• Login
Community
  • Login

Libcurl CVE-2023-38545 in updater

Scheduled Pinned Locked Moved Security
3 Posts 2 Posters 1.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    blundsteatcisco
    last edited by Nov 15, 2023, 7:00 PM

    This is fixed in libcurl 8.4.0, which is out-- will you be updating to that dll soon?

    The file is C:\Program Files\Notepad++\updater\libcurl.dll
    Wiz says the detailed name of it is cpe:2.3:a:haxx:libcurl, current version 7.79.1, fixed versioin 8.4.0.

    I can’t post a link to nvd, sorry.

    P 1 Reply Last reply Nov 15, 2023, 7:30 PM Reply Quote 2
    • P
      PeterJones @blundsteatcisco
      last edited by PeterJones Nov 15, 2023, 7:32 PM Nov 15, 2023, 7:30 PM

      @blundsteatcisco said in Libcurl CVE-2023-38545 in updater:

      This is fixed in libcurl 8.4.0, which is out-- will you be updating to that dll soon?
      … cpe:2.3:a:haxx:libcurl, current version 7.79.1

      The issue has been reported to the developer. It is up to him when it gets fixed.

      P 1 Reply Last reply Nov 16, 2023, 8:22 PM Reply Quote 1
      • P
        PeterJones @PeterJones
        last edited by Nov 16, 2023, 8:22 PM

        The issue has been reported to the developer. It is up to him when it gets fixed.

        The developer has committed a fix, updating to curl 8.4.0. The new libcurl.dll should be included in the next version of Notepad++ (presumably to be named v8.5.9).

        1 Reply Last reply Reply Quote 2
        1 out of 3
        • First post
          1/3
          Last post
        The Community of users of the Notepad++ text editor.
        Powered by NodeBB | Contributors