I've got version 3 of a website running on a CentOS server and was recently notified by a payment gateway that they plan to upgrade their SSL/TSL transport. They kindly supplied a battery of tests. The tests have revealed that curl is lamentably old on CentOS 6.7:
Code:
$ curl --version
curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
I tried sniffing around using yum for some newer version of curl but it doesn't seem to have anything that is an obvious upgrade. Tried this:
Code:
sudo yum clean all
sudo yum install libcurl
but it responds:
Code:
Package libcurl-7.19.7-46.el6.x86_64 already installed and latest version
Nothing to do
Unless I'm missing something, CentOS 6.7's packages have curl 7.19 and that's that. Is this not the case?
There's an upgrade method using RPM
here. Basically it says do this:
Quote:
Use the city-fan repo ( part of the curl mirror http://curl.haxx.se/download.html#LinuxRedhat)
Code:
rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/rhel6/x86_64/city-fan.org-release-1-13.rhel6.noarch.rpm
yum install libcurl
|
I'm not really sure how this might impact my package management, whether it's safe or not, and whether this will result in security upgrades when I do a yum upgrade or not.
Can anyone recommend the best way to deal with this such that my curl is updated (ideally 7.35 or later) and stays patched with security fixes and so on?