Curl will not accept vulnerability reports during July 2026
5 hours ago
- #open source
- #security
- #maintenance
- curl project will not accept vulnerability reports during July 2026, calling it the 'curl summer of bliss'.
- Hackerone submission form and security email will be paused from July 1 to August 3, 2026, with no processing of reports.
- Maintainers will use the break for rest, bug fixes, and new code, and release 8.22.0 is delayed to September 2, 2026.
- GitHub issue and pull-request trackers remain open, and paid support contracts will still receive service during this period.