summary refs log tree commit diff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-08-03 16:13:09 -0400
committerLeo Famulari <leo@famulari.name>2016-08-04 12:57:36 -0400
commite686e633ad4853bbff7a234155f75058fb896075 (patch)
treeb0365b7c982c1f90d297c274fe6b2f8aed4c0e55
parent7ccb874a299d6c6d86a3f1625a68c08ed20dbab6 (diff)
downloadguix-e686e633ad4853bbff7a234155f75058fb896075.tar.gz
gnu: curl: Replace with 7.50.1 [fixes CVE-2016-{3739,4802,5419,5420,5421].
* gnu/packages/curl.scm (curl)[replacement]: New field.
(curl-7.50.1): New variable.
-rw-r--r--gnu/packages/curl.scm14
1 files changed, 14 insertions, 0 deletions
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 222910b655..a250bb17d3 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -40,6 +40,7 @@
 (define-public curl
   (package
    (name "curl")
+   (replacement curl-7.50.1)
    (version "7.47.0")
    (source (origin
             (method url-fetch)
@@ -123,3 +124,16 @@ tunneling, and so on.")
    (license (license:non-copyleft "file://COPYING"
                                   "See COPYING in the distribution."))
    (home-page "http://curl.haxx.se/")))
+
+(define curl-7.50.1
+  (package
+    (inherit curl)
+    (source
+      (let ((version "7.50.1"))
+        (origin
+          (method url-fetch)
+          (uri (string-append "https://curl.haxx.se/download/curl-"
+                              version ".tar.lzma"))
+          (sha256
+           (base32
+            "0qc3qp3h18v24irzw7dgg1jf39v4hnz8irv83v9lbn9rxzrpdcdj")))))))