Autor: David A. Wheeler
Data:
Para: The Tails public development discussion list
Asunto: [Tails-dev] curl 8.4.0 - need to update
All:
curl 8.4.0 has been released. This fixes a high-severity vulnerability in curl's use of SOCKS5 (CVE-2023-38545), an important use case for Tails.
This is very unusual; it's very rare for find this kind of severe vulnerability in curl. Nevertheless, we're all human. Details here:
https://daniel.haxx.se/blog/2023/10/11/how-i-made-a-heap-overflow-in-curl/
--- David A. Wheeler