Search
Items tagged with: Curl
If you're just Saturday Mastodoning and missed it before, we ship #curl 8.4.0 on Wednesday including a high severity vulnerability fix.
github.com/curl/curl/discussio…
Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 · curl/curl · Discussion #12026
We are cutting the release cycle short and will release curl 8.4.0 on October 11, including fixes for a severity HIGH CVE and one severity LOW. The one rated HIGH is probably the worst curl securit...GitHub
cURL: Infos zu "schlimmster Sicherheitslücke seit Langem" kommen am 11. Oktober
Der Gründer des cURL-Projekts kündigt die Veröffentlichung von Infos zu einer schweren Lücke in den Web-Requests-Tools für den kommenden Mittwoch an.Dr. Christopher Kunz (heise online)
I think an entry on curl.se/news.html should notify about the upcoming important release.
I originally went there to find out at which time on October the fix will be released. Can you at least name a time window?
#curl
If you've seen in the PR for #ECH in #curl and been curious what it is? github.com/curl/curl/pull/1192…
The browsers go all-in on it. Now #Firefox:
blog.mozilla.org/en/products/f…
Say (an encrypted) hello to a more private internet.
As web users, what we say and do online is subject to pervasive surveillance. Although we typically associate online tracking with ad networks and other thSarah Vasquez (The Mozilla Blog)
tests: Fix zombie processes left behind by FTP tests. by Herdinger · Pull Request #12020 · curl/curl
ftpserver.pl correctly cleans up spawned server processes, but forgets to wait for the shell used to spawn them. This is barely noticeable during a normal testrun, but causes process exhaustion and...GitHub
Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 · curl/curl · Discussion #12026
We are cutting the release cycle short and will release curl 8.4.0 on October 11, including fixes for a severity HIGH CVE and one severity LOW. The one rated HIGH is probably the worst curl securit...GitHub
nordicapis.com/interview-with-…
Interview With curl Founder Daniel Stenberg | Nordic APIs |
We ask Daniel Stenberg about the evolution of the Internet, the origins of curl, the open-source movement, his thoughts on Web3, and more...Bill Doerrfeld (Nordic APIs)
Today might be a good day to remind everyone that I can work on #curl full-time thanks to customers paying for support.
Today in my #inbox: someone emailed me the full #curl license text. With nothing extra. Just the exact text also found here: github.com/curl/curl/blob/mast…
Thank you!
youtu.be/V5vZWHP-RqU
Mastering the curl command line with Daniel Stenberg
The slides = https://www.slideshare.net/DanielStenberg7/mastering-the-curl-command-linepdf0:00 Mastering the curl command line0:16 Daniel Stenberg0:36 curl s...YouTube
The Internet Bug Bounty is the organization that funds all #curl bounties.
hackerone.com/internet-bug-bou…
The Internet Bug Bounty | HackerOne
The Internet Bug Bounty is a program for core net infrastructure & open source software. We reward hackers who uncover security vulnerabilities. Learn more!HackerOne
Daniel Stenberg
I talk about curl, open source, networking and stuff like that from my view and angle from my home in Stockholm, Sweden. I'm the lead developer of curl. I'm occasionally live-streaming curl development on twitch: https://www.twitch.YouTube
curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it · Issue #11475 · curl/curl
I ran a docker image to install RUN mkdir github-action-runner && cd github-action-runner && curl -O -L https://github.com/actions/runner/releases/download/v2.305.0/actions-runner-linux-x64-2.305.0...GitHub
curl.1 problem: missing link by jhauga · Pull Request #11464 · curl/curl
Resolves curl-www #270GitHub
curlhacker - Twitch
I'm Daniel Stenberg, maintainer and lead developer in the curl project. I stream curl related stuff. Release presentations, curl development and related topics.Twitch
Say hi to #curl 8.2.0 => daniel.haxx.se/blog/2023/07/19…
5 changes. 122 bugfixes. One security fix: CVE-2023-32001
wolfssl: Detect when TLS 1.2 support is not built into wolfssl by darktohka · Pull Request #11444 · curl/curl
Right now, when building curl with a wolfssl build that has TLS 1.2 disabled, the build fails with curl trying to find the TLSv1_2_client_method symbol. This PR adds a compile-time check to see if ...GitHub
I plan to do the definite "learning #curl the command line tool" video class on August 31: gist.github.com/bagder/253a236…
The agenda is still work in progress. I hope there's nothing obvious missing there?
Master curl in two hours. A video course by Daniel
Master curl in two hours. A video course by Daniel - curl-in-two-hours-agenda.mdGist
Bump nghttp2 from 1.55.0 to 1.55.1 by GrahamCampbell · Pull Request #11442 · curl/curl
See nghttp2/nghttp2#1930 for changes.GitHub
New Protocol: Gemini by jecxjo · Pull Request #11170 · curl/curl
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS…GitHub
I'm looking for someone who wants to implement this callback for #curl #websocket support: github.com/curl/curl/issues/11…
It might be the last missing feature before we can enable it (the websocket API) by default.
Websocket message callback is not called on connect · Issue #11402 · curl/curl
I did this I started with the websocket-cb example and connected to an echo websocket server for testing. I expected the following I expected the data callback to be called once the connection is e...GitHub
Secure transport: fix busy loop on EOF read by Natris · Pull Request #11427 · curl/curl
if EOF happens, socket is readable, SSLHandshake calls bio_cf_in_read; which interprets nread == 0 as errSSLWouldBlock, which leads to busy loop until timeout occurs or possibly write fails. I have...GitHub
"Alert: if you look up curl CVEs in public sources like NVD you will find they use inflated severity levels and CVSS scores. They think they know better and override our assessments. This is a systemic error that we unfortunately cannot fix. Feel free to complain to them - we keep doing it to no use - and consider using our material as the canonical sources for curl issues. "
Quote from curl.se/docs/security.html #curl
http2: send HEADER & DATA together if possible by peppapighs · Pull Request #11420 · curl/curl
This PR is based on the conversation here. When sending an HTTP/2 POST request, curl will always defer request body to a different TLS record (if SSL/TLS is enabled) and TCP packet. This problem is...GitHub
Update imap-append.c by Margu86 · Pull Request #11397 · curl/curl
Updated example as suggested by @bohwaz in #10300 So this fixes #10300GitHub
tool: correct `easysrc_perform` with `CURL_DISABLE_LIBCURL_OPTION` by BrianNixon · Pull Request #11398 · curl/curl
Remove unneeded macro parameter to match function and avoid compiler warningGitHub
If you are looking for a basic first thing to implement for #curl, maybe this could be it?
"Allow --write-out output to be written to a file" ?
github.com/curl/curl/discussio…
Allow --write-out output to be written to a file · curl/curl · Discussion #11400
I would find it useful to have a way to cause the --write-out output of the curl tool to be written to a file instead of stdout or stderr which may both be in use for other purposes. One way to ach...GitHub
doc: Add missing open parenthesis in `curl_easy_nextheader` examples by jviotti · Pull Request #11409 · curl/curl
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS…GitHub