Mostly a bugfix release.
https://curl.se/changes.html#7_88_0
https://curl.se/docs/security.html

Plugs CVEs:
CVE-2023-23914: HSTS ignored on multiple requests
CVE-2023-23915: HSTS amnesia with --parallel
CVE-2023-23916: HTTP multi-header compression denial of service

* License file changed. Copyright years completely removed.

Signed-off-by: Christian Melki <[email protected]>
---
 rules/libcurl.make | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/rules/libcurl.make b/rules/libcurl.make
index bb989d8fc..f2a6f86b9 100644
--- a/rules/libcurl.make
+++ b/rules/libcurl.make
@@ -15,15 +15,15 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl
 #
 # Paths and names
 #
-LIBCURL_VERSION        := 7.87.0
-LIBCURL_MD5    := 0b0f5de173afd303229e5272689578d7
+LIBCURL_VERSION        := 7.88.0
+LIBCURL_MD5    := fc56109bda128948dc2c89b157da0e41
 LIBCURL                := curl-$(LIBCURL_VERSION)
 LIBCURL_SUFFIX := tar.xz
 LIBCURL_URL    := https://curl.se/download/$(LIBCURL).$(LIBCURL_SUFFIX)
 LIBCURL_SOURCE := $(SRCDIR)/$(LIBCURL).$(LIBCURL_SUFFIX)
 LIBCURL_DIR    := $(BUILDDIR)/$(LIBCURL)
 LIBCURL_LICENSE        := curl
-LIBCURL_LICENSE_FILES := file://COPYING;md5=190c514872597083303371684954f238
+LIBCURL_LICENSE_FILES := file://COPYING;md5=db8448a1e43eb2125f7740fc397db1f6
 
 # ----------------------------------------------------------------------------
 # Prepare
-- 
2.34.1


Reply via email to