curl removed from Omnibus-GitLab FIPS packages in 19.0

GitLab Omnibus FIPS packages will discontinue bundled curl in version 19.0, switching to the distribution-provided curl instead.

• •curl 8.18.0 deprecated OpenSSL 1.x compilation, affecting Amazon Linux 2 and AlmaLinux 8 FIPS packages
• •This change applies to all FIPS packages for maintainability and security consistency
• •GitLab will no longer be responsible for curl security updates in FIPS environments; customers must maintain their OS curl
• •Scanner findings will reflect the host OS package version rather than GitLab-bundled version
• •This aligns with how OpenSSL is already handled in FIPS environments

This summary was automatically generated by AI based on the original article and may not be fully accurate.