Being clear and transparent when things go wrong is essential to learn from those mistakes and put it right. The write up of the recent Curl CVE by @bagder and the associated discussion around the bug itself are a great example of this happening in the open: https://daniel.haxx.se/blog/2023/10/11/how-i-made-a-heap-overflow-in-curl/
↧