Hi team!
Recently we've received several security issues in the curl bug bounty program
where we've pointed out that the issues already were at least partly covered
or explained in the libcurl-security.3 man page.
I believe the page is too hard to find on the web site and possibly just
under-appreciated in general.
It should be mandatory reading for everyone who uses libcurl in a service,
product or application.
Available online here:
https://curl.haxx.se/libcurl/security.html
The source is here:
https://github.com/curl/curl/blob/master/docs/libcurl/libcurl-security.3
End of message.
--
/ daniel.haxx.se | Commercial curl support up to 24x7 is available!
| Private help, bug fixes, support, ports, new features
| https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
