ports/core (3.5): [notify] curl: updated to 7.60.0. Fix for CVE-2018-1000300, CVE-2018-1000301

crux at crux.nu crux at crux.nu
Tue Oct 23 15:54:30 UTC 2018


commit 83b5b412c80729d5b4d35ac6f0e7f45d134e314f
Author: Fredrik Rinnestam <fredrik at crux.nu>
Date:   Thu May 17 00:57:29 2018 +0200

    [notify] curl: updated to 7.60.0. Fix for CVE-2018-1000300, CVE-2018-1000301

diff --git a/curl/.footprint b/curl/.footprint
index 17bec230..6e9a1ba5 100644
--- a/curl/.footprint
+++ b/curl/.footprint
@@ -139,6 +139,7 @@ drwxr-xr-x	root/root	usr/share/man/man3/
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3.gz
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3.gz
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_DNS_SERVERS.3.gz
+-rw-r--r--	root/root	usr/share/man/man3/CURLOPT_DNS_SHUFFLE_ADDRESSES.3.gz
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3.gz
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_EGDSOCKET.3.gz
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_ERRORBUFFER.3.gz
@@ -164,6 +165,7 @@ drwxr-xr-x	root/root	usr/share/man/man3/
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_FTP_USE_PRET.3.gz
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3.gz
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.3.gz
+-rw-r--r--	root/root	usr/share/man/man3/CURLOPT_HAPROXYPROTOCOL.3.gz
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_HEADER.3.gz
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_HEADERDATA.3.gz
 -rw-r--r--	root/root	usr/share/man/man3/CURLOPT_HEADERFUNCTION.3.gz
diff --git a/curl/.md5sum b/curl/.md5sum
index dff1f0b0..653ed3b3 100644
--- a/curl/.md5sum
+++ b/curl/.md5sum
@@ -1 +1 @@
-04c00832fa62d443b8745b056464fb30  curl-7.59.0.tar.xz
+a889cd11b4ae8794b7030472cb4df0a0  curl-7.60.0.tar.xz
diff --git a/curl/.signature b/curl/.signature
index 65ec88b5..5475cd50 100644
--- a/curl/.signature
+++ b/curl/.signature
@@ -1,5 +1,5 @@
 untrusted comment: verify with /etc/ports/core.pub
-RWRJc1FUaeVeqk1W4buE/ntVrifeLbeZ/H6qAUb1ghtF+n71lqA8Oy7DrR1xrCM9GQRcxVxW1G+0db8KTJzgD06p1mmR4x1DWAM=
-SHA256 (Pkgfile) = 3591496e8b682530b56315714ee3c7cae3dfc6dcf3fc72694dbabc8e489a42d2
-SHA256 (.footprint) = 7ba79448c1a11140b642471755499f211f14ee65d40a4f53a2e8e99824a1637a
-SHA256 (curl-7.59.0.tar.xz) = e44eaabdf916407585bf5c7939ff1161e6242b6b015d3f2f5b758b2a330461fc
+RWRJc1FUaeVeqv/TlEJXXUnyrZyRHlmlwhHDBNaRlvi13i0lnHeyyJkFquLRRi6nMqXWgIxew7ArJEKyh3QNdUZCHghw97oq+Q8=
+SHA256 (Pkgfile) = dc59b1a6405353512b2be82cd6db799158c5a17addb8b7d8d01bfb3594c06295
+SHA256 (.footprint) = ad702c8c3a24f4a67430def445bb3bac323c2f6118a1ba1208c3e9e10f0fce6b
+SHA256 (curl-7.60.0.tar.xz) = 8736ff8ded89ddf7e926eec7b16f82597d029fc1469f3a551f1fafaac164e6a0
diff --git a/curl/Pkgfile b/curl/Pkgfile
index b75c7dc2..0f5c4e7d 100644
--- a/curl/Pkgfile
+++ b/curl/Pkgfile
@@ -4,7 +4,7 @@
 # Depends on:  openssl, zlib
 
 name=curl
-version=7.59.0
+version=7.60.0
 release=1
 source=(http://curl.haxx.se/download/$name-$version.tar.xz)
 


More information about the CRUX mailing list