Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

taaz@biglemmowski.win to Linux@lemmy.ml – 143 points – Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 · curl/curl · Discussion #12026
github.com

cross-posted from: https://biglemmowski.win/post/224873

Posted on twitter by Curl author Daniel Stenberg - https://nitter.cz/bagder/status/1709103920914526525

We are cutting the release cycle short and will release curl 8.4.0 on October 11, including a fix for a severity HIGH CVE. Buckle up.

... But this time actually the worst security problem found in curl in a long time

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545

27

You are viewing a single comment
View all commentsShow the parent comment

ffmpeg has to be the runner up for most-got-damned-options.

Ironically, most-god-damned-options is a valid ffmpeg argument list.

I don't even bother to read the ffmpeg man page for its options. StackOverflow is the primary reference now.