diff options
author | Robin Gloster <mail@glob.in> | 2016-01-31 14:30:40 +0000 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2016-02-03 10:50:24 +0100 |
commit | 0876a44169b64d4108fc5b5bd3c96843f94a4990 (patch) | |
tree | 5abb5e008885d91f315654cf78eb10473d61b809 /pkgs/tools/networking/curl | |
parent | e4ab8aee62fe65252b40861900decc7e880517a7 (diff) | |
download | nixlib-0876a44169b64d4108fc5b5bd3c96843f94a4990.tar nixlib-0876a44169b64d4108fc5b5bd3c96843f94a4990.tar.gz nixlib-0876a44169b64d4108fc5b5bd3c96843f94a4990.tar.bz2 nixlib-0876a44169b64d4108fc5b5bd3c96843f94a4990.tar.lz nixlib-0876a44169b64d4108fc5b5bd3c96843f94a4990.tar.xz nixlib-0876a44169b64d4108fc5b5bd3c96843f94a4990.tar.zst nixlib-0876a44169b64d4108fc5b5bd3c96843f94a4990.zip |
curl: 7.45 -> 7.47 and enable HTTP/2 (close #12723)
This fixes CVE-2016-0755: https://curl.haxx.se/docs/adv_20160127A.html vcunat removed *propagation* of pkgconfig and perl.
Diffstat (limited to 'pkgs/tools/networking/curl')
-rw-r--r-- | pkgs/tools/networking/curl/default.nix | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 3c77d2a6c8d6..d5421f0a500e 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl +{ stdenv, fetchurl, libnghttp2, pkgconfig, perl , idnSupport ? false, libidn ? null , ldapSupport ? false, openldap ? null , zlibSupport ? false, zlib ? null @@ -16,17 +16,20 @@ assert scpSupport -> libssh2 != null; assert c-aresSupport -> c-ares != null; stdenv.mkDerivation rec { - name = "curl-7.45.0"; + name = "curl-7.47.0"; src = fetchurl { url = "http://curl.haxx.se/download/${name}.tar.bz2"; - sha256 = "1slq5c0v9wa8hajgimhkxhvsrd07jmih8sa3gjsl597qp5k4w5b5"; + sha256 = "0riz70pjg82gbcfi2ndvsksb2dv55g31ir8piph2p6zvhy9ny29b"; }; + nativeBuildInputs = [ pkgconfig perl ]; + # Zlib and OpenSSL must be propagated because `libcurl.la' contains # "-lz -lssl", which aren't necessary direct build inputs of # applications that use Curl. propagatedBuildInputs = with stdenv.lib; + [ libnghttp2 ] ++ optional idnSupport libidn ++ optional ldapSupport openldap ++ optional zlibSupport zlib ++ @@ -48,6 +51,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--disable-manual" + "--with-nghttp2=${libnghttp2}" ( if sslSupport then "--with-ssl=${openssl}" else "--without-ssl" ) ( if scpSupport then "--with-libssh2=${libssh2}" else "--without-libssh2" ) ( if ldapSupport then "--enable-ldap" else "--disable-ldap" ) |