summaryrefslogtreecommitdiff
path: root/gnu/packages/curl.scm
diff options
context:
space:
mode:
authorAshish SHUKLA <ashish.is@lostca.se>2024-09-28 01:40:45 +0200
committerMaxim Cournoyer <maxim.cournoyer@gmail.com>2024-11-12 17:41:14 +0900
commit7fdda1c4bb50abba6a999a5fd0e5ad53c3736e87 (patch)
tree4a5af719d3cb8a798bcc89ba243ff07a279cfcfa /gnu/packages/curl.scm
parent6b8af015b29ebcefee54e40994ed64bbaa85b42f (diff)
gnu: curl: Fix CVE-2024-8096.
* gnu/packages/curl.scm (curl) [replacement]: New field. (curl/fixed): New variable. * gnu/packages/patches/curl-CVE-2024-8096.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. Change-Id: I42facad095d97dc94302e9db60626b9fa00f3738 Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Diffstat (limited to 'gnu/packages/curl.scm')
-rw-r--r--gnu/packages/curl.scm11
1 files changed, 11 insertions, 0 deletions
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 9f74018205..bbb266e236 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -16,6 +16,7 @@
;;; Copyright © 2021 Felix Gruber <felgru@posteo.net>
;;; Copyright © 2023 Sharlatan Hellseher <sharlatanus@gmail.com>
;;; Copyright © 2023 John Kehayias <john.kehayias@protonmail.com>
+;;; Copyright © 2024 Ashish SHUKLA <ashish.is@lostca.se>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -67,6 +68,7 @@
(package
(name "curl")
(version "8.6.0")
+ (replacement curl/fixed)
(source (origin
(method url-fetch)
(uri (string-append "https://curl.se/download/curl-"
@@ -176,6 +178,15 @@ tunneling, and so on.")
"See COPYING in the distribution."))
(home-page "https://curl.haxx.se/")))
+(define-public curl/fixed
+ (hidden-package
+ (package
+ (inherit curl)
+ (replacement curl/fixed)
+ (source (origin
+ (inherit (package-source curl))
+ (patches (search-patches "curl-CVE-2024-8096.patch")))))))
+
(define-public gnurl (deprecated-package "gnurl" curl))
(define-public curl-ssh
generated by cgit v1.2.3 (git 2.45.2) at 2025-03-31 00:44:56 +0000