diff options
author | Baruch Siach <baruch@tkos.co.il> | 2017-08-10 20:35:45 +0300 |
---|---|---|
committer | Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> | 2017-08-11 12:42:34 +0200 |
commit | d88c79090add53947dc3290fb61d51f2b630301c (patch) | |
tree | efc572c7018b1390d32659212cd68e9f9b106853 /package/libcurl/libcurl.mk | |
parent | ff4cccbdcf5417a5a8c251ff302791a306023cc1 (diff) | |
download | buildroot-d88c79090add53947dc3290fb61d51f2b630301c.tar.gz buildroot-d88c79090add53947dc3290fb61d51f2b630301c.zip |
libcurl: security bump to version 7.55.0
Fixes:
glob: do not parse after a strtoul() overflow range (CVE-2017-1000101)
tftp: reject file name lengths that don't fit (CVE-2017-1000100)
file: output the correct buffer to the user (CVE-2017-1000099)
Switch to .tar.xz to save bandwidth.
Add reference to tarball signature.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Diffstat (limited to 'package/libcurl/libcurl.mk')
-rw-r--r-- | package/libcurl/libcurl.mk | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/package/libcurl/libcurl.mk b/package/libcurl/libcurl.mk index 684844919e..dd0ccbfa46 100644 --- a/package/libcurl/libcurl.mk +++ b/package/libcurl/libcurl.mk @@ -4,8 +4,8 @@ # ################################################################################ -LIBCURL_VERSION = 7.54.1 -LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.bz2 +LIBCURL_VERSION = 7.55.0 +LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz LIBCURL_SITE = https://curl.haxx.se/download LIBCURL_DEPENDENCIES = host-pkgconf \ $(if $(BR2_PACKAGE_ZLIB),zlib) \ |