daniel:// stenberg://

1 year ago

daniel:// stenberg://
1 year ago

#curl is a CNA

daniel.haxx.se/blog/2024/01/16…

Aka a work-around.

curl is a CNA | daniel.haxx.se

^{daniel.haxx.se}

#curl

Seirdy reshared this.

in reply to daniel:// stenberg://

Winni Neessen

in reply to daniel:// stenberg:// 1 year ago

Congrats!

in reply to daniel:// stenberg://

Markus Werle

in reply to daniel:// stenberg:// 1 year ago

Well deserved!

in reply to daniel:// stenberg://

Adam Piggott

in reply to daniel:// stenberg:// 1 year ago

There's something you didn't expect was necessary when you released curl into the wild.

in reply to Adam Piggott

daniel:// stenberg://

in reply to Adam Piggott 1 year ago

@proactiveservices oh that sweet innocent time... =)

@Adam Piggott

in reply to daniel:// stenberg://

Cassandrich

in reply to daniel:// stenberg:// 1 year ago

Well, that's one way to put a stop to bullshit CVEs. Congrats! 🎉

Unknown parent

daniel:// stenberg://

Unknown parent 1 year ago

how is it a conflict? you mean if someone wants to create a (valid) CVE and we can deny them that?

This entry was edited (1 year ago)

Unknown parent

@Man2Dev there is an appeals process for that. There are 350 other CNAs already. Try creating a CVE for a product for any big company's products for example. Who do you think will get the say then? Everyone runs their own CNA these days.

@Man2Dev

⇧

daniel:// stenberg:// 1 year ago • •

daniel:// stenberg://
1 year ago