Hi Everyone,
curl 7.83.0 is now on the ITUGLIB website. This includes the curl object, libcurl.a, curl header files, and man pages. Please be aware that this is an important major function release and addresses some curl-specific CVEs:
https://curl.se/docs/CVE-2022-22576.html - Medium severity - which is OAuth related and dates back to 2013.
https://curl.se/docs/CVE-2022-27774.html - Medium severity - which is redirect related, going back to the beginning. This is justification to upgrade.
https://curl.se/docs/CVE-2022-27775.html - Low severity - IPv6 zone related.
https://curl.se/docs/CVE-2022-27776.html - Low severity - cookie redirect related.
Builds are available for OpenSSL 1.1.1, 3.0.x, and 1.0.2 on J-series and L-series. Be aware that OpenSSL 1.0.2 contains severe vulnerabilities so the version of curl using 1.0.2 should really not be used.
Regards,
Randall Becker
On behalf of the ITUGLIB Technical Committee
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)