Insyde's Security Pledge

Upgrade curl to v8.10.1.

CVSS Vector: See in Description

Upgrade curl to v8.10.1 for addressing following vulnerabilities.

1. CVE-2024-6197 (fixed by curl v8.9.0)
CVSS: Medium
Free of memory not on heap.

2. CVE-2024-6874 (fixed by curl v8.9.0)
CVSS: Low
Stack contents accidentally getting returned as part of the converted string.

3.CVE-2024-7264 (fixed by curl v8.9.1)
CVSS: 7.5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ASN.1 date parser overread.

4. CVE-2024-8096 (fixed by curl v8.10.0)
CVSS: 6.4, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
OCSP stapling bypass with GnuTLS.

OPF: RV23.08 and after.
OPF: RV24.06 and after.