CVSROOT: /cvs
Module name: ports
Changes by: na...@cvs.openbsd.org 2015/05/01 14:39:43
Modified files:
net/curl : Tag: OPENBSD_5_6 Makefile
net/curl/patches: Tag: OPENBSD_5_6 patch-lib_cookie_c
patch-lib_url_c
Added files:
net/curl/patches: Tag: OPENBSD_5_6 patch-lib_http_c
patch-lib_http_negotiate_c
patch-lib_http_negotiate_sspi_c
patch-tests_data_test1527
patch-tests_data_test287
patch-tests_libtest_lib1527_c
Log message:
Security fixes:
CVE-2015-3143: Re-using authenticated connection when unauthenticated
CVE-2015-3144: host name out of boundary memory access
CVE-2015-3145: cookie parser out of boundary memory access
CVE-2015-3148: Negotiate not treated as connection-oriented
CVE-2015-3153: sensitive HTTP server headers also sent to proxies
Backport for CVE-2015-3148 from Ubuntu.
