1 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl/CVE-2022-27774-4.patch b/meta/recipes-support/curl/curl/CVE-2022-27774-4.patch
new file mode 100644
index 0000000000..2258681cab
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2022-27774-4.patch
@@ -0,0 +1,35 @@
+From 7395752e2f7b87dc8c8f2a7137075e2da554aaea Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 26 Apr 2022 07:46:19 +0200
+Subject: [PATCH] gnutls: don't leak the SRP credentials in redirects
+Follow-up to 620ea21410030 and 139a54ed0a172a
+Reported-by: Harry Sintonen
+Closes #8752
+Upstream-Status: Backport [https://github.com/curl/curl/commit/093531556203decd92d92bccd431edbe5561781c]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/vtls/gtls.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
+index 8c05102..3d0758d 100644
+--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
+@@ -581,11 +581,11 @@ gtls_connect_step1(struct connectdata *conn,
+   }
+ 
+ #ifdef USE_TLS_SRP
+-  if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) {
+  if((SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) &&
+     Curl_allow_auth_to_host(data)) {
+     infof(data, "Using TLS-SRP username: %s\n", SSL_SET_OPTION(username));
+ 
+-    rc = gnutls_srp_allocate_client_credentials(
+-           &BACKEND->srp_client_cred);
+    rc = gnutls_srp_allocate_client_credentials(&BACKEND->srp_client_cred);
+     if(rc != GNUTLS_E_SUCCESS) {
+       failf(data, "gnutls_srp_allocate_client_cred() failed: %s",
+             gnutls_strerror(rc));

diff --git a/meta/recipes-support/curl/curl/CVE-2022-27774-4.patch b/meta/recipes-support/curl/curl/CVE-2022-27774-4.patch new file mode 100644 index 0000000000..2258681cab --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2022-27774-4.patch
@@ -0,0 +1,35 @@
	1	From 7395752e2f7b87dc8c8f2a7137075e2da554aaea Mon Sep 17 00:00:00 2001
	2	From: Daniel Stenberg <daniel@haxx.se>
	3	Date: Tue, 26 Apr 2022 07:46:19 +0200
	4	Subject: [PATCH] gnutls: don't leak the SRP credentials in redirects
	5
	6	Follow-up to 620ea21410030 and 139a54ed0a172a
	7
	8	Reported-by: Harry Sintonen
	9	Closes #8752
	10
	11	Upstream-Status: Backport [https://github.com/curl/curl/commit/093531556203decd92d92bccd431edbe5561781c]
	12	Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
	13	---
	14	lib/vtls/gtls.c \| 6 +++---
	15	1 file changed, 3 insertions(+), 3 deletions(-)
	16
	17	diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
	18	index 8c05102..3d0758d 100644
	19	--- a/lib/vtls/gtls.c
	20	+++ b/lib/vtls/gtls.c
	21	@@ -581,11 +581,11 @@ gtls_connect_step1(struct connectdata *conn,
	22	}
	23
	24	#ifdef USE_TLS_SRP
	25	- if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) {
	26	+ if((SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) &&
	27	+ Curl_allow_auth_to_host(data)) {
	28	infof(data, "Using TLS-SRP username: %s\n", SSL_SET_OPTION(username));
	29
	30	- rc = gnutls_srp_allocate_client_credentials(
	31	- &BACKEND->srp_client_cred);
	32	+ rc = gnutls_srp_allocate_client_credentials(&BACKEND->srp_client_cred);
	33	if(rc != GNUTLS_E_SUCCESS) {
	34	failf(data, "gnutls_srp_allocate_client_cred() failed: %s",
	35	gnutls_strerror(rc));