IT Professionals:
On Wednesday, October 11, the maintainers of curl released a security update to patch a vulnerability in curl and libcurl with how handshakes occur against a SOCKS5 proxy. You should immediately apply the update to any macOS and Linux devices that are using curl and have a SOCKS5 proxy configured; all other devices that do not use a SOCKS5 proxy are not at risk due to the limited scope of this vulnerability, and may be patched according to your normal schedule.
To identify whether your macOS or Linux device requires immediate action, run the command env I grep proxy on the host device and search for socks5h:// within the string. If the results contain socks5h:// the UISO recommends that you take immediate action:
If patching is possible:
- Upgrade curl to version 8.4.0 or the most current version
- Apply the patch to your local version
If patching is not possible:
- Do not use CURLPROXY_SOCKS5_HOSTNAME proxies with curl
- Do not set a proxy environment variable to socks5h://
For more, see this blog post. If you have any questions or concerns, contact the UISO at uiso@iu.edu.
–IT Community Partnerships on behalf of the University Information Security Office
~~~~~ Today’s IT Pro Tip ~~~~~
Missed a recent ITCP announcement or event invite? All mailings are available and searchable on the ITCP Blog.