Changeset ebf4942 for networking/netlibs/curl.xml

Timestamp:

08/20/2020 05:43:00 PM (4 years ago)

Author:

Xi Ruoyao <xry111@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

ff0b3aa8

Parents:

020ecfd

Message:

curl: add security hotfix for 7.71.1 (blfs-10.0)

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@23584 af4574ff-66df-0310-9fd7-8a98e5e911e0

File:

• networking/netlibs/curl.xml (modified) (2 diffs)

networking/netlibs/curl.xml

@@ -74 +74 @@
       </listitem>
     </itemizedlist>
-<!--
+
     <bridgehead renderas="sect3">Additional Downloads</bridgehead>
     <itemizedlist spacing="compact">
       <listitem>
         <para>
-          Patch to fix DNS resolution issues: <ulink
-          url="&patch-root;/curl-7.65.1-fix_dns_segfaults-2.patch"/>
+          <!-- A hotfix for LFS-10.0, to fix the CVE w/o change the API
+               and ABI.  So we won't need to rebuild massively.  Will be
+               dropped in LFS-10.1 once we update to curl-7.72.0.  -->
+          Patch to fix CVE-2020-8231: <ulink
+          url="&patch-root;/curl-7.71.1-security_fixes-1.patch"/>
         </para>
       </listitem>
     </itemizedlist>
--->
 
     <bridgehead renderas="sect3">cURL Dependencies</bridgehead>
@@ -132 +134 @@
   <sect2 role="installation">
     <title>Installation of cURL</title>
-<!--
-    <para>
-      First, apply a patch to fix DNS resolution issues:
-    </para>
-
-<screen><userinput>patch -Np1 -i ../curl-7.65.1-fix_dns_segfaults-2.patch</userinput></screen>
--->
+
+    <para>
+      First, apply a patch to fix a security issue:
+    </para>
+
+<screen><userinput>patch -Np1 -i ../curl-7.71.1-security_fixes-1.patch</userinput></screen>
 
     <para>