Re: Request for Curl.exe update included in Git binaries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2023-09-25 at 15:37:46, Robert Smith wrote:
> Hello,

Hey,

> Regarding this CVE:
> 
> https://curl.se/docs/CVE-2023-38039.html
> 
> Is there any plan to update Git for Windows to include the updated 8.3.0 Curl binaries?

The Git project doesn't ship any binaries at all, and we don't ship
curl.  Git for Windows does ship a substantial amount of other software,
including curl.  You can find their issue tracker at
https://github.com/git-for-windows/git/issues, but I believe this has
already been fixed in https://github.com/git-for-windows/git/issues/4605
and will be included in the next version.

I'm not certain about their release policy, but I seem to recall that
they don't issue updates for dependent packages until a new release
would normally be done.  To be certain, you'd have to inquire with them.
-- 
brian m. carlson (he/him or they/them)
Toronto, Ontario, CA

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux