#security #curl #CVE
噢对 今天记得升级 curl / libcurl
See also: https://github.com/curl/curl/discussions/12026
We are cutting the release cycle short and will release curl 8.4.0 on October 11, including fixes for a severity HIGH CVE and one severity LOW. The one rated HIGH is probably the worst curl security flaw in a long time.
The new version and details about the two CVEs will be published around 06:00 UTC on the release day.
- CVE-2023-38545: severity HIGH (affects both libcurl and the curl tool)
- CVE-2023-38546: severity LOW (affects libcurl only, not the tool)
噢对 今天记得升级 curl / libcurl
See also: https://github.com/curl/curl/discussions/12026
We are cutting the release cycle short and will release curl 8.4.0 on October 11, including fixes for a severity HIGH CVE and one severity LOW. The one rated HIGH is probably the worst curl security flaw in a long time.
The new version and details about the two CVEs will be published around 06:00 UTC on the release day.
- CVE-2023-38545: severity HIGH (affects both libcurl and the curl tool)
- CVE-2023-38546: severity LOW (affects libcurl only, not the tool)