Curl v8.4.0 Addresses High-Severity Issue
Curl project maintainers have now released curl v8.4.0, which fixes vulnerabilities found in the widely used data transfer tool, along with an advisory detailing the issues.
Lead developer Daniel Stenberg noted that this release cycle was cut short in order to quickly address the high-severity vulnerability (CVE-2023-38545), which “makes curl overflow a heap-based buffer in the SOCKS5 proxy handshake.”
The vulnerability affects both curl and libcurl from version 7.69.0 up to (and including) v8.3.0. Users are advised to upgrade now.
Related content
- High-Severity OpenSSL Security Advisory Released
- Datadog Report Examines DevSecOps Best Practices
-
From Out of the Blue
We sat down with Dan Rosenberg, security consultant and kernel bug hunter, to talk about code auditing, kernel fuzzing, and getting started in the security business. - Dangerous New Attack Could Compromise One Third of All HTTPS Servers
-
News for Admins
News for system administrators around the world.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Focus On Self-Hosting
• Self-Hosted PaaS with Coolify
• Build and Host Docker Images
• Self-Hosted Pritunl VPN Server with MFA
• Self-Hosted Chat Servers
• Self-Hosted Remote Support with RustDesk
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
