txt.sour.is osnews@feeds.twtxt.net "The Apple curl security incident 12604 When this command line option is used with curl on macOS, the version shipped by Apple, it seems to fall ..."

feeds.twtxt.net

The Apple curl security incident 12604
When this command line option is used with curl on macOS, the version shipped by Apple, it seems to fall back and checks the system CA store in case the provided set of CA certs fail the verification. A secondary check that was not asked for, is not documented and plain frankly comes completely by surprise. Therefore, when a user runs the check with a trimmed and dedicated CA cert file, it will not fail if the system CA store contains a cert that can ver … ⌘ Read more

⤋ Read More