daniel:// stenberg://Switching away from Hackerone is not a guarantee... Here we go.
George,
This was pure stupidity from your part (including your AI) and was nothing but rude and pointless.
Please never contact us again.
the guy and his AI found three uses of memcmp() in TLS code and insisted it was a "CRITICAL" side-channel security vulnerability.
A 2-second check of those three uses told us it was not real.
byebye George
Klaus FrankBut memcmp is evil /s
*insert child screaming and shitting all over the ceiling picture here*