[Buildroot] [PATCH v2 2/2] libcurl: Use libidn2 instead of libidn
Jeroen Roovers
jer at airfi.aero
Thu Nov 3 12:56:15 UTC 2016
CVE-2016-8625 (IDNA 2003 makes curl use wrong host) was fixed by switching from
libidn to libidn2. The advisory[1] does not mention this but the related
commit[2] does.
[1] https://curl.haxx.se/docs/adv_20161102K.html
[2] https://github.com/curl/curl/commit/9c91ec778104ae3b744b39444d544e82d5ee9ece
Signed-off-by: Jeroen Roovers <jer at airfi.aero>
---
package/libcurl/libcurl.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/package/libcurl/libcurl.mk b/package/libcurl/libcurl.mk
index d60000a..f5433ef 100644
--- a/package/libcurl/libcurl.mk
+++ b/package/libcurl/libcurl.mk
@@ -9,7 +9,7 @@ LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.bz2
LIBCURL_SITE = http://curl.haxx.se/download
LIBCURL_DEPENDENCIES = host-pkgconf \
$(if $(BR2_PACKAGE_ZLIB),zlib) \
- $(if $(BR2_PACKAGE_LIBIDN),libidn) \
+ $(if $(BR2_PACKAGE_LIBIDN2),libidn2) \
$(if $(BR2_PACKAGE_RTMPDUMP),rtmpdump)
LIBCURL_LICENSE = ISC
LIBCURL_LICENSE_FILES = COPYING
--
2.10.2
More information about the buildroot
mailing list