Mailing List gnuports@2rosenthals.com gearchiveerd bericht #45 vorig bericht volgend bericht terug naar list

Van: "Lewis G Rosenthal" <gnuports@2rosenthals.com> Volledige berichtkoppen
Ongedecodeerd bericht
Onderwerp: cURL vulnerabilities
Datum: Fri, 3 Jan 2025 12:54:29 -0500
Aan: GNU Ports for eCS Mailing List <gnuports@2rosenthals.com>

Hi, all...

Can it really be that nobody has built a newer cURL than 7.75.0 (Feb 2021)?

I have just become aware that there was a particularly nasty CVE:

https://curl.se/docs/CVE-2024-7264.html

which impacts all versions from 7.32.0 through 8.9.0.

Trying to build 8.11.1 (latest), I didn't get very far (nothing useful). Before I dive into it, I was just wondering if anyone else had had any greater success. 7.75.0 seems quite outdated for something with security implications.

TIA

--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE, CWTS, EA
Rosenthal & Rosenthal, LLC                www.2rosenthals.com
visit my IT blog                www.2rosenthals.net/wordpress
-------------------------------------------------------------
Aanmelden: Feed, Samenvatting, Index.
Afmelden
Mail naar ListMaster