On Wed, Aug 4, 2021 at 7:06 AM Mike Crowe wrote:
>
> On Wednesday 04 August 2021 at 06:44:51 -1000, Steve Sakoman wrote:
> > On Tue, Aug 3, 2021 at 10:11 PM Mike Crowe via lists.openembedded.org
> > wrote:
> > >
> > > curl v7.78 contained fixes for five CVEs:
> > >
> > > CVE-2021-22922 and CVE-20
On Wednesday 04 August 2021 at 06:44:51 -1000, Steve Sakoman wrote:
> On Tue, Aug 3, 2021 at 10:11 PM Mike Crowe via lists.openembedded.org
> wrote:
> >
> > curl v7.78 contained fixes for five CVEs:
> >
> > CVE-2021-22922 and CVE-2021-22923 are only present when support for
> > metalink is enabled
On Tue, Aug 3, 2021 at 10:11 PM Mike Crowe via lists.openembedded.org
wrote:
>
> curl v7.78 contained fixes for five CVEs:
>
> CVE-2021-22922 and CVE-2021-22923 are only present when support for
> metalink is enabled. EXTRA_OECONF contains "--without-libmetalink" so
> these fixes are unnecessary.
curl v7.78 contained fixes for five CVEs:
CVE-2021-22922 and CVE-2021-22923 are only present when support for
metalink is enabled. EXTRA_OECONF contains "--without-libmetalink" so
these fixes are unnecessary.
CVE-2021-22926 only affects builds for MacOS.
CVE-2021-22924 and CVE-2021-22925 are bot