From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marius Bakke <mbakke@fastmail.com>
Subject: [PATCH] gnu: curl: Update replacement to 7.51.0 [fixes
	CVE-2016-{8615..8625}].
Date: Wed, 02 Nov 2016 09:10:59 +0000
Message-ID: <87bmxyb61o.fsf@duckhunt.i-did-not-set--mail-host-address--so-tickle-me>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:43243)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mbakke@fastmail.com>) id 1c1rZg-0006nn-AY
	for guix-devel@gnu.org; Wed, 02 Nov 2016 05:11:13 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mbakke@fastmail.com>) id 1c1rZd-0001Gg-3C
	for guix-devel@gnu.org; Wed, 02 Nov 2016 05:11:12 -0400
Received: from out2-smtp.messagingengine.com ([66.111.4.26]:50566)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <mbakke@fastmail.com>) id 1c1rZc-0001Ep-U7
	for guix-devel@gnu.org; Wed, 02 Nov 2016 05:11:09 -0400
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
	by mailout.nyi.internal (Postfix) with ESMTP id DB6DE20776
	for <guix-devel@gnu.org>; Wed,  2 Nov 2016 05:11:05 -0400 (EDT)
Received: from localhost (169.243.187.81.in-addr.arpa [81.187.243.169])
	by mail.messagingengine.com (Postfix) with ESMTPA id C7C0ACCF30
	for <guix-devel@gnu.org>; Wed,  2 Nov 2016 05:11:02 -0400 (EDT)
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: guix-devel@gnu.org

--=-=-=
Content-Type: text/plain


New version of curl out today, fixing no less than 11 security
advisories. Should each be mentioned in the commit message?

Unfortunately this version has a bunch of unrelated fixes, but it builds
here, at least. Full changelog: https://curl.haxx.se/changes.html#7_51_0


--=-=-=
Content-Type: text/x-patch
Content-Disposition: inline;
 filename=0001-gnu-curl-Update-replacement-to-7.51.0-fixes-CVE-2016.patch

>From 8805df4d6a71db8ca1888c4258274a942faee279 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 2 Nov 2016 09:01:36 +0000
Subject: [PATCH] gnu: curl: Update replacement to 7.51.0 [fixes
 CVE-2016-{8615..8625}].

* gnu/packages/curl.scm (curl)[replacement]: Update to 7.51.0.
(curl-7.50.3): Replace with ...
(curl-7.51.0): ... this.
---
 gnu/packages/curl.scm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 5cd8086..5d92e03 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -40,7 +40,7 @@
 (define-public curl
   (package
    (name "curl")
-   (replacement curl-7.50.3)
+   (replacement curl-7.51.0)
    (version "7.47.0")
    (source (origin
             (method url-fetch)
@@ -125,15 +125,15 @@ tunneling, and so on.")
                                   "See COPYING in the distribution."))
    (home-page "http://curl.haxx.se/")))
 
-(define curl-7.50.3
+(define curl-7.51.0
   (package
     (inherit curl)
     (source
-      (let ((version "7.50.3"))
+      (let ((version "7.51.0"))
         (origin
           (method url-fetch)
           (uri (string-append "https://curl.haxx.se/download/curl-"
                               version ".tar.lzma"))
           (sha256
            (base32
-            "1spmk0345hq0sgpwxs8d410268lmg3wf1x9v23hxff7wxki5fm4c")))))))
+            "0605f28m2kxjcxrcfcv1ja353gv167lwyxjc3xizqbwppdmmzvwy")))))))
-- 
2.10.1


--=-=-=--