Thanks, applied as 2df6f879e8048c20cd3361184ea3275d9fcf1fa5. Michael
[sent from post-receive hook] On Tue, 16 Sep 2025 21:44:49 +0200, Christian Melki <[email protected]> wrote: > Nothing exciting. > https://curl.se/changes.html#8_16_0 > > Plugs CVEs: > CVE-2025-9086 - Out of bounds read for cookie path > CVE-2025-10148 - predictable WebSocket mask > > * Remove dropped build option. > > Signed-off-by: Christian Melki <[email protected]> > Message-Id: <[email protected]> > Signed-off-by: Michael Olbrich <[email protected]> > > diff --git a/rules/libcurl.make b/rules/libcurl.make > index 0d5ec66c3925..ff9c8b0f3846 100644 > --- a/rules/libcurl.make > +++ b/rules/libcurl.make > @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl > # > # Paths and names > # > -LIBCURL_VERSION := 8.15.0 > -LIBCURL_MD5 := b8872bb6cc5d18d03bea8ff5090b2b81 > +LIBCURL_VERSION := 8.16.0 > +LIBCURL_MD5 := 3b5aae755714b338af0f66726bceb62a > LIBCURL := curl-$(LIBCURL_VERSION) > LIBCURL_SUFFIX := tar.xz > LIBCURL_URL := https://curl.se/download/$(LIBCURL).$(LIBCURL_SUFFIX) > @@ -132,7 +132,6 @@ LIBCURL_CONF_OPT := \ > --without-openssl-quic \ > --without-nghttp3 \ > --without-quiche \ > - --without-msh3 \ > --without-zsh-functions-dir \ > --without-fish-functions-dir >
