libcurl: security bump to version 7.55.0

Fixes: glob: do not parse after a strtoul() overflow range (CVE-2017-1000101) tftp: reject file name lengths that don't fit (CVE-2017-1000100) file: output the correct buffer to the user (CVE-2017-1000099) Switch to .tar.xz to save bandwidth. Add reference to tarball signature. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
author: Baruch Siach <baruch@tkos.co.il> 2017-08-10 20:35:45 +0300
committer: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> 2017-08-11 12:42:34 +0200
commit: d88c79090add53947dc3290fb61d51f2b630301c (patch)
tree: efc572c7018b1390d32659212cd68e9f9b106853 /package/libcurl/libcurl.hash
parent: ff4cccbdcf5417a5a8c251ff302791a306023cc1 (diff)
download: buildroot-d88c79090add53947dc3290fb61d51f2b630301c.tar.gz
buildroot-d88c79090add53947dc3290fb61d51f2b630301c.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/package/libcurl/libcurl.hash b/package/libcurl/libcurl.hash
index 1b8d80fc96..6d49b67428 100644
--- a/package/libcurl/libcurl.hash
+++ b/package/libcurl/libcurl.hash
@@ -1,2 +1,3 @@
 # Locally calculated after checking pgp signature
-sha256 fdfc4df2d001ee0c44ec071186e770046249263c491fcae48df0e1a3ca8f25a0  curl-7.54.1.tar.bz2
+# https://curl.haxx.se/download/curl-7.55.0.tar.xz.asc
+sha256 cdd58522f8607fd4e871df79d73acb3155075e2134641e5adab12a0962df059d  curl-7.55.0.tar.xz
author	Baruch Siach <baruch@tkos.co.il>	2017-08-10 20:35:45 +0300
committer	Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>	2017-08-11 12:42:34 +0200
commit	d88c79090add53947dc3290fb61d51f2b630301c (patch)
tree	efc572c7018b1390d32659212cd68e9f9b106853 /package/libcurl/libcurl.hash
parent	ff4cccbdcf5417a5a8c251ff302791a306023cc1 (diff)
download	buildroot-d88c79090add53947dc3290fb61d51f2b630301c.tar.gz buildroot-d88c79090add53947dc3290fb61d51f2b630301c.zip