rtime.felk.cvut.cz Git - coffee/buildroot.git/commit

author	Baruch Siach <baruch@tkos.co.il>
	Thu, 15 Mar 2018 18:06:19 +0000 (20:06 +0200)
committer	Peter Korsgaard <peter@korsgaard.com>
	Fri, 16 Mar 2018 09:34:28 +0000 (10:34 +0100)
commit	bf3476e5b1527ac91c0a12949be7da5253ea66c1
tree	5eb421b906635894916c0ee1aec46c4e686d8ef2	tree \| snapshot
parent	dbeb43e97626df988534b9cf62b5618b0b6ccfa1	commit \| diff

libcurl: security bump to version 7.59.0

CVE-2018-1000120: curl could be fooled into writing a zero byte out of
bounds when curl is told to work on an FTP URL with the setting to only
issue a single CWD command, if the directory part of the URL contains a
"%00" sequence.

https://curl.haxx.se/docs/adv_2018-9cd6.html

CVE-2018-1000121: curl might dereference a near-NULL address when
getting an LDAP URL.

https://curl.haxx.se/docs/adv_2018-97a2.html

CVE-2018-1000122: When asked to transfer an RTSP URL, curl could
calculate a wrong data length to copy from the read buffer.

https://curl.haxx.se/docs/adv_2018-b047.html

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libcurl/libcurl.hash		diff \| blob \| history
package/libcurl/libcurl.mk		diff \| blob \| history