CVE-2023-38545 and CVE-2023-38546 have been flashed for cUrl/libcurl.
Are there any updates about the plan of updating curl package to its latest version of 8.4.0 for different ubuntu flavor's
Asked
Active
Viewed 1,178 times
2
-
1Whichever affected versions of curl are packaged in Ubuntu will be patched with backported fixes. There's no way they will be updating to 8.4 (which is not packaged for any current version of Ubuntu). Just keep an eye on the Ubuntu CVE tracker for that CVE. – muru Oct 11 '23 at 07:40
-
As of now, there is no entry yet. Debian security tracker has a better overview imo https://security-tracker.debian.org/tracker/CVE-2023-38545 – Sigmatics Oct 11 '23 at 08:56