Den tors 17 mars 2022 kl 08:34 skrev Kamil Dudka <kdu...@redhat.com>:
> On Thursday, March 17, 2022 3:32:45 AM CET Henrik Holst wrote: > > Another point when it comes to security is that if the version of curl > > provided by the distro does not support the protocols the user needs (and > > sorry for my ignorance here since I do not know if Fedora also have > another > > "fuller" curl package so I'm speaking in more general terms here) then > many > > end users will simply download the source from upstream, do the make && > > make install dance and move on, extremely few of them will ever update > this > > version so IMHO security becomes worse. True that the distro itself > haven't > > gotten worse security by this but the end result is still lots of > insecure > > installs. > > > > /HH > > I am not sure where this confusion comes from. The build of libcurl with > the > original configuration is *not* going away from Fedora. The > libcurl-minimal > subpackage was introduced back in 2017: > No confusion at all, I did add a caveat that I was speaking more generally and not for Fedora specifically. But good to know that you do have a full package as well, as I wrote in my caveat I have zero knowledge of how curl is packaged in Fedora. /HH
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
