From df9efc94970ccc1e43915839ec3f49d54729cc3d Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Sat, 24 Sep 2016 13:48:05 +0200
Subject: curl: update to version 7.50.3

This fixes the following security problems:
7.50.1:
 CVE-2016-5419 TLS session resumption client cert bypass
 CVE-2016-5420 Re-using connections with wrong client cert
 CVE-2016-5421 use of connection struct after free
7.50.2:
 CVE-2016-7141 Incorrect reuse of client certificates
7.50.3:
 CVE-2016-7167 curl escape and unescape integer overflows

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
---
 .../utils/curl/patches/310-polarssl-disable-runtime-version-check.patch | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch')

diff --git a/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch b/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
index 0ec65dd..464f2fc 100644
--- a/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
+++ b/package/network/utils/curl/patches/310-polarssl-disable-runtime-version-check.patch
@@ -11,7 +11,7 @@
                    version>>24, (version>>16)&0xff, (version>>8)&0xff);
 --- a/lib/vtls/mbedtls.c
 +++ b/lib/vtls/mbedtls.c
-@@ -705,7 +705,7 @@ void Curl_mbedtls_session_free(void *ptr
+@@ -713,7 +713,7 @@ void Curl_mbedtls_session_free(void *ptr
  
  size_t Curl_mbedtls_version(char *buffer, size_t size)
  {
-- 
cgit v1.1