diff options
author | Marius Bakke <marius@gnu.org> | 2020-12-12 22:03:37 +0100 |
---|---|---|
committer | Marius Bakke <marius@gnu.org> | 2020-12-13 01:05:57 +0100 |
commit | 1adeb744560af94687eb7c3780c7145c52674070 (patch) | |
tree | 843daa146269747e7bbd05ccc2a8c653d4c40836 /gnu | |
parent | ddeec8cad3c32358f16a326b2f1fe2126aca0158 (diff) | |
download | guix-1adeb744560af94687eb7c3780c7145c52674070.tar.gz |
gnu: cURL: Update replacement to 7.74.0 [security fixes].
This fixes CVE-2020-8284, CVE-2020-8285, and CVE-2020-8286. * gnu/packages/curl.scm (curl-7.71.0): Rename to ... (curl-7.74.0): ... this. Update to 7.74.0. (curl)[replacement]: Adjust accordingly.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/packages/curl.scm | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm index 55b7e4393b..33a2188d70 100644 --- a/gnu/packages/curl.scm +++ b/gnu/packages/curl.scm @@ -54,7 +54,7 @@ (package (name "curl") (version "7.69.1") - (replacement curl-7.71.0) + (replacement curl-7.74.0) (source (origin (method url-fetch) (uri (string-append "https://curl.haxx.se/download/curl-" @@ -171,18 +171,18 @@ tunneling, and so on.") (name "curl-minimal") (inputs (alist-delete "openldap" (package-inputs curl)))))) -;; Replacement package to fix CVE-2020-8169 and CVE-2020-8177. -(define curl-7.71.0 +;; Replacement package to fix multiple security vulnerabilities. +(define curl-7.74.0 (package (inherit curl) - (version "7.71.0") + (version "7.74.0") (source (origin (inherit (package-source curl)) (uri (string-append "https://curl.haxx.se/download/curl-" version ".tar.xz")) (sha256 (base32 - "0wlppmx9iry8slh4pqcxj7lwc6fqwnlhh9ri2pcym2rx76a8gwfd")))) + "12w7gskrglg6qrmp822j37fmbr0icrcxv7rib1fy5xiw80n5z7cr")))) (arguments (substitute-keyword-arguments (package-arguments curl) ((#:phases phases) |