Devs, all, With the CVE reports on fire about curl / libcurl, when should we be looking for updates? Even the maintainer is mum about the exact versions subject to the exploit for fear of identifying the broken component, so it must be pretty bad... Just checking. And for those not aware, if you have applications using curl / libcurl, (just about all net connected apps do), update quickly when available. Upstream fix available now. -- David C. Rankin, J.D.,P.E.
Hi, On Wed, Oct 11, 2023 at 03:22:09AM -0500, David C. Rankin wrote:
Devs, all,
With the CVE reports on fire about curl / libcurl, when should we be looking for updates?
Even the maintainer is mum about the exact versions subject to the exploit for fear of identifying the broken component, so it must be pretty bad...
Just checking. And for those not aware, if you have applications using curl / libcurl, (just about all net connected apps do), update quickly when available.
Upstream fix available now.
we have released our updates also on Wednesday, some hours after the curl maintainer published. Ciao, Marcus
participants (2)
-
David C. Rankin -
Marcus Meissner