Skip to content

Commit

Permalink
curl: disable some features
Browse files Browse the repository at this point in the history 
These features are removed since they have caused trouble
in the past (conflicting imports of libldap), or are
considered as unneeded.
- libbrotli, a rather new and uncommon compression lib
- lber/ldap, using curl for ldap access is rather exotic

The update also fixes two issues,
- Integer overflows in curl_url_set
- tftp: use the current blksize for recvfrom()

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436
  • Loading branch information
@thomas
thomas committed May 24, 2019
1 parent ab2832e commit bb3fc99
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions curl.be0
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,9 +55,12 @@ SRCURL[0]="https://curl.haxx.se/download/curl-${PKGVERSION}.tar.bz2"
# bee_patch "${@}"
#}

#mee_configure() {
# bee_configure
#}
mee_configure() {
bee_configure \
--without-brotli \
--disable-lber \
--disable-ldap
}

mee_build() {
bee_build
Expand Down

0 comments on commit bb3fc99

Please sign in to comment.