* [PATCH 0/1] curl: Fix CVE-2016-7167
@ 2016-09-14 17:23 Leo Famulari
2016-09-14 17:23 ` [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167] Leo Famulari
0 siblings, 1 reply; 4+ messages in thread
From: Leo Famulari @ 2016-09-14 17:23 UTC (permalink / raw)
To: guix-devel
This patch updates the curl replacement to 7.50.3, the latest release,
in order to fix CVE-2016-7167:
https://curl.haxx.se/docs/adv_20160914.html
Leo Famulari (1):
gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167].
gnu/packages/curl.scm | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
--
2.10.0
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167].
2016-09-14 17:23 [PATCH 0/1] curl: Fix CVE-2016-7167 Leo Famulari
@ 2016-09-14 17:23 ` Leo Famulari
2016-09-14 18:03 ` Efraim Flashner
0 siblings, 1 reply; 4+ messages in thread
From: Leo Famulari @ 2016-09-14 17:23 UTC (permalink / raw)
To: guix-devel
* gnu/packages/curl.scm (curl)[replacement]: Update to 7.50.3.
(curl-7.50.2): Replace with ....
(curl-7.50.3): ... this.
---
gnu/packages/curl.scm | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index f3c0ade..5cd8086 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -40,7 +40,7 @@
(define-public curl
(package
(name "curl")
- (replacement curl-7.50.2)
+ (replacement curl-7.50.3)
(version "7.47.0")
(source (origin
(method url-fetch)
@@ -125,15 +125,15 @@ tunneling, and so on.")
"See COPYING in the distribution."))
(home-page "http://curl.haxx.se/")))
-(define curl-7.50.2
+(define curl-7.50.3
(package
(inherit curl)
(source
- (let ((version "7.50.2"))
+ (let ((version "7.50.3"))
(origin
(method url-fetch)
(uri (string-append "https://curl.haxx.se/download/curl-"
version ".tar.lzma"))
(sha256
(base32
- "0d5ly1xms0hh5zkv0m77d50c1816ywmbvmi1m158jyl70ndi9gby")))))))
+ "1spmk0345hq0sgpwxs8d410268lmg3wf1x9v23hxff7wxki5fm4c")))))))
--
2.10.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167].
2016-09-14 17:23 ` [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167] Leo Famulari
@ 2016-09-14 18:03 ` Efraim Flashner
2016-09-14 18:12 ` Leo Famulari
0 siblings, 1 reply; 4+ messages in thread
From: Efraim Flashner @ 2016-09-14 18:03 UTC (permalink / raw)
To: Leo Famulari; +Cc: guix-devel
[-- Attachment #1: Type: text/plain, Size: 1676 bytes --]
On Wed, Sep 14, 2016 at 01:23:20PM -0400, Leo Famulari wrote:
> * gnu/packages/curl.scm (curl)[replacement]: Update to 7.50.3.
> (curl-7.50.2): Replace with ....
> (curl-7.50.3): ... this.
> ---
> gnu/packages/curl.scm | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
> index f3c0ade..5cd8086 100644
> --- a/gnu/packages/curl.scm
> +++ b/gnu/packages/curl.scm
> @@ -40,7 +40,7 @@
> (define-public curl
> (package
> (name "curl")
> - (replacement curl-7.50.2)
> + (replacement curl-7.50.3)
> (version "7.47.0")
> (source (origin
> (method url-fetch)
> @@ -125,15 +125,15 @@ tunneling, and so on.")
> "See COPYING in the distribution."))
> (home-page "http://curl.haxx.se/")))
>
> -(define curl-7.50.2
> +(define curl-7.50.3
> (package
> (inherit curl)
> (source
> - (let ((version "7.50.2"))
> + (let ((version "7.50.3"))
> (origin
> (method url-fetch)
> (uri (string-append "https://curl.haxx.se/download/curl-"
> version ".tar.lzma"))
> (sha256
> (base32
> - "0d5ly1xms0hh5zkv0m77d50c1816ywmbvmi1m158jyl70ndi9gby")))))))
> + "1spmk0345hq0sgpwxs8d410268lmg3wf1x9v23hxff7wxki5fm4c")))))))
> --
> 2.10.0
>
>
Looks straightforward.
--
Efraim Flashner <efraim@flashner.co.il> אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167].
2016-09-14 18:03 ` Efraim Flashner
@ 2016-09-14 18:12 ` Leo Famulari
0 siblings, 0 replies; 4+ messages in thread
From: Leo Famulari @ 2016-09-14 18:12 UTC (permalink / raw)
To: Efraim Flashner; +Cc: guix-devel
[-- Attachment #1: Type: text/plain, Size: 359 bytes --]
On Wed, Sep 14, 2016 at 09:03:03PM +0300, Efraim Flashner wrote:
> On Wed, Sep 14, 2016 at 01:23:20PM -0400, Leo Famulari wrote:
> > * gnu/packages/curl.scm (curl)[replacement]: Update to 7.50.3.
> > (curl-7.50.2): Replace with ....
> > (curl-7.50.3): ... this.
>
> Looks straightforward.
Thanks, pushed as 2a0ed3254bc76ad6503170f196c2008473b0292b
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-09-14 18:13 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-09-14 17:23 [PATCH 0/1] curl: Fix CVE-2016-7167 Leo Famulari
2016-09-14 17:23 ` [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167] Leo Famulari
2016-09-14 18:03 ` Efraim Flashner
2016-09-14 18:12 ` Leo Famulari
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).