GNU bug report logs -
#28702
[PATCH] gnu: curl: Update replacement to 7.56.0. [security fixes]
Previous Next
Reported by: Kei Kebreau <kkebreau <at> posteo.net>
Date: Wed, 4 Oct 2017 15:03:01 UTC
Severity: normal
Tags: patch
Done: Kei Kebreau <kkebreau <at> posteo.net>
Bug is archived. No further changes may be made.
Full log
Message #16 received at 28702-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Marius Bakke <mbakke <at> fastmail.com> writes:
> Kei Kebreau <kkebreau <at> posteo.net> writes:
>
>> Fixes CVE-2017-1000254.
>> See <https://curl.haxx.se/docs/adv_20171004.html> for details.
>>
>> * gnu/packages/curl.scm (curl)[replacement]: Update to 7.56.0.
>> (curl-7.55.0): Rename to ...
>> (curl-7.56.0): ... this.
>> [arguments]: Remove 'fix-Makefile' phase.
>> ---
>> gnu/packages/curl.scm | 17 ++---------------
>> 1 file changed, 2 insertions(+), 15 deletions(-)
>>
>> diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
>> index 23606b481..552df5dc3 100644
>> --- a/gnu/packages/curl.scm
>> +++ b/gnu/packages/curl.scm
>> @@ -126,25 +126,12 @@ tunneling, and so on.")
>> (define-public curl-7.55.0
>> (package
>> (inherit curl)
>> - (version "7.55.0")
>> + (version "7.56.0")
>> (source
>> (origin
>> (method url-fetch)
>> (uri (string-append "https://curl.haxx.se/download/curl-"
>> version ".tar.xz"))
>> - (patches (search-patches "curl-bounds-check.patch"))
>
> Please also delete this file and update gnu/local.mk.
>
> LGTM otherwise, thanks!
Thanks for reviewing this.
Pushed to master as 46cf31868c1b12eec50bc9b8dda64604dd81f986.
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 7 years and 235 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.