Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
on legacy dependencies
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Sat, 25 Jan 2025 14:20:58 +0100 (CET)
FYI,
We have been discussing a particular issue in the curl security team recently
and based on this context, I want us to draw this line in the sand for the
future, for when we no longer consider problems to be curl security problems
when a "legacy dependency" is needed to tigger them.
I've created a PR to this effect, tryingto define what such a "legacy
dependency" could be:
https://github.com/curl/curl/pull/16086
I'll welcome help and feedback.
(The exact details of the particular issue that triggered this will be
disclosed at a later time.)
Date: Sat, 25 Jan 2025 14:20:58 +0100 (CET)
FYI,
We have been discussing a particular issue in the curl security team recently
and based on this context, I want us to draw this line in the sand for the
future, for when we no longer consider problems to be curl security problems
when a "legacy dependency" is needed to tigger them.
I've created a PR to this effect, tryingto define what such a "legacy
dependency" could be:
https://github.com/curl/curl/pull/16086
I'll welcome help and feedback.
(The exact details of the particular issue that triggered this will be
disclosed at a later time.)
-- / daniel.haxx.se || https://rock-solid.curl.dev -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2025-01-25