Older events - things that happened earlier in the project
Stuff "gets moved here" from the news page, so some of the links on this page are more likely than others not to work anymore. I still think this page may be of value and I just want you to be aware of this fact. Use the search field to find working pages with similar info.
curl and libcurl 7.58.0 January 24 2018
Pay special attention to the two security vulnerabilities fixed in this version: CVE-2018-1000005 and CVE-2018-1000007
curl and libcurl 7.57.0 November 29 2017
Pay special attention to the three security vulnerabilities fixed in this version: CVE-2017-8816, CVE-2017-8817 and CVE-2017-8818.
curl and libcurl 7.56.1 October 23 2017
Pay special attention to the CVE-2017-1000257 security vulnerability we fixed.
curl and libcurl 7.56.0 October 4 2017
Pay special attention to the CVE-2017-1000254 security vulnerability we fixed.
curl and libcurl 7.55.1 August 14 2017
curl and libcurl 7.54.1 June 14 2017
Pay special attention to the CVE-2017-9502 security vulnerability we fixed.
curl and libcurl 7.54.0 April 19 2017
Pay special attention to the CVE-2017-7468 security vulnerability we fixed.
curl and libcurl 7.53.1 February 24 2017
We did this patch release this soon after our previous version primarily to address a build error that caused people on Windows some annoyances.
curl and libcurl 7.53.0 February 22 2017
Pay special attention to the CVE-2017-2629 security vulnerability we fixed.
curl and libcurl 7.52.1 December 23 2016
We hurried out this release due to the security vulnerability we found in 7.52.0.
curl and libcurl 7.52.0 December 21 2016
Pay special attention to the new security vulnerabilities.
curl and libcurl 7.51.0 November 2 2016
Pay special attention to the new security vulnerabilities.
curl and libcurl 7.50.3 September 14 2016
Pay special attention to the new security vulnerability CVE-2016-7167.
curl and libcurl 7.50.2 September 7 2016
curl and libcurl 7.50.1 August 3 2016
curl and libcurl 7.50.0 July 21 2016
Windows DLL hijacking May 30 2016
curl and libcurl 7.49.1 May 30 2016
curl and libcurl 7.49.0 May 18 2016
TLS certificate check bypass with mbedTLS/PolarSSL May 18 2016
curl and libcurl 7.48.0 March 23 2016
curl and libcurl 7.47.1 February 8 2016
git repo moved on github February 3 2016
web site over HTTPS January 29 2016
curl and libcurl 7.47.0 January 27 2016
This release comes bundled with two security advisories: CVE-2016-0754: local drive traversal when saving file on Windows and CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use.
curl and libcurl 7.46.0 December 2 2015
This is the 150th release counted from the beginning!
curl and libcurl 7.45.0 October 7 2015
curl HTTP cheat sheet September 24 2015
Help us improve it! It will most probably move into the curl site umbrella at some point.
curl and libcurl 7.44.0 August 12 2015
[SECURITY NOTICE] libidn with bad UTF8 input June 29 2015
Release archives over HTTPS June 29 2015
Enjoy!
ISP blacklisted by Spamhaus June 18 2015
We have a fixed IP and we've done nothing wrong here, but apparently collective punishment is a method.
daniel weekly 37 June 17 2015
curl and libcurl 7.43.0 June 17 2015
This release comes bundled with two security advisories: CVE-2015-3236: lingering HTTP credentials in connection re-use and CVE-2015-3237: SMB send off unrelated memory contents.
daniel weekly 36 June 9 2015
daniel weekly 35 June 3 2015
curl user poll 2015 analysis May 26 2015
curl and libcurl 7.42.1 April 29 2015
This release comes bundled another security advisory: CVE-2015-3153: sensitive HTTP server headers also sent to proxies.
curl and libcurl 7.42.0 April 22 2015
This release comes bundled with no less than four different security advisories:
becoming more github friendly March 2 2015
Existing hackers: consider clicking 'watch' on that repo to get notified.
curl and libcurl 7.41.0 February 25 2015
Enhanced vulnerability overview January 9 2015
The new layout is much smaller HTML, and it now features links to specific summaries for each individual curl release through the history. Each summarizing its own vulnerability situation.
For example, you can look at the vulnerability situation for curl 7.37.0 as well as all the others - back to 6.0, released in 1999.
curl and libcurl 7.40.0 January 8 2015
We also publish two security advisories in association with this release. See CVE-2014-8151 and CVE-2014-8150 for all the details.
videos on curl front page November 28 2014
Thanks page remake November 6 2014
Of course, if you think you are wrongly missing from the list of names, please tell us. We truly believe in giving proper credit!
curl and libcurl 7.39.0 November 5 2014
We also publish a security advisory in association with this release. See CVE-2014-3707.
curl is no POODLE October 17 2014
Random curl info October 10 2014
internal timers and timeouts of libcurl - It is time to take a deep dive into the libcurl internals and see how it handles timeouts and timers.
Coverity scan defect density: 0.00 - I cleared off all the pending issues and we're now at zero defects left reported.
A day in the curl project - An overview and look to what I spend all the time on in the curl project.
Video: daniel.haxx.se episode 5 - my continued series of weekly updates of my doings in the open source world.
Daniel Youtubes about curl September 15 2014
curl and libcurl 7.38.0 September 10 2014
This time we also publish two HTTP cookie related security advisories in association with this release. See CVE-2014-3613 and CVE-2014-3620.
RSA-1024 cacert cleanups September 5 2014
If you download the latest cacert bundle from the link above right now, you'll see that s3.amazonaws.com sites no longer gets verified fine. I guess that it goes for a few other sites too.
curl and libcurl 7.37.1 July 16 2014
curl and libcurl survey results June 13 2014
These are the "raw" numbers, analysis and conclusions drawn from this are left to do. Join in and tell us what you think this means!
poll: curl and libcurl usage and project details June 2 2014
Feel free to share this link to others who may have a relevant opinion.
The poll is open until midnight June 11th (central European time).
curl and libcurl 7.37.0 May 21 2014
CA bundle over HTTPS May 8 2014
The HTTPS download is provided via github so it will also provide an alternative hosting site for cases where one or the other has problems. Since there's a chicken-and-egg problem with TLS and CA certs, we still offer the same download URL as before over plain HTTP as well.
Thank you for flying curl.
a curl wiki April 25 2014
It is a bit of a test. Is there user interest enough to add content and provide info here?
curl and proxy headers April 8 2014
curl and libcurl 7.36.0 - and four security advisories! March 26 2014
Security advisories released today:
http2 and --next in curl March 15 2014
curl and libcurl 7.35.0 January 29 2014
Extra attention should be put on the security advisory we announce today.
curl and libcurl 7.34.0 December 17 2013
Extra attention should be put on the security advisory we announce today.
SECURITY ADVISORY: libcurl cert name check ignore November 15 2013
curl in Mac OS X Mavericks 10.9 October 23 2013
curl and libcurl 7.33.0 October 14 2013
curl and libcurl 7.32.0 August 12 2013
dotdot removal in libcurl July 30 2013
curl and libcurl 7.31.0 June 22 2013
Extra attention should be put on the libcurl URL decode buffer boundary flaw security advisory we've announced today.
curl and libcurl 7.30.0 April 12 2013
Extra attention should be put on the libcurl cookie domain tailmatch security advisory we've announced today.
Using libcurl in MSVC document updated March 30 2013
Why no curl 8 March 23 2013
Why no curl 8 (takes you to Daniel's blog)
curl and libcurl 7.29.0 February 6 2013
Extra attention should be put on the libcurl SASL buffer overflow vulnerability advisory we've announced today.
internally we are all multi now! January 18 2013
mk-ca-bundle man page January 5 2013
The curl year 2012 December 23 2012
Refreshed bug-tracker! December 13 2012
The bug number sequence is modified, the mail notifications are different, the comments are threaded etc.
Submit your bug reports and your comments to see for yourself!
curl and libcurl 7.28.1 November 20 2012
curl and libcurl 7.28.0 October 10 2012
New guide to building libcurl with Visual Studio 2010 August 12 2012
curl and libcurl 7.27.0 July 27 2012
curl and libcurl 7.26.0 May 24 2012
curl and libcurl 7.25.0 March 22 2012
win32 download site down February 23 2012
Some of the win32 downloads are now hosted by curl.se as a temporary mirror until Gunter is able to bring the site back in all its glory.
Please remember that we rely on and are thankful to the individuals who voluntarily help us build and offer binary packages.
curl and libcurl 7.24.0 January 24 2012
Note especially that 7.24.0 fixes two separate security vulnerabilities: data injection attack for certain protocols and SSL CBC IV vulnerability when built to use OpenSSL
curl and libcurl 7.23.1 November 17 2011
Yes, if you're already on 7.23.0 this upgrade only makes sense if you're using the curl tool on windows.
curl and libcurl 7.23.0 November 15 2011
curl meetup at FOSDEM 4-5 Feb 2012 September 15 2011
Read the full announcement on Daniel's blog
Please speak up if you want to come!
curl and libcurl 7.22.0 September 13 2011
curl and libcurl 7.21.7 June 23 2011
Also note this security advisory!
curl and libcurl 7.21.6 April 22 2011
HTTPS over HTTP proxy bug - in 7.21.5 April 20 2011
Thanks to Josue Andrade Gomes for reporting this
curl and libcurl 7.21.5 April 17 2011
curl and libcurl 7.21.4 February 17 2011
curl and libcurl 7.21.3 December 15 2010
curl and libcurl 7.21.2 October 13 2010
Brand new Development section October 9 2010
Starting now, we have Development section of this web site that is dedicated for all curl and libcurl hackers that work on improving our project.
As a consequence, we've also moved a bunch of pages into the dev section to make the "users" sections (for the curl tool and for libcurl) cleaner and more focused on what I suspect web users are looking for.
If you find errors or other things you think we should do to make this even better, just speak up!
curl and libcurl 7.21.1 August 11 2010
curl and libcurl 7.21.0 June 16 2010
The minor number bump was made because of the many protocol-related improvements this time: added support for RTMP, improved TELNET ability, added support for FTP wildcard matching, brand new LDAP code and more.
curl and libcurl 7.20.1 April 14 2010
Twelve years old and time for git March 20 2010
Our project is now officially 12 years old.
We switched to using git for source code control. The transition is not yet complete and the old CVS repository is still around and even possible to commit to, but development has started on the git repo now.