summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/curl/curl_7.47.1.bb
Commit message (Collapse)AuthorAgeFilesLines
* curl: CVE-2016-8625Sona Sarmadi2017-02-101-0/+2
| | | | | | | | | | | IDNA 2003 makes curl use wrong host Affected versions: curl 7.12.0 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102K.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: CVE-2016-8624Sona Sarmadi2017-02-101-0/+1
| | | | | | | | | | | invalid URL parsing with '#' Affected versions: curl 7.1 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102J.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: CVE-2016-8623Sona Sarmadi2017-02-101-0/+1
| | | | | | | | | | | Use-after-free via shared cookies Affected versions: curl 7.10.7 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102I.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: CVE-2016-8622Sona Sarmadi2017-02-101-0/+1
| | | | | | | | | | | URL unescape heap overflow via integer truncation Affected versions: curl 7.24.0 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102H.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: CVE-2016-8621Sona Sarmadi2017-02-101-0/+1
| | | | | | | | | | | curl_getdate read out of bounds Affected versions: curl 7.12.2 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102G.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: CVE-2016-8620Sona Sarmadi2017-02-101-0/+1
| | | | | | | | | | | glob parser write/read out of bounds Affected versions: curl 7.34.0 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102F.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: CVE-2016-8619Sona Sarmadi2017-02-101-0/+1
| | | | | | | | | | | double-free in krb5 code Affected versions: curl 7.3 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102E.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: CVE-2016-8618Sona Sarmadi2017-02-101-0/+1
| | | | | | | | | | | double-free in curl_maprintf Affected versions: curl 7.1 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102D.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: CVE-2016-8617Sona Sarmadi2017-02-101-0/+1
| | | | | | | | | | | | OOB write via unchecked multiplication Affected versions: curl 7.1 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102C.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: CVE-2016-8616Sona Sarmadi2017-02-101-0/+1
| | | | | | | | | | | | case insensitive password comparison Affected versions: curl 7.7 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102B.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: CVE-2016-8615Sona Sarmadi2017-02-101-0/+1
| | | | | | | | | | | | cookie injection for other servers Affected versions: curl 7.1 to and including 7.50.3 Reference: https://curl.haxx.se/docs/adv_20161102A.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* curl: security fix for CVE-2016-7141Sona Sarmadi2016-09-231-0/+1
| | | | | | | | | | | | | | | Affected versions: Affected versions: libcurl 7.19.6 to and including 7.50.1 Not affected versions: libcurl >= 7.50.2 Reference to upstream patch: https://curl.haxx.se/CVE-2016-7141.patch (From OE-Core rev: fb8f291d9ea2ebc011403f72cb91af372a795091) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: security fix for CVE-2016-5421Maxin B. John2016-09-021-0/+1
| | | | | | | | | Affected versions: libcurl 7.32.0 to and including 7.50.0 (From OE-Core rev: 2a9f4823483b6f5decc6d504858f06f66ab9e06c) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: security fix for CVE-2016-5420Maxin B. John2016-09-021-0/+1
| | | | | | | | | Affected versions: libcurl 7.1 to and including 7.50.0 (From OE-Core rev: cc567d8fb9eca630cd21d40ece99babcc5b7d045) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: security fix for CVE-2016-5419Maxin B. John2016-09-021-1/+3
| | | | | | | | | Affected versions: libcurl 7.1 to and including 7.50.0 (From OE-Core rev: 0b56a2f6174a44495f8a58dc0864c161ffd37b80) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: remove redundant ac_cv_sizeof_off_t assignmentsRoss Burton2016-04-121-4/+0
| | | | | | | | | | | | | | ac_cv_sizeof_off_t was previously in the site cache files, which was breaking large file support and required a workaround in each recipe that actually wanted to use large files. Now that the entry has been removed from the site cache, we can remove the workarounds. (From OE-Core rev: 1485d7cae88adb3575c6eaa47784fe50820d2740) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: re-enable proxy support by defaultAndre McCurdy2016-02-191-3/+3
| | | | | | | | | | | | Proxy support is a feature, so should not have been disabled in the previous commit (which disabled support for legacy protocols): http://git.openembedded.org/openembedded-core/commit/?id=b26634900d487a22eef41e9e077d35fb347d4c29 (From OE-Core rev: dfb0064fb16eba1446b8f3db13e0b8b3b4764481) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: add PACKAGECONFIG options for less common / legacy protocolsAndre McCurdy2016-02-111-9/+23
| | | | | | | | | | | | | | | As a result of this commit, the following protocols will now be disabled by default: DICT GOPHER IMAP IMAPS POP3 POP3S RTSP SMTP SMTPS TELNET TFTP Also add a PACKAGECONFIG option for libidn (previously disabled unconditionally). (From OE-Core rev: b26634900d487a22eef41e9e077d35fb347d4c29) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: drop obsolete pkgconfig_fix.patchAndre McCurdy2016-02-111-3/+1
| | | | | | | | | | | | This patch has been carried around in oe-core for a long time. It contains two unrelated changes and neither seem to be required any more. Drop the patch. (From OE-Core rev: 27837df35db57f50b8fa7f7c6b3f2e400205deb9) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: update 7.47.0 -> 7.47.1Andre McCurdy2016-02-111-0/+60
Adjust LIC_FILES_CHKSUM beginline due to changes to the Copyright to acknowledge additional contributors. No change to the license text. (From OE-Core rev: 0ab2c3b105fe92efbc814a3985879996932878c6) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-04 11:47:06 +0000