Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

taaz@biglemmowski.win · 9 months ago

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

ugo · 9 months ago

Are we reading the same article? I read it when it came out, and read it a second time now. The article:

is not a bitchfit
nowhere states CVE is bad or useless (it even links a list of CVEs directly hosted on curl’s website)

The article is about missing checks in the CVE ecosystem that allows useless fearmongering perpetrated by badly filed CVEs to spread, citing one particular CVE as exemplary of all the faults

feral_hedgehog@pawb.social · 9 months ago

Are we reading the same article?

You assume they’ve read the article 😬

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 · curl/curl · Discussion #12026