cURL is 5 years old, has security issues and has bugs

Hello,

Is it possible to upgrade cURL, the latest installed version on cloudways servers is more then 5 years old. The installed version on the servers is 7.38.0 (Sep 10 2014).

The current stable version is 7.66.0, the latest relases can be fount at https://curl.haxx.se/docs/releases.html

How to upgrade this, since the guys on support/live chat can’t do anything about this?

1 Like

Hey @zamar,

Did you contact our support for this? if not, then please get in touch with them and if you have then please share the ticket number with me.

Regards,
Ibad Rehman
Community Manager

I had a similar issue in the past, where I needed an update for security reasons in a library. Customer support asked me to pay. I hope this will change in the future. Until then, you can always update it yourself without sudo. For example here https://unix.stackexchange.com/questions/312556/install-curl-without-being-root

Spoke with support over an issue I was having over the old version of cURL. Support escalated the issue ans said I should be hearing back soon.

curl 7.38.0 (x86_64-pc-linux-gnu) libcurl/7.38.0 OpenSSL/1.0.1t zlib/1.2.8 libidn/1.29 libssh2/1.4.3 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API SPNEGO NTLM NTLM_WB SSL libz TLS-SRP

I spoke the support via chat also, some days later someone called me, the could upgrade cURL but I would have to pay about 500 USD for it, after some negotiation the reduced it to about 200 but, for me it was still too much for what I would get back for it.

it’s weird Cloudways accepts the security issue.