curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Fedora and curl-minimal

From: Henrik Holst via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 17 Mar 2022 11:05:50 +0100

Den tors 17 mars 2022 kl 08:34 skrev Kamil Dudka <kdudka_at_redhat.com>:

> On Thursday, March 17, 2022 3:32:45 AM CET Henrik Holst wrote:
> > Another point when it comes to security is that if the version of curl
> > provided by the distro does not support the protocols the user needs (and
> > sorry for my ignorance here since I do not know if Fedora also have
> another
> > "fuller" curl package so I'm speaking in more general terms here) then
> many
> > end users will simply download the source from upstream, do the make &&
> > make install dance and move on, extremely few of them will ever update
> this
> > version so IMHO security becomes worse. True that the distro itself
> haven't
> > gotten worse security by this but the end result is still lots of
> insecure
> > installs.
> >
> > /HH
>
> I am not sure where this confusion comes from. The build of libcurl with
> the
> original configuration is *not* going away from Fedora. The
> libcurl-minimal
> subpackage was introduced back in 2017:
>

No confusion at all, I did add a caveat that I was speaking more generally
and not for Fedora specifically. But good to know that you do have a full
package as well, as I wrote in my caveat I have zero knowledge of how curl
is packaged in Fedora.

/HH


-- 
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2022-03-17