curl user poll 2015 analysis May 26 2015
The 30 page document with all details and analyses of the curl user poll 2015 is now available. It shows details of all the questions, most of them with a comparison with last year’s survey. The write-ins are also full of good advice, wisdom and some signs of ignorance or unawareness.
curl and libcurl 7.42.1 April 29 2015
The curl team proudly presents another curl and libcurl relese: version 7.42.1. Read up on all the changes and bug fixes in the changelog.
This release comes bundled another security advisory: CVE-2015-3153: sensitive HTTP server headers also sent to proxies.
curl and libcurl 7.42.0 April 22 2015
The curl team proudly presents another curl and libcurl relese: version 7.42.0. Read up on all the changes and bug fixes in the changelog.
This release comes bundled with no less than four different security advisories:
becoming more github friendly March 2 2015
We're trying to lower barriers and friction for newcomers. We have a new positive attitude to pull requests and issues filed directly at github. Welcome!
Existing hackers: consider clicking 'watch' on that repo to get notified.
curl and libcurl 7.41.0 February 25 2015
The curl team proudly presents another curl and libcurl relese: version 7.41.0. Read up on all the changes and bug fixes in the changelog.
Enhanced vulnerability overview January 9 2015
The vulnerability table on the web site has gotten an overhaul. It is the complete list of all published curl vulnerabilities together with which curl versions that are vulnerable.
The new layout is much smaller HTML, and it now features links to specific summaries for each individual curl release through the history. Each summarizing its own vulnerability situation.
curl and libcurl 7.40.0 January 8 2015
The curl team proudly presents another curl and libcurl relese: version 7.40.0. Read up on all the changes and bug fixes on the changes page.
videos on curl front page November 28 2014
The front page is now slightly modified to provide a fixed slot for the weekly (or so) videos made by Daniel.
Thanks page remake November 6 2014
The THANKS page,crediting all the people that have helped out in the project, has just gotten a little overhaul and now features a completely new look. We also made some extra efforts and removed some duplicate names from it, which explains why the amount of names went down somewhat.
Of course, if you think you are wrongly missing from the list of names, please tell us. We truly believe in giving proper credit!
curl and libcurl 7.39.0 November 5 2014
The curl team proudly presents another curl and libcurl relese: version 7.39.0. Read up on all the changes and bug fixes on the changes page.
We also publish a security advisory in association with this release. See CVE-2014-3707.
curl is no POODLE October 17 2014
curl is not affected by the POODLE attack. Described further in Daniel's blog post: curl is no POODLE
Random curl info October 10 2014
Recent posts (off-site) by Daniel about curl and libcurl stuff:
internal timers and timeouts of libcurl - It is time to take a deep dive into the libcurl internals and see how it handles timeouts and timers.
Coverity scan defect density: 0.00 - I cleared off all the pending issues and we're now at zero defects left reported.
A day in the curl project - An overview and look to what I spend all the time on in the curl project.
Video: daniel.haxx.se episode 5 - my continued series of weekly updates of my doings in the open source world.
Daniel Youtubes about curl September 15 2014
Daniel (curl project leader) is doing a video series about what he's working on at the moment. They are 5-7 minutes each, are posted weekly and include lots of details of what's been happening in the curl project.
curl and libcurl 7.38.0 September 10 2014
The curl team proudly presents a new and shiny curl and libcurl relese: version 7.38.0. Read up on all the changes and bug fixes on the changes page.
RSA-1024 cacert cleanups September 5 2014
Mozilla has recently removed weak certs from the CA certs bundle. Weak, in the meaning that they used 1024 bit RSA.
If you download the latest cacert bundle from the link above right now, you'll see that s3.amazonaws.com sites no longer gets verified fine. I guess that it goes for a few other sites too.
curl and libcurl 7.37.1 July 16 2014
Another eight week cycle loops and the curl team proudly presents a new and shiny curl and libcurl relese: version 7.37.1. Read up on all the changes and bug fixes on the changes page.
curl and libcurl survey results June 13 2014
The results from the 2014 survey is now published.
These are the "raw" numbers, analysis and conclusions drawn from this are left to do. Join in and tell us what you think this means!
poll: curl and libcurl usage and project details June 2 2014
The curl project runs the curl and libcurl 2014 poll, asking for your input and feedback on a set of questions around the project, its present and its future.
Feel free to share this link to others who may have a relevant opinion.
The poll is open until midnight June 11th (central european time).
curl and libcurl 7.37.0 May 21 2014
The curl team proudly presents another new and shiny curl and libcurl relese: version 7.37.0. Read up on all the changes and bug fixes on the changes page.
CA bundle over HTTPS May 8 2014
Our CA extract service is very popular to download Mozilla's CA cert bundle in PEM format. Starting now, we also provide a proper HTTPS download link for users who want to be sure there's no foul play going on during the download.
The HTTPS download is provided via github so it will also provide an alternative hosting site for cases where one or the other has problems. Since there's a chicken-and-egg problem with TLS and CA certs, we still offer the same download URL as before over plain HTTP as well.
Thank you for flying curl.
a curl wiki April 25 2014
To enhance everyone's ability to contribute with docs, examples, good ideas and other curl related information we've enabled a curl wiki over at github.
It is a bit of a test. Is there user interest enough to add content and provide info here?
curl and proxy headers April 8 2014
curl and libcurl offer options to specify HTTP proxy headers separate from origin server headers in next version.
curl and libcurl 7.36.0 - and four security advisories! March 26 2014
The curl team proudly presents curl and libcurl 7.36.0. Read up on all the changes and bug fixes on the changes page.
Security advisories released today:
http2 and --next in curl March 15 2014
A few days ago, Daniel blogged about http2 in curl, how it works, what to expect and more. Also, a separate explanation of the upcoming new --next option.
curl and libcurl 7.35.0 January 29 2014
The curl team proudly presents the first release of the year: curl and libcurl 7.35.0. Read up on all the changes and bug fixes on the changes page.
Extra attention should be put on the security advisory we announce today.
You'll find some of the older news here.