Patch agent-runtime-7.x and main Curl for CVE-2024-7264 #883

cthorn42 · 2024-07-31T15:10:23Z

We use a patched Curl 7 in the agent-runtime-7.x, and a recent CVE for Curl, https://curl.se/docs/CVE-2024-7264.html, affects our curl 7.88.1 for agent-runtime-7.x.
We should track down and apply this patch.

This also affects curl < 8.9.1 and we're at 8.7.1. We should update curl to latest in agent-runtime-main

github-actions · 2024-07-31T15:10:55Z

Migrated issue to PA-6878

joshcooper · 2024-09-03T02:05:50Z

agent-runtime-7.x was fixed in #898

agent-runtime-main was already fixed when we moved to curl 8.9.1, so no changes were required to this repo.

cthorn42 added the triaged Jira issue has been created for this label Jul 31, 2024

cthorn42 changed the title ~~Bump agent-runtime-7.x's Curl for CVE-2024-7264~~ Patch agent-runtime-7.x's Curl for CVE-2024-7264 Jul 31, 2024

joshcooper added the bug Something isn't working label Jul 31, 2024

joshcooper changed the title ~~Patch agent-runtime-7.x's Curl for CVE-2024-7264~~ Patch agent-runtime-7.x and main Curl for CVE-2024-7264 Aug 2, 2024

joshcooper closed this as completed Sep 3, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Patch agent-runtime-7.x and main Curl for CVE-2024-7264 #883

Patch agent-runtime-7.x and main Curl for CVE-2024-7264 #883

cthorn42 commented Jul 31, 2024 •

edited by joshcooper

Loading

github-actions bot commented Jul 31, 2024

joshcooper commented Sep 3, 2024

Patch agent-runtime-7.x and main Curl for CVE-2024-7264 #883

Patch agent-runtime-7.x and main Curl for CVE-2024-7264 #883

Comments

cthorn42 commented Jul 31, 2024 • edited by joshcooper Loading

github-actions bot commented Jul 31, 2024

joshcooper commented Sep 3, 2024

cthorn42 commented Jul 31, 2024 •

edited by joshcooper

Loading