diff options
| -rw-r--r-- | var/spack/repos/builtin/packages/curl/package.py | 20 | ||||
| -rw-r--r-- | var/spack/repos/builtin/packages/r/package.py | 6 |
2 files changed, 20 insertions, 6 deletions
diff --git a/var/spack/repos/builtin/packages/curl/package.py b/var/spack/repos/builtin/packages/curl/package.py index f67a2a55ac..46894046df 100644 --- a/var/spack/repos/builtin/packages/curl/package.py +++ b/var/spack/repos/builtin/packages/curl/package.py @@ -26,11 +26,25 @@ class Curl(NMakePackage, AutotoolsPackage): maintainers("alecbcs") - version("8.1.2", sha256="b54974d32fd610acace92e3df1f643144015ac65847f0a041fdc17db6f43f243") - version("8.0.1", sha256="9b6b1e96b748d04b968786b6bdf407aa5c75ab53a3d37c1c8c81cdb736555ccf") - version("7.88.1", sha256="8224b45cce12abde039c12dc0711b7ea85b104b9ad534d6e4c5b4e188a61c907") + version("8.4.0", sha256="e5250581a9c032b1b6ed3cf2f9c114c811fc41881069e9892d115cc73f9e88c6") # Deprecated versions due to CVEs + # CVE-2023-38545 + version( + "8.1.2", + sha256="b54974d32fd610acace92e3df1f643144015ac65847f0a041fdc17db6f43f243", + deprecated=True, + ) + version( + "8.0.1", + sha256="9b6b1e96b748d04b968786b6bdf407aa5c75ab53a3d37c1c8c81cdb736555ccf", + deprecated=True, + ) + version( + "7.88.1", + sha256="8224b45cce12abde039c12dc0711b7ea85b104b9ad534d6e4c5b4e188a61c907", + deprecated=True, + ) # https://nvd.nist.gov/vuln/detail/CVE-2022-43551 version( "7.87.0", diff --git a/var/spack/repos/builtin/packages/r/package.py b/var/spack/repos/builtin/packages/r/package.py index f72c192071..dfe397ca2c 100644 --- a/var/spack/repos/builtin/packages/r/package.py +++ b/var/spack/repos/builtin/packages/r/package.py @@ -70,9 +70,9 @@ class R(AutotoolsPackage): depends_on("blas", when="+external-lapack") depends_on("lapack", when="+external-lapack") depends_on("bzip2") - # R didn't anticipate the celebratory - # non-breaking major version bump of curl 8. - depends_on("curl+libidn2@:7") + depends_on("curl+libidn2") + # R didn't anticipate the celebratory non-breaking major version bump of curl 8. + depends_on("curl@:7", when="@:4.2") depends_on("icu4c") depends_on("java") depends_on("ncurses") |