Discussion:
ITUGLIB Update: Curl 8.2.1
(too old to reply)
Randall
2023-08-09 17:11:22 UTC
Permalink
Hi Everyone,

Curl 8.2.1 is now available on the ITUGLIB website. Builds are available for OpenSSL 3.0.x, 1.1.1v, and 1.0.2u on J-series and L-series.

Source code is available via git. The builds use the standard Curl code base with no separate patches for NonStop.

Regards,
Randall Becker
On Behalf of the ITUGLIB Technical Committee
Randall
2023-08-25 22:05:14 UTC
Permalink
Post by Randall
Hi Everyone,
Curl 8.2.1 is now available on the ITUGLIB website. Builds are available for OpenSSL 3.0.x, 1.1.1v, and 1.0.2u on J-series and L-series.
Source code is available via git. The builds use the standard Curl code base with no separate patches for NonStop.
Regards,
Randall Becker
On Behalf of the ITUGLIB Technical Committee
FYI: If you come across CVE-2020-19909, the curl team will be doing a write-up of this but does not consider this a security vulnerability at all and is disputing the rank that NVD gave to the problem three years ago. If I hear anything else, I will post it.
Randall
2023-08-29 21:41:28 UTC
Permalink
Post by Randall
Post by Randall
Hi Everyone,
Curl 8.2.1 is now available on the ITUGLIB website. Builds are available for OpenSSL 3.0.x, 1.1.1v, and 1.0.2u on J-series and L-series.
Source code is available via git. The builds use the standard Curl code base with no separate patches for NonStop.
Regards,
Randall Becker
On Behalf of the ITUGLIB Technical Committee
FYI: If you come across CVE-2020-19909, the curl team will be doing a write-up of this but does not consider this a security vulnerability at all and is disputing the rank that NVD gave to the problem three years ago. If I hear anything else, I will post it.
More info. The CVE is now in a "disputed" state instead of a "critical" state: https://www.cve.org/CVERecord?id=CVE-2020-19909
Loading...