Fresh curl tomorrow will patch 'worst' security flaw in ages
www.theregister.com
It’s bad, folks. Pair of CVEs incoming on October 11

“Curl 8.4.0 will hit at around 0600 UTC (0800 CEST, 0700 BST, 0200 EST, 2300 PDT) on October 11 and deal with CVE-2023-38545, which affects both libcurl and the curl tool, and CVE-2023-38546, which only affects libcurl…”