Bug 254773 - ftp/curl: Update to 7.76.1
Summary: ftp/curl: Update to 7.76.1
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Sunpoet Po-Chuan Hsieh
URL: https://curl.se/changes.html#7_76_1
Keywords: needs-qa, security
: 254667 (view as bug list)
Depends on: 254772
Blocks:
  Show dependency treegraph
 
Reported: 2021-04-04 22:29 UTC by Yasuhiro Kimura
Modified: 2021-04-19 00:55 UTC (History)
5 users (show)

See Also:
bugzilla: maintainer-feedback? (sunpoet)
koobs: merge-quarterly?


Attachments
Patch file (2.72 KB, patch)
2021-04-04 22:29 UTC, Yasuhiro Kimura
no flags Details | Diff
Updated patch file (3.31 KB, patch)
2021-04-14 10:07 UTC, Yasuhiro Kimura
no flags Details | Diff
Updated patch file (1.26 KB, patch)
2021-04-19 00:55 UTC, Yasuhiro Kimura
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Yasuhiro Kimura 2021-04-04 22:29:12 UTC
Created attachment 223812 [details]
Patch file

Update to 7.76.0, which fixes CVE-2021-22876 and CVE-2021-22890.

ChangeLog: https://curl.se/changes.html

Bug #254772 describes the vulnerabilities fixed with this release. So please commit it together.
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2021-04-06 03:39:53 UTC
"There will be a patch release: curl 7.76.1 on April 14" [1]

Upcoming release notes:

  https://curl.se/dev/release-notes.html

Not sure if they are regressions in 7.76.0 or just late fixed issues that didn't make the last release and don't break compat.

[1] https://twitter.com/bagder/status/1379010331134066690?s=20
Comment 2 Kubilay Kocak freebsd_committer freebsd_triage 2021-04-09 10:21:23 UTC
*** Bug 254667 has been marked as a duplicate of this bug. ***
Comment 3 Yasuhiro Kimura 2021-04-14 10:07:28 UTC
Created attachment 224100 [details]
Updated patch file

New version 7.76.1 is released.

ChangeLog: https://curl.se/changes.html#7_76_1
Comment 4 Yasuhiro Kimura 2021-04-19 00:55:27 UTC
Created attachment 224236 [details]
Updated patch file

Chase update of ports tree.