Kei Kebreau <kkebreau@posteo.net> writes:

> Fixes CVE-2017-1000254.
> See <https://curl.haxx.se/docs/adv_20171004.html> for details.
>
> * gnu/packages/curl.scm (curl)[replacement]: Update to 7.56.0.
> (curl-7.55.0): Rename to ...
> (curl-7.56.0): ... this.
> [arguments]: Remove 'fix-Makefile' phase.
> ---
>  gnu/packages/curl.scm | 17 ++---------------
>  1 file changed, 2 insertions(+), 15 deletions(-)
>
> diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
> index 23606b481..552df5dc3 100644
> --- a/gnu/packages/curl.scm
> +++ b/gnu/packages/curl.scm
> @@ -126,25 +126,12 @@ tunneling, and so on.")
>  (define-public curl-7.55.0
>    (package
>      (inherit curl)
> -    (version "7.55.0")
> +    (version "7.56.0")
>      (source
>        (origin
>          (method url-fetch)
>          (uri (string-append "https://curl.haxx.se/download/curl-"
>                              version ".tar.xz"))
> -        (patches (search-patches "curl-bounds-check.patch"))

Please also delete this file and update gnu/local.mk.

LGTM otherwise, thanks!