Mostly a bugfix release. https://curl.se/changes.html#7_88_0 https://curl.se/docs/security.html
Plugs CVEs: CVE-2023-23914: HSTS ignored on multiple requests CVE-2023-23915: HSTS amnesia with --parallel CVE-2023-23916: HTTP multi-header compression denial of service * License file changed. Copyright years completely removed. Signed-off-by: Christian Melki <[email protected]> --- rules/libcurl.make | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/rules/libcurl.make b/rules/libcurl.make index bb989d8fc..f2a6f86b9 100644 --- a/rules/libcurl.make +++ b/rules/libcurl.make @@ -15,15 +15,15 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl # # Paths and names # -LIBCURL_VERSION := 7.87.0 -LIBCURL_MD5 := 0b0f5de173afd303229e5272689578d7 +LIBCURL_VERSION := 7.88.0 +LIBCURL_MD5 := fc56109bda128948dc2c89b157da0e41 LIBCURL := curl-$(LIBCURL_VERSION) LIBCURL_SUFFIX := tar.xz LIBCURL_URL := https://curl.se/download/$(LIBCURL).$(LIBCURL_SUFFIX) LIBCURL_SOURCE := $(SRCDIR)/$(LIBCURL).$(LIBCURL_SUFFIX) LIBCURL_DIR := $(BUILDDIR)/$(LIBCURL) LIBCURL_LICENSE := curl -LIBCURL_LICENSE_FILES := file://COPYING;md5=190c514872597083303371684954f238 +LIBCURL_LICENSE_FILES := file://COPYING;md5=db8448a1e43eb2125f7740fc397db1f6 # ---------------------------------------------------------------------------- # Prepare -- 2.34.1
