summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/curl/curl_7.69.1.bb
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-support/curl/curl_7.69.1.bb')
-rw-r--r--meta/recipes-support/curl/curl_7.69.1.bb59
1 files changed, 59 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes-support/curl/curl_7.69.1.bb
index 239852db09..2f351d585a 100644
--- a/meta/recipes-support/curl/curl_7.69.1.bb
+++ b/meta/recipes-support/curl/curl_7.69.1.bb
@@ -1,4 +1,8 @@
SUMMARY = "Command line tool and library for client-side URL transfers"
+DESCRIPTION = "It uses URL syntax to transfer data to and from servers. \
+curl is a widely used because of its ability to be flexible and complete \
+complex tasks. For example, you can use curl for things like user authentication, \
+HTTP post, SSL connections, proxy support, FTP uploads, and more!"
HOMEPAGE = "http://curl.haxx.se/"
BUGTRACKER = "http://curl.haxx.se/mail/list.cgi?list=curl-tracker"
SECTION = "console/network"
@@ -9,6 +13,52 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \
file://0001-replace-krb5-config-with-pkg-config.patch \
file://CVE-2020-8169.patch \
file://CVE-2020-8177.patch \
+ file://CVE-2020-8231.patch \
+ file://CVE-2020-8284.patch \
+ file://CVE-2020-8285.patch \
+ file://CVE-2020-8286.patch \
+ file://CVE-2021-22876.patch \
+ file://CVE-2021-22890.patch \
+ file://CVE-2021-22898.patch \
+ file://CVE-2021-22924.patch \
+ file://CVE-2021-22925.patch \
+ file://CVE-2021-22946-pre1.patch \
+ file://CVE-2021-22946.patch \
+ file://CVE-2021-22947.patch \
+ file://CVE-2022-27776.patch \
+ file://CVE-2022-27775.patch \
+ file://CVE-2022-22576.patch \
+ file://CVE-2022-27774-1.patch \
+ file://CVE-2022-27774-2.patch \
+ file://CVE-2022-27774-3.patch \
+ file://CVE-2022-27774-4.patch \
+ file://CVE-2022-27781.patch \
+ file://CVE-2022-27782-1.patch \
+ file://CVE-2022-27782-2.patch \
+ file://CVE-2022-32206.patch \
+ file://CVE-2022-32207.patch \
+ file://CVE-2022-32208.patch \
+ file://CVE-2022-35252.patch \
+ file://CVE-2022-32221.patch \
+ file://CVE-2022-35260.patch \
+ file://CVE-2022-43552.patch \
+ file://CVE-2023-23916.patch \
+ file://CVE-2023-27534-pre1.patch \
+ file://CVE-2023-27534.patch \
+ file://CVE-2023-27538.patch \
+ file://CVE-2023-27533.patch \
+ file://CVE-2023-27535-pre1.patch \
+ file://CVE-2023-27535.patch \
+ file://CVE-2023-27536.patch \
+ file://CVE-2023-28320.patch \
+ file://CVE-2023-28320-fol1.patch \
+ file://CVE-2023-32001.patch \
+ file://CVE-2023-38545.patch \
+ file://CVE-2023-38546.patch \
+ file://CVE-2023-28321.patch \
+ file://CVE-2023-28322.patch \
+ file://CVE-2023-46218.patch \
+ file://CVE-2024-2398.patch \
"
SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42"
@@ -16,6 +66,15 @@ SRC_URI[sha256sum] = "2ff5e5bd507adf6aa88ff4bbafd4c7af464867ffb688be93b9930717a5
# Curl has used many names over the years...
CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl"
+CVE_CHECK_WHITELIST = "CVE-2021-22922 CVE-2021-22923 CVE-2021-22926 CVE-2021-22945"
+
+# As per link https://security-tracker.debian.org/tracker/CVE-2021-22897
+# and https://ubuntu.com/security/CVE-2021-22897
+# This CVE issue affects Windows only Hence whitelisting this CVE
+CVE_CHECK_WHITELIST += "CVE-2021-22897"
+
+# This CVE reports that apple had to upgrade curl because of other already reported CVEs
+CVE_CHECK_WHITELIST += "CVE-2023-42915"
inherit autotools pkgconfig binconfig multilib_header
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-04 16:01:10 +0000