From 111cf1b9f37b902dbc4ac2934f38ee6418600f69 Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Mon, 13 Mar 2017 22:51:20 +0100
Subject: curl: fix CVE-2017-2629 SSL_VERIFYSTATUS ignored

This fixes the following security problem:
https://curl.haxx.se/docs/adv_20170222.html

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
---
 package/network/utils/curl/patches/001-curl-https-openssl-fix.patch | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'package/network/utils/curl/patches/001-curl-https-openssl-fix.patch')

diff --git a/package/network/utils/curl/patches/001-curl-https-openssl-fix.patch b/package/network/utils/curl/patches/001-curl-https-openssl-fix.patch
index 259f618..9658ef5 100644
--- a/package/network/utils/curl/patches/001-curl-https-openssl-fix.patch
+++ b/package/network/utils/curl/patches/001-curl-https-openssl-fix.patch
@@ -12,11 +12,9 @@ Bug: #1174
  lib/vtls/vtls.c | 4 ++--
  1 file changed, 2 insertions(+), 2 deletions(-)
 
-diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
-index b808e1c..707f24b 100644
 --- a/lib/vtls/vtls.c
 +++ b/lib/vtls/vtls.c
-@@ -484,7 +484,7 @@ void Curl_ssl_close_all(struct Curl_easy *data)
+@@ -484,7 +484,7 @@ void Curl_ssl_close_all(struct Curl_easy
    curlssl_close_all(data);
  }
  
@@ -25,7 +23,7 @@ index b808e1c..707f24b 100644
      defined(USE_DARWINSSL) || defined(USE_NSS)
  /* This function is for OpenSSL, GnuTLS, darwinssl, and schannel only. */
  int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks,
-@@ -518,7 +518,7 @@ int Curl_ssl_getsock(struct connectdata *conn,
+@@ -518,7 +518,7 @@ int Curl_ssl_getsock(struct connectdata
    (void)numsocks;
    return GETSOCK_BLANK;
  }
-- 
cgit v1.1