Update cURL for EasyApache 4 and CentOS or CloudLinux 6.8

Fernando Arbulu Perrella shared this idea 7 months ago
Completed

This is a pressing matter, as new and old servers are migrating to the new EasyApache 4, if they are going to use SSL certificates, when using HTTPS:// cURL simple won't work!

The current cURL version is 7.19.7 for CloudLinux 6.8, and cURL lastest version https://curl.haxx.se is 7.50.1

The old EasyApache 3 had curlSSL which worked fine, so it's a really big problem!

Thanks in advance!

Best Answer
photo

We are planning to release cURL 7.53.1 to all EA4 systems on Tuesday, March 21. Please let us know how it's working for you!

Recap of the directions for any new folks:

In order to test this you need to be comfortable making manual edits on the command line.

1) Make a backup of your EA4 repo file:

  1. cp /etc/yum.repos.d/EA4.repo /etc/yum.repos.d/EA4.repo.bak

2) Edit the original (/etc/yum.repos.d/EA4.repo) file with your favorite command line editor, comment out the line that says "mirrorlist" and add in the appropriate baseurl line from below, depending on your operating system.

  1. CentOS 6 - 32bit: baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/i686/
  2. CentOS 6 - 64bit: baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/
  3. CentOS 7 - 64bit: baseurl=http://ea4testing.cpanel.net/CentOS/7/EA4/x86_64/

3) Run a 'yum update'. If you already have one of our php-curl packages installed, it'll automatically update to the new one. If you don't you will need to install it it.

Your repo file will look something like this once you're done:

  1. root@cpanel [/etc/yum.repos.d]# cat /etc/yum.repos.d/EA4.repo
  2. [EA4]
  3. name=EA4 ( EasyApache 4 )
  4. baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/
  5. #mirrorlist=http://httpupdate.cpanel.net/ea4-c$releasever-$basearch-mirrorlist
  6. gpgcheck=1
  7. gpgkey=https://securedownloads.cpanel.net/cPanelPublicRPMKey.asc
  8. enabled=1

* We need your feedback on if/how this works, and if it causes you any problems.

Please give it a look and let us know how it goes!

Comments (79)

photo
2

I agree. I just had the Yoast SEO wordpress plugin indicate to me on their license page that I was running an outdated cURL Version 7.19.7, which apparently was released on November 4th, 2009... really? Is there a good reason that such a very old version is being used? 7.48.0 os the latest from March of this year.

cURL changelog - https://curl.haxx.se/changes.html

photo
2

The main issue is that Centos 6's version has bugs with sni etc so PHP scripts need a more recent version than the on esupported by cPanel. Would it be possible for cPanel to somehow add Centos 7's curl version and package php to use it insteald of the default system one ?

We've already had to move some users from A Cloudlinux 6 server to a new Cloudlinux 7 one because of this.

photo
2

Yoast SEO and IPS 4.0 both report that cURL is out of date. IPS 4.0 is looking for at least version 7.36.

The server these both are running on is CloudLinux 6.8 and WHM 56.0 with EasyApache 4

photo
2

PayPal from now requires at least version minimum 7.43, this is starting to be really big progblem, any update on this ?

photo
1

Just update, this is revised, and not required for PayPal API etc., only TLS 1,2 and HTTP 1.1

But still it would be great to update this considering how old is.

photo
2

Good news for PayPal. When we worked with their API last year it would only work with CentOS 7's version. Other scripts like OwnCloud still require a curl version compatible with SNI which redhat 6's version isn't.

photo
photo
2

My web site is also giving error on that, saying 7.19.7 is old. Why on earth weould you ship an outdated version of a software ? And it has tons of security problems: https://curl.haxx.se/docs/vuln-7.19.7.html

This needs to be updated soon!

photo
1

That's very odd, because EA currently ships with 7.38.0. If you have 7.19.7 installed then you might want to contact your webhost to see what would cause that. If you have root access you can run this command to check the current version on your server.

  1. /opt/curlssl/bin/curl --version

photo
1

They're talking about the one located here which is 7.19.7 under Centos 6.8




  1. /usr/bin/curl --version

photo
1

So, I guess the questions is, if there's a more recent one available, how come the php extension is using the older one and can that be changed?

photo
1

Yes. We are on CentOS 6.8 and it has 7.19.7. I will talk to my hosting provider.

photo
2

Oh, and let's not skip over that 7.38.0 is 2 years old and 14 releases behind as well.

photo
3

For sure! I've brought this up to the team that handles EasyApache and am hoping that we'll see some motion soon.

photo
1

I second this.

Although, not sure if these versions are tied by design to what every vendor bundled with their OS versions.

photo
1

Yes please am have the same issue with EasyApache 4 and IPS form software since I also have curl 7.38.0 installed but it has to how easy apache 4 handles it with php.

photo
photo
1

Yea, I'm showing cURL as being version 7.19.7 for PHP 5.6 on EasyApache4. Perhaps I have done something wrong? Is this what everyone else with EA4 and PHP 5.6 seeing?

I think a good solution would be to create an always up-to-date ea-curl RPM package that is required for ea-phpXX-php-curl. Set ea-curl to install at /opt/cpanel/curl and install a PHP cURL library based off of this.

Or is there some technical aspect that would prevent this from happening?

photo
1

Hello all

i face the same issue yesterday by upgrade from EA3 to EA4. To fixed the issue, i just reinstall libcurl and curl from Redhat Repository, so i got the latest version of curl, 7.50.1. You can find the latest version on curl official site, both of tarball or binary package

photo
1

Without recompiling, you will have tehm just sit on the server doing nothing...

photo
1

EA 4 use os repository, so curl 7.19.x will be use as default, so i think its not a bugs, EA4 used what the os version provide.

photo
1

And what about the OpenSSL version under Centos 6.8? 1.0.1e ftw? Is there any better version on CentOS 7 or in CloudLinux?

photo
1

This default on cloudlinux 6.x latest version of openssl version repository

  • root@zeus [~]# yum info openssl
    1. Loaded plugins: fastestmirror, protectbase, rhnplugin
    2. Loading mirror speeds from cached hostfile
    3. * cloudlinux-x86_64-server-6: cln-cbr.uberglobalmirror.com
    4. * epel: mirror.smartmedia.net.id
    5. 366 packages excluded due to repository protections
    6. Installed Packages
    7. Name : openssl
    8. Arch : x86_64
    9. Version : 1.0.1e
    10. Release : 48.el6_8.1
    11. Size : 4.0 M
    12. Repo : installed
    13. From repo : cloudlinux-x86_64-server-6
    14. Summary : A general purpose cryptography library with TLS implementation
    15. URL : http://www.openssl.org/
    16. License : OpenSSL
    17. Description : The OpenSSL toolkit provides support for secure communications between
    18. : machines. OpenSSL includes a certificate management tool and shared
    19. : libraries which provide various cryptographic algorithms and
    20. : protocols.
    21. Available Packages
    22. Name : openssl
    23. Arch : i686
    24. Version : 1.0.1e
    25. Release : 48.el6_8.1
    26. Size : 1.5 M
    27. Repo : cloudlinux-x86_64-server-6
    28. Summary : A general purpose cryptography library with TLS implementation
    29. License : OpenSSL
    30. Description : The OpenSSL toolkit provides support for secure communications between
    31. : machines. OpenSSL includes a certificate management tool and shared
    32. : libraries which provide various cryptographic algorithms and
    33. : protocols.
    34. root@zeus [~]#

    photo
    1

    So, 1.0.1e is a de-facto default. No more comments.

    photo
    1

    Here, my latest centos 6.x server for whmcs billing, i have migrated from EA3 to EA4 to find out what the different of them. Curl, and open ssl became an issues. So i modified / added new repository to update curl only

    1. [root@server ~]# cat /etc/redhat-release
    2. CentOS release 6.8 (Final)
    3. [root@server ~]# /usr/local/cpanel/cpanel -V
    4. 58.0 (build 20)
    5. [root@server ~]# /usr/bin/curl --version
    6. curl 7.50.1 (x86_64-redhat-linux-gnu) libcurl/7.50.1 OpenSSL/1.0.1e zlib/1.2.3 c-ares/1.11.0 libidn/1.33 libssh2/1.7.0 nghttp2/1.13.0
    7. Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
    8. Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz HTTP2 UnixSockets Metalink
    9. [root@server ~]# openssl
    10. OpenSSL> version
    11. OpenSSL 1.0.1e-fips 11 Feb 2013
    12. OpenSSL> exit
    13. [root@server ~]# yum info openssl
    14. Loaded plugins: fastestmirror, tsflags, universal-hooks
    15. Loading mirror speeds from cached hostfile
    16. * EA4: 104.225.128.250
    17. * base: repos.lax.quadranet.com
    18. * epel: mirrors.xmission.com
    19. * extras: mirrors.usc.edu
    20. * updates: mirrors.usc.edu
    21. Installed Packages
    22. Name : openssl
    23. Arch : x86_64
    24. Version : 1.0.1e
    25. Release : 48.el6_8.1
    26. Size : 4.0 M
    27. Repo : installed
    28. From repo : updates
    29. Summary : A general purpose cryptography library with TLS implementation
    30. URL : http://www.openssl.org/
    31. License : OpenSSL
    32. Description : The OpenSSL toolkit provides support for secure communications between
    33. : machines. OpenSSL includes a certificate management tool and shared
    34. : libraries which provide various cryptographic algorithms and
    35. : protocols.
    36. Available Packages
    37. Name : openssl
    38. Arch : i686
    39. Version : 1.0.1e
    40. Release : 48.el6_8.1
    41. Size : 1.5 M
    42. Repo : updates
    43. Summary : A general purpose cryptography library with TLS implementation
    44. URL : http://www.openssl.org/
    45. License : OpenSSL
    46. Description : The OpenSSL toolkit provides support for secure communications between
    47. : machines. OpenSSL includes a certificate management tool and shared
    48. : libraries which provide various cryptographic algorithms and
    49. : protocols.
    50. [root@server ~]# yum info curl
    51. Loaded plugins: fastestmirror, tsflags, universal-hooks
    52. Loading mirror speeds from cached hostfile
    53. * EA4: 104.225.128.250
    54. * base: repos.lax.quadranet.com
    55. * epel: mirrors.xmission.com
    56. * extras: mirrors.usc.edu
    57. * updates: mirrors.usc.edu
    58. Installed Packages
    59. Name : curl
    60. Arch : x86_64
    61. Version : 7.50.1
    62. Release : 1.0.cf.rhel6
    63. Size : 566 k
    64. Repo : installed
    65. From repo : CityFan
    66. Summary : Utility for getting files from remote servers (FTP, HTTP, and others)
    67. URL : http://curl.haxx.se/
    68. License : MIT
    69. Description : curl is a command line tool for transferring data with URL syntax, supporting
    70. : FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,
    71. : SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP
    72. : uploading, HTTP form based upload, proxies, cookies, user+password
    73. : authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer
    74. : resume, proxy tunneling and a busload of other useful tricks.
    75. Available Packages
    76. Name : curl
    77. Arch : i686
    78. Version : 7.50.1
    79. Release : 1.0.cf.rhel6
    80. Size : 414 k
    81. Repo : CityFan
    82. Summary : Utility for getting files from remote servers (FTP, HTTP, and others)
    83. URL : http://curl.haxx.se/
    84. License : MIT
    85. Description : curl is a command line tool for transferring data with URL syntax, supporting
    86. : FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,
    87. : SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP
    88. : uploading, HTTP form based upload, proxies, cookies, user+password
    89. : authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer
    90. : resume, proxy tunneling and a busload of other useful tricks.
    91. [root@server ~]#

    so i think it clear, no ea4 bugs

    photo
    photo
    1

    I found out that the problem in my case was Mod ITK, it just won't work with cURL, except if you are not using SSL.

    After i changed to Mod Prefork or Mod Worker, i tested with both, it worked fine.

    photo
    2

    Referencing this thread: https://www.digitalocean.com/community/questions/how-to-upgrade-curl-in-centos6

    These specific instructions are half way down the page posted by jamieburchell who's relaying instructions they got from the Package maintainer Paul Howarth as listed on the CURL download page (https://curl.haxx.se/download.html) next to the Redhat RHEL6 i386 and x86_64 releases.

    Run:

    1. rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/city-fan.org-release-1-13.rhel6.noarch.rpm

    and then edit the file at:

    1. /etc/yum.repos.d/city-fan.org.repo

    to change the line enabled=1 to enabled=0 to prevent pulling in anything from there when you're not expecting it.

    You can then install:

    1. yum --enablerepo=city-fan.org update curl

    Note this now becomes a command that you would need to run whenever you wish to update to the latest version of CURL built. Regular yum updates will no longer update CURL.

    Afterword you'll need to restart your PHP whether it's controlled by restarting Apache or restarting PHP-FPM pools if you use that method.

    photo
    1

    Hello @kdean, and what's the cURL version you obtained by using this tutorial?

    photo
    2

    The latest one built for RedHat 6 (7.50.3) as displayed here: https://curl.haxx.se/download.html

    photo
    2

    By this same token you could just as easily compile cURL from source and always have an up-to-date version of cURL compiled in PHP.

    I think a better solution might be for cPanel to release their own cURL, install it in /opt/cpanel/curl (call it cpanel-curl) and then link curl.so PHP module to /opt/cpanel/curl/lib64/libcurl.so. Then make ea-php56-php-curl-X.X.XX require cpanel-curl. This way it doesn't interfere with system-level cURL and cPanel can release updated cURL packages when they become available.

    photo
    1

    Very interesting idea @sparek-3 . But I bet cPanel must have some good reasons for not having done this already. Benny can you investigate it for us?

    photo
    1

    As far as I know there's no reason we haven't specifically done this implementation that is different than the reason we haven't added this feature to EasyApache: limited development resources.

    photo
    1

    Great Benny, then we still have to keep some hope :-)

    photo
    1

    @sparek-3 i think, cpanel no need to own their curl, because their use package from repository os, because maybe there is a conflict package of curl i think.

    photo
    1

    I'm sorry, I don't know what this means.

    But the point of installing a "cPanel cURL" in /opt/cpanel/curl is so that it doesn't interfere at all with any system level curl.

    I'm not suggesting this as the be-all, end-all of the discussion, but it is a solution. And it would seem to be a fairly simple solution. But the bigger question becomes where does this stop. Does cPanel install their own openssl? Their own mcrypt? And if cPanel is going to install and maintain all of these packages, why not just make a cPanel-OS?

    photo
    1

    FYI, cPanel already installs their own version of Curl, it's just not used by the system or PHP (maybe it's used for WHM/cPanel).

    You can find it here at /opt/curlssl/bin/curl

    1. /opt/curlssl/bin/curl --version
    2. curl 7.38.0 (x86_64-unknown-linux-gnu) libcurl/7.38.0 OpenSSL/1.0.1e zlib/1.2.3 libidn/1.18
    3. Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
    4. Features: IDN IPv6 Largefile NTLM NTLM_WB SSL libz

    compared to custom installed one:

    1. /usr/bin/curl --version
    2. curl 7.50.3 (x86_64-redhat-linux-gnu) libcurl/7.50.3 OpenSSL/1.0.1e zlib/1.2.3 c-ares/1.11.0 libidn/1.18 libssh2/1.7.0 nghttp2/1.6.0
    3. Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
    4. Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz HTTP2 UnixSockets Metalink

    photo
    1

    I think that's for EasyApache3. It's compiled alongside PHP in EasyApache3 so that EasyApache3's PHP's cURL can link to a more up-to-date version.

    I think that's where all of this started. People using EA3 were used to seeing cURL 7.38.0. Then people upgraded to EA4 and suddenly cURL was linked to version 7.19.7 - the system cURL.

    If EasyApache3 is never used on a server, then /opt/curlssl won't exist (at least not created by cPanel).

    photo
    photo
    1

    @kdean

    Thanks for the install info, it did fail at first due to: Error: Package: libcurl-7.50.3-2.0.cf.rhel6.x86_64 (CityFan) Requires: libnghttp2.so.14()(64bit)

    If anyone also gets that error its fixed by installing EPEL

    1. yum install epel-release

    photo
    1

    As a server administrator I feel like this needs to be higher on cPanel's priority list. I specifically purchased a server with a cPanel license in order to use it with Moodle, but Moodle requires a current version of cURL to work, and being forced to manually compile cURL myself on a cPanel server is counter to the reason I purchase a cPanel license.

    Thank you for a fantastic product as cPanel is, but we need some latest software to run all modern web applications.

    photo
    1

    This is one of the biggest problems with cPanel. Some software is there like for ages. Untouched. Waiting to explode like a time bomb...

    photo
    1

    In this case I'm not sure bomb is accurate. With EA4 we're using the OS provided version of cURL, which still includes the security backports.

    photo
    1

    if you want to get latest curl provide by os, you have to use centos 7.x. EA4 not same with EA3, you should know this first, EA3 compile package manually, EA4 use system package, so EA4 use what your os version provide. If you use centos 6, the curl version is too old, youneed to replace/reinstall from another repo, such as epel-release or others.

    photo
    photo
    1

    I think with cURL, there may not be an issue, on CentOS servers, anyway. They backport some software, including cURL, so the version number alone isn't an accurate representation of the security-fix status of the software. Web applications that go only by the version number may falsely report you are using a vulnerable release of some things.

    photo
    3

    Hi Everyone,

    Thank you for the committed feedback you all have provided. We're going to be working on this soon. We don't have much development bandwidth right now, but once we get started on it, I'll provide an update.

    photo
    1

    Hi,

    We're starting to talk about this more and more, and I have a feeling we'll get started working on this within the next week or two. Some concerns we have are shipping the absolute latest CURL package available (7.52.1 at the time of writing this). We're going to start off by shipping CURL 7.38.0, which is the version that EA3 shipped. After a couple of weeks, if there's no major issues, we'll upgrade the CURL packages to the latest 7.52.x.

    Thanks for your patience while we get this going!

    photo
    1

    Ah good news! Thanks :)

    photo
    1

    Any news on this?

    (My WHMCS is complaining this version is out of date and has security issues)

    photo
    1

    i also have this problem. WHMCS keep nagging me with the cURL version

    photo
    photo
    2

    Nothing new yet! The team has *just* started work on it, but it's too early to provide an expected delivery date. As soon as we know more we'll be back to let you know!

    photo
    1

    Yes, our system is also complaining. Thanks!

    photo
    1

    any update on this? All live shipments (DHL, USPS...) and payments need the curlssl on php7 to work fine.

    Any idea when the update will be ready?

    photo
    1

    @Benny: Is there any ETA?

    photo
    1

    also is there any work around meanwhile cPanel team working there ?

    photo
    2

    No updates yet, but the team is still working on it. I can say that, unless we hit any snags or bumps we're getting quite close to done!

    photo
    1

    thank you team! Keep up the good work!

    photo
    1

    Back with good news! We have our first version of this ready for external testing, and we need your feedback. A few caveats:

    1. In order to test this you need to be comfortable making manual edits on the command line.
    2. The first version of the RPM we're providing brings libcurl back in line with what we were providing with EasyApache3 (7.38.0)
    3. If testing with this version goes well, and we get good feedback from users that are testing it in their environments, we want to upgrade it to the most recent version of libcurl (7.52.2) shortly thereafter.

    If you're interested in giving this a look, below are your directions:

    1) Make a backup of your EA4 repo file:

    1. cp /etc/yum.repos.d/EA4.repo /etc/yum.repos.d/EA4.repo.bak

    2) Edit the original (/etc/yum.repos.d/EA4.repo) file with your favorite command line editor, comment out the line that says "mirrorlist" and add in the appropriate baseurl line from below, depending on your operating system.

    3) Run a 'yum update'. If you already have one of our php-curl packages installed, it'll automatically update to the new one. If you don't you will need to install it it.

    Your repo file will look something like this once you're done:

    1. root@cpanel [/etc/yum.repos.d]# cat /etc/yum.repos.d/EA4.repo
    2. [EA4]
    3. name=EA4 ( EasyApache 4 )
    4. baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/
    5. #mirrorlist=http://httpupdate.cpanel.net/ea4-c$releasever-$basearch-mirrorlist
    6. gpgcheck=1
    7. gpgkey=https://securedownloads.cpanel.net/cPanelPublicRPMKey.asc
    8. enabled=1

    Two things, though:

    * We need your feedback on if/how this works, and if it causes you any problems. We realize that this version is not the most recent version, but we're trying to take the safest route first.

    * Once we have feedback, and have a chance to react to any bugs, we'll be able to upgrade to the latest version.

    Please give it a look and let us know how it goes!

    photo
    2

    Thanks Benny,

    This worked fine, there was issues with the EA3 with the versions of TLS throwing issues, upgraded this out to EA4 and made the changes above and it provisioned without issues and WHMCS finally gives the green light :)

    photo
    1

    Thank you! That's exactly what I wanted to hear.

    photo
    1

    do the cloudlinux also use this method?

    photo
    1

    Do same applicable on cloudLinux ?

    photo
    1

    No, unfortunately. CloudLinux is downstream from us, so they they'll update their RPMs once we get these into production.

    photo
    photo
    1

    i did exactly what you said but the curl version is still: curl-7.29.0-35.el7.centos.x86_64

    message after yum install curl:

    Package curl-7.29.0-35.el7.centos.x86_64 already installed and latest version

    photo
    1

    Hi,

    The package we build is 'ea-libcurl', and if you install / or have installed 'ea-php##-php-curl', it'll upgrade with yum update. If it didn't, there might be an issue preventing the update.

    photo
    1

    I am on Centos 7, php 7. Any idea what could be the problem?

    photo
    1

    Howdy,

    That's still the wrong package, you're wanting to install ea-libcurl. If you can't find that package with yum, then Yum can't find the 'ea4testing.cpanel.net' mirror =, or it's misconfigured.

    If you want to hop on IRC, I can assist you with this. I'm 'Perk' on freenode, found in #cpanel.

    photo
    photo
    1

    Thanks, Benny! Followed your instructions exactly and had no problems at all (CentOS 7). It now shows curl 7.38.0 as promised. No errors, no glitches, smooth on the first try.

    Not sure if this makes a difference to anyone, but just before doing this upgrade, I first checked for updates in EA4 in WHM and installed a kernel upgrade, then did a graceful reboot before proceeding with the curl change.

    photo
    1

    Great to hear, thanks!

    photo
    photo
    2

    Hi,

    Thanks for the great feedback! I'm going to upgrade this package to 7.53.1, as that's the latest available.

    I'll update this feature request once we get it merged and tested via the team, so y'all can test this out for us.

    Thanks!

    photo
    2

    I also followed your instructions and it worked without any issues. That was really easy :)

    photo
    1

    Hi,

    We've updated ea-libcurl to 7.53.1, which brings it inline with the latest available, and pushed these repos to ea4testing. For those who have tested 7.38.0, please 'yum update' to get the updates, and let us know how it goes!

    photo
    1

    We are planning to release cURL 7.53.1 to all EA4 systems on Tuesday, March 21. Please let us know how it's working for you!

    Recap of the directions for any new folks:

    In order to test this you need to be comfortable making manual edits on the command line.

    1) Make a backup of your EA4 repo file:

    1. cp /etc/yum.repos.d/EA4.repo /etc/yum.repos.d/EA4.repo.bak

    2) Edit the original (/etc/yum.repos.d/EA4.repo) file with your favorite command line editor, comment out the line that says "mirrorlist" and add in the appropriate baseurl line from below, depending on your operating system.

    1. CentOS 6 - 32bit: baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/i686/
    2. CentOS 6 - 64bit: baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/
    3. CentOS 7 - 64bit: baseurl=http://ea4testing.cpanel.net/CentOS/7/EA4/x86_64/

    3) Run a 'yum update'. If you already have one of our php-curl packages installed, it'll automatically update to the new one. If you don't you will need to install it it.

    Your repo file will look something like this once you're done:

    1. root@cpanel [/etc/yum.repos.d]# cat /etc/yum.repos.d/EA4.repo
    2. [EA4]
    3. name=EA4 ( EasyApache 4 )
    4. baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/
    5. #mirrorlist=http://httpupdate.cpanel.net/ea4-c$releasever-$basearch-mirrorlist
    6. gpgcheck=1
    7. gpgkey=https://securedownloads.cpanel.net/cPanelPublicRPMKey.asc
    8. enabled=1

    * We need your feedback on if/how this works, and if it causes you any problems.

    Please give it a look and let us know how it goes!

    photo
    1

    Hi! Is this stable enough? How many installs have been tested?

    Consider this is a serious component as most ecommerce sites depend upon it to process payments.

    photo
    1

    Howdy Marcelo! This was the primary concern for us. It sounds like 7.38 works well enough, but that's still way behind the latest version available, and vulnerable to some CVE's. I hope that we'll have enough testing here to let us know if it's safe enough to publish to all customers.

    Worst case, we publish it, it causes issues. We can revert the upgrade (put it back to 7.38) quite easily and can fix that same day if necessary.

    photo
    1

    All right, this's a long waited update. I'll cross my fingers for this :-)

    photo
    photo
    1

    Hello,

    We are releasing libcurl 7.53.1 to the mirrors now. We will be keeping this package up to date.

    Thanks!

    photo
    1

    great,

    photo
    1

    @CpanelJacob: this includes immeditate availability for RELEASE and STABLE branchs?

    photo
    1

    There are no RELEASE and STABLE branches in EA4, so all EA4 systems will get this update.

    photo
    1

    Yes, it is correct. Sorry.

    Ok, so, had anybody tested this out with any WordPress site using PayPal or other gateways? Because that's the first front which may become buggy or not after this upgrade.

    photo
    photo
    1

    Thanks for updating the latest phpcurl extension 7.53.1 to EA4. Well done.

    photo
    1

    I followed the instructions above, and now I have the EA curl and CentOS7 Curl both installed. EA/Cpanel is only seeing the old one.