aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-04-19 18:16:22 -0400
committerLeo Famulari <leo@famulari.name>2017-04-19 18:29:00 -0400
commite1444afa2dd78742e48daa7e4f4db03d53fa0efa (patch)
treefbcb50707ab2dd28f5d58b0de98e7a696d5fed08
parent87e32101782a9bb0acc59a78f1c513d35d259f2a (diff)
downloadguix-e1444afa2dd78742e48daa7e4f4db03d53fa0efa.tar
guix-e1444afa2dd78742e48daa7e4f4db03d53fa0efa.tar.gz
gnu: curl: Replace with curl@7.54.0 [fixes CVE-2017-7468]
* gnu/packages/curl.scm (curl)[replacement]: New field. (curl-7.54.0): New variable.
-rw-r--r--gnu/packages/curl.scm14
1 files changed, 14 insertions, 0 deletions
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 22e18389e7..73d402ce18 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -40,6 +40,7 @@
(define-public curl
(package
(name "curl")
+ (replacement curl-7.54.0)
(version "7.53.0")
(source (origin
(method url-fetch)
@@ -119,3 +120,16 @@ tunneling, and so on.")
(license (license:non-copyleft "file://COPYING"
"See COPYING in the distribution."))
(home-page "https://curl.haxx.se/")))
+
+(define curl-7.54.0
+ (package
+ (inherit curl)
+ (version "7.54.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://curl.haxx.se/download/curl-"
+ version ".tar.lzma"))
+ (sha256
+ (base32
+ "02h7qhl8ynp75g1vcaw18ks0gp7nahvvkqck19pb1q0kkw1scsnd"))))))