From 4d8d902e0c436eff1a2c1fcbe7a2a26dba317bde Mon Sep 17 00:00:00 2001 From: James Cook Date: Thu, 18 Sep 2014 21:38:31 -0700 Subject: [PATCH] curl: update to 7.38.0, including security (#4161) Fixes CVE-2014-3620 and CVE-2014-3613. --- pkgs/tools/networking/curl/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 3d23d7950fb..e12db01ae72 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -13,11 +13,11 @@ assert scpSupport -> libssh2 != null; assert c-aresSupport -> c-ares != null; stdenv.mkDerivation rec { - name = "curl-7.36.0"; + name = "curl-7.38.0"; src = fetchurl { url = "http://curl.haxx.se/download/${name}.tar.bz2"; - sha256 = "1kfgygvmxgaakxl2f3h3jlar23n6xmvg03ybm36pqsydkfw85ghz"; + sha256 = "1flybwbdahx0sm9ipgp9k60wlrpkrmfflk1zf5j4w6mak4gd8nq3"; }; # Zlib and OpenSSL must be propagated because `libcurl.la' contains