cross-posted from: https://biglemmowski.win/post/224873
Posted on twitter by Curl author Daniel Stenberg - https://nitter.cz/bagder/status/1709103920914526525
We are cutting the release cycle short and will release curl 8.4.0 on October 11, including a fix for a severity HIGH CVE. Buckle up.
… But this time actually the worst security problem found in curl in a long time
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545
I love curl, but the amount of stuff it will do is kind of terrifying.
ffmpeg has to be the runner up for most-got-damned-options.
Ironically, most-god-damned-options is a valid ffmpeg argument list.
I don’t even bother to read the ffmpeg man page for its options. StackOverflow is the primary reference now.