Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
Some question about CVE-2022-27779
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: 陈星杵 via curl-library <curl-library_at_lists.haxx.se>
Date: Tue, 25 Mar 2025 15:48:58 +0800 (GMT+08:00)
Sorry, I expressed myself incorrectly. I mean that the file in the patch was inconsistent with the file in the introduce commit.[1] [2]
[1] Introduce commit: https://github.com/curl/curl/commit/b27ad8e1d3e68e
[2] Patch: https://github.com/curl/curl/commit/7e92d12b4e6911f424678a133b19de670e183a59
> -----原始邮件-----
> 发件人: "Daniel Stenberg" <daniel_at_haxx.se>
> 发送时间: 2025-03-24 22:31:02 (星期一)
> 收件人: "陈星杵 via curl-library" <curl-library_at_lists.haxx.se>
> 抄送: 陈星杵 <chenxingchu_at_iie.ac.cn>
> 主题: Re: Some question about CVE-2022-27779
>
> On Mon, 24 Mar 2025, 陈星杵 via curl-library wrote:
>
> > I hope this email finds you well. I apologize for the interruption, but I
> > recently noticed that the CURL website provides both the commit that
> > introduced CVE-2022-27779[1] and the corresponding patch. However, the MD5
> > checksums of the modified files in these two versions do not match[2][3].
>
> What MD5 checksums ? I don't understand what you are talking about.
>
> --
>
> / daniel.haxx.se || https://rock-solid.curl.dev
Date: Tue, 25 Mar 2025 15:48:58 +0800 (GMT+08:00)
Sorry, I expressed myself incorrectly. I mean that the file in the patch was inconsistent with the file in the introduce commit.[1] [2]
[1] Introduce commit: https://github.com/curl/curl/commit/b27ad8e1d3e68e
[2] Patch: https://github.com/curl/curl/commit/7e92d12b4e6911f424678a133b19de670e183a59
> -----原始邮件-----
> 发件人: "Daniel Stenberg" <daniel_at_haxx.se>
> 发送时间: 2025-03-24 22:31:02 (星期一)
> 收件人: "陈星杵 via curl-library" <curl-library_at_lists.haxx.se>
> 抄送: 陈星杵 <chenxingchu_at_iie.ac.cn>
> 主题: Re: Some question about CVE-2022-27779
>
> On Mon, 24 Mar 2025, 陈星杵 via curl-library wrote:
>
> > I hope this email finds you well. I apologize for the interruption, but I
> > recently noticed that the CURL website provides both the commit that
> > introduced CVE-2022-27779[1] and the corresponding patch. However, the MD5
> > checksums of the modified files in these two versions do not match[2][3].
>
> What MD5 checksums ? I don't understand what you are talking about.
>
> --
>
> / daniel.haxx.se || https://rock-solid.curl.dev
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2025-03-25