The curl package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to a reported security issue.
VERSION 7.40.0-3 => 7.40.0-3.1 CHANGELOG [Wed, 2 Mar 2016 09:51:47 +0000 0914eea] Bump pkg revision [Tue, 1 Mar 2016 22:42:51 +0000 380df1a] This fixes the following security problem: CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use http://curl.haxx.se/docs/adv_20160127B.html backport of r48614. CHANGES package/network/utils/curl/Makefile | 4 +- .../curl/patches/018-CVE-2016-0755.patch | 126 +++++++++++++++++ 2 files changed, 128 insertions(+), 2 deletions(-) REFERENCES * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755 * http://git.openwrt.org/?p=15.05/openwrt.git;a=commit;h=380df1a3bd556a21393706c5facb10c76657ea16 * http://git.openwrt.org/?p=15.05/openwrt.git;a=commit;h=0914eeac49722a112ba6c4c70c8a86317ea6d29c _______________________________________________ openwrt-users mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users
