[Buildroot] [PATCH] libcurl: security bump to version 7.55.0

Peter Korsgaard peter at korsgaard.com
Tue Sep 5 21:58:06 UTC 2017

>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:

 > Fixes:
 >  glob: do not parse after a strtoul() overflow range (CVE-2017-1000101)
 >  tftp: reject file name lengths that don't fit (CVE-2017-1000100)
 >  file: output the correct buffer to the user (CVE-2017-1000099)

 > Switch to .tar.xz to save bandwidth.

 > Add reference to tarball signature.

 > Signed-off-by: Baruch Siach <baruch at tkos.co.il>

Committed to 2017.02.x, thanks.

Bye, Peter Korsgaard

More information about the buildroot mailing list