Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
third_party: update libcurl from 8.6.0 to 8.7.1
The patch updates curl module to the version 8.7.1 [1][2] that brings a number of functional and security fixes, and updates CMake module for building curl library. Security fixes: - CVE-2024-2004: Usage of disabled protocol. (low) - CVE-2024-2398: HTTP/2 push headers memory-leak. (medium) - CVE-2024-2379: QUIC certificate check bypass with wolfSSL. (low) - CVE-2024-2466: TLS certificate check bypass with mbedTLS. (medium) Changes in CMake module: - Option `USE_OPENSSL_QUIC` was added and disabled by default [3] Changelog entry has been removed because duplicate entries about bumps confuses end users. 1. https://curl.se/changes.html#8_7_1 2. curl/curl@curl-8_6_0...curl-8_7_1 3. curl/curl@8e74164 NO_DOC=libcurl submodule bump NO_CHANGELOG=libcurl submodule bump NO_TEST=libcurl submodule bump
- Loading branch information