curl 8.20.0 has been released as the 274th release, featuring 8 changes, 282 bugfixes, and 521 commits over a 49-day cycle. Notably, this release patches 8 security vulnerabilities including credential leaks, connection reuse issues, and an OCSP stapling bypass. Key changes include a new thread pool for DNS resolution, NTLM and SMB disabled by default, dropped RTMP support, and dropped support for older CMake and c-ares versions. Future removals planned include local crypto implementations, NTLM, SMB, and TLS-SRP support.
Sort: