gnu: cURL: Update replacement to 7.74.0 [security fixes].
This fixes CVE-2020-8284, CVE-2020-8285, and CVE-2020-8286. * gnu/packages/curl.scm (curl-7.71.0): Rename to ... (curl-7.74.0): ... this. Update to 7.74.0. (curl)[replacement]: Adjust accordingly.
This commit is contained in:
parent
ddeec8cad3
commit
1adeb74456
|
@ -54,7 +54,7 @@ (define-public curl
|
||||||
(package
|
(package
|
||||||
(name "curl")
|
(name "curl")
|
||||||
(version "7.69.1")
|
(version "7.69.1")
|
||||||
(replacement curl-7.71.0)
|
(replacement curl-7.74.0)
|
||||||
(source (origin
|
(source (origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
(uri (string-append "https://curl.haxx.se/download/curl-"
|
(uri (string-append "https://curl.haxx.se/download/curl-"
|
||||||
|
@ -171,18 +171,18 @@ (define-public curl-minimal
|
||||||
(name "curl-minimal")
|
(name "curl-minimal")
|
||||||
(inputs (alist-delete "openldap" (package-inputs curl))))))
|
(inputs (alist-delete "openldap" (package-inputs curl))))))
|
||||||
|
|
||||||
;; Replacement package to fix CVE-2020-8169 and CVE-2020-8177.
|
;; Replacement package to fix multiple security vulnerabilities.
|
||||||
(define curl-7.71.0
|
(define curl-7.74.0
|
||||||
(package
|
(package
|
||||||
(inherit curl)
|
(inherit curl)
|
||||||
(version "7.71.0")
|
(version "7.74.0")
|
||||||
(source (origin
|
(source (origin
|
||||||
(inherit (package-source curl))
|
(inherit (package-source curl))
|
||||||
(uri (string-append "https://curl.haxx.se/download/curl-"
|
(uri (string-append "https://curl.haxx.se/download/curl-"
|
||||||
version ".tar.xz"))
|
version ".tar.xz"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"0wlppmx9iry8slh4pqcxj7lwc6fqwnlhh9ri2pcym2rx76a8gwfd"))))
|
"12w7gskrglg6qrmp822j37fmbr0icrcxv7rib1fy5xiw80n5z7cr"))))
|
||||||
(arguments
|
(arguments
|
||||||
(substitute-keyword-arguments (package-arguments curl)
|
(substitute-keyword-arguments (package-arguments curl)
|
||||||
((#:phases phases)
|
((#:phases phases)
|
||||||
|
|
Loading…
Reference in a new issue