summaryrefslogtreecommitdiff
path: root/external
diff options
context:
space:
mode:
authorMichael Stahl <Michael.Stahl@cib.de>2019-05-22 11:40:54 +0200
committerMichael Stahl <Michael.Stahl@cib.de>2019-05-22 15:04:24 +0200
commitedb01616ac176401650c35d938c75c6c5558a47e (patch)
treee39a05a0c9bfedb918f5eab075ef20bf29a2d0e7 /external
parent9c346feb33bddfe9b52a8a4cbc70e81193ce3c95 (diff)
curl: upgrade to release 7.65.0
Fixes CVE-2019-5435. It looks like this is not a problem on 32-bit Windows because fortunately we don't use /LARGEADDRESSAWARE flag to set IMAGE_FILE_LARGE_ADDRESS_AWARE... but on 32-bit Linux the user-space VM is 3GB so an exploit might be possible. Apparently there's no code in LO that uses the CURLU_URLENCODE flag. The other one, CVE-2019-5436, doesn't matter because we disable tftp. Change-Id: I0d4f087befa5a3c4fb21ec36761dad68932425d9 Reviewed-on: https://gerrit.libreoffice.org/72732 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Diffstat (limited to 'external')
-rw-r--r--external/curl/zlib.patch.010
1 files changed, 0 insertions, 10 deletions
diff --git a/external/curl/zlib.patch.0 b/external/curl/zlib.patch.0
index b3e821039740..189e820d1afa 100644
--- a/external/curl/zlib.patch.0
+++ b/external/curl/zlib.patch.0
@@ -1,15 +1,5 @@
--- configure
+++ configure
-@@ -937,8 +937,8 @@
- ZLIB_LIBS
- HAVE_LIBZ_FALSE
- HAVE_LIBZ_TRUE
--HAVE_LIBZ
- PKGCONFIG
-+HAVE_LIBZ
- CURL_DISABLE_GOPHER
- CURL_DISABLE_SMTP
- CURL_DISABLE_SMB
@@ -20709,7 +20709,6 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS