As we investigate,
currently libcurl version of starlingx is libcurl-7.29.0-51.el7.x86_64.rpm.
since curl before version 7.61.1 is vulnerable to a buffer overrun. (we are in the scope of vulnerable)
so we should update version to 7.61.1 or more.
shall we build latest libcurl rpm with source tarball by ourself,
or we not update curl version until upstream curl upgrade latest version.
or every guys have any suggestions, please let me know.
As we investigate, 7.29.0- 51.el7. x86_64. rpm.
currently libcurl version of starlingx is libcurl-
since curl before version 7.61.1 is vulnerable to a buffer overrun. (we are in the scope of vulnerable)
so we should update version to 7.61.1 or more.
but when we search from upstream where url: https:/ /rpmfind. net/linux/ rpm2html/ search. php?query= libcurl& submit= Search+ ...&system= centos& arch=x86_ 64 7.29.0- 51.el7. x86_64. rpm is already the latest version.
we find curl version for centos, libcurl-
so we don't own upstream rpm package for starlingx to upgrade.
shall we build latest libcurl rpm with source tarball by ourself,
or we not update curl version until upstream curl upgrade latest version.
or every guys have any suggestions, please let me know.
<email address hidden>