curl: Upgrade 7.47.1 -> 7.53.1

Security vulnerabilities fixed between 7.47.1 and 7.53.1 versions:
=================================================================
TLS session resumption client cert bypass (again): CVE-2017-XXXX
--write-out out of buffer read: CVE-2017-7407
SSL_VERIFYSTATUS ignored: CVE-2017-2629
uninitialized random: CVE-2016-9594
printf floating point buffer overflow: CVE-2016-9586
Win CE schannel cert wildcard matches too much: CVE-2016-9952
Win CE schannel cert name out of buffer read: CVE-2016-9953
cookie injection for other servers: CVE-2016-8615
case insensitive password comparison: CVE-2016-8616
OOB write via unchecked multiplication: CVE-2016-8617
double-free in curl_maprintf: CVE-2016-8618
double-free in krb5 code: CVE-2016-8619
glob parser write/read out of bounds: CVE-2016-8620
curl_getdate read out of bounds: CVE-2016-8621
URL unescape heap overflow via integer truncation: CVE-2016-8622
Use-after-free via shared cookies: CVE-2016-8623
invalid URL parsing with '#': CVE-2016-8624
IDNA 2003 makes curl use wrong host: CVE-2016-8625
curl escape and unescape integer overflows: CVE-2016-7167
Incorrect reuse of client certificates: CVE-2016-7141
TLS session resumption client cert bypass: CVE-2016-5419
Re-using connections with wrong client cert: CVE-2016-5420
use of connection struct after free: CVE-2016-5421
Windows DLL hijacking: CVE-2016-4802
TLS certificate check bypass with mbedTLS/PolarSSL: CVE-2016-3739

Reference:
https://curl.haxx.se/docs/security.html
https://curl.haxx.se/changes.html

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>

1 files changed, 0 insertions, 52 deletions

diff --git a/meta/recipes-support/curl/curl/CVE-2016-8618.patch b/meta/recipes-support/curl/curl/CVE-2016-8618.patch
deleted file mode 100644
index 2fd4749586..0000000000
--- a/meta/recipes-support/curl/curl/CVE-2016-8618.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 31106a073882656a2a5ab56c4ce2847e9a334c3c Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Wed, 28 Sep 2016 10:15:34 +0200
-Subject: [PATCH] aprintf: detect wrap-around when growing allocation
-
-On 32bit systems we could otherwise wrap around after 2GB and allocate 0
-bytes and crash.
-
-CVE: CVE-2016-8618
-Upstream-Status: Backport
-
-Bug: https://curl.haxx.se/docs/adv_20161102D.html
-Reported-by: Cure53
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
----
- lib/mprintf.c | 9 ++++++---
- 1 file changed, 6 insertions(+), 3 deletions(-)
-
-diff --git a/lib/mprintf.c b/lib/mprintf.c
-index dbedeaa..2c88aa8 100644
---- a/lib/mprintf.c
-+++ b/lib/mprintf.c
-@@ -1034,20 +1034,23 @@ static int alloc_addbyter(int output, FILE *data)
-     }
-     infop->alloc = 32;
-     infop->len =0;
-   }
-   else if(infop->len+1 >= infop->alloc) {
--    char *newptr;
-+    char *newptr = NULL;
-+    size_t newsize = infop->alloc*2;
- 
--    newptr = realloc(infop->buffer, infop->alloc*2);
-+    /* detect wrap-around or other overflow problems */
-+    if(newsize > infop->alloc)
-+      newptr = realloc(infop->buffer, newsize);
- 
-     if(!newptr) {
-       infop->fail = 1;
-       return -1; /* fail */
-     }
-     infop->buffer = newptr;
--    infop->alloc *= 2;
-+    infop->alloc = newsize;
-   }
- 
-   infop->buffer[ infop->len ] = outc;
- 
-   infop->len++;
--- 
-2.9.3
-