Chirp!
  • Login
Chirp! is a GNU Social instance for the Cooley and Sekula families and their friends.

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Daniel Stenberg (bagder@mastodon.social)'s status on Thursday, 01-Jun-2023 00:05:49 UTC Daniel Stenberg Daniel Stenberg

    CVE-2023-27536

    Announced by the #curl project back in March 2023. We deem it severity Low. https://curl.se/docs/CVE-2023-27536.html

    NVD, in their infinite wisdom, thinks this is a CRITICAL 9.8 flaw: https://nvd.nist.gov/vuln/detail/CVE-2023-27536

    I wish I knew how to fix this annoying problem but talking or whining to NVD certainly does not seem to help.

    In conversation Thursday, 01-Jun-2023 00:05:49 UTC from mastodon.social permalink

    Attachments



    • Daniel Stenberg (bagder@mastodon.social)'s status on Thursday, 01-Jun-2023 00:05:49 UTC Daniel Stenberg Daniel Stenberg
      in reply to

      After my complaint the NVD hos "downgraded" it to a 7.5 (high).

      My response: you are scaremongering. It is not a high either.

      In conversation Thursday, 01-Jun-2023 00:05:49 UTC permalink
      Santa Claes πŸ‡ΈπŸ‡ͺπŸ‡­πŸ‡°πŸŽ… likes this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • Privacy
  • Source
  • Version
  • Contact

Chirp! is a social network. It runs on GNU social, version 2.0.1-beta0, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Chirp! content and data are available under the Creative Commons Attribution 3.0 license.