diff options
author | Jan Pavlinec <jan.pavlinec@nic.cz> | 2020-07-29 14:24:38 +0200 |
---|---|---|
committer | Petr Štetiar <ynezz@true.cz> | 2020-07-29 14:32:03 +0200 |
commit | 8fbe450e40797e917facb94ab78ee28a409c3fa4 (patch) | |
tree | a7e93d38d8e7dc9c00faab1a04e0a9a5508eabfa /package/network | |
parent | 7d6e504dbebde5ab70b188df5f9277f8ecb11649 (diff) | |
download | upstream-8fbe450e40797e917facb94ab78ee28a409c3fa4.tar.gz upstream-8fbe450e40797e917facb94ab78ee28a409c3fa4.tar.bz2 upstream-8fbe450e40797e917facb94ab78ee28a409c3fa4.zip |
curl: patch CVE-2020-8169
Affected versions: curl 7.62.0 to and including 7.70.0
https://curl.haxx.se/docs/CVE-2020-8169.html
Run tested on Omnia with OpenWrt 19.07
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Diffstat (limited to 'package/network')
-rw-r--r-- | package/network/utils/curl/Makefile | 2 | ||||
-rw-r--r-- | package/network/utils/curl/patches/101-CVE-2020-8169.patch | 38 |
2 files changed, 39 insertions, 1 deletions
diff --git a/package/network/utils/curl/Makefile b/package/network/utils/curl/Makefile index 1c95b9f131..6c4a299ff9 100644 --- a/package/network/utils/curl/Makefile +++ b/package/network/utils/curl/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=curl PKG_VERSION:=7.66.0 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://dl.uxnr.de/mirror/curl/ \ diff --git a/package/network/utils/curl/patches/101-CVE-2020-8169.patch b/package/network/utils/curl/patches/101-CVE-2020-8169.patch new file mode 100644 index 0000000000..718621b23b --- /dev/null +++ b/package/network/utils/curl/patches/101-CVE-2020-8169.patch @@ -0,0 +1,38 @@ +From 600a8cded447cd7118ed50142c576567c0cf5158 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Thu, 14 May 2020 14:37:12 +0200 +Subject: [PATCH] url: make the updated credentials URL-encoded in the URL + +Found-by: Gregory Jefferis +Reported-by: Jeroen Ooms +Added test 1168 to verify. Bug spotted when doing a redirect. +Bug: https://github.com/jeroen/curl/issues/224 +Closes #5400 +--- + lib/url.c | 6 ++-- + tests/data/Makefile.inc | 1 + + tests/data/test1168 | 78 +++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 83 insertions(+), 2 deletions(-) + create mode 100644 tests/data/test1168 + +diff --git a/lib/url.c b/lib/url.c +index f250f2ff20a..9b8b2bdde64 100644 +--- a/lib/url.c ++++ b/lib/url.c +@@ -2788,12 +2788,14 @@ static CURLcode override_login(struct Curl_easy *data, + + /* for updated strings, we update them in the URL */ + if(user_changed) { +- uc = curl_url_set(data->state.uh, CURLUPART_USER, *userp, 0); ++ uc = curl_url_set(data->state.uh, CURLUPART_USER, *userp, ++ CURLU_URLENCODE); + if(uc) + return Curl_uc_to_curlcode(uc); + } + if(passwd_changed) { +- uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, *passwdp, 0); ++ uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, *passwdp, ++ CURLU_URLENCODE); + if(uc) + return Curl_uc_to_curlcode(uc); + } |