> Especially since it appears there is a solution if you truly need a fix.
replyIf you ever really need anything fixed in the open source world, there is always the option of doing it yourself
Yes - and realistically, if you're $BIGCO who's shipped a billion devices with some obscure curl vulnerability you just discovered, then the hard part is going to be rolling out a patch to all of them anyway, which is still a 'you' problem.
replyIn 2026 there is a considerably cheaper/quicker solution, but that in no way invalidates OSS maintainers' right to enjoy a summer vacation without interruption.
reply