all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
* [PATCH 0/1] curl: Fix CVE-2016-7167
@ 2016-09-14 17:23 Leo Famulari
  2016-09-14 17:23 ` [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167] Leo Famulari
  0 siblings, 1 reply; 4+ messages in thread
From: Leo Famulari @ 2016-09-14 17:23 UTC (permalink / raw)
  To: guix-devel

This patch updates the curl replacement to 7.50.3, the latest release,
in order to fix CVE-2016-7167:

https://curl.haxx.se/docs/adv_20160914.html

Leo Famulari (1):
  gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167].

 gnu/packages/curl.scm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

-- 
2.10.0

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167].
  2016-09-14 17:23 [PATCH 0/1] curl: Fix CVE-2016-7167 Leo Famulari
@ 2016-09-14 17:23 ` Leo Famulari
  2016-09-14 18:03   ` Efraim Flashner
  0 siblings, 1 reply; 4+ messages in thread
From: Leo Famulari @ 2016-09-14 17:23 UTC (permalink / raw)
  To: guix-devel

* gnu/packages/curl.scm (curl)[replacement]: Update to 7.50.3.
(curl-7.50.2): Replace with ....
(curl-7.50.3): ... this.
---
 gnu/packages/curl.scm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index f3c0ade..5cd8086 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -40,7 +40,7 @@
 (define-public curl
   (package
    (name "curl")
-   (replacement curl-7.50.2)
+   (replacement curl-7.50.3)
    (version "7.47.0")
    (source (origin
             (method url-fetch)
@@ -125,15 +125,15 @@ tunneling, and so on.")
                                   "See COPYING in the distribution."))
    (home-page "http://curl.haxx.se/")))
 
-(define curl-7.50.2
+(define curl-7.50.3
   (package
     (inherit curl)
     (source
-      (let ((version "7.50.2"))
+      (let ((version "7.50.3"))
         (origin
           (method url-fetch)
           (uri (string-append "https://curl.haxx.se/download/curl-"
                               version ".tar.lzma"))
           (sha256
            (base32
-            "0d5ly1xms0hh5zkv0m77d50c1816ywmbvmi1m158jyl70ndi9gby")))))))
+            "1spmk0345hq0sgpwxs8d410268lmg3wf1x9v23hxff7wxki5fm4c")))))))
-- 
2.10.0

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167].
  2016-09-14 17:23 ` [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167] Leo Famulari
@ 2016-09-14 18:03   ` Efraim Flashner
  2016-09-14 18:12     ` Leo Famulari
  0 siblings, 1 reply; 4+ messages in thread
From: Efraim Flashner @ 2016-09-14 18:03 UTC (permalink / raw)
  To: Leo Famulari; +Cc: guix-devel

[-- Attachment #1: Type: text/plain, Size: 1676 bytes --]

On Wed, Sep 14, 2016 at 01:23:20PM -0400, Leo Famulari wrote:
> * gnu/packages/curl.scm (curl)[replacement]: Update to 7.50.3.
> (curl-7.50.2): Replace with ....
> (curl-7.50.3): ... this.
> ---
>  gnu/packages/curl.scm | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
> index f3c0ade..5cd8086 100644
> --- a/gnu/packages/curl.scm
> +++ b/gnu/packages/curl.scm
> @@ -40,7 +40,7 @@
>  (define-public curl
>    (package
>     (name "curl")
> -   (replacement curl-7.50.2)
> +   (replacement curl-7.50.3)
>     (version "7.47.0")
>     (source (origin
>              (method url-fetch)
> @@ -125,15 +125,15 @@ tunneling, and so on.")
>                                    "See COPYING in the distribution."))
>     (home-page "http://curl.haxx.se/")))
>  
> -(define curl-7.50.2
> +(define curl-7.50.3
>    (package
>      (inherit curl)
>      (source
> -      (let ((version "7.50.2"))
> +      (let ((version "7.50.3"))
>          (origin
>            (method url-fetch)
>            (uri (string-append "https://curl.haxx.se/download/curl-"
>                                version ".tar.lzma"))
>            (sha256
>             (base32
> -            "0d5ly1xms0hh5zkv0m77d50c1816ywmbvmi1m158jyl70ndi9gby")))))))
> +            "1spmk0345hq0sgpwxs8d410268lmg3wf1x9v23hxff7wxki5fm4c")))))))
> -- 
> 2.10.0
> 
> 

Looks straightforward.

-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167].
  2016-09-14 18:03   ` Efraim Flashner
@ 2016-09-14 18:12     ` Leo Famulari
  0 siblings, 0 replies; 4+ messages in thread
From: Leo Famulari @ 2016-09-14 18:12 UTC (permalink / raw)
  To: Efraim Flashner; +Cc: guix-devel

[-- Attachment #1: Type: text/plain, Size: 359 bytes --]

On Wed, Sep 14, 2016 at 09:03:03PM +0300, Efraim Flashner wrote:
> On Wed, Sep 14, 2016 at 01:23:20PM -0400, Leo Famulari wrote:
> > * gnu/packages/curl.scm (curl)[replacement]: Update to 7.50.3.
> > (curl-7.50.2): Replace with ....
> > (curl-7.50.3): ... this.
> 
> Looks straightforward.

Thanks, pushed as 2a0ed3254bc76ad6503170f196c2008473b0292b

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2016-09-14 18:13 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-09-14 17:23 [PATCH 0/1] curl: Fix CVE-2016-7167 Leo Famulari
2016-09-14 17:23 ` [PATCH 1/1] gnu: curl: Update replacement to 7.50.3 [fixes CVE-2016-7167] Leo Famulari
2016-09-14 18:03   ` Efraim Flashner
2016-09-14 18:12     ` Leo Famulari

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.