Community
    • Login

    Libcurl CVE-2023-38545 in updater

    Scheduled Pinned Locked Moved Security
    3 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      blundsteatcisco
      last edited by

      This is fixed in libcurl 8.4.0, which is out-- will you be updating to that dll soon?

      The file is C:\Program Files\Notepad++\updater\libcurl.dll
      Wiz says the detailed name of it is cpe:2.3:a:haxx:libcurl, current version 7.79.1, fixed versioin 8.4.0.

      I can’t post a link to nvd, sorry.

      PeterJonesP 1 Reply Last reply Reply Quote 2
      • PeterJonesP
        PeterJones @blundsteatcisco
        last edited by PeterJones

        @blundsteatcisco said in Libcurl CVE-2023-38545 in updater:

        This is fixed in libcurl 8.4.0, which is out-- will you be updating to that dll soon?
        … cpe:2.3:a:haxx:libcurl, current version 7.79.1

        The issue has been reported to the developer. It is up to him when it gets fixed.

        PeterJonesP 1 Reply Last reply Reply Quote 1
        • PeterJonesP
          PeterJones @PeterJones
          last edited by

          The issue has been reported to the developer. It is up to him when it gets fixed.

          The developer has committed a fix, updating to curl 8.4.0. The new libcurl.dll should be included in the next version of Notepad++ (presumably to be named v8.5.9).

          1 Reply Last reply Reply Quote 2
          • First post
            Last post
          The Community of users of the Notepad++ text editor.
          Powered by NodeBB | Contributors