guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 0/1] curl: Fix CVE-2016-3739.


From: Leo Famulari
Subject: Re: [PATCH 0/1] curl: Fix CVE-2016-3739.
Date: Mon, 13 Jun 2016 12:05:32 -0400
User-agent: Mutt/1.6.0 (2016-04-01)

On Mon, Jun 13, 2016 at 05:07:23PM +0200, Ludovic Courtès wrote:
> Leo Famulari <address@hidden> skribis:
> > We should definitely update curl on core-updates-next, or whatever is
> > built after the current cycle, and we should not add hiawatha until the
> > fixed curl is in our tree.
> 
> Agreed on both points.  Can you already push the curl update in
> core-updates-next?

Done as 32a8eb01e

> Though I would like the default curl package to still used GnuTLS.  So I
> think curl-with-mbedtls will be a different package anyway.

I hadn't noticed that our curl package uses GnuTLS instead of OpenSSL :) 



reply via email to

[Prev in Thread] Current Thread [Next in Thread]