From 72b6bf8f57569c14238d223bb6cc6fec7fd3af4d Mon Sep 17 00:00:00 2001
From: Peter Korsgaard <peter@korsgaard.com>
Date: Fri, 23 Dec 2016 11:16:05 +0100
Subject: libcurl: security bump to 7.52.1

Fixes CVE-2016-9594 - Unitilized random

Libcurl's (new) internal function that returns a good 32bit random value was
implemented poorly and overwrote the pointer instead of writing the value
into the buffer the pointer pointed to.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/libcurl/libcurl.mk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'package/libcurl/libcurl.mk')

diff --git a/package/libcurl/libcurl.mk b/package/libcurl/libcurl.mk
index b2a1b241dc..ea37309d82 100644
--- a/package/libcurl/libcurl.mk
+++ b/package/libcurl/libcurl.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBCURL_VERSION = 7.52.0
+LIBCURL_VERSION = 7.52.1
 LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.bz2
 LIBCURL_SITE = https://curl.haxx.se/download
 LIBCURL_DEPENDENCIES = host-pkgconf \
-- 
cgit v1.2.1