Re: [ptxdist] [APPLIED] libcurl: Version bump. 8.9.0 -> 8.9.1

Michael Olbrich Thu, 12 Sep 2024 05:11:52 -0700

Thanks, applied as c62203b86c20f6d5e026d66e6eb73d0f250fc8ec.

Michael


[sent from post-receive hook]

On Thu, 12 Sep 2024 14:11:29 +0200, Christian Melki 
<[email protected]> wrote:
> Minor bugfix release.
> https://curl.se/changes.html#8_9_1
> 
> Plugs CVE:
> CVE-2024-7264 - ASN.1 date parser overread
> 
> Signed-off-by: Christian Melki <[email protected]>
> Message-Id: <[email protected]>
> Signed-off-by: Michael Olbrich <[email protected]>
> 
> diff --git a/rules/libcurl.make b/rules/libcurl.make
> index b5008117f737..59872524e4c5 100644
> --- a/rules/libcurl.make
> +++ b/rules/libcurl.make
> @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl
>  #
>  # Paths and names
>  #
> -LIBCURL_VERSION      := 8.9.0
> -LIBCURL_MD5  := 6f6d2ff25c2a8fa8602511dc33201cc4
> +LIBCURL_VERSION      := 8.9.1
> +LIBCURL_MD5  := 5882f056460240d98cdb5b7f86a06153
>  LIBCURL              := curl-$(LIBCURL_VERSION)
>  LIBCURL_SUFFIX       := tar.xz
>  LIBCURL_URL  := https://curl.se/download/$(LIBCURL).$(LIBCURL_SUFFIX)

Re: [ptxdist] [APPLIED] libcurl: Version bump. 8.9.0 -> 8.9.1

Reply via email to