In association with the release of curl 8.4.0, we publish a security advisory and all the details for CVE-2023-38545. This problem is the worst security problem found in curl in a long time. We set it to severity HIGH.

While the advisory contains all the necessary details. I figured I would use a few additional words and expand the explanations for anyone who cares to understand how this flaw works and how it happened.

  • makeasnek@lemmy.ml
    link
    fedilink
    arrow-up
    5
    ·
    1 year ago

    These things happen, best you can do is fix them when they do and accept responsibility. Cheers to the devs. Memory-safe languages are the future