On Wed, Aug 4, 2021 at 9:42 AM Mike Crowe wrote:
>
> On Wednesday 04 August 2021 at 08:05:27 -1000, Steve Sakoman wrote:
> > On Wed, Aug 4, 2021 at 7:27 AM Steve Sakoman via
> > lists.openembedded.org
> > wrote:
> > >
> > > On Wed, Aug 4, 2021 at 7:06 AM Mike Crowe via lists.openembedded.org
> >
On Wednesday 04 August 2021 at 08:05:27 -1000, Steve Sakoman wrote:
> On Wed, Aug 4, 2021 at 7:27 AM Steve Sakoman via
> lists.openembedded.org
> wrote:
> >
> > On Wed, Aug 4, 2021 at 7:06 AM Mike Crowe via lists.openembedded.org
> > wrote:
> > >
> > > curl v7.78 contained fixes for five CVEs:
>
On Wed, Aug 4, 2021 at 7:27 AM Steve Sakoman via
lists.openembedded.org
wrote:
>
> On Wed, Aug 4, 2021 at 7:06 AM Mike Crowe via lists.openembedded.org
> wrote:
> >
> > curl v7.78 contained fixes for five CVEs:
> >
> > CVE-2021-22922[1] and CVE-2021-22923[2] are only present when support
> > for
On Wed, Aug 4, 2021 at 7:06 AM Mike Crowe via lists.openembedded.org
wrote:
>
> curl v7.78 contained fixes for five CVEs:
>
> CVE-2021-22922[1] and CVE-2021-22923[2] are only present when support
> for metalink is enabled. EXTRA_OECONF contains "--without-libmetalink"
> so these fixes are
curl v7.78 contained fixes for five CVEs:
CVE-2021-22922[1] and CVE-2021-22923[2] are only present when support
for metalink is enabled. EXTRA_OECONF contains "--without-libmetalink"
so these fixes are unnecessary.
CVE-2021-22926[3] only affects builds for MacOS.
CVE-2021-22924[4] and