diff options
| author | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-04-27 19:56:47 +0200 |
|---|---|---|
| committer | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-04-27 19:56:47 +0200 |
| commit | 85f5539c4bed08e58c1ea4d00fdc903e9abb2951 (patch) | |
| tree | 12727fa37548a1c06d1a96328e8314ab49345b1d /pkgs/tools/networking/curl | |
| parent | 9611466e74dd3532ce738c509ae1522af02e789c (diff) | |
| download | nixpkgs-85f5539c4bed08e58c1ea4d00fdc903e9abb2951.tar nixpkgs-85f5539c4bed08e58c1ea4d00fdc903e9abb2951.tar.gz nixpkgs-85f5539c4bed08e58c1ea4d00fdc903e9abb2951.tar.bz2 nixpkgs-85f5539c4bed08e58c1ea4d00fdc903e9abb2951.tar.lz nixpkgs-85f5539c4bed08e58c1ea4d00fdc903e9abb2951.tar.xz nixpkgs-85f5539c4bed08e58c1ea4d00fdc903e9abb2951.tar.zst nixpkgs-85f5539c4bed08e58c1ea4d00fdc903e9abb2951.zip | |
curl: 7.82.0 -> 7.83.0
https://curl.se/changes.html#7_83_0 https://curl.se/docs/CVE-2022-22576.html https://curl.se/docs/CVE-2022-27774.html https://curl.se/docs/CVE-2022-27775.html https://curl.se/docs/CVE-2022-27776.html Fixes: CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776
Diffstat (limited to 'pkgs/tools/networking/curl')
| -rw-r--r-- | pkgs/tools/networking/curl/7.82.0-openssl-fix-CN-check.patch | 30 | ||||
| -rw-r--r-- | pkgs/tools/networking/curl/default.nix | 5 |
2 files changed, 2 insertions, 33 deletions
diff --git a/pkgs/tools/networking/curl/7.82.0-openssl-fix-CN-check.patch b/pkgs/tools/networking/curl/7.82.0-openssl-fix-CN-check.patch deleted file mode 100644 index 5d84f512499..00000000000 --- a/pkgs/tools/networking/curl/7.82.0-openssl-fix-CN-check.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 911714d617c106ed5d553bf003e34ec94ab6a136 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg <daniel@haxx.se> -Date: Tue, 8 Mar 2022 13:38:13 +0100 -Subject: [PATCH] openssl: fix CN check error code - -Due to a missing 'else' this returns error too easily. - -Regressed in: d15692ebb - -Reported-by: Kristoffer Gleditsch -Fixes #8559 -Closes #8560 ---- - lib/vtls/openssl.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c -index 0b79fc50a9c5..4618beeb3867 100644 ---- a/lib/vtls/openssl.c -+++ b/lib/vtls/openssl.c -@@ -1817,7 +1817,8 @@ CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn, - memcpy(peer_CN, ASN1_STRING_get0_data(tmp), peerlen); - peer_CN[peerlen] = '\0'; - } -- result = CURLE_OUT_OF_MEMORY; -+ else -+ result = CURLE_OUT_OF_MEMORY; - } - } - else /* not a UTF8 name */ diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index a4056fd28a9..d3258e0a946 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -54,19 +54,18 @@ assert zstdSupport -> zstd != null; stdenv.mkDerivation rec { pname = "curl"; - version = "7.82.0"; + version = "7.83.0"; src = fetchurl { urls = [ "https://curl.haxx.se/download/${pname}-${version}.tar.bz2" "https://github.com/curl/curl/releases/download/${lib.replaceStrings ["."] ["_"] pname}-${version}/${pname}-${version}.tar.bz2" ]; - sha256 = "sha256-RtmgQAozQI/ZkncLBKRKdDSzA28ugImsKLV1c9WdNx8="; + sha256 = "sha256-JHx+x1IcQljmVjTlKScNIU/jKWmXHMy3KEXnqkaDH5Y="; }; patches = [ ./7.79.1-darwin-no-systemconfiguration.patch - ./7.82.0-openssl-fix-CN-check.patch ]; outputs = [ "bin" "dev" "out" "man" "devdoc" ]; |