Hi friends.
For several older security advisories done years ago, I remember that I put
"7.1" as the first vulnerable version a little by habit because the flaw was
really old and I was too lazy to find the exact version.
I did it now. I went back and dug up the actual version that introduced the 11
CVEs that previously had 7.1 as the first vulnerable version. I figured it
could be valuable to have more accurate vulnerability data.
For versions before 6.5 (that aren't present in git), I've used the changelog
and a few saved snapshots.
See https://github.com/curl/curl-www/pull/183
--
/ daniel.haxx.se
| Commercial curl support up to 24x7 is available!
| Private help, bug fixes, support, ports, new features
| https://curl.se/support.html
--
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
