From 5a9711878bae347076f87d530b12a3fa8b4e3be3 Mon Sep 17 00:00:00 2001
From: Kawe Mazidjatari <48657826+Mauler125@users.noreply.github.com>
Date: Mon, 12 Jun 2023 22:26:53 +0200
Subject: [PATCH] Fix CVE-2020-8284

Merge: curl/curl@ec9cc725d598ac
---
 r5dev/thirdparty/curl/url.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/r5dev/thirdparty/curl/url.c b/r5dev/thirdparty/curl/url.c
index 4711746c..099e919b 100644
--- a/r5dev/thirdparty/curl/url.c
+++ b/r5dev/thirdparty/curl/url.c
@@ -521,6 +521,7 @@ CURLcode Curl_init_userdefined(struct UserDefined *set)
   set->ftp_use_eprt = TRUE;   /* FTP defaults to EPRT operations */
   set->ftp_use_pret = FALSE;  /* mainly useful for drftpd servers */
   set->ftp_filemethod = FTPFILE_MULTICWD;
+  set->ftp_skip_ip = TRUE;    /* skip PASV IP by default */
 
   set->dns_cache_timeout = 60; /* Timeout every 60 seconds by default */