cURL CVE-2023-38545

Oct 17, 2023

The cURL project has recently published a security advisory for CVE-2023-38545. This vulnerability affects the SOCKS5 proxy feature of cURL. The advisory’s recommendations are: A - Upgrade curl to version 8.4.0 B - Apply the patch to your local version C - Do not use CURLPROXY_SOCKS5_HOSTNAME proxies with curl D - Do not set a proxy environment variable to socks5h:// Bitrise stacks # Bitrise stacks ship with the curl CLI tool, as well as the libcurl package on Linux. ...

Upcoming stack changes for Xcode 14 and 15

Sep 8, 2023

According to our stack update policy release of Xcode 15 GA means we’ll be transitioning our current Edge stacks to the matching Stable stacks. This could present breaking changes for some workflows. Ruby # The default version doesn’t change effectively (still 3.2.2), but it’s set as 3.2. It’s a special alias version that always points to the latest available patch version of Ruby 3.2.x. We recommend declaring one of the major. ...

About announcements

Jul 14, 2023

This category is for important upcoming changes that you should be aware of. Examples: stack deprecations stack removals upcoming breaking changes security updates