curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: CVE-2022-22623

From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Mon, 21 Mar 2022 22:40:55 +0100 (CET)

On Thu, 17 Mar 2022, Daniel Stenberg via curl-library wrote:

> Apple recently posted https://support.apple.com/en-us/HT213183 about a macOS
> upgrade, in which they have also updated curl.
>
> In this note they mention four different CVEs that allegedly have been
> addressed in this curl update. Three of them we recognize, but the fourth is
> CVE-2022-22623.

As of a few hours ago, the forth CVE is no longer present on that page. In an
email response to me they say they've also requested a rejection of that CVE
to MITRE.

This certainly leaves questions unanswered, but at least the primary issue is
now solved.

-- 
  / daniel.haxx.se
  | Commercial curl support up to 24x7 is available!
  | Private help, bug fixes, support, ports, new features
  | https://curl.se/support.html
-- 
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2022-03-21