<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-support/curl, branch uninative-1.5</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=uninative-1.5</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=uninative-1.5'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2017-03-01T23:27:08+00:00</updated>
<entry>
<title>curl: upgrade to 7.53.0</title>
<updated>2017-03-01T23:27:08+00:00</updated>
<author>
<name>Oleksandr Kravchuk</name>
<email>oleksandr.kravchuk@pelagicore.com</email>
</author>
<published>2017-02-23T12:33:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=093f673b2a0afe968101c431914b91940b8abf70'/>
<id>urn:sha1:093f673b2a0afe968101c431914b91940b8abf70</id>
<content type='text'>
(From OE-Core rev: 8889426d822fb403db1c2263e88ed7608202aafa)

Signed-off-by: Oleksandr Kravchuk &lt;oleksandr.kravchuk@pelagicore.com&gt;
Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>recipes: Make use of the new bb.utils.filter() function</title>
<updated>2017-03-01T11:17:45+00:00</updated>
<author>
<name>Peter Kjellerstedt</name>
<email>peter.kjellerstedt@axis.com</email>
</author>
<published>2017-02-27T13:02:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=254bfb107134702d8d1e0bfbdd1b011212e8c291'/>
<id>urn:sha1:254bfb107134702d8d1e0bfbdd1b011212e8c291</id>
<content type='text'>
(From OE-Core rev: 0a1427bf9aeeda6bee2cc0af8da4ea5fd90aef6f)

Signed-off-by: Peter Kjellerstedt &lt;peter.kjellerstedt@axis.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>curl: upgrade to 7.52.1</title>
<updated>2017-01-09T13:39:12+00:00</updated>
<author>
<name>Oleksandr Kravchuk</name>
<email>oleksandr.kravchuk@pelagicore.com</email>
</author>
<published>2017-01-04T08:19:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=bfdc6f565d8f828c8fa97897eec366f057021942'/>
<id>urn:sha1:bfdc6f565d8f828c8fa97897eec366f057021942</id>
<content type='text'>
(From OE-Core rev: d4218bb468ab9485a0a0cb12b07cb1d96dc6326b)

Signed-off-by: Oleksandr Kravchuk &lt;oleksandr.kravchuk@pelagicore.com&gt;
Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>curl: set CVE_PRODUCT</title>
<updated>2016-12-13T22:55:19+00:00</updated>
<author>
<name>Ross Burton</name>
<email>ross.burton@intel.com</email>
</author>
<published>2016-12-07T16:41:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=2b0fc91f408d83f11f18f5d193baaaa35ff298db'/>
<id>urn:sha1:2b0fc91f408d83f11f18f5d193baaaa35ff298db</id>
<content type='text'>
This is 'libcurl' in NVD.

(From OE-Core rev: f5381da49ac781ef017a1b9816c00b512ca9c7c2)

Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>curl: Update to version 7.51.0</title>
<updated>2016-11-15T15:19:54+00:00</updated>
<author>
<name>Fabio Berton</name>
<email>fabio.berton@ossystems.com.br</email>
</author>
<published>2016-11-03T20:41:58+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=0bb2d92e1ca0765174050a214f465d7a04f0d1f1'/>
<id>urn:sha1:0bb2d92e1ca0765174050a214f465d7a04f0d1f1</id>
<content type='text'>
CVE fixed in 7.51.0:

  CVE-2016-8615: cookie injection for other servers
  CVE-2016-8616: case insensitive password comparison
  CVE-2016-8617: OOB write via unchecked multiplication
  CVE-2016-8618: double-free in curl_maprintf
  CVE-2016-8619: double-free in krb5 code
  CVE-2016-8620: glob parser write/read out of bounds
  CVE-2016-8621: curl_getdate read out of bounds
  CVE-2016-8622: URL unescape heap overflow via integer truncation
  CVE-2016-8623: Use-after-free via shared cookies
  CVE-2016-8624: invalid URL parsing with '#'
  CVE-2016-8625: IDNA 2003 makes curl use wrong host

To see complete log access link bellow:
  https://curl.haxx.se/changes.html#7_51_0

(From OE-Core rev: 0154ff997db8021f93e6ffe8f7a0627d7a1d9b89)

Signed-off-by: Fabio Berton &lt;fabio.berton@ossystems.com.br&gt;
Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>curl: upgrade to 7.50.1</title>
<updated>2016-08-17T09:35:42+00:00</updated>
<author>
<name>Ross Burton</name>
<email>ross.burton@intel.com</email>
</author>
<published>2016-08-12T10:26:15+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=c0ea62e505fce32227f11bc3cd62ca726b525b47'/>
<id>urn:sha1:c0ea62e505fce32227f11bc3cd62ca726b525b47</id>
<content type='text'>
This fixes 3 CVES:

CVE-2016-5419
CVE-2016-5420
CVE-2016-5421

(From OE-Core rev: 62157e2b31c206be40f95574bb205dae5e8e4b68)

Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>curl: upgrade to 7.50.0</title>
<updated>2016-08-10T09:46:30+00:00</updated>
<author>
<name>Fan Xin</name>
<email>fan.xin@jp.fujitsu.com</email>
</author>
<published>2016-08-03T06:16:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=69735b95867ed6a1da71cb0fbec4ad9484d4b57c'/>
<id>urn:sha1:69735b95867ed6a1da71cb0fbec4ad9484d4b57c</id>
<content type='text'>
(From OE-Core rev: 638e648fdcba2f2a4fdf53747290a9a98ea0a86e)

Signed-off-by: Fan Xin &lt;fan.xin@jp.fujitsu.com&gt;
Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>curl: upgrade to 7.49.1</title>
<updated>2016-06-15T07:34:59+00:00</updated>
<author>
<name>Chen Qi</name>
<email>Qi.Chen@windriver.com</email>
</author>
<published>2016-06-12T02:21:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=df25fcd664f659e2b7c5253ce91c80da005c362b'/>
<id>urn:sha1:df25fcd664f659e2b7c5253ce91c80da005c362b</id>
<content type='text'>
(From OE-Core rev: 53761f4f2d4b8463bf9f996a87ee0dc61e21a2d0)

Signed-off-by: Chen Qi &lt;Qi.Chen@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>curl: add krb5 to PACKAGECONFIG</title>
<updated>2016-05-06T09:31:15+00:00</updated>
<author>
<name>Roy Li</name>
<email>rongqing.li@windriver.com</email>
</author>
<published>2016-04-26T05:13:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=0c26298c0c3917c164972fad0384304803c3e8bf'/>
<id>urn:sha1:0c26298c0c3917c164972fad0384304803c3e8bf</id>
<content type='text'>
krb5 is needed to enables GSS-Negotiate authentication

(From OE-Core rev: 78811b6e608452a3137df6ed2346c69d42d8fd27)

Signed-off-by: Roy Li &lt;rongqing.li@windriver.com&gt;
Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>meta: remove redundant ac_cv_sizeof_off_t assignments</title>
<updated>2016-04-12T21:50:21+00:00</updated>
<author>
<name>Ross Burton</name>
<email>ross.burton@intel.com</email>
</author>
<published>2016-04-11T19:49:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=acc1f968a047f83442aac1ac876212b2512756d9'/>
<id>urn:sha1:acc1f968a047f83442aac1ac876212b2512756d9</id>
<content type='text'>
ac_cv_sizeof_off_t was previously in the site cache files, which was breaking
large file support and required a workaround in each recipe that actually wanted
to use large files.

Now that the entry has been removed from the site cache, we can remove the
workarounds.

(From OE-Core rev: 1485d7cae88adb3575c6eaa47784fe50820d2740)

Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
