Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Microsoft on CVE-2021-22947
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Wed, 12 Jan 2022 12:33:13 +0100 (CET)
Hi team,
Just a FYI:
Yesterday, Microsoft published information[1] and upgrade details for fixing
their version of curl in regards to the problem called CVE-2021-22947 that we
reported back in September 2021 [2].
In their great wisdom, without asking us or reading our description, they
decided this is a "Remote Code Execution Vulnerability".
I obviously disagree with that description.
[1] = https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-22947
[2] = https://curl.se/docs/CVE-2021-22947.html
Date: Wed, 12 Jan 2022 12:33:13 +0100 (CET)
Hi team,
Just a FYI:
Yesterday, Microsoft published information[1] and upgrade details for fixing
their version of curl in regards to the problem called CVE-2021-22947 that we
reported back in September 2021 [2].
In their great wisdom, without asking us or reading our description, they
decided this is a "Remote Code Execution Vulnerability".
I obviously disagree with that description.
[1] = https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-22947
[2] = https://curl.se/docs/CVE-2021-22947.html
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://curl.se/support.html -- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2022-01-12