diff options
Diffstat (limited to 'meta/recipes-support/curl/curl_7.69.1.bb')
-rw-r--r-- | meta/recipes-support/curl/curl_7.69.1.bb | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes-support/curl/curl_7.69.1.bb index 239852db09..2f351d585a 100644 --- a/meta/recipes-support/curl/curl_7.69.1.bb +++ b/meta/recipes-support/curl/curl_7.69.1.bb @@ -1,4 +1,8 @@ SUMMARY = "Command line tool and library for client-side URL transfers" +DESCRIPTION = "It uses URL syntax to transfer data to and from servers. \ +curl is a widely used because of its ability to be flexible and complete \ +complex tasks. For example, you can use curl for things like user authentication, \ +HTTP post, SSL connections, proxy support, FTP uploads, and more!" HOMEPAGE = "http://curl.haxx.se/" BUGTRACKER = "http://curl.haxx.se/mail/list.cgi?list=curl-tracker" SECTION = "console/network" @@ -9,6 +13,52 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://0001-replace-krb5-config-with-pkg-config.patch \ file://CVE-2020-8169.patch \ file://CVE-2020-8177.patch \ + file://CVE-2020-8231.patch \ + file://CVE-2020-8284.patch \ + file://CVE-2020-8285.patch \ + file://CVE-2020-8286.patch \ + file://CVE-2021-22876.patch \ + file://CVE-2021-22890.patch \ + file://CVE-2021-22898.patch \ + file://CVE-2021-22924.patch \ + file://CVE-2021-22925.patch \ + file://CVE-2021-22946-pre1.patch \ + file://CVE-2021-22946.patch \ + file://CVE-2021-22947.patch \ + file://CVE-2022-27776.patch \ + file://CVE-2022-27775.patch \ + file://CVE-2022-22576.patch \ + file://CVE-2022-27774-1.patch \ + file://CVE-2022-27774-2.patch \ + file://CVE-2022-27774-3.patch \ + file://CVE-2022-27774-4.patch \ + file://CVE-2022-27781.patch \ + file://CVE-2022-27782-1.patch \ + file://CVE-2022-27782-2.patch \ + file://CVE-2022-32206.patch \ + file://CVE-2022-32207.patch \ + file://CVE-2022-32208.patch \ + file://CVE-2022-35252.patch \ + file://CVE-2022-32221.patch \ + file://CVE-2022-35260.patch \ + file://CVE-2022-43552.patch \ + file://CVE-2023-23916.patch \ + file://CVE-2023-27534-pre1.patch \ + file://CVE-2023-27534.patch \ + file://CVE-2023-27538.patch \ + file://CVE-2023-27533.patch \ + file://CVE-2023-27535-pre1.patch \ + file://CVE-2023-27535.patch \ + file://CVE-2023-27536.patch \ + file://CVE-2023-28320.patch \ + file://CVE-2023-28320-fol1.patch \ + file://CVE-2023-32001.patch \ + file://CVE-2023-38545.patch \ + file://CVE-2023-38546.patch \ + file://CVE-2023-28321.patch \ + file://CVE-2023-28322.patch \ + file://CVE-2023-46218.patch \ + file://CVE-2024-2398.patch \ " SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42" @@ -16,6 +66,15 @@ SRC_URI[sha256sum] = "2ff5e5bd507adf6aa88ff4bbafd4c7af464867ffb688be93b9930717a5 # Curl has used many names over the years... CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl" +CVE_CHECK_WHITELIST = "CVE-2021-22922 CVE-2021-22923 CVE-2021-22926 CVE-2021-22945" + +# As per link https://security-tracker.debian.org/tracker/CVE-2021-22897 +# and https://ubuntu.com/security/CVE-2021-22897 +# This CVE issue affects Windows only Hence whitelisting this CVE +CVE_CHECK_WHITELIST += "CVE-2021-22897" + +# This CVE reports that apple had to upgrade curl because of other already reported CVEs +CVE_CHECK_WHITELIST += "CVE-2023-42915" inherit autotools pkgconfig binconfig multilib_header |