summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/curl/curl_7.75.0.bb
AgeCommit message (Collapse)Author
2022-01-17curl: Backport CVE fixesRobert Joslyn
Backport fixes for CVE-2021-22922, CVE-2021-22923, CVE-2021-22945, CVE-2021-22946, and CVE-2021-22947. * https://curl.se/docs/CVE-2021-22922.html * https://curl.se/docs/CVE-2021-22923.html * https://curl.se/docs/CVE-2021-22945.html * https://curl.se/docs/CVE-2021-22946.html * https://curl.se/docs/CVE-2021-22947.html 22922 and 22923 were fixed by upstream by simply removing metalink support in newer versions. These are mitigated in older versions by disabling metalink support, which was already done by the recipe, so whitelist these CVEs. 22945, 22946, and 22947 are backported with only trivial patch fuzz modifications. Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2021-08-09curl: fix CVESMingli Yu
Backport patches to fix below CVEs: CVE-2021-22901 CVE-2021-22924 CVE-2021-22926 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2021-08-09curl: fix CVE-2021-22925Mingli Yu
CVE-2021-22925 Reported-by: Red Hat Product Security Bug: https://curl.se/docs/CVE-2021-22925.html Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2021-07-13curl: Fix CVE-2021-22897Khairul Rohaizzat Jamaluddin
CVE: CVE-2021-22897 Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2021-07-13curl: Fix CVE-2021-22898Khairul Rohaizzat Jamaluddin
CVE: CVE-2021-22898 Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2021-06-30curl: fix build when proxy is not enabled in PACKAGECONFIGAnuj Mittal
Backport upstream patches to fix issues introduced by a backported CVE patch. Fixes: | ../../curl-7.75.0/lib/vtls/vtls.c: In function ‘Curl_ssl_addsessionid’: | ../../curl-7.75.0/lib/vtls/vtls.c:508:14: error: ‘isProxy’ redeclared as different kind of symbol | 508 | const bool isProxy = FALSE; | | ^~~~~~~ | ../../curl-7.75.0/lib/vtls/vtls.c:488:37: note: previous definition of ‘isProxy’ with type ‘_Bool’ | 488 | bool isProxy, | | ^ Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2021-06-02curl: fix CVE-2021-22876Trevor Gamblin
Backport and modify the patch for CVE-2021-22876 from curl 7.76 to make it apply cleanly on 7.75. CVE: CVE-2021-22876 Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-02curl: fix CVE-2021-22890Trevor Gamblin
Backport and modify the patch for CVE-2021-22890 from curl 7.76 to make it apply cleanly on 7.75. CVE: CVE-2021-22890 Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-03-02recipes-support: Add missing HOMEPAGE and DESCRIPTION for recipesMeh Mbeh Ida Delphine
Fixes: [YOCTO #13471] Signed-off-by: Ida Delphine <idadelm@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-02-19curl: upgrade 7.74.0 -> 7.75.0Anuj Mittal
License-Update: copyright years changed Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-03 21:25:28 +0000