Thanks to Calvin Ruocco, Dan Fandrich, Daniel Stenberg, denandz on github, Ethan Everett, Jacob Mealey, Jeremy Drake, Jeroen Ooms, John Bampton, Kadambini Nema, Michael Kaufmann, Rasmus Melchior Jacobsen, Ray Satiro, Samuel Henrique, Stefan Eissing, Viktor Szakats, x-xiang on github, Yedaya Katsman, Yuyi Wang, z2_
This is a patch-release done only a week since the previous version with no changes merged only bugfixes. Because some of the regressions in 8.14.0 were a little too annoying to leave unattended for a full cycle.
On Cygwin, it is unsafe to call POSIX functions from DllMain, which OPENSSL_thread_stop does. Additionally, it should be unnecessary as OpenSSL uses pthread_key_create to register a thread destruc...
If I'm going to be totally honest: implementing anything in #curl is about fourteen times easier and more fun than the thread- and object-spaghetti that is #Firefox code... But don't tell anyone I said this.
I did this Tried to download a resource with --http2 parameter. I expected the following The Windows build, available via winget (winget install cURL.cURL), has neither HTTP/2 nor HTTP/3 (QUIC) sup...
Hi everyone! I started working on a Network.framework backend for curl a bit ago.
I had a few motivations for writing this:
Wanting to use curl with system SSL without compiling anything on iOS/wa...
#curl and its website feature no trackers, no cookies, no ads, no website analytics, no telemetry, no logs. We truly don't know you and what you do with curl - unless you tell us in our annual survey.
FTP is quite unique in the #curl collection of protocols due to its (weird) mandatory use of a separate TCP connection for the data transfer (and the fact that it can be setup in either direction, client to server or server to client) . It is complicated for users, for sysadmins and it is a complication in source code and internal curl TCP management as well.
So yeah, it also keeps causing us headaches to this day.
FTP is going out of style. The Chrome team has previously announced that they are deprecating and removing support for FTP. Mozilla also announced their plan for the deprecation of FTP in Firefox.
(Clearly a much better word than simplification.) I believe we generally accept the truth that we should write simple and easy to read code in order to make it harder to create bugs and cause security problems.
Missing sdk files to link to LibreSSL and nghttp2 on MacOS - GitHub - jeroen/apple-libressl-sdk: Missing sdk files to link to LibreSSL and nghttp2 on MacOS
Yes! curl user survey 2025 The time has come for you to once again do your curl community duty. Run over and fill in the curl user survey and tell us about how you use curl etc.
How can #OpenSource and #security be interconnected? What will be the future of funding the open source-dependent public digital infrastructure?
These and many other questions will guide the discussion of our panelists: 🔸@bagder from #cURL 🔸@melanierieback from @ros 🔸Matteo Mole from @EuropeanCyber SecurityOrganisation 🔸Nicholas Gates from @OpenForumEurope 🔸Mirko Boehm from #TheLinuxFoundation
Including the two new #curl CVEs, the share of all #curl CVEs that are "C mistakes" are now at 39.16%
A trend? A fluke? We need to give it another half-decade or so to be able to tell for sure.
(Flaws listed as "C mistakes" are vulnerabilities that we deem are likely to not have happened should we have used a memory-safe language rather than C)
Welcome to another curl release. Release presentation At 8:00 UTC (10:00 CEST), I do a live-streamed release presentation over at Twitch where I talk about all that is new in this release.
I chatted with @bagder about #Curl and the recent #AI happenings
It's always fun talking to Daniel, and I think there's a lot of good ideas in this one, especially on how to approach AI fueled contributions that aren't slop. And even suggestions on how to deal with slop contributions :)
Daniel Stenberg, the maintainer of Curl, discusses the increase in AI security reports that are wasting the time of maintainers. We discuss Curl’s new policy of banning the bad actors while establishing some pretty sane AI usage guidelines.
Had a small photo session to get some new material for the #curl release slide set for the release presentation tomorrow. Daisy the cat was not impressed.
