Subject: CVS commit: [pkgsrc-2011Q4] pkgsrc/www/curl
From: Steven Drake
Date: 2012-01-28 07:26:19
Message id: 20120128062619.C435F175DD@cvs.netbsd.org
Log Message:
Pullup ticket #3663 - requested by drochner
www/curl security update

Revisions pulled up:
- www/curl/Makefile                                             1.110
- www/curl/distinfo                                             1.73
- www/curl/patches/patch-ba                                     1.1
- www/curl/patches/patch-bb                                     1.1
- www/curl/patches/patch-bc                                     1.1
- www/curl/patches/patch-bd                                     1.1
- www/curl/patches/patch-be                                     1.1
- www/curl/patches/patch-bf                                     1.1

---
   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Thu Jan 26 11:25:55 UTC 2012

   Modified Files:
           pkgsrc/www/curl: Makefile distinfo
   Added Files:
           pkgsrc/www/curl/patches: patch-ba patch-bb patch-bc patch-bd patch-be
               patch-bf

   Log Message:
   add patches from upstream to fix 2 security problems:
   -data injection attack for certain protocols (CVE-2012-0036)
   -SSL CBC IV vulnerability (OpenSSL related, CVE-2011-3389)
   bump PKGREV
Files:
RevisionActionfile
1.109.2.1modifypkgsrc/www/curl/Makefile
1.72.2.1modifypkgsrc/www/curl/distinfo
1.1.2.2addpkgsrc/www/curl/patches/patch-ba
1.1.2.2addpkgsrc/www/curl/patches/patch-bb
1.1.2.2addpkgsrc/www/curl/patches/patch-bc
1.1.2.2addpkgsrc/www/curl/patches/patch-bd
1.1.2.2addpkgsrc/www/curl/patches/patch-be
1.1.2.2addpkgsrc/www/curl/patches/patch-bf