CVE-2025-0725

Signed-off-by: Xe Iaso <[email protected]>

lume/src/shitposts/no-way-to-prevent-this/CVE-2025-0725.md

@@ -0,0 +1,20 @@
+---
+title: '"No way to prevent this" say users of only language where this regularly happens'
+date: 2025-02-05
+series: "no-way-to-prevent-this"
+type: blog
+hero:
+  ai: "Photo by Andrea Piacquadio, source: Pexels"
+  file: sad-business-man
+  prompt: A forlorn business man resting his head on a brown wall next to a window.
+---
+
+In the hours following the release of [CVE-2025-0725](https://curl.se/docs/CVE-2025-0725.html) for the project [curl](https://curl.se/), site reliability workers
+and systems administrators scrambled to desperately rebuild and patch all their systems to fix a buffer overflow involving malformed gzip streams when you are using a 21 year old version of zlib. This is due to the affected components being
+written in C, the only programming language where these vulnerabilities regularly happen. "This was a terrible tragedy, but sometimes
+these things just happen and there's nothing anyone can do to stop them," said programmer Miss Josianne Wisozk, echoing statements
+expressed by hundreds of thousands of programmers who use the only language where 90% of the world's memory safety vulnerabilities have
+occurred in the last 50 years, and whose projects are 20 times more likely to have security vulnerabilities. "It's a shame, but what can
+we do? There really isn't anything we can do to prevent memory safety vulnerabilities from happening if the programmer doesn't want to
+write their code in a robust manner." At press time, users of the only programming language in the world where these vulnerabilities
+regularly happen once or twice per quarter for the last eight years were referring to themselves and their situation as "helpless."