On Wed, Jan 27, 2016 at 05:30:58PM -0500, Leo Famulari wrote:
> Civodul and mark_weaver discussed how best to apply it on #guix. I think
> the plan is to build it in a branch with tomorrow's OpenSSL security
> update.
Very well.
Some garbage managed to crawl into the commit message:
gnu: curl
On Wed, Jan 27, 2016 at 09:03:45PM +0100, Andreas Enge wrote:
> On Wed, Jan 27, 2016 at 01:57:22PM -0500, Leo Famulari wrote:
> > This patch updates curl to 7.47.0, fixing CVE-2016-0755 [0][1].
>
> Ouch!
>
> guix refresh -l curl
> Building the following 318 packages would ensure 772 dependent pac
On Wed, Jan 27, 2016 at 01:57:22PM -0500, Leo Famulari wrote:
> This patch updates curl to 7.47.0, fixing CVE-2016-0755 [0][1].
Ouch!
guix refresh -l curl
Building the following 318 packages would ensure 772 dependent packages are
rebuilt
This is about a quarter of all packages.
> Feel free to
This patch updates curl to 7.47.0, fixing CVE-2016-0755 [0][1].
I built it on the core-updates branch (although it's trivial enough to
apply on another branch), and I tested it to download successfully.
Feel free to apply the patch where appropriate.
[0]
http://curl.haxx.se/docs/adv_20160127A.ht
