curl 7.78

curl: Unpreserved file permissions

curl: POST following PUT confusion

curl: TELNET option IAC injection

curl: use-after-free and double-free in MQTT sending

curl: HSTS ignored on multiple requests

curl: SFTP path ~ resolving discrepancy

HTTP/2 push headers memory-leak

curl: OAUTH2 bearer bypass in connection re-use

curl: HTTP proxy double-free

curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols

curl: bad local IPv6 connection reuse

curl: CERTINFO never-ending busy-loop

curl: TLS and SSH connection too eager reuse

curl: HSTS bypass via IDN

curl: HSTS bypass via IDN

gzip integer overflow

wrong proxy connection reuse with credentials

bad reuse of HTTP Negotiate connection

curl: auth/cookie leak on redirect

curl: HTTP compression denial of service

curl: HSTS amnesia with --parallel

curl: HTTP multi-header compression denial of service

curl: information disclosure by exploiting a mixed case flaw

OCSP stapling bypass with GnuTLS

broken TLS options for threaded LDAPS

HSTS subdomain overwrites parent cache entry

curl: Server responses received before STARTTLS processed after TLS handshake

curl: FTP-KRB bad message verification

curl: Use-after-free triggered by an HTTP proxy deny response

curl: siglongjmp race condition may lead to crash

curl: IDN wildcard match may lead to Improper Cerificate Validation

curl: credential leak on redirect

curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies

curl: curl: Information disclosure due to incorrect TLS connection reuse

token leak with redirect and netrc

libssh global known_hosts override

bearer token leak on cross-protocol redirect

curl: more POST-after-PUT confusion

missing SFTP host verification with wolfSSH

curl: Set-Cookie denial of service

curl: Incorrect handling of control code characters in cookies

netrc and default credential leak

netrc and redirect credential leak

libssh key passphrase bypass without agent set