Sign in / up

back to article Curl bashes 11 bugs

The popular file transfer library Curl has squashed 11 bugs. Detailed on the tool's security page, CVEs 2016-8615 through 2016-8625 do things like send the tool to the wrong host, or allow an attacker to "cause [a] connection to be reused if s/he knows the case-insensitive version of the correct password." Upgrading to Curl 7 …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Christian Berger

    Didn't curl have the problem...

    ...that it was left without maintainer because nobody wanted to touch that code?

    0 0 Reply
    1. fandom
      Reply Icon

      Re: Didn't curl have the problem...

      Nope.

      Not even close really.

      0 0 Reply
  2. Anonymous Coward
    Anonymous Coward

    I certainly got bugs fixed in libcurl when I reported them earlier this year.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon