CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2026/05/06 07:52:52
Modified files:
net/curl : Makefile distinfo
net/curl/patches: patch-m4_curl-compilers_m4
net/curl/pkg : PLIST
Log message:
net/curl: update to 8.20.0
Changes:
* drop support for SMB
Includes fixes for
CVE-2026-4873: connection reuse ignores TLS requirement
CVE-2026-5545: wrong reuse of HTTP Negotiate connection
CVE-2026-5773: wrong reuse of SMB connection
CVE-2026-6253: proxy credentials leak over redirect-to proxy
CVE-2026-6276: stale custom cookie host causes cookie leak
CVE-2026-6429: netrc credential leak with reused proxy connection
CVE-2026-7168: cross-proxy Digest auth state leak
