On Wed, 9 Dec 2020 21:58:34 +0000, Frank Swarbrick wrote: >I have downloaded and installed in my personal z/OS Unix directory curl and a >few other z/OpenSource tools from Rocket Software. I have asked my z/OS >security guy if we can go ahead and have our systems group (outsourced to IBM >zCloud) "officially" install them. He came back with the following: "My >question is how do we approve, track and secure the open source code we are >putting on z/OS?" > Note that curl issued multiple security advisories today, including: https://curl.se/mail/archive-2020-12/0007.html
How long does it take Rocket to catch up? Have Rocket's patches been merged into the curl base on github? >Does anyone have suggestions on answering this concern? -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN