[SECURITY NOTICE] libidn with bad UTF8 input June 29 2015
Release archives over HTTPS June 29 2015
ISP blacklisted by Spamhaus June 18 2015
We have a fixed IP and we've done nothing wrong here, but apparently collective punishment is a method.
daniel weekly 37 June 17 2015
curl and libcurl 7.43.0 June 17 2015
This release comes bundled with two security advisories: CVE-2015-3236: lingering HTTP credentials in connection re-use and CVE-2015-3237: SMB send off unrelated memory contents.
daniel weekly 36 June 9 2015
daniel weekly 35 June 3 2015
curl user poll 2015 analysis May 26 2015
curl and libcurl 7.42.1 April 29 2015
This release comes bundled another security advisory: CVE-2015-3153: sensitive HTTP server headers also sent to proxies.
curl and libcurl 7.42.0 April 22 2015
This release comes bundled with no less than four different security advisories:
becoming more github friendly March 2 2015
Existing hackers: consider clicking 'watch' on that repo to get notified.
curl and libcurl 7.41.0 February 25 2015
Enhanced vulnerability overview January 9 2015
The new layout is much smaller HTML, and it now features links to specific summaries for each individual curl release through the history. Each summarizing its own vulnerability situation.
curl and libcurl 7.40.0 January 8 2015
videos on curl front page November 28 2014
Thanks page remake November 6 2014
Of course, if you think you are wrongly missing from the list of names, please tell us. We truly believe in giving proper credit!
curl and libcurl 7.39.0 November 5 2014
We also publish a security advisory in association with this release. See CVE-2014-3707.
curl is no POODLE October 17 2014
Random curl info October 10 2014
internal timers and timeouts of libcurl - It is time to take a deep dive into the libcurl internals and see how it handles timeouts and timers.
Coverity scan defect density: 0.00 - I cleared off all the pending issues and we're now at zero defects left reported.
A day in the curl project - An overview and look to what I spend all the time on in the curl project.
Video: daniel.haxx.se episode 5 - my continued series of weekly updates of my doings in the open source world.
Daniel Youtubes about curl September 15 2014
curl and libcurl 7.38.0 September 10 2014
RSA-1024 cacert cleanups September 5 2014
If you download the latest cacert bundle from the link above right now, you'll see that s3.amazonaws.com sites no longer gets verified fine. I guess that it goes for a few other sites too.
curl and libcurl 7.37.1 July 16 2014
curl and libcurl survey results June 13 2014
These are the "raw" numbers, analysis and conclusions drawn from this are left to do. Join in and tell us what you think this means!
poll: curl and libcurl usage and project details June 2 2014
Feel free to share this link to others who may have a relevant opinion.
The poll is open until midnight June 11th (central european time).
You'll find some of the older news here.