diff options
| author | Gustavo Zacarias <gustavo@zacarias.com.ar> | 2014-11-05 11:31:32 -0300 |
|---|---|---|
| committer | Peter Korsgaard <peter@korsgaard.com> | 2014-11-06 09:09:20 +0100 |
| commit | c30e017a1a6c2d368c4742d55e9ed17f96d29c06 (patch) | |
| tree | 1fe3e8419b0bac1773afbb56ebe25a3f95b50faa /package/libcurl/libcurl-0001-fixtimeout.patch | |
| parent | 395c88051efb4b84f752be4eea1b34b13c80a1dc (diff) | |
| download | buildroot-c30e017a1a6c2d368c4742d55e9ed17f96d29c06.tar.gz buildroot-c30e017a1a6c2d368c4742d55e9ed17f96d29c06.zip | |
libcurl: security bump to version 7.39.0
Fixes:
CVE-2014-3707 - libcurl's function curl_easy_duphandle() has a bug that
can lead to libcurl eventually sending off sensitive data that was not
intended for sending.
Removed patch that was upstream and now in the release.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/libcurl/libcurl-0001-fixtimeout.patch')
| -rw-r--r-- | package/libcurl/libcurl-0001-fixtimeout.patch | 37 |
1 files changed, 0 insertions, 37 deletions
diff --git a/package/libcurl/libcurl-0001-fixtimeout.patch b/package/libcurl/libcurl-0001-fixtimeout.patch deleted file mode 100644 index f897ca4d58..0000000000 --- a/package/libcurl/libcurl-0001-fixtimeout.patch +++ /dev/null @@ -1,37 +0,0 @@ -This fixes a timeout problem with xbmc. - -Backported from upstream: -https://github.com/bagder/curl/commit/d9762a7cdb35e70f8cb0bf1c2f8019e8391616e1 - -Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> - - -From d9762a7cdb35e70f8cb0bf1c2f8019e8391616e1 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg <daniel@haxx.se> -Date: Tue, 23 Sep 2014 11:44:03 +0200 -Subject: [PATCH] threaded-resolver: revert Curl_expire_latest() switch - -The switch to using Curl_expire_latest() in commit cacdc27f52b was a -mistake and was against the advice even mentioned in that commit. The -comparison in asyn-thread.c:Curl_resolver_is_resolved() makes -Curl_expire() the suitable function to use. - -Bug: http://curl.haxx.se/bug/view.cgi?id=1426 -Reported-By: graysky ---- - lib/asyn-thread.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/asyn-thread.c b/lib/asyn-thread.c -index e4ad32b..6cdc9ad 100644 ---- a/lib/asyn-thread.c -+++ b/lib/asyn-thread.c -@@ -541,7 +541,7 @@ CURLcode Curl_resolver_is_resolved(struct connectdata *conn, - td->poll_interval = 250; - - td->interval_end = elapsed + td->poll_interval; -- Curl_expire_latest(conn->data, td->poll_interval); -+ Curl_expire(conn->data, td->poll_interval); - } - - return CURLE_OK; |
