From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: [PATCH 0/1] Curl security update (CVE-2016-0755) Date: Wed, 27 Jan 2016 13:57:22 -0500 Message-ID: Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:39284) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aOVHS-0005iI-Ht for guix-devel@gnu.org; Wed, 27 Jan 2016 13:57:27 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aOVHP-0000Mt-Cq for guix-devel@gnu.org; Wed, 27 Jan 2016 13:57:26 -0500 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:48685) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aOVHP-0000Mm-94 for guix-devel@gnu.org; Wed, 27 Jan 2016 13:57:23 -0500 Received: from jasmine.lan (c-69-249-5-231.hsd1.pa.comcast.net [69.249.5.231]) by mail.messagingengine.com (Postfix) with ESMTPA id 9DFC8C01713 for ; Wed, 27 Jan 2016 13:57:20 -0500 (EST) List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org To: guix-devel@gnu.org This patch updates curl to 7.47.0, fixing CVE-2016-0755 [0][1]. I built it on the core-updates branch (although it's trivial enough to apply on another branch), and I tested it to download successfully. Feel free to apply the patch where appropriate. [0] http://curl.haxx.se/docs/adv_20160127A.html [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755 Leo Famulari (1): gnu: curl: Update to 7.47.0 [fixes CVE-2016-0755]. gnu/packages/curl.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) -- 2.6.3