Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Rejected CVE-2023-32001
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Sun, 27 Aug 2023 11:39:21 +0200 (CEST)
Hi friends.
As of today, we no longer consider CVE-2023-32001 to be a curl security
vulnerability.
The main advisory is updated accordingly:
https://curl.se/docs/CVE-2023-32001.html
The issue leading to the retraction is here:
https://github.com/curl/curl/issues/11530
The original HackerOne report leading to the original CVE is here:
https://hackerone.com/reports/2039870
The PR (now merged) that updates the documentation that mentions problems with
sharing directories with curl saves:
https://github.com/curl/curl/pull/11701
Thanks for flying curl. Never a dull moment.
Date: Sun, 27 Aug 2023 11:39:21 +0200 (CEST)
Hi friends.
As of today, we no longer consider CVE-2023-32001 to be a curl security
vulnerability.
The main advisory is updated accordingly:
https://curl.se/docs/CVE-2023-32001.html
The issue leading to the retraction is here:
https://github.com/curl/curl/issues/11530
The original HackerOne report leading to the original CVE is here:
https://hackerone.com/reports/2039870
The PR (now merged) that updates the documentation that mentions problems with
sharing directories with curl saves:
https://github.com/curl/curl/pull/11701
Thanks for flying curl. Never a dull moment.
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://curl.se/support.html -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2023-08-27