From 8f9c5aa3ba33b025ac8d4edde4b4d9d649e05848 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Sun, 10 Feb 2019 21:58:07 -0500
Subject: gnu: curl: Update to 7.64.0 [fixes CVE-2018-16890 and
 CVE-2019-{3822,3823}].

* gnu/packages/curl.scm (curl)[replacement]: New field.
(curl-7.64.0): New variable.
---
 gnu/packages/curl.scm | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'gnu/packages/curl.scm')

diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 24180e0073..12a82d1bb7 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -50,6 +50,7 @@
 (define-public curl
   (package
    (name "curl")
+   (replacement curl-7.64.0)
    (version "7.63.0")
    (source (origin
             (method url-fetch)
@@ -141,6 +142,19 @@ tunneling, and so on.")
                                   "See COPYING in the distribution."))
    (home-page "https://curl.haxx.se/")))
 
+(define-public curl-7.64.0
+  (package
+    (inherit curl)
+    (version "7.64.0")
+    (source
+      (origin
+        (method url-fetch)
+        (uri (string-append "https://curl.haxx.se/download/curl-"
+                            version ".tar.xz"))
+        (sha256
+         (base32
+          "00b0mw4fc1pbmbh55maab24x3ijdvkbpl1s4njfa4jnl6kx16brg"))))))
+
 (define-public kurly
   (package
     (name "kurly")
-- 
cgit v1.2.3