curl: Drop CVE patches

The CVEs have been fixed in upstream poky/rocko.

Signed-off-by: Martin Borg <martin.borg@enea.com>

5 files changed, 1 insertions, 712 deletions

diff --git a/recipes-support/curl/curl/CVE-2017-1000254.patch b/recipes-support/curl/curl/CVE-2017-1000254.patch
deleted file mode 100644
index d37b859..0000000
--- a/recipes-support/curl/curl/CVE-2017-1000254.patch
+++ /dev/null
@@ -1,139 +0,0 @@
-From f3be14cc3f3c56f612a0ffe1706fca14fe9eaf53 Mon Sep 17 00:00:00 2001
-From: Sona Sarmadi <sona.sarmadi@enea.com>
-Date: Mon, 4 Dec 2017 09:38:43 +0100
-Subject: [PATCH] curl: fix for CVE-2017-1000254
-
-FTP: zero terminate the entry path even on bad input
-
-... a single double quote could leave the entry path buffer without a zero
-terminating byte.
-
-CVE: CVE-2017-1000254
-Upstream-Status: Backport [https://curl.haxx.se/CVE-2017-1000254.patch]
-
-Test 1152 added to verify.
-
-Reported-by: Max Dymond
-Bug: https://curl.haxx.se/docs/adv_20171004.html
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
----
- lib/ftp.c               |  7 ++++--
- tests/data/Makefile.inc |  1 +
- tests/data/test1152     | 61 +++++++++++++++++++++++++++++++++++++++++++++++++
- 3 files changed, 67 insertions(+), 2 deletions(-)
- create mode 100644 tests/data/test1152
-
-diff --git a/lib/ftp.c b/lib/ftp.c
-index aa4d5ac..cab3699 100644
---- a/lib/ftp.c
-+++ b/lib/ftp.c
-@@ -2826,6 +2826,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
-         const size_t buf_size = CURL_BUFSIZE(data->set.buffer_size);
-         char *dir;
-         char *store;
-+        bool entry_extracted = FALSE;
- 
-         dir = malloc(nread + 1);
-         if(!dir)
-@@ -2857,7 +2858,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
-               }
-               else {
-                 /* end of path */
--                *store = '\0'; /* zero terminate */
-+                entry_extracted = TRUE;
-                 break; /* get out of this loop */
-               }
-             }
-@@ -2866,7 +2867,9 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
-             store++;
-             ptr++;
-           }
--
-+          *store = '\0'; /* zero terminate */
-+        }
-+        if(entry_extracted) {
-           /* If the path name does not look like an absolute path (i.e.: it
-              does not start with a '/'), we probably need some server-dependent
-              adjustments. For example, this is the case when connecting to
-diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
-index 8251ab9..01ad40d 100644
---- a/tests/data/Makefile.inc
-+++ b/tests/data/Makefile.inc
-@@ -121,6 +121,7 @@ test1120 test1121 test1122 test1123 test1124 test1125 test1126 test1127 \
- test1128 test1129 test1130 test1131 test1132 test1133 test1134 test1135 \
- test1136 test1137 test1138 test1139 test1140 test1141 test1142 test1143 \
- test1144 test1145 test1146 \
-+test1152 \
- test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
- test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \
- test1216 test1217 test1218 test1219 \
-diff --git a/tests/data/test1152 b/tests/data/test1152
-new file mode 100644
-index 0000000..c55739d
---- /dev/null
-+++ b/tests/data/test1152
-@@ -0,0 +1,61 @@
-+<testcase>
-+<info>
-+<keywords>
-+FTP
-+PASV
-+LIST
-+</keywords>
-+</info>
-+#
-+# Server-side
-+<reply>
-+<servercmd>
-+REPLY PWD 257 "just one
-+</servercmd>
-+
-+# When doing LIST, we get the default list output hard-coded in the test
-+# FTP server
-+<data mode="text">
-+total 20
-+drwxr-xr-x   8 98       98           512 Oct 22 13:06 .
-+drwxr-xr-x   8 98       98           512 Oct 22 13:06 ..
-+drwxr-xr-x   2 98       98           512 May  2  1996 curl-releases
-+-r--r--r--   1 0        1             35 Jul 16  1996 README
-+lrwxrwxrwx   1 0        1              7 Dec  9  1999 bin -> usr/bin
-+dr-xr-xr-x   2 0        1            512 Oct  1  1997 dev
-+drwxrwxrwx   2 98       98           512 May 29 16:04 download.html
-+dr-xr-xr-x   2 0        1            512 Nov 30  1995 etc
-+drwxrwxrwx   2 98       1            512 Oct 30 14:33 pub
-+dr-xr-xr-x   5 0        1            512 Oct  1  1997 usr
-+</data>
-+</reply>
-+
-+#
-+# Client-side
-+<client>
-+<server>
-+ftp
-+</server>
-+ <name>
-+FTP with uneven quote in PWD response
-+ </name>
-+ <command>
-+ftp://%HOSTIP:%FTPPORT/test-1152/
-+</command>
-+</client>
-+
-+#
-+# Verify data after the test has been "shot"
-+<verify>
-+<protocol>
-+USER anonymous
-+PASS ftp@example.com
-+PWD
-+CWD test-1152
-+EPSV
-+TYPE A
-+LIST
-+QUIT
-+</protocol>
-+</verify>
-+</testcase>
--- 
-1.9.1
-
diff --git a/recipes-support/curl/curl/CVE-2017-7407.patch b/recipes-support/curl/curl/CVE-2017-7407.patch
deleted file mode 100644
index 6dbe71c..0000000
--- a/recipes-support/curl/curl/CVE-2017-7407.patch
+++ /dev/null
@@ -1,200 +0,0 @@
-From 6019f1795b4e3b72507b84b0e02dc8c32024f562 Mon Sep 17 00:00:00 2001
-From: Dan Fandrich <dan@coneharvesters.com>
-Date: Sat, 11 Mar 2017 10:59:34 +0100
-Subject: [PATCH] CVE-2017-7407: fixed
-
-Bug: https://curl.haxx.se/docs/adv_20170403.html
-
-CVE: CVE-2017-7407
-Upstream-Status: Backport [https://curl.haxx.se/CVE-2017-7407.patch]
-
-Reported-by: Brian Carpenter
----
- src/tool_writeout.c     |  6 +++---
- tests/data/Makefile.inc |  2 +-
- tests/data/test1440     | 31 +++++++++++++++++++++++++++++++
- tests/data/test1441     | 31 +++++++++++++++++++++++++++++++
- tests/data/test1442     | 35 +++++++++++++++++++++++++++++++++++
- 5 files changed, 101 insertions(+), 4 deletions(-)
- create mode 100644 tests/data/test1440
- create mode 100644 tests/data/test1441
- create mode 100644 tests/data/test1442
-
-diff --git a/src/tool_writeout.c b/src/tool_writeout.c
-index 2fb77742a..5d92bd278 100644
---- a/src/tool_writeout.c
-+++ b/src/tool_writeout.c
-@@ -3,11 +3,11 @@
-  *  Project                     ___| | | |  _ \| |
-  *                             / __| | | | |_) | |
-  *                            | (__| |_| |  _ <| |___
-  *                             \___|\___/|_| \_\_____|
-  *
-- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
-+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
-  *
-  * This software is licensed as described in the file COPYING, which
-  * you should have received as part of this distribution. The terms
-  * are also available at https://curl.haxx.se/docs/copyright.html.
-  *
-@@ -111,11 +111,11 @@ void ourWriteOut(CURL *curl, struct OutStruct *outs, const char *writeinfo)
-   char *stringp = NULL;
-   long longinfo;
-   double doubleinfo;
- 
-   while(ptr && *ptr) {
--    if('%' == *ptr) {
-+    if('%' == *ptr && ptr[1]) {
-       if('%' == ptr[1]) {
-         /* an escaped %-letter */
-         fputc('%', stream);
-         ptr += 2;
-       }
-@@ -339,11 +339,11 @@ void ourWriteOut(CURL *curl, struct OutStruct *outs, const char *writeinfo)
-           fputc(ptr[1], stream);
-           ptr += 2;
-         }
-       }
-     }
--    else if('\\' == *ptr) {
-+    else if('\\' == *ptr && ptr[1]) {
-       switch(ptr[1]) {
-       case 'r':
-         fputc('\r', stream);
-         break;
-       case 'n':
-diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
-index 8251ab9a4..267ff6aef 100644
---- a/tests/data/Makefile.inc
-+++ b/tests/data/Makefile.inc
-@@ -149,11 +149,11 @@ test1396 test1397 test1398 \
- test1400 test1401 test1402 test1403 test1404 test1405 test1406 test1407 \
- test1408 test1409 test1410 test1411 test1412 test1413 test1414 test1415 \
- test1416 test1417 test1418 test1419 test1420 test1421 test1422 test1423 \
- test1424 \
- test1428 test1429 test1430 test1431 test1432 test1433 test1434 test1435 \
--test1436 test1437 test1438 test1439 \
-+test1436 test1437 test1438 test1439 test1440 test1441 test1442 \
- \
- test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
- test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \
- test1516 test1517 \
- \
-diff --git a/tests/data/test1440 b/tests/data/test1440
-new file mode 100644
-index 000000000..7ed0c4d5f
---- /dev/null
-+++ b/tests/data/test1440
-@@ -0,0 +1,31 @@
-+<testcase>
-+<info>
-+<keywords>
-+--write-out
-+</keywords>
-+</info>
-+# Server-side
-+<reply>
-+</reply>
-+
-+# Client-side
-+<client>
-+<server>
-+file
-+</server>
-+
-+<name>
-+Check --write-out with trailing %{
-+</name>
-+<command>
-+file://localhost/%PWD/log/ --write-out '%{'
-+</command>
-+</client>
-+
-+# Verify data
-+<verify>
-+<stdout nonewline="yes">
-+%{
-+</stdout>
-+</verify>
-+</testcase>
-diff --git a/tests/data/test1441 b/tests/data/test1441
-new file mode 100644
-index 000000000..6e253a690
---- /dev/null
-+++ b/tests/data/test1441
-@@ -0,0 +1,31 @@
-+<testcase>
-+<info>
-+<keywords>
-+--write-out
-+</keywords>
-+</info>
-+# Server-side
-+<reply>
-+</reply>
-+
-+# Client-side
-+<client>
-+<server>
-+file
-+</server>
-+
-+<name>
-+Check --write-out with trailing %
-+</name>
-+<command>
-+file://localhost/%PWD/log/ --write-out '%'
-+</command>
-+</client>
-+
-+# Verify data
-+<verify>
-+<stdout nonewline="yes">
-+%
-+</stdout>
-+</verify>
-+</testcase>
-diff --git a/tests/data/test1442 b/tests/data/test1442
-new file mode 100644
-index 000000000..255a4c9ff
---- /dev/null
-+++ b/tests/data/test1442
-@@ -0,0 +1,35 @@
-+<testcase>
-+<info>
-+<keywords>
-+--write-out
-+FILE
-+</keywords>
-+</info>
-+# Server-side
-+<reply>
-+</reply>
-+
-+# Client-side
-+<client>
-+<server>
-+file
-+</server>
-+
-+<name>
-+Check --write-out with trailing \
-+</name>
-+<command>
-+file://localhost/%PWD/log/non-existent-file.txt --write-out '\'
-+</command>
-+</client>
-+
-+# Verify data
-+<verify>
-+<errorcode>
-+37
-+</errorcode>
-+<stdout nonewline="yes">
-+\
-+</stdout>
-+</verify>
-+</testcase>
--- 
-2.11.0
-
diff --git a/recipes-support/curl/curl/CVE-2017-7468.patch b/recipes-support/curl/curl/CVE-2017-7468.patch
deleted file mode 100644
index 184ed51..0000000
--- a/recipes-support/curl/curl/CVE-2017-7468.patch
+++ /dev/null
@@ -1,299 +0,0 @@
-From 33cfcfd9f0378625d3bddbd2c8ac5aad4b646f26 Mon Sep 17 00:00:00 2001
-From: Jay Satiro <raysatiro@yahoo.com>
-Date: Wed, 22 Mar 2017 01:59:49 -0400
-Subject: [PATCH] TLS: Fix switching off SSL session id when client cert is
- used
-
-Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl
-will each have their own sessionid flag.
-
-Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that
-this issue had been fixed in 247d890, CVE-2016-5419.
-
-Bug: https://github.com/curl/curl/issues/1341
-Reported-by: lijian996@users.noreply.github.com
-
-CVE: CVE-2017-7468
-Upstream-Status: Backport [backport from curl-7_54_1]
-
-The new incarnation of this bug is called CVE-2017-7468 and is documented
-here: https://curl.haxx.se/docs/adv_20170419.html
-
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
----
- lib/url.c            | 5 +++--
- lib/urldata.h        | 2 +-
- lib/vtls/axtls.c     | 4 ++--
- lib/vtls/cyassl.c    | 4 ++--
- lib/vtls/darwinssl.c | 2 +-
- lib/vtls/gtls.c      | 4 ++--
- lib/vtls/mbedtls.c   | 4 ++--
- lib/vtls/nss.c       | 2 +-
- lib/vtls/openssl.c   | 4 ++--
- lib/vtls/polarssl.c  | 4 ++--
- lib/vtls/schannel.c  | 4 ++--
- lib/vtls/vtls.c      | 9 ++++++---
- 12 files changed, 26 insertions(+), 22 deletions(-)
-
-diff --git a/lib/url.c b/lib/url.c
-index 4609f4f..caa28f5 100644
---- a/lib/url.c
-+++ b/lib/url.c
-@@ -546,7 +546,7 @@ CURLcode Curl_init_userdefined(struct UserDefined *set)
- #endif
-   set->ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
-                                                       type */
--  set->general_ssl.sessionid = TRUE; /* session ID caching enabled by
-+  set->ssl.primary.sessionid = TRUE; /* session ID caching enabled by
-                                         default */
-   set->proxy_ssl = set->ssl;
- 
-@@ -2499,8 +2499,9 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
-     break;
- 
-   case CURLOPT_SSL_SESSIONID_CACHE:
--    data->set.general_ssl.sessionid = (0 != va_arg(param, long)) ?
-+    data->set.ssl.primary.sessionid = (0 != va_arg(param, long)) ?
-                                       TRUE : FALSE;
-+    data->set.proxy_ssl.primary.sessionid = data->set.ssl.primary.sessionid;
-     break;
- 
- #ifdef USE_LIBSSH2
-diff --git a/lib/urldata.h b/lib/urldata.h
-index bd7d25d..3c94553 100644
---- a/lib/urldata.h
-+++ b/lib/urldata.h
-@@ -360,6 +360,7 @@ struct ssl_primary_config {
-   char *random_file;     /* path to file containing "random" data */
-   char *egdsocket;       /* path to file containing the EGD daemon socket */
-   char *cipher_list;     /* list of ciphers to use */
-+  bool sessionid;        /* cache session IDs or not */
- };
- 
- struct ssl_config_data {
-@@ -389,7 +390,6 @@ struct ssl_config_data {
- };
- 
- struct ssl_general_config {
--  bool sessionid; /* cache session IDs or not */
-   size_t max_ssl_sessions; /* SSL session id cache size */
- };
- 
-diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c
-index af01fe3..f0e3766 100644
---- a/lib/vtls/axtls.c
-+++ b/lib/vtls/axtls.c
-@@ -262,7 +262,7 @@ static CURLcode connect_prep(struct connectdata *conn, int sockindex)
-    * 2) setting up callbacks.  these seem gnutls specific
-    */
- 
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     const uint8_t *ssl_sessionid;
-     size_t ssl_idsize;
- 
-@@ -392,7 +392,7 @@ static CURLcode connect_finish(struct connectdata *conn, int sockindex)
-   conn->send[sockindex] = axtls_send;
- 
-   /* Put our freshly minted SSL session in cache */
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     const uint8_t *ssl_sessionid = ssl_get_session_id(ssl);
-     size_t ssl_idsize = ssl_get_session_id_size(ssl);
-     Curl_ssl_sessionid_lock(conn);
-diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
-index 2dfd79d..5f51ad5 100644
---- a/lib/vtls/cyassl.c
-+++ b/lib/vtls/cyassl.c
-@@ -398,7 +398,7 @@ cyassl_connect_step1(struct connectdata *conn,
- #endif /* HAVE_ALPN */
- 
-   /* Check if there's a cached ID we can/should use here! */
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     void *ssl_sessionid = NULL;
- 
-     Curl_ssl_sessionid_lock(conn);
-@@ -618,7 +618,7 @@ cyassl_connect_step3(struct connectdata *conn,
- 
-   DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
- 
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     bool incache;
-     SSL_SESSION *our_ssl_sessionid;
-     void *old_ssl_sessionid = NULL;
-diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
-index f8697cc..5533dfe 100644
---- a/lib/vtls/darwinssl.c
-+++ b/lib/vtls/darwinssl.c
-@@ -1644,7 +1644,7 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
- #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */
- 
-   /* Check if there's a cached ID we can/should use here! */
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     char *ssl_sessionid;
-     size_t ssl_sessionid_len;
- 
-diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
-index 51a5aa8..0230778 100644
---- a/lib/vtls/gtls.c
-+++ b/lib/vtls/gtls.c
-@@ -873,7 +873,7 @@ gtls_connect_step1(struct connectdata *conn,
- 
-   /* This might be a reconnect, so we check for a session ID in the cache
-      to speed up things */
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     void *ssl_sessionid;
-     size_t ssl_idsize;
- 
-@@ -1404,7 +1404,7 @@ gtls_connect_step3(struct connectdata *conn,
-   conn->recv[sockindex] = gtls_recv;
-   conn->send[sockindex] = gtls_send;
- 
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     /* we always unconditionally get the session id here, as even if we
-        already got it from the cache and asked to use it in the connection, it
-        might've been rejected and then a new one is in use now and we need to
-diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
-index edf30db..3ffa957 100644
---- a/lib/vtls/mbedtls.c
-+++ b/lib/vtls/mbedtls.c
-@@ -430,7 +430,7 @@ mbed_connect_step1(struct connectdata *conn,
- #endif
- 
-   /* Check if there's a cached ID we can/should use here! */
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     void *old_session = NULL;
- 
-     Curl_ssl_sessionid_lock(conn);
-@@ -684,7 +684,7 @@ mbed_connect_step3(struct connectdata *conn,
- 
-   DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
- 
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     int ret;
-     mbedtls_ssl_session *our_ssl_sessionid;
-     void *old_ssl_sessionid = NULL;
-diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
-index 1d7047a..4898511 100644
---- a/lib/vtls/nss.c
-+++ b/lib/vtls/nss.c
-@@ -1720,7 +1720,7 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
-     goto error;
- 
-   /* do not use SSL cache if disabled or we are not going to verify peer */
--  ssl_no_cache = (data->set.general_ssl.sessionid
-+  ssl_no_cache = (SSL_SET_OPTION(primary.sessionid)
-                   && SSL_CONN_CONFIG(verifypeer)) ? PR_FALSE : PR_TRUE;
-   if(SSL_OptionSet(model, SSL_NO_CACHE, ssl_no_cache) != SECSuccess)
-     goto error;
-diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
-index ee07615..58a014a 100644
---- a/lib/vtls/openssl.c
-+++ b/lib/vtls/openssl.c
-@@ -2235,7 +2235,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
- #endif
- 
-   /* Check if there's a cached ID we can/should use here! */
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     void *ssl_sessionid = NULL;
- 
-     Curl_ssl_sessionid_lock(conn);
-@@ -2965,7 +2965,7 @@ static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex)
- 
-   DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
- 
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     bool incache;
-     SSL_SESSION *our_ssl_sessionid;
-     void *old_ssl_sessionid = NULL;
-diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
-index e6ad525..669091c 100644
---- a/lib/vtls/polarssl.c
-+++ b/lib/vtls/polarssl.c
-@@ -375,7 +375,7 @@ polarssl_connect_step1(struct connectdata *conn,
-   ssl_set_ciphersuites(&connssl->ssl, ssl_list_ciphersuites());
- 
-   /* Check if there's a cached ID we can/should use here! */
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     void *old_session = NULL;
- 
-     Curl_ssl_sessionid_lock(conn);
-@@ -603,7 +603,7 @@ polarssl_connect_step3(struct connectdata *conn,
- 
-   DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
- 
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     int ret;
-     ssl_session *our_ssl_sessionid;
-     void *old_ssl_sessionid = NULL;
-diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
-index e0fb2d5..c9b5132 100644
---- a/lib/vtls/schannel.c
-+++ b/lib/vtls/schannel.c
-@@ -188,7 +188,7 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
-   connssl->cred = NULL;
- 
-   /* check for an existing re-usable credential handle */
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     Curl_ssl_sessionid_lock(conn);
-     if(!Curl_ssl_getsessionid(conn, (void **)&old_cred, NULL, sockindex)) {
-       connssl->cred = old_cred;
-@@ -757,7 +757,7 @@ schannel_connect_step3(struct connectdata *conn, int sockindex)
- #endif
- 
-   /* save the current session data for possible re-use */
--  if(data->set.general_ssl.sessionid) {
-+  if(SSL_SET_OPTION(primary.sessionid)) {
-     bool incache;
-     struct curl_schannel_cred *old_cred = NULL;
- 
-diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
-index c6935b5..d5d0971 100644
---- a/lib/vtls/vtls.c
-+++ b/lib/vtls/vtls.c
-@@ -122,6 +122,9 @@ Curl_clone_primary_ssl_config(struct ssl_primary_config *source,
-   CLONE_STRING(egdsocket);
-   CLONE_STRING(random_file);
-   CLONE_STRING(clientcert);
-+
-+  /* Disable dest sessionid cache if a client cert is used, CVE-2016-5419. */
-+  dest->sessionid = (dest->clientcert ? false : source->sessionid);
-   return TRUE;
- }
- 
-@@ -308,9 +311,9 @@ bool Curl_ssl_getsessionid(struct connectdata *conn,
-   int port = isProxy ? (int)conn->port : conn->remote_port;
-   *ssl_sessionid = NULL;
- 
--  DEBUGASSERT(data->set.general_ssl.sessionid);
-+  DEBUGASSERT(SSL_SET_OPTION(primary.sessionid));
- 
--  if(!data->set.general_ssl.sessionid)
-+  if(!SSL_SET_OPTION(primary.sessionid))
-     /* session ID re-use is disabled */
-     return TRUE;
- 
-@@ -412,7 +415,7 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn,
-     &conn->proxy_ssl_config :
-     &conn->ssl_config;
- 
--  DEBUGASSERT(data->set.general_ssl.sessionid);
-+  DEBUGASSERT(SSL_SET_OPTION(primary.sessionid));
- 
-   clone_host = strdup(isProxy ? conn->http_proxy.host.name : conn->host.name);
-   if(!clone_host)
--- 
-1.9.1
-
diff --git a/recipes-support/curl/curl/CVE-2017-9502.patch b/recipes-support/curl/curl/CVE-2017-9502.patch
deleted file mode 100644
index c205568..0000000
--- a/recipes-support/curl/curl/CVE-2017-9502.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From 5d7952f52e410e1d4a8ff1965e5cc6fc1bde86aa Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Wed, 7 Jun 2017 00:21:04 +0200
-Subject: [PATCH] url: fix buffer overwrite with file protocol (CVE-2017-9502)
-
-Bug: https://github.com/curl/curl/issues/1540
-Advisory: https://curl.haxx.se/docs/adv_20170614.html
-
-CVE: CVE-2017-9502
-Upstream-Status: Backport [backport from curl-7_54_1]
-
-Assisted-by: Ray Satiro
-Reported-by: Marcel Raad
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
----
- lib/url.c | 27 ++++++++++++++++++++++-----
- 1 file changed, 22 insertions(+), 5 deletions(-)
-
-diff --git a/lib/url.c b/lib/url.c
-index 84822d9..87446db 100644
---- a/lib/url.c
-+++ b/lib/url.c
-@@ -4466,6 +4466,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
- #endif
- 
-     protop = "file"; /* protocol string */
-+    *prot_missing = !url_has_scheme;
-   }
-   else {
-     /* clear path */
-@@ -4629,14 +4630,30 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
- 
-     size_t plen = strlen(path); /* new path, should be 1 byte longer than
-                                    the original */
--    size_t urllen = strlen(data->change.url); /* original URL length */
--
-     size_t prefixlen = strlen(conn->host.name);
- 
--    if(!*prot_missing)
--      prefixlen += strlen(protop) + strlen("://");
-+    if(!*prot_missing) {
-+      size_t protolen = strlen(protop);
-+
-+      if(curl_strnequal(protop, data->change.url, protolen))
-+        prefixlen += protolen;
-+      else {
-+        failf(data, "<url> malformed");
-+        return CURLE_URL_MALFORMAT;
-+      }
-+
-+      if(curl_strnequal("://", &data->change.url[protolen], 3))
-+        prefixlen += 3;
-+      /* only file: is allowed to omit one or both slashes */
-+      else if(curl_strnequal("file:", data->change.url, 5))
-+        prefixlen += 1 + (data->change.url[5] == '/');
-+      else {
-+        failf(data, "<url> malformed");
-+        return CURLE_URL_MALFORMAT;
-+      }
-+    }
- 
--    reurl = malloc(urllen + 2); /* 2 for zerobyte + slash */
-+    reurl = malloc(prefixlen + plen + 1);
-     if(!reurl)
-       return CURLE_OUT_OF_MEMORY;
- 
--- 
-1.9.1
-
diff --git a/recipes-support/curl/curl_%.bbappend b/recipes-support/curl/curl_%.bbappend
index 5e642bb..2da58d4 100644
--- a/recipes-support/curl/curl_%.bbappend
+++ b/recipes-support/curl/curl_%.bbappend
@@ -1,11 +1,7 @@
 # look for files in the layer first
 FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
 
-SRC_URI += "file://CVE-2017-7407.patch \
-            file://CVE-2017-7468.patch \
-            file://CVE-2017-9502.patch \
-            file://CVE-2017-1000254.patch \
-            file://CVE-2017-1000257.patch \
+SRC_URI += "file://CVE-2017-1000257.patch \
             file://CVE-2017-8816.patch \
             file://CVE-2017-8817.patch \
            "