Mastodawn

Today is two years since #curl passed its HTTP/3 security audit with flying colors:
"no major discoveries or security problems"

https://daniel.haxx.se/blog/2024/02/23/curl-http-3-security-audit/

curl HTTP/3 security audit

An external security audit focused especially on curl's HTTP/3 components and associated source code was recently concluded by Trail of Bits. In particular on the HTTP/3 related curl code that uses and interfaces the ngtcp2 and nghttp3 libraries, as that is so far the only HTTP/3 backend in curl that is not labeled as experimental. … Continue reading curl HTTP/3 security audit →

daniel.haxx.se

daniel:// stenberg://10h ago

The #curl project is soon going to move away from GitHub again for its security reporting. It simply doesn't work the way we need it to. Proper announcement will follow in the near future.

Radio_Azureus 1d ago

Current weather in Nieuw Amsterdam SR SA with the grace of wttr.in curl {ba{c{k{z{fi}}}}}sh and the cool lolcat

curl -v wttr.in/nieuw_amsterdam_suriname|lolcat

Background photograph composed in Fluorescent filtered light in PBM SR SA

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:04 --:--:-- 0* Host wttr.in:80 was resolved.

IPv6: (none)
IPv4: 5.9.243.187
Trying 5.9.243.187:80...0 0 0 0 0 0 0 0 --:--:-- 0:00:06 --:--:-- 0* Connected to wttr.in (5.9.243.187) port 80
using HTTP/1.xGET /nieuw_amsterdam_suriname HTTP/1.1Host: wttr.inUser-Agent: curl/8.14.1Accept: /

Request completely sent off0 0 0 0 0 0 0 0 --:--:-- 0:00:08 --:--:-- 0< HTTP/1.1 200 OK< Access-Control-Allow-Origin: *< Content-Length: 8991< Content-Type: text/plain; charset=utf-8< Date: Sun, 22 Feb 2026 19:48:43 GMT< { [1237 bytes data]100 8991 100 8991 0 0 1038 0 0:00:08 0:00:08 --:--:-- 1838
Connection #0 to host wttr.in left intact

#Weather #wttr #lolcat #curl #meteorology #Physics #Chemistry #Mathematics #lineair #algebra #technology #OpenSource #programming #POSIX #technology

daniel:// stenberg://1d ago

I'm doing another #curl sticker distribution run in Oslo in March at NDC Security.

As a small side-thing I will also do a talk there https://ndcsecurity.com/agenda/three-decades-of-curl-0ugm/0m55j1o34kp

Three decades of curl | NDC Security Oslo 2026

Curl is a ubiquitous Internet transfer engine. An Open Source client-side library for doing internet transfers specified as URLs.

NDC

Show thread

Kevin Karhan

1d ago

@igwigg weil #curl "langweilig" und gut ist!

#shitpost

daniel:// stenberg://1d ago

After the next #curl release something big happens: we will drop support for a protocol: RTMP.

https://github.com/curl/curl/pull/20673

rtmp: drop support by bagder · Pull Request #20673 · curl/curl

librtmp has no test cases, makes no proper releases and has not had a single commit within the last year librtmp parses the URL itself and requires non-compliant URLs for this we have no RTMP t...

GitHub