Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: Above and beyond 32 protocols
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Wed, 29 Sep 2021 23:22:17 +0200 (CEST)
On Wed, 29 Sep 2021, Olivier Delhomme wrote:
> I was speaking of maintaining already released versions with security
> patches. May be choosing whether to integrate a fix or upgrade to a newer
> version is a task that belongs to the one that distributes libcurl. Finally
> there is no need to distinguish between security patch upgrades and feature
> upgrade because the latter can be done transparently.
Users of libcurl version X can always upgrade to version X+1 with all the
features and functionality intact. Version X+1 includes security fixes to all
problems reported in version X. By that definition we already "maintain
released versions" for way longer than seven years.
But yes, libcurl distributors work their butts off to backport patches into
older curl versions so that they can tell their users they're still on version
X but with all the known security problems in X fixed.
Date: Wed, 29 Sep 2021 23:22:17 +0200 (CEST)
On Wed, 29 Sep 2021, Olivier Delhomme wrote:
> I was speaking of maintaining already released versions with security
> patches. May be choosing whether to integrate a fix or upgrade to a newer
> version is a task that belongs to the one that distributes libcurl. Finally
> there is no need to distinguish between security patch upgrades and feature
> upgrade because the latter can be done transparently.
Users of libcurl version X can always upgrade to version X+1 with all the
features and functionality intact. Version X+1 includes security fixes to all
problems reported in version X. By that definition we already "maintain
released versions" for way longer than seven years.
But yes, libcurl distributors work their butts off to backport patches into
older curl versions so that they can tell their users they're still on version
X but with all the known security problems in X fixed.
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://curl.se/support.html -- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2021-09-29