Author: xry111
Date: Thu Aug 20 10:43:00 2020
New Revision: 23584
Log:
curl: add security hotfix for 7.71.1 (blfs-10.0)
Modified:
trunk/BOOK/networking/netlibs/curl.xml
Modified: trunk/BOOK/networking/netlibs/curl.xml
==============================================================================
--- trunk/BOOK/networking/netlibs/curl.xml Thu Aug 20 10:20:51 2020
(r23583)
+++ trunk/BOOK/networking/netlibs/curl.xml Thu Aug 20 10:43:00 2020
(r23584)
@@ -73,17 +73,19 @@
</para>
</listitem>
</itemizedlist>
-<!--
+
<bridgehead renderas="sect3">Additional Downloads</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>
- Patch to fix DNS resolution issues: <ulink
- url="&patch-root;/curl-7.65.1-fix_dns_segfaults-2.patch"/>
+ <!-- A hotfix for LFS-10.0, to fix the CVE w/o change the API
+ and ABI. So we won't need to rebuild massively. Will be
+ dropped in LFS-10.1 once we update to curl-7.72.0. -->
+ Patch to fix CVE-2020-8231: <ulink
+ url="&patch-root;/curl-7.71.1-security_fixes-1.patch"/>
</para>
</listitem>
</itemizedlist>
--->
<bridgehead renderas="sect3">cURL Dependencies</bridgehead>
@@ -131,13 +133,12 @@
<sect2 role="installation">
<title>Installation of cURL</title>
-<!--
+
<para>
- First, apply a patch to fix DNS resolution issues:
+ First, apply a patch to fix a security issue:
</para>
-<screen><userinput>patch -Np1 -i
../curl-7.65.1-fix_dns_segfaults-2.patch</userinput></screen>
--->
+<screen><userinput>patch -Np1 -i
../curl-7.71.1-security_fixes-1.patch</userinput></screen>
<para>
Install <application>cURL</application> by running the following
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
