1. Forum
  2. USENET
  3. muc.lists.freebsd.ports

  • Curl 8.18

    From Andrea Venturoli@ml@netfence.it to muc.lists.freebsd.ports on Wed Jan 21 08:49:24 2026
    From Newsgroup: muc.lists.freebsd.ports

    Hello.

    Curl 8.18 was released a couple of weeks ago and it closes multiple vulnerabilities.

    I see no upgrade, no Bugzilla issue, no VuXML entry, etc...

    Sorry for the noise if you were already aware.

    bye
    av.


    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Kurt Jaeger@pi@freebsd.org to muc.lists.freebsd.ports on Wed Jan 21 09:47:29 2026
    From Newsgroup: muc.lists.freebsd.ports

    Hi!

    Curl 8.18 was released a couple of weeks ago and it closes multiple vulnerabilities.

    I see no upgrade, no Bugzilla issue, no VuXML entry, etc...

    Sorry for the noise if you were already aware.

    https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=292624

    with a incomplete patch (13.5 needs more work because 8.18 requires openssl3). --
    pi@FreeBSD.org +49 171 3101372 Now what ?


    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Piotr Smyrak@ps.ports@smyrak.com to muc.lists.freebsd.ports on Wed Jan 21 23:02:03 2026
    From Newsgroup: muc.lists.freebsd.ports

    On Wed, 21 Jan 2026 21:08:16 +0100
    Daniel Engberg <diizzy@FreeBSD.org> wrote:
    On 2026-01-21 08:49, Andrea Venturoli wrote:
    Hello.

    Curl 8.18 was released a couple of weeks ago and it closes multiple vulnerabilities.

    I see no upgrade, no Bugzilla issue, no VuXML entry, etc...

    Sorry for the noise if you were already aware.

    -abye
    -a-a-a-aav.

    Hi,

    I have an overlay with curl 8.18 if that's an option, it's best
    effort but it works for me on my boxes... https://github.com/diizzyy/ports-overlay/tree/main/ftp/curl
    It's also possible to update one's curl installment old school:
    * download the patch from the PR [1]
    * apply to the port files:
    # cd /usr/ports/ftp/curl
    # patch -p3 < /tmp/curl.diff
    * rebuild the package from ports.
    1. https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=292624
    HTH,
    --
    Piotr Smyrak
    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Kurt Jaeger@pi@freebsd.org to muc.lists.freebsd.ports on Thu Jan 22 06:26:39 2026
    From Newsgroup: muc.lists.freebsd.ports

    Hi!

    Default config breaks on 13 and as mentioned by Herbert DOCS and EXAMPLES have missing files in plist.

    Nobody stops anyone to update the patch in that PR 8-)
    --
    pi@FreeBSD.org +49 171 3101372 Now what ?


    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21a-Linux NewsLink 1.2