diff options
author | Armin Kuster <akuster@mvista.com> | 2021-01-07 17:25:46 +0530 |
---|---|---|
committer | Anuj Mittal <anuj.mittal@intel.com> | 2021-04-29 11:57:07 +0800 |
commit | 524870aad285debb67f6cd134b6465a06738906e (patch) | |
tree | 78aea95481205bb44120e21bb3f336aca3a70428 /meta/recipes-support/curl/curl_7.66.0.bb | |
parent | 9bfaa690e030362e31eacf45a9023991fe372c23 (diff) | |
download | openembedded-core-contrib-524870aad285debb67f6cd134b6465a06738906e.tar.gz |
curl: Security fixes for CVE-2020-{8169/8177}anujm/zeus
Source: https://curl.haxx.se/
MR: 104472, 104458
Type: Security Fix
Disposition: Backport from https://github.com/curl/curl/commit/{600a8cded447cd/8236aba58542c5f}
ChangeID: 1300924f7a64b22375b4326daeef0b686481e30c
Description:
- Affected versions: curl 7.20.0 to and including 7.70.0
- Not affected versions: curl < 7.20.0 and curl >= 7.71.0
Fixes both CVE-2020-8169 and CVE-2020-8177
(From OE-Core rev: f42702baee57ab3d1b7ab7833e72c7d56ad4ee94)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Sana Kazi <sanak@kpit.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Diffstat (limited to 'meta/recipes-support/curl/curl_7.66.0.bb')
-rw-r--r-- | meta/recipes-support/curl/curl_7.66.0.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.66.0.bb b/meta/recipes-support/curl/curl_7.66.0.bb index a54e0536e9..506ae0eade 100644 --- a/meta/recipes-support/curl/curl_7.66.0.bb +++ b/meta/recipes-support/curl/curl_7.66.0.bb @@ -8,6 +8,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=be5d9e1419c4363f4b32037a2d3b7ffa" SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://0001-replace-krb5-config-with-pkg-config.patch \ file://CVE-2019-15601.patch \ + file://CVE-2020-8169.patch \ + file://CVE-2020-8177.patch \ " SRC_URI[md5sum] = "c238aa394e3aa47ca4fcb0491774149f" |