libcurl: security bump to version 7.60.0 - buildroot

diff options

author	Baruch Siach <baruch@tkos.co.il>	2018-05-18 06:00:36 +0300
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2018-05-19 13:47:21 +0200
commit	051e2f2d0b3a74ede4cc1865513ebe4c59e7d2ed (patch)
tree	f0eaee6b8778d1cdac0f882f2459765374ff0131 /package/mbedtls/mbedtls.hash
parent	45cf64ca0c0070151e4321e218e20cae5d730797 (diff)
download	buildroot-051e2f2d0b3a74ede4cc1865513ebe4c59e7d2ed.tar.gz buildroot-051e2f2d0b3a74ede4cc1865513ebe4c59e7d2ed.zip

libcurl: security bump to version 7.60.0

Drop upstream patch. This release fixes the security issues listed below. CVE-2018-1000300: curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies. https://curl.haxx.se/docs/adv_2018-82c2.html CVE-2018-1000301: curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded content. https://curl.haxx.se/docs/adv_2018-b138.html Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Diffstat (limited to 'package/mbedtls/mbedtls.hash')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: