ports/core (3.2): [notify] curl: updated to 7.51.0
commit 53c6722a1e80512a1876b0629179ae54033cc8a9 Author: Fredrik Rinnestam <fredrik@crux.nu> Date: Wed Nov 2 09:02:09 2016 +0100 [notify] curl: updated to 7.51.0 Resolves: CVE-2016-8615: cookie injection for other servers CVE-2016-8616: case insensitive password comparison CVE-2016-8617: OOB write via unchecked multiplication CVE-2016-8618: double-free in curl_maprintf CVE-2016-8619: double-free in krb5 code CVE-2016-8620: glob parser write/read out of bounds CVE-2016-8621: curl_getdate read out of bounds CVE-2016-8622: URL unescape heap overflow via integer truncation CVE-2016-8623: Use-after-free via shared cookies CVE-2016-8624: invalid URL parsing with '#' CVE-2016-8625: IDNA 2003 makes curl use wrong host https://curl.haxx.se/changes.html diff --git a/curl/.footprint b/curl/.footprint index 3c35548..5cb0c9c 100644 --- a/curl/.footprint +++ b/curl/.footprint @@ -176,6 +176,7 @@ drwxr-xr-x root/root usr/share/man/man3/ -rw-r--r-- root/root usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_IPRESOLVE.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_ISSUERCERT.3.gz +-rw-r--r-- root/root usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_KEYPASSWD.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_KRBLEVEL.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_LOCALPORT.3.gz diff --git a/curl/.md5sum b/curl/.md5sum index 55ec8da..a427d2d 100644 --- a/curl/.md5sum +++ b/curl/.md5sum @@ -1 +1 @@ -6080c1eb3e72d5da6c892ba72a074ad2 curl-7.50.3.tar.lzma +0f876ef6d5776d96b08510461d57db1b curl-7.51.0.tar.lzma diff --git a/curl/Pkgfile b/curl/Pkgfile index 1c90291..6ca674a 100644 --- a/curl/Pkgfile +++ b/curl/Pkgfile @@ -4,7 +4,7 @@ # Depends on: openssl, zlib name=curl -version=7.50.3 +version=7.51.0 release=1 source=(http://curl.haxx.se/download/$name-$version.tar.lzma)
participants (1)
-
crux@crux.nu