depends on: openssl, zlib
name=curl
-version=7.50.3
+version=7.51.0
release=1
source=(http://curl.haxx.se/download/$name-$version.tar.lzma)
_______________________________________________
CRUX mailing list
CRUX@lists.crux.nu
https://lists.crux.nu/mailman/listinfo/crux
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic