curl 7.74.0 is released with experimental HSTS support. The 196th curl release has 107 bug-fixes, including three fixed vulnerabilities. 46 contributors (22 mew) made this in 56 days, out of which 22 were authors (8 new). https://daniel.haxx.se/blog/2020/12/09/curl-7-74-0-with-hsts/
At 9:00 UTC today, Dec 9, you can see the live-streamed curl 7.74.0 release presentation with me going through the highlights and digging into some details on what's new and special with this release. https://www.twitch.tv/curlhacker
CVE-2020-8284: A malicious server can use a `PASV` response to trick curl into connecting to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed. https://curl.se/docs/CVE-2020-8284.html
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!