Den tors 17 mars 2022 kl 08:34 skrev Kamil Dudka <kdu...@redhat.com>:

> On Thursday, March 17, 2022 3:32:45 AM CET Henrik Holst wrote:
> > Another point when it comes to security is that if the version of curl
> > provided by the distro does not support the protocols the user needs (and
> > sorry for my ignorance here since I do not know if Fedora also have
> another
> > "fuller" curl package so I'm speaking in more general terms here) then
> many
> > end users will simply download the source from upstream, do the make &&
> > make install dance and move on, extremely few of them will ever update
> this
> > version so IMHO security becomes worse. True that the distro itself
> haven't
> > gotten worse security by this but the end result is still lots of
> insecure
> > installs.
> >
> > /HH
>
> I am not sure where this confusion comes from.  The build of libcurl with
> the
> original configuration is *not* going away from Fedora.  The
> libcurl-minimal
> subpackage was introduced back in 2017:
>

No confusion at all, I did add a caveat that I was speaking more generally
and not for Fedora specifically. But good to know that you do have a full
package as well, as I wrote in my caveat I have zero knowledge of how curl
is packaged in Fedora.

/HH
-- 
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html

Reply via email to