gzip integer overflow
=
Project curl Security Advisory, February 5th 2025 -
[Permalink](https://curl.se/docs/CVE-2025-0725.html)
VULNERABILITY
-
When libcurl is asked to perform automatic gzip decompression of
content-encoded HTTP responses with the `CURLOPT_ACCE
netrc and default credential leak
==
Project curl Security Advisory, February 5th 2025 -
[Permalink](https://curl.se/docs/CVE-2025-0167.html)
VULNERABILITY
-
When asked to use a `.netrc` file for credentials **and** to follow HTTP
redirects, curl coul
eventfd double close
Project curl Security Advisory, February 5th 2025 -
[Permalink](https://curl.se/docs/CVE-2025-0665.html)
VULNERABILITY
-
libcurl would wrongly close the same eventfd file descriptor twice when taking
down a connection channel after having co
Hi friends,
I'm happy to announce a brand new curl release. This time in association with
three separate security advisories that will follow shortly.
Get this curl version as always from https://curl.se/
curl and libcurl 8.12.0
Public curl releases: 264
Command line options:
