diff options
Diffstat (limited to 'meta/recipes-support/curl/curl_7.75.0.bb')
-rw-r--r-- | meta/recipes-support/curl/curl_7.75.0.bb | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.75.0.bb b/meta/recipes-support/curl/curl_7.75.0.bb index d64e5e1f79..accede604c 100644 --- a/meta/recipes-support/curl/curl_7.75.0.bb +++ b/meta/recipes-support/curl/curl_7.75.0.bb | |||
@@ -21,6 +21,9 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ | |||
21 | file://CVE-2021-22901.patch \ | 21 | file://CVE-2021-22901.patch \ |
22 | file://CVE-2021-22924.patch \ | 22 | file://CVE-2021-22924.patch \ |
23 | file://CVE-2021-22926.patch \ | 23 | file://CVE-2021-22926.patch \ |
24 | file://CVE-2021-22945.patch \ | ||
25 | file://CVE-2021-22946.patch \ | ||
26 | file://CVE-2021-22947.patch \ | ||
24 | " | 27 | " |
25 | 28 | ||
26 | SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb316d026" | 29 | SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb316d026" |
@@ -28,6 +31,10 @@ SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb3 | |||
28 | # Curl has used many names over the years... | 31 | # Curl has used many names over the years... |
29 | CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl" | 32 | CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl" |
30 | 33 | ||
34 | # These only apply when using --with-libmetalink, but --without-libmetalink is | ||
35 | # set below. | ||
36 | CVE_CHECK_WHITELIST += "CVE-2021-22922 CVE-2021-22923" | ||
37 | |||
31 | inherit autotools pkgconfig binconfig multilib_header | 38 | inherit autotools pkgconfig binconfig multilib_header |
32 | 39 | ||
33 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls libidn proxy threaded-resolver verbose zlib" | 40 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls libidn proxy threaded-resolver verbose zlib" |
@@ -65,6 +72,7 @@ PACKAGECONFIG[threaded-resolver] = "--enable-threaded-resolver,--disable-threade | |||
65 | PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose" | 72 | PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose" |
66 | PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib" | 73 | PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib" |
67 | 74 | ||
75 | # Keep --without-libmetalink to mitigate CVE-2021-22922 and CVE-2021-22923 | ||
68 | EXTRA_OECONF = " \ | 76 | EXTRA_OECONF = " \ |
69 | --disable-libcurl-option \ | 77 | --disable-libcurl-option \ |
70 | --disable-ntlm-wb \ | 78 | --disable-ntlm-wb \ |