Исправление уязвимости CVE-2021-31879 affects wget
Небольшая инструкция по исправлению уязвимости CVE-2021-31879 ( на инглише )
How to Install Latest Curl Version
Follow these steps to install the latest version of curl on your Ubuntu OS/server regardless of the version. (make sure that you are root by running the following command: sudo su) or add sudo in from the commands.
Step 1 :
Remove the currently installed curl if installed:
apt remove curl
apt purge curl
Step 2:
Install the tools to compile this release and curl dependencies:
apt-get update
apt-get install -y libssl-dev autoconf libtool make
Step 3:
Download and install the latest release from http://curl.haxx.se/download.html. Run this commands one by one in ssh terminal:
cd /usr/local/src
rm -rf curl*
wget https://curl.haxx.se/download/curl-7.70.0.zip
unzip curl-7.70.0.zip
Compile:
cd curl-7.70.0 # enter the directory where curl was unpacked #
./buildconf
./configure –with-ssl
make
make install
Step 4:
Update the system’s binaries and symbol lookup (which libcurl your curl loads):
mv /usr/bin/curl /usr/bin/curl.bak
cp /usr/local/bin/curl /usr/bin/curl
You are done🥳! The following will display your version of curl:
curl -V–if you get a curl: symbol lookup error: curl: undefined symbol:–sudo ldconfig