On 11/5/21 16:40, Stephen Booth via curl-library wrote:
I missed the --oauth-bearer option because I checked the flags on an old box with an old curl version :-)
Your version is more than 8 years old ! :-( You better upgrade, as a lot of other more serious security problems have been fixed since then.
Please note also that argument obfuscation does not reduce the leakage risk to 0: there's still a tiny time between the program start and the info erasure, and it even does not work for some OSes.
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
