CVE-2016-9594: unititialized random
CVE-2016-9586: printf floating point buffer overflow
CVE-2016-9952: Win CE schannel cert wildcard matches too much
CVE-2016-9953: Win CE schannel cert name out of buffer read
https://curl.haxx.se/changes.html
---
main/curl/APKBUILD | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/main/curl/APKBUILD b/main/curl/APKBUILD
index 5184cd3..f2f2de6 100644
--- a/main/curl/APKBUILD
+++ b/main/curl/APKBUILD
@@ -1,8 +1,9 @@
+# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=curl
-pkgver=7.51.0
+pkgver=7.52.1
pkgrel=0
pkgdesc="An URL retrival utility and library"
url="http://curl.haxx.se"
@@ -15,7 +16,12 @@ source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.bz2"
subpackages="$pkgname-doc $pkgname-dev libcurl"
# secfixes:
-# 7.51.0:
+# 7.52.1-r0:
+# - CVE-2016-9594
+# - CVE-2016-9586
+# - CVE-2016-9952
+# - CVE-2016-9953
+# 7.51.0-r0:
# - CVE-2016-8615
# - CVE-2016-8616
# - CVE-2016-8617
--
2.8.3
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---