Knowledge Required: Minimal
Tools required: Ansible
Curl, a popular Linux command line tool for interacting with the web was determined to contain a critical vulnerability this week. It’s wide array of supported web protocols means this software is commonplace (especially with developers) with many Linux distributions including it as default. QualysLink
As such, it’s time to start identifying which systems have the curl package and their versions. Those making use of the popular Linux management tool, Ansible, can use the below playbook.
Copy the below code snipped and run against your hosts with ansible-playbook check_curl_version.yaml. By default this will search against all hosts configured in your ansible hosts.cfg file:
- hosts: all
tasks:
tasks:
- name: check packages
package_facts:
manager: auto
- name: print package curl version if present
debug:
msg: "Version of curl is {{ ansible_facts.packages['curl'][0]['version'] }}"
when: "'curl' in ansible_facts.packages"
- name: print package libcurl version if present
debug:
msg: "Version of curl is {{ ansible_facts.packages['libcurl'][0]['version'] }}"
when: "'lbcurl' in ansible_facts.packages"
EOF
