Curl 8.4 Released For Addressing A Big Security Vulnerability

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • caligula
    replied
    Originally posted by colejohnson66 View Post
    Obligatory "Rust wouldn't've had a buffer overflow" comment

    Daniel even manages to say so without mentioning Rust (or any other memory-safe language):
    The only problem is, people often prefer curl in minimal Docker images because it's only ~210 kB while wget is ~460 kB. A rust alternative probably would use 2 to 10 MB of space. Not that much these days, but the size of the binaries also matters. They could also use Java instead, but a jlinked Java distribution would probably use 50 to 100 MB.

    Leave a comment:


  • colejohnson66
    replied
    Obligatory "Rust wouldn't've had a buffer overflow" comment

    Daniel even manages to say so without mentioning Rust (or any other memory-safe language):
    Yes, this family of flaws would have been impossible if curl had been written in a memory-safe language instead of C, [...]

    Leave a comment:


  • Curl 8.4 Released For Addressing A Big Security Vulnerability

    Phoronix: Curl 8.4 Released For Addressing A Big Security Vulnerability

    Following the news from a few days ago that Curl was prepping for its worst security flaw in a long time affecting the project, Curl 8.4 is now available and with new light on this issue...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
Working...
X