Apple

555 readers

1 users here now

There are a couple of community rules in addition to the main instance rules.

All posts must be about Apple

Anything goes as long as it’s about Apple. News about other companies and devices is allowed if it directly relates to Apple.

No NSFW content

While lemmy.zip allows NSFW content this community is intended to be a place for all to feel welcome. Any NSFW content will be removed and the user banned.

If you have any comments or suggestions please message one of the moderators.

founded 1 year ago

MODERATORS

[email protected]

the Apple curl security incident 12604 (daniel.haxx.se)

submitted 7 months ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

On December 28 2023, bugreport 12604 was filed in the curl issue tracker. We get a lot issues filed most days so this fact alone was hardly anything out of the ordinary. We read the reports, investigate, ask follow-up questions to see what we can learn and what we need to address.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 6 points 7 months ago

Wait so without the option it checks against the system trust store and with the option it does exactly the same (but may also includes an additional CA if that was passed as the argument)?

This should be a cve. There is a security feature. It does not work as documented. That's a vulnerability. That should get a cve.

Wtf apple