Locating and updating curl and libcurl
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
โ10-09-2023 08:05 AM
Whats everyone doing to evaluate and understand their device exposure on the curl and libcurl CVE? Ive got to the point where understanding if curl is present on the device only goes so far, as there are potentially 3rdparty apps that have/utilise the curl binary and place it on the local device...
Therefore Im for blanket updating the OS as soon as a patch is availble, assuming thats coming.
But for any 3rd party apps, like homebrew on mac, you can install a more recent version of the binary and thus we need to locate these, and then target the respective app/tool to be updated too.
This Im not sure how to action given the spralling possibilities.
Any help is greatly appreciated.
- Labels:
-
General Networking
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
โ10-10-2023 08:29 AM
Hi @rodderz
Reposting a response from @TomBridge that was shared in the Slack Lounge.
Hope this helps.
Urvashi
![](/skins/images/C210B62239BAF37B0AB0FAEB086BB5F1/responsive_peak/images/icon_anonymous_message.png)
![](/skins/images/C210B62239BAF37B0AB0FAEB086BB5F1/responsive_peak/images/icon_anonymous_message.png)