~ruther/guix-local: gnu: curl: Update replacement to 7.56.0 [security fixes].

46cf31868c1b12eec50bc9b8dda64604dd81f986 — Kei Kebreau 8 years ago 488d380

gnu: curl: Update replacement to 7.56.0 [security fixes].

Fixes CVE-2017-1000254.
See <https://curl.haxx.se/docs/adv_20171004.html> for details.

* gnu/packages/curl.scm (curl)[replacement]: Update to 7.56.0.
(curl-7.55.0): Rename to ...
(curl-7.56.0): ... this.
[arguments]: Remove 'fix-Makefile' phase.
[source]: Remove patch.
* gnu/packages/patches/curl-bounds-check.patch: Delete it.
* gnu/local.mk (dist_patch_DATA): Remove it.

patch browse .tar.gz

3 files changed, 4 insertions(+), 37 deletions(-)

M gnu/local.mk
M gnu/packages/curl.scm
D gnu/packages/patches/curl-bounds-check.patch

M gnu/local.mk => gnu/local.mk +0 -1

@@ 579,7 579,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/crossmap-allow-system-pysam.patch	\
   %D%/packages/patches/clucene-contribs-lib.patch               \
   %D%/packages/patches/cube-nocheck.patch			\
-  %D%/packages/patches/curl-bounds-check.patch			\
   %D%/packages/patches/cursynth-wave-rand.patch			\
   %D%/packages/patches/cvs-2017-12836.patch			\
   %D%/packages/patches/cyrus-sasl-CVE-2013-4122.patch		\

M gnu/packages/curl.scm => gnu/packages/curl.scm +4 -17

@@ 42,7 42,7 @@
 (define-public curl
   (package
    (name "curl")
-   (replacement curl-7.55.0)
+   (replacement curl-7.56.0)
    (version "7.54.1")
    (source (origin
             (method url-fetch)


@@ 123,28 123,15 @@ tunneling, and so on.")
                                   "See COPYING in the distribution."))
    (home-page "https://curl.haxx.se/")))
 
-(define-public curl-7.55.0
+(define-public curl-7.56.0
   (package
     (inherit curl)
-    (version "7.55.0")
+    (version "7.56.0")
     (source
       (origin
         (method url-fetch)
         (uri (string-append "https://curl.haxx.se/download/curl-"
                             version ".tar.xz"))
-        (patches (search-patches "curl-bounds-check.patch"))
         (sha256
          (base32
-          "1785vxi0jamiv9d1wr1l45g0fm9ircxdfyfzf7ld8zv0z0i8bmfd"))))
-    (arguments
-     `(,@(substitute-keyword-arguments (package-arguments curl)
-           ((#:phases phases)
-            `(modify-phases ,phases
-               (add-before 'install 'fix-Makefile
-                 ;; Fix a regression in 7.55.0 where docs are not installed.
-                 ;; https://github.com/curl/curl/commit/a7bbbb7c368c6096802007f61f19a02e9d75285b
-                 (lambda _
-                   (substitute* "Makefile"
-                     (("install-data-hook:\n")
-                      "install-data-hook:\n\tcd docs/libcurl && $(MAKE) install\n"))
-                   #t)))))))))
+          "0wni3zkw7jyrwgwkqnrkf2x2b7c78wsp7p4z6a246hz9l367nhrj"))))))

D gnu/packages/patches/curl-bounds-check.patch => gnu/packages/patches/curl-bounds-check.patch +0 -19

@@ 1,19 0,0 @@
-Fix test failure on some 32-bit platforms.
-
-Patch copied from upstream source repository:
-
-https://github.com/curl/curl/commit/45a560390c4356bcb81d933bbbb229c8ea2acb63
-
-diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
-index b9dedc989e..85c5e79a7e 100644
---- a/src/tool_paramhlp.c
-+++ b/src/tool_paramhlp.c
-@@ -218,7 +218,7 @@ static ParameterError str2double(double *val, const char *str, long max)
-     num = strtod(str, &endptr);
-     if(errno == ERANGE)
-       return PARAM_NUMBER_TOO_LARGE;
--    if((long)num > max) {
-+    if(num > max) {
-       /* too large */
-       return PARAM_NUMBER_TOO_LARGE;
-     }