|
|
|
|
|
|
by rkangel
1941 days ago
|
|
|
Which is why the word 'incremental' is key here. They didn't rewrite the whole of cURL - they rewrote a key component. Yes, ideally the whole program would be rewritten but security is not about absolutes. For a manageable amount of effort they have reduced the attack surface significantly. |
|
|