Home News BCC closes curl security vulnerabilities with product updates

Published on November 23, 2023

BCC closes curl security vulnerabilities with product updates

Thorsten Wilm profile picture Thorsten Wilm

Following on from two vulnerabilities identified on October 11th 2023, the open-source curl project has recommended that users of the libcurl library upgrade to use the latest version of this library.

Products affected by this vulnerability: BCC MigrationEngine for Mail, BCC ActiveArchive, BCC MailProtect, BCC Coexistence Gateway - Free Busy.

BCC makes extensive use of the open-source library curl (or libcurl) in many of its products. This library is used by our products when transferring data over HTTP or HTTPS. The curl open-source project has announced a new version (8.4.0) addressing the security vulnerabilities identified.

We are now pleased to announce that our latest versions of all products will use curl version 8.4.0, which is identified as not having the vulnerabilities.

The new product versions are now available on our download website:

  • BCC MigrationEngine for Mail 4.9.0.3
  • BCC ActiveArchive 4.1.0.0
  • BCC MailProtect 12.4.0.2
  • BCC Coexistence Gateway - Free Busy 2.0.0.1

 

More details on the vulnerabilities can be found at curl.se or intruder.io
Back to all news
Open newsletter modal