curl: upgrade to release 7.65.0 - libreoffice/core - main, development code repository

diff options

author	Michael Stahl <Michael.Stahl@cib.de>	2019-05-22 11:40:54 +0200
committer	Thorsten Behrens <Thorsten.Behrens@CIB.de>	2019-06-12 17:56:57 +0200
commit	838eb4c8915997fed81f106c8f9641e366a9ff82 (patch)
tree	f9f4d33abc3046bbba6da0b710a0106bf231a048 /onlineupdate
parent	0e82245689b4bd1541e78d7f84f57bc620b94b92 (diff)

curl: upgrade to release 7.65.0feature/cib_contract3197

Fixes CVE-2019-5435. It looks like this is not a problem on 32-bit Windows because fortunately we don't use /LARGEADDRESSAWARE flag to set IMAGE_FILE_LARGE_ADDRESS_AWARE... but on 32-bit Linux the user-space VM is 3GB so an exploit might be possible. Apparently there's no code in LO that uses the CURLU_URLENCODE flag. The other one, CVE-2019-5436, doesn't matter because we disable tftp. Change-Id: I0d4f087befa5a3c4fb21ec36761dad68932425d9 Reviewed-on: https://gerrit.libreoffice.org/72732 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit edb01616ac176401650c35d938c75c6c5558a47e)

Diffstat (limited to 'onlineupdate')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: