gnuports@2rosenthals.com Messaggio archiviato #45 messaggio precedente messaggio successivo torna alla lista

Da: Lewis G Rosenthal Intestazioni complete
Messaggio non codificato
Oggetto: cURL vulnerabilities
Data: Fri, 3 Jan 2025 12:54:29 -0500
A: GNU Ports for eCS Mailing List

Hi, all...

Can it really be that nobody has built a newer cURL than 7.75.0 (Feb 2021)?

I have just become aware that there was a particularly nasty CVE:

https://curl.se/docs/CVE-2024-7264.html

which impacts all versions from 7.32.0 through 8.9.0.

Trying to build 8.11.1 (latest), I didn't get very far (nothing useful). Before I dive into it, I was just wondering if anyone else had had any greater success. 7.75.0 seems quite outdated for something with security implications.

TIA

--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE, CWTS, EA
Rosenthal & Rosenthal, LLC                www.2rosenthals.com
visit my IT blog                www.2rosenthals.net/wordpress
-------------------------------------------------------------
Isriviti: Feed, Riassunto, Indice.
Disiscriviti
Scrivi a ListMaster