[ptxdist] [PATCH] libcurl: Version bump. 8.3.0 -> 8.4.0

Christian Melki Wed, 11 Oct 2023 11:03:23 -0700

Mostly smaller fixes.
https://curl.se/changes.html#8_4_0


Plugs two CVEs:
CVE-2023-38546 cookie injection with none file
CVE-2023-38545 SOCKS5 heap buffer overflow

Signed-off-by: Christian Melki <christian.me...@t2data.com>
---
 rules/libcurl.make | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/libcurl.make b/rules/libcurl.make
index ad615bd87..61797e9ae 100644
--- a/rules/libcurl.make
+++ b/rules/libcurl.make
@@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl
 #
 # Paths and names
 #
-LIBCURL_VERSION        := 8.3.0
-LIBCURL_MD5    := 2fc6cf5cefa8b73e3826aa24befdccff
+LIBCURL_VERSION        := 8.4.0
+LIBCURL_MD5    := 8424597f247da68b6041dd7f9ca367fe
 LIBCURL                := curl-$(LIBCURL_VERSION)
 LIBCURL_SUFFIX := tar.xz
 LIBCURL_URL    := https://curl.se/download/$(LIBCURL).$(LIBCURL_SUFFIX)
-- 
2.34.1

[ptxdist] [PATCH] libcurl: Version bump. 8.3.0 -> 8.4.0

Reply via email to