@pnutzh4x0r@lemmy.ndlug.org to

Open Source@lemmy.mlEnglish • 9 months ago

How I made a heap overflow in curl

6

89

How I made a heap overflow in curl

@pnutzh4x0r@lemmy.ndlug.org to

Open Source@lemmy.mlEnglish • 9 months ago

6

How I made a heap overflow in curl | daniel.haxx.se

In association with the release of curl 8.4.0, we publish a security advisory and all the details for CVE-2023-38545. This problem is the worst security problem found in curl in a long time. We set it to severity HIGH.

While the advisory contains all the necessary details. I figured I would use a few additional words and expand the explanations for anyone who cares to understand how this flaw works and how it happened.

Chat

macallik
link
fedilink
3•9 months ago
Hmmmm. Maybe this is why Debian pushed a curl update today even though it was also upgraded in 12.2 four days ago
- 7heo
  link
  fedilink
  4•
  edit-2
  9 months ago
  expired

Open Source@lemmy.ml

!opensource@lemmy.ml

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !opensource@lemmy.ml

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

258 users / day
1.3K users / week
3.78K users / month
14.9K users / 6 months
1 local subscriber
28.9K subscribers
1.33K Posts
20.8K Comments
Modlog