Curl will not accept vulnerability reports during July 2026
Curl will not accept vulnerability reports during July 2026
Curl 项目将在 2026 年 7 月期间暂停接收漏洞报告
The curl project will not accept or otherwise handle any vulnerability reports during the month of July 2026. We call it the curl summer of bliss. curl’s submission form on Hackerone will be paused starting July 1, 2026. Summer of bliss starts: July 1, 2026. 00:00 CEST Submissions resume: August 3 2026. 09:00 CEST The security email address will also be a dead end, as we will not process or otherwise care about security or vulnerability reports sent to us that way either. Whatever issue you find that you feel a need to report to the curl project during this month has to wait. curl’s Hackerone form opens for submissions again on Monday August 3. We do not accept vulnerability reports over email in general, and this fact remains during and after our vacation.
Curl 项目在 2026 年 7 月期间将不会接收或处理任何漏洞报告。我们将其称为“Curl 极乐之夏”(curl summer of bliss)。Curl 在 Hackerone 上的提交表单将于 2026 年 7 月 1 日起暂停。极乐之夏开始时间:2026 年 7 月 1 日 00:00 CEST;恢复提交时间:2026 年 8 月 3 日 09:00 CEST。安全邮箱地址也将处于“死胡同”状态,因为我们不会处理或关注通过该渠道发送给我们的安全或漏洞报告。无论您在此期间发现了什么需要向 Curl 项目报告的问题,都必须等待。Curl 的 Hackerone 表单将于 8 月 3 日星期一重新开放。我们通常不接受通过电子邮件提交的漏洞报告,这一原则在假期期间及之后依然有效。
Vacation for real The curl maintainers will use this time of less pressure to take in some extra air and to enjoy the summer. Maybe stroll outside a bit more. Breath. Some of us may spend some of this time to see other places. We may get some extra time to spend on fixing bugs or working on new code. Fun stuff!
真正的假期:Curl 的维护者们将利用这段压力较小的时光去呼吸新鲜空气,享受夏天。也许会多去户外散散步,喘口气。我们中的一些人可能会利用这段时间去看看外面的世界。我们或许能获得一些额外的时间来修复漏洞或编写新代码。做些有趣的事!
Side-effects As a direct side-effect of this summer of bliss, to allow us some more time to handle the issues that might have piled up for us in early August, we also push the release date of 8.22.0 two weeks into the future. Now scheduled to happen on September 2, 2026.
副作用:作为这次“极乐之夏”的直接副作用,为了让我们有更多时间处理 8 月初可能堆积的问题,我们将 8.22.0 版本的发布日期推迟了两周。目前计划于 2026 年 9 月 2 日发布。
Vulnerability rate As previously mentioned, we have been under a huge pressure for the last four months or so. Now we need some rest. We do not expect this deluge to be over.
漏洞率:如前所述,过去四个月左右我们一直承受着巨大的压力。现在我们需要休息一下。我们并不指望这种(漏洞报告)洪流会就此结束。
GitHub curl’s issue and pull-request trackers on GitHub remain open and active like normal.
GitHub:Curl 在 GitHub 上的 Issue 和 Pull Request 追踪器将保持开放,并像往常一样活跃。
You too? If you and your Open Source projects also want to participate in the summer of bliss 2026: just do it and let us know! I would of course encourage you to do so. To take care of yourself as a top priority.
你也要参加吗?如果你和你的开源项目也想参与 2026 年的“极乐之夏”:尽管去做并告诉我们!我当然鼓励你这样做。把照顾好自己放在首位。
The bad guys won’t rest Probably not. But we will. But what if there is an emergency Then we get to read about it in August. Or you get a support contract and we get to read about it earlier.
坏人不会休息吗?可能不会。但我们会。但如果发生紧急情况怎么办?那我们会在 8 月份读到相关报告。或者,如果你有支持合同,我们就能更早地看到它。
Contracts excluded Everyone with a paid support contracts will of course still get full and appropriate service even during this period. Daniel, in a relaxed state.
合同除外:所有拥有付费支持合同的用户,在此期间当然仍将获得全面且适当的服务。Daniel,处于放松状态。
Credits The ice cream image was made by fotografierende from Pixabay.
致谢:冰淇淋图片由 Pixabay 上的 fotografierende 制作。