Download
Browse source Changelog
Documentation
Project   Bug Bounty   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users Mailing lists Book: Everything curl Video presentations Report a bug Paid support
Development
Autobuilds Code review Code style Contribute Dashboard Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-users / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: curl.exe in curl-7.71.1-win32-mingw.zip compiled using gcc 9.3, which has vulnerability (CVE-2019-15847): How is curl.exe affected?

From: Daniel Stenberg via curl-users <curl-users_at_cool.haxx.se>
Date: Thu, 13 Aug 2020 23:31:49 +0200 (CEST)

On Thu, 13 Aug 2020, Annie Desrochers via curl-users wrote:

> It is a 64-bit Windows running on Intel Xeon. I am currently limited to
> using the 32-bit version of curl.exe, however.

The vulnerability you pointed to, CVE-2019-15847, is for gcc running on POWER
CPUs, not x86 nor x86-64. So no: curl built for x86 will not be affected by
that flaw. 

-- 
  / daniel.haxx.se | Commercial curl support up to 24x7 is available!
                   | Private help, bug fixes, support, ports, new features
                   | https://www.wolfssl.com/contact/
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2020-08-13