GNU bug report logs - #48769
[PATCH] gnu: curl: Update to 7.77.0 [fixes CVE-2021-{22897, 22898, 22901}].

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Tue, 1 Jun 2021 00:24:02 UTC

Severity: normal

Tags: patch

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 48769 in the body.
You can then email your comments to 48769 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to guix-patches <at> gnu.org:
bug#48769; Package guix-patches. (Tue, 01 Jun 2021 00:24:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to Leo Famulari <leo <at> famulari.name>:
New bug report received and forwarded. Copy sent to guix-patches <at> gnu.org. (Tue, 01 Jun 2021 00:24:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: guix-patches <at> gnu.org
Subject: [PATCH] gnu: curl: Update to 7.77.0 [fixes CVE-2021-{22897, 22898,
 22901}].
Date: Mon, 31 May 2021 20:23:10 -0400

* gnu/packages/curl.scm (curl/fixed): Replace with ...
(curl-7.77.0): ... new variable.
(curl)[replacement]: Use curl-7.77.0.
---
 gnu/packages/curl.scm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 94dc51cfc5..76b9b9840c 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -53,6 +53,7 @@
 (define-public curl
   (package
    (name "curl")
+   (replacement curl-7.77.0)
    (version "7.74.0")
    (source (origin
              (method url-fetch)
@@ -62,7 +63,6 @@
               (base32
                "12w7gskrglg6qrmp822j37fmbr0icrcxv7rib1fy5xiw80n5z7cr"))
              (patches (search-patches "curl-use-ssl-cert-env.patch"))))
-   (replacement curl/fixed)
    (build-system gnu-build-system)
    (outputs '("out"
               "doc"))                             ;1.2 MiB of man3 pages
@@ -152,10 +152,10 @@ tunneling, and so on.")
     (name "curl-minimal")
     (inputs (alist-delete "openldap" (package-inputs curl))))))
 
-(define-public curl/fixed
+(define-public curl-7.77.0
   (package
     (inherit curl)
-    (version "7.76.0")
+    (version "7.77.0")
     (source
      (origin
        (inherit (package-source curl))
@@ -164,7 +164,7 @@ tunneling, and so on.")
        (patches (search-patches "curl-7.76-use-ssl-cert-env.patch"))
        (sha256
         (base32
-         "1j2g04m6als6hmqzvddv84c31m0x90bfgyz3bjrwdkarbkby40k3"))))))
+         "0jsrc97vbghvljic997r9nypc9qqddcil2lzvv032br8ahn5hr0g"))))))
 
 (define-public kurly
   (package
-- 
2.31.1
Reply sent to Leo Famulari <leo <at> famulari.name>:
You have taken responsibility. (Thu, 03 Jun 2021 03:16:02 GMT) Full text and rfc822 format available.
Notification sent to Leo Famulari <leo <at> famulari.name>:
bug acknowledged by developer. (Thu, 03 Jun 2021 03:16:02 GMT) Full text and rfc822 format available.

Message #10 received at 48769-done <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: 48769-done <at> debbugs.gnu.org
Subject: Re: [PATCH] gnu: curl: Update to 7.77.0 [fixes CVE-2021-{22897,
 22898, 22901}].
Date: Wed, 2 Jun 2021 23:14:58 -0400

Pushed as 9e7d93f67566d52a2dc9006f02a4c2ad2be14442
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Thu, 01 Jul 2021 11:24:06 GMT) Full text and rfc822 format available.
This bug report was last modified 2 years and 298 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.