Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

taaz@biglemmowski.win · 2 年前

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

cmnybo · 2 年前

There sure has been a lot of CVE’s in the last couple of weeks!

PeWu@lemmy.ml · 2 年前

For real. One with .webp, one with privilege escalation, and now this.

OsrsNeedsF2P@lemmy.ml · 2 年前

Canonical has been aggressively expanding their security team, and Levels.fyi showed last quarter that security researchers were some of the highest paid forms of software development.

Doesn’t guarantee anything long-term, but there’s a few suggestions that security has gotten a larger focus lately.

P03 Locke@lemmy.dbzer0.com · 2 年前

Good. There’s so much chain of trust in the OSS community that it’s hard to keep up with the tens of thousands of libraries that literally hold up the Internet.

It’s a shame we discover these critical bugs so late in the process, but at least we discover them at all…

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 · curl/curl · Discussion #12026