Re: [PATCH 0/1] Curl security update (CVE-2016-0755)

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 0/1] Curl security update (CVE-2016-0755)

From:	Andreas Enge
Subject:	Re: [PATCH 0/1] Curl security update (CVE-2016-0755)
Date:	Wed, 27 Jan 2016 21:03:45 +0100
User-agent:	Mutt/1.5.24 (2015-08-30)

On Wed, Jan 27, 2016 at 01:57:22PM -0500, Leo Famulari wrote:
> This patch updates curl to 7.47.0, fixing CVE-2016-0755 [0][1].

Ouch!

guix refresh -l curl
Building the following 318 packages would ensure 772 dependent packages are 
rebuilt

This is about a quarter of all packages.

> Feel free to apply the patch where appropriate.

I would suggest the following: Quickly merge core-updates once the packages
on x86_64 are built (there are not many left, and qt-5 did build successfully
sequentially, so this could be done tomorrow), then create a new
security-updates branch with the patch for curl.

What do you think?

Andreas

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 0/1] Curl security update (CVE-2016-0755), Leo Famulari, 2016/01/27
- [PATCH 1/1] gnu: curl: Update to 7.47.0 [fixes CVE-2016-0755]., Leo Famulari, 2016/01/27
  - Re: [PATCH 1/1] gnu: curl: Update to 7.47.0 [fixes CVE-2016-0755]., Mark H Weaver, 2016/01/28
- Re: [PATCH 0/1] Curl security update (CVE-2016-0755), Andreas Enge <=
  - Re: [PATCH 0/1] Curl security update (CVE-2016-0755), Leo Famulari, 2016/01/27
    - Re: [PATCH 0/1] Curl security update (CVE-2016-0755), Andreas Enge, 2016/01/28

Prev by Date: Review of installation manual draft
Next by Date: New armhf build machine
Previous by thread: Re: [PATCH 1/1] gnu: curl: Update to 7.47.0 [fixes CVE-2016-0755].
Next by thread: Re: [PATCH 0/1] Curl security update (CVE-2016-0755)
Index(es):
- Date
- Thread