aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/utils/curl/patches
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2016-09-24 13:48:05 +0200
committerHauke Mehrtens <hauke@hauke-m.de>2016-09-24 13:48:05 +0200
commitdf9efc94970ccc1e43915839ec3f49d54729cc3d (patch)
tree069247c38ff60d2d886c21699fa0da56dd84782c /package/network/utils/curl/patches
parent6926325829a2f58059ca8e614c892062fbbae393 (diff)
downloadupstream-df9efc94970ccc1e43915839ec3f49d54729cc3d.tar.gz
upstream-df9efc94970ccc1e43915839ec3f49d54729cc3d.tar.bz2
upstream-df9efc94970ccc1e43915839ec3f49d54729cc3d.zip
curl: update to version 7.50.3
This fixes the following security problems: 7.50.1: CVE-2016-5419 TLS session resumption client cert bypass CVE-2016-5420 Re-using connections with wrong client cert CVE-2016-5421 use of connection struct after free 7.50.2: CVE-2016-7141 Incorrect reuse of client certificates 7.50.3: CVE-2016-7167 curl escape and unescape integer overflows Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'package/network/utils/curl/patches')
-rw-r--r--package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch2
1 files changed, 1 insertions, 1 deletions
diff --git a/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch b/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
index 0ec65dd466..464f2fcfed 100644
--- a/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
+++ b/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
@@ -11,7 +11,7 @@
version>>24, (version>>16)&0xff, (version>>8)&0xff);
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
-@@ -705,7 +705,7 @@ void Curl_mbedtls_session_free(void *ptr
+@@ -713,7 +713,7 @@ void Curl_mbedtls_session_free(void *ptr
size_t Curl_mbedtls_version(char *buffer, size_t size)
{