bug-guix
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47563: [PATCH 0/1] gnu: curl: Fix CVE-2021-22876 and CVE-2021-22890.

From: Léo Le Bouter
Subject: bug#47563: [PATCH 0/1] gnu: curl: Fix CVE-2021-22876 and CVE-2021-22890.
Date: Fri, 2 Apr 2021 16:09:39 +0200 
curl-CVE-2021-22876.patch was rebased onto 7.74.0, but curl-CVE-2021-22890.patch
does not apply and please I need help rebasing it, it looks quite complex.

I pushed an upgrade of curl to 7.76.0 which has been much much easier to
core-updates already as
https://git.savannah.gnu.org/cgit/guix.git/commit/?h=core-updates&id=2e0b1b62e94b926041ca9af70537dd9b3ab64edf
but unfortunately since curl requires so many rebuilds it seems we can't use
such commit on master for now.

Léo Le Bouter (1):
  gnu: curl: Fix CVE-2021-22876 and CVE-2021-22890.

 gnu/local.mk                                  |   2 +
 gnu/packages/curl.scm                         |   4 +-
 .../patches/curl-CVE-2021-22876.patch         | 147 ++++++
 .../patches/curl-CVE-2021-22890.patch         | 499 ++++++++++++++++++
 4 files changed, 651 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/curl-CVE-2021-22876.patch
 create mode 100644 gnu/packages/patches/curl-CVE-2021-22890.patch

-- 
2.31.1
reply via email to
[Prev in Thread] Current Thread [Next in Thread]