curl and libcurl 8.18.0

 Public curl releases:         272
 Command line options:         273
 curl_easy_setopt() options:   308
 Public functions in libcurl:  100
 Contributors:                 3559

This release includes the following changes:

 o build: drop support for VS2008 (Windows) [62]
 o build: drop Windows CE / CeGCC support [69]
 o gnutls: drop support for GnuTLS < 3.6.5 [167]
 o gnutls: implement CURLOPT_CAINFO_BLOB [168]
 o openssl: bump minimum OpenSSL version to 3.0.0 [60]

This release includes the following bugfixes:

 o _PROGRESS.md: add the E unit, mention kibibyte [24]
 o alt-svc: more flexibility on same destination [298]
 o altsvc: make it one malloc instead of three per entry [266]
 o AmigaOS: increase minimum stack size for tool_main [137]
 o apple-sectrust: always ask when `native_ca_store` is in use [162]
 o asyn-ares: handle Curl_dnscache_mk_entry() OOM error [199]
 o asyn-ares: remove hostname free on OOM [122]
 o asyn-thrdd: fix Curl_async_getaddrinfo() on systems without getaddrinfo [265]
 o asyn-thrdd: release rrname if ares_init_options fails [41]
 o auth: always treat Curl_auth_ntlm_get() returning NULL as OOM [186]
 o autotools: add nettle library detection via pkg-config (for GnuTLS) [178]
 o autotools: drop autoconf <2.59 compatibility code (zz60-xc-ovr) [70]
 o autotools: fix LargeFile feature display on Windows (after prev patch) [276]
 o autotools: tidy-up `if` expressions [275]
 o badwords: fix issues found in scripts and other files [142]
 o badwords: fix issues found in tests [156]
 o build: add build-level `CURL_DISABLE_TYPECHECK` options [163]
 o build: exclude clang prereleases from compiler warning options [154]
 o build: set `-Wno-format-signedness` [288]
 o build: tidy-up MSVC CRT warning suppression macros [140]
 o ccsidcurl: make curl_mime_data_ccsid() use the converted size [74]
 o cf-https-connect: allocate ctx at first in cf_hc_create() [79]
 o cf-socket: drop feature check for `IPV6_V6ONLY` on Windows [210]
 o cf-socket: limit use of `TCP_KEEP*` to Windows 10.0.16299+ at runtime [157]
 o cf-socket: trace ignored errors [97]
 o cfilters: make conn_forget_socket a private libssh function [109]
 o checksrc.pl: detect assign followed by more than one space [26]
 o cmake: adjust defaults for target platforms not supporting shared libs [35]
 o cmake: define dependencies as `IMPORTED` interface targets [223]
 o cmake: disable `CURL_CA_PATH` auto-detection if `USE_APPLE_SECTRUST=ON` [16]
 o cmake: fix `ws2_32` reference in `curl-config.cmake` [201]
 o cmake: honor `CURL_DISABLE_INSTALL` and `CURL_ENABLE_EXPORT_TARGET` [106]
 o cmake: save and restore `CMAKE_MODULE_PATH` in `curl-config.cmake` [222]
 o code: minor indent fixes before closing braces [107]
 o CODE_STYLE.md: sync banned function list with checksrc.pl [243]
 o config-win32.h: delete obsolete, non-Windows comments [295]
 o config-win32.h: drop unused/obsolete `CURL_HAS_OPENLDAP_LDAPSDK` [278]
 o config2setopts: bail out if curl_url_get() returns OOM [102]
 o config2setopts: exit if curl_url_set() fails on OOM [105]
 o configure: delete unused variable [294]
 o conncache: silence `-Wnull-dereference` on gcc 14 RISC-V 64 [17]
 o conncontrol: reuse handling [170]
 o connect: reshuffle Curl_timeleft_ms to avoid 'redundant condition' [100]
 o connection: attached transfer count [228]
 o cookie: allocate the main struct once cookie is fine [259]
 o cookie: only keep and use the canonical cleaned up path [256]
 o cookie: propagate errors better, cleanup the internal API [118]
 o cookie: return error on OOM [131]
 o cookie: when parsing a cookie header, delay all allocations until okay [258]
 o cshutdn: acknowledge FD_SETSIZE for shutdown descriptors [25]
 o curl: fix progress meter in parallel mode [15]
 o curl_fopen: do not pass invalid mode flags to `open()` on Windows [84]
 o curl_gssapi: make sure Curl_gss_log_error() has an initialized buffer [257]
 o curl_sasl: if redirected, require permission to use bearer [250]
 o curl_sasl: make Curl_sasl_decode_mech compare case insensitively [160]
 o curl_setup.h: document more funcs flagged by `_CRT_SECURE_NO_WARNINGS` [124]
 o curl_setup.h: drop stray `#undef stat` (Windows) [103]
 o curl_setup.h: drop superfluous parenthesis from `Curl_safefree` macro [242]
 o CURLINFO: remove 'get' and 'get the' from each short desc [50]
 o CURLINFO_SCHEME/PROTOCOL: they return the "scheme" for a "transfer" [48]
 o CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text [49]
 o CURLMOPT_SOCKETFUNCTION.md: fix the callback argument use [206]
 o CURLOPT_FOLLOWLOCATION.md: s/Authentication:/Authorization:/ [283]
 o CURLOPT_READFUNCTION.md: clarify the size of the buffer [47]
 o CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example
 o curlx/fopen: replace open CRT functions their with `_s` counterparts (Windows) [204]
 o curlx/multibyte: stop setting macros for non-Windows [226]
 o curlx/strerr: use `strerror_s()` on Windows [75]
 o curlx: limit use of system allocators to the minimum possible [169]
 o curlx: replace `mbstowcs`/`wcstombs` with `_s` counterparts (Windows) [143]
 o curlx: replace `sprintf` with `snprintf` [194]
 o curlx: use curlx allocators in non-memdebug builds (Windows) [155]
 o DEPRECATE: add CMake <3.18 deprecation for April 2026 [291]
 o digest_sspi: fix a memory leak on error path [149]
 o digest_sspi: properly free sspi identity [12]
 o DISTROS.md: add OpenBSD [126]
 o DISTROS: fix a Mageia URL
 o DISTROS: remove broken URLs for buildroot
 o doc: some returned in-memory data may not be altered [196]
 o Dockerfile: update debian:bookworm-slim digest to e899040 [305]
 o docs/libcurl: fix C formatting nits [207]
 o docs: clarify how to do unix domain sockets with SOCKS proxy [240]
 o docs: fix checksrc `EQUALSPACE` warnings [21]
 o docs: mention umask need when curl creates files [56]
 o docs: remove dead URLs
 o docs: spell it Rustls with a capital R [181]
 o docs: switch more URLs to https:// [229]
 o docs: use .example URLs for proxies
 o example: fix formatting nits [232]
 o examples/crawler: fix variable [92]
 o examples/multi-uv: fix invalid req->data access [177]
 o examples/multithread: fix race condition [101]
 o examples: fix minor typo [203]
 o examples: make functions/data static where missing [139]
 o examples: tidy-up headers and includes [138]
 o examples: use 64-bit `fstat` on Windows [301]
 o FAQ/TODO/KNOWN_BUGS: convert to markdown [307]
 o FAQ: fix hackerone URL
 o file: do not pass invalid mode flags to `open()` on upload (Windows) [83]
 o formdata: validate callback is non-NULL before use [267]
 o ftp: make EPRT connections non-blocking [268]
 o ftp: refactor a piece of code by merging the repeated part [40]
 o ftp: remove #ifdef for define that is always defined [76]
 o getinfo: improve perf in debug mode [99]
 o gnutls: add PROFILE_MEDIUM as default [233]
 o gnutls: report accurate error when TLS-SRP is not built-in [18]
 o gtls: add return checks and optimize the code [2]
 o gtls: Call keylog_close in cleanup
 o gtls: skip session resumption when verifystatus is set
 o h2/h3: handle methods with spaces [146]
 o headers: add length argument to Curl_headers_push() [309]
 o hostcheck: fail wildcard match if host starts with a dot [235]
 o hostip: don't store negative lookup on OOM [61]
 o hostip: make more functions return CURLcode [202]
 o hostip: only store negative response for CURLE_COULDNT_RESOLVE_HOST [183]
 o hsts: propagate and error out correctly on OOM [130]
 o hsts: use one malloc instead of two per entry [263]
 o http: acknowledge OOM errors from Curl_input_ntlm [185]
 o http: avoid two strdup()s and do minor simplifications [144]
 o http: error on OOM when creating range header [59]
 o http: fix OOM exit in Curl_http_follow [179]
 o http: handle oom error from Curl_input_digest() [192]
 o http: replace atoi use in Curl_http_follow with curlx_str_number [65]
 o http: return OOM errors from hsts properly [262]
 o http: the :authority header should never contain user+password [147]
 o http: unfold response headers earlier [277]
 o idn: avoid allocations and wcslen on Windows [247]
 o idn: fix memory leak in `win32_ascii_to_idn()` [173]
 o idn: use curlx allocators on Windows [165]
 o imap: check buffer length before accessing it [308]
 o imap: make sure Curl_pgrsSetDownloadSize() does not overflow [200]
 o INSTALL-CMAKE.md: document static option defaults more [37]
 o krb5: fix detecting channel binding feature [187]
 o krb5_sspi: unify a part of error handling [80]
 o ldap: call ldap_init() before setting the options [236]
 o ldap: drop PP logic for old, unsupported, Windows SDKs [279]
 o ldap: improve detection of Apple LDAP [174]
 o ldap: provide version for "legacy" ldap as well [254]
 o lib/sendf.h: forward declare two structs [221]
 o lib: cleanup for some typos about spaces and code style [3]
 o lib: eliminate size_t casts [112]
 o lib: error for OOM when extracting URL query [127]
 o lib: fix formatting nits (part 2) [253]
 o lib: fix formatting nits (part 3) [248]
 o lib: fix formatting nits [215]
 o lib: fix gssapi.h include on IBMi [55]
 o lib: refactor the type of funcs which have useless return and checks [1]
 o lib: replace `_tcsncpy`/`wcsncpy`/`wcscpy` with `_s` counterparts (Windows) [164]
 o lib: timer stats improvements [190]
 o libssh2: add paths to error messages for quote commands [114]
 o libssh2: cleanup ssh_force_knownhost_key_type [64]
 o libssh2: consider strdup() failures OOM and return correctly [72]
 o libssh2: replace atoi() in ssh_force_knownhost_key_type [63]
 o libssh: fix state machine loop to progress as it should
 o libssh: properly free sftp_attributes [153]
 o libtests: replace `atoi()` with `curlx_str_number()` [120]
 o limit-rate: add example using --limit-rate and --max-time together [89]
 o m4/sectrust: fix test(1) operator [4]
 o manage: expand the 'libcurl support required' message [208]
 o mbedtls: fix potential use of uninitialized `nread` [8]
 o mbedtls: sync format across log messages [213]
 o mbedtls_threadlock: avoid calloc, use array [244]
 o mdlinkcheck: ignore IP numbers, allow '@' in raw URLs
 o mdlinkcheck: only look for markdown links in markdown files [311]
 o memdebug: add mutex for thread safety [184]
 o memdebug: fix realloc logging [286]
 o mk-ca-bundle.md: the file format docs URL is permaredirected [188]
 o mk-ca-bundle.pl: default to SHA256 fingerprints with `-t` option [73]
 o mk-ca-bundle.pl: use `open()` with argument list to replace backticks [71]
 o mqtt: reject overly big messages [39]
 o multi: make max_total_* members size_t [158]
 o multi: remove MSTATE_TUNNELING [297]
 o multi: simplify admin handle processing [189]
 o multibyte: limit `curlx_convert_*wchar*()` functions to Unicode builds [135]
 o ngtcp2+openssl: fix leak of session [172]
 o ngtcp2: remove the unused Curl_conn_is_ngtcp2 function [85]
 o noproxy: fix build on systems without IPv6 [264]
 o noproxy: fix ipv6 handling [239]
 o noproxy: replace atoi with curlx_str_number [67]
 o openssl: exit properly on OOM when getting certchain [133]
 o openssl: fix a potential memory leak of bio_out [150]
 o openssl: fix a potential memory leak of params.cert [151]
 o openssl: no verify failf message unless strict [166]
 o openssl: release ssl_session if sess_reuse_cb fails [43]
 o openssl: remove code handling default version [28]
 o openssl: simplify `HAVE_KEYLOG_CALLBACK` guard [212]
 o OS400/ccsidcurl: fix curl_easy_setopt_ccsid for non-converted blobs [94]
 o OS400/makefile.sh: fix shellcheck warning SC2038 [86]
 o osslq: code readability [5]
 o progress: show fewer digits [78]
 o projects/README.md: Markdown fixes [148]
 o pytest fixes and improvements [159]
 o pytest: add tests using sshd [303]
 o pytest: disable two H3 earlydata tests for all platforms (was: macOS) [116]
 o pytest: fix and improve reliability [251]
 o pytest: improve stragglers [252]
 o pytest: quiche flakiness [280]
 o pytest: skip H2 tests if feature missing from curl [46]
 o quiche: use client writer [255]
 o ratelimit: redesign [209]
 o rtmp: fix double-free on URL parse errors [27]
 o rtmp: precaution for a potential integer truncation [54]
 o rtmp: stop redefining `setsockopt` system symbol on Windows [211]
 o runner.pm: run memanalyzer as a Perl module [260]
 o runtests: add options to set minimum number of tests, use them [302]
 o runtests: detect bad libssh differently for test 1459 [11]
 o runtests: drop Python 2 support remains [45]
 o runtests: enable torture testing with threaded resolver [176]
 o runtests: improve XML prolog check, enable `-w` permanently, fix two tests [231]
 o runtests: make memanalyzer a Perl module (for 1.1-2x speed-up per test run) [238]
 o rustls: fix a potential memory issue [81]
 o rustls: minor adjustment of sizeof() [38]
 o rustls: simplify init err path [219]
 o rustls: verify that verifier_builder is not NULL [220]
 o schannel: cap the maximum allowed size for loading cert [274]
 o schannel: fix memory leak of cert_store_path on four error paths [23]
 o schannel: replace atoi() with curlx_str_number() [119]
 o schannel_verify: fix a memory leak of cert_context [152]
 o scripts: fix shellcheck SC2046 warnings [90]
 o scripts: use end-of-options marker in `find -exec` commands [87]
 o setopt: disable CURLOPT_HAPROXY_CLIENT_IP on NULL [30]
 o setopt: when setting bad protocols, don't store them [9]
 o sftp: fix range downloads in both SSH backends [82]
 o slist: constify Curl_slist_append_nodup() string argument [195]
 o smb: fix a size check to be overflow safe [161]
 o socks_sspi: use free() not FreeContextBuffer() [93]
 o speedcheck: do not trigger low speed cancel on transfers with CURL_READFUNC_PAUSE [113]
 o speedlimit: also reset on send unpausing [197]
 o src: fix formatting nits [246]
 o ssh: tracing and better pollset handling [230]
 o sspi: fix memory leaks on error paths in `Curl_create_sspi_identity()` [237]
 o sws: fix binding to unix socket on Windows [214]
 o synctime: tidy up, make it work on all platforms [269]
 o telnet: replace atoi for BINARY handling with curlx_str_number [66]
 o TEST-SUITE.md: correct the man page's path [136]
 o test07_22: fix flakiness [95]
 o test1475: consistently use %CR in headers [234]
 o test1498: disable 'HTTP PUT from stdin' test on Windows [115]
 o test2045: replace HTML multi-line comment markup with `#` comments [36]
 o test318: tweak the name a little
 o test3207: enable memdebug for this test again [249]
 o test363: delete stray character (typo) from a section tag [52]
 o test568: fix codespell, catch it next time early in CI [299]
 o test568: remove what looks like an email and a URL [304]
 o test787: fix possible typo `&` -> `%` in curl option [241]
 o tests/data: move `--libcurl` output to external data files [34]
 o tests/data: replace hard-coded test numbers with `%TESTNUMBER` [33]
 o tests/data: support using native newlines on disk, drop `.gitattributes` [91]
 o tests/server: do not fall back to original data file in `test2fopen()` [32]
 o tests/server: fix initialization on Windows Vista+ [216]
 o tests/server: replace `atoi()` and `atol()` with `curlx_str_number()` [110]
 o tests: add `%AMP` macro, use it in two tests [245]
 o tests: allow 2500-2503 to use ~2MB malloc [31]
 o tests: fix formatting nits [225]
 o tftp: release filename if conn_get_remote_addr fails [42]
 o tftpd: fix/tidy up `open()` mode flags [57]
 o tidy-up: avoid `(())`, clang-format fixes and more [141]
 o tidy-up: move `CURL_UNCONST()` out from macro `curl_unicodefree()` [121]
 o tidy-up: URLs (cont.) and mdlinkcheck [285]
 o tidy-up: URLs [182]
 o TODO: remove a mandriva.com reference
 o tool: consider (some) curl_easy_setopt errors fatal [7]
 o tool: log when loading .curlrc in verbose mode [191]
 o tool_cfgable: free ssl-sessions at exit [123]
 o tool_doswin: clear pointer when thread takes ownership [198]
 o tool_getparam: verify that a file exists for some options [134]
 o tool_help: add checks to avoid unsigned wrap around [14]
 o tool_ipfs: check return codes better [20]
 o tool_msgs: make voutf() use stack instead of heap [125]
 o tool_operate: exit on curl_share_setopt errors [108]
 o tool_operate: fix a case of ignoring return code in operate() [128]
 o tool_operate: fix case of ignoring return code in single_transfer [129]
 o tool_operate: remove redundant condition [19]
 o tool_operate: return error for OOM in append2query [217]
 o tool_operate: use curlx_str_number instead of atoi [68]
 o tool_paramhlp: refuse --proto remove all protocols [10]
 o tool_urlglob: acknowledge OOM in peek_ipv6 [175]
 o tool_urlglob: clean up used memory on errors better [44]
 o tool_urlglob: support globs as long as config line lengths [282]
 o tool_writeout: bail out proper on OOM [104]
 o url: fix return code for OOM in parse_proxy() [193]
 o url: if curl_url_get() fails due to OOM, error out properly [205]
 o url: if OOM in parse_proxy() return error [132]
 o urlapi: fix mem-leaks in curl_url_get error paths [22]
 o urlapi: handle OOM properly when setting URL [180]
 o verify-release: update to avoid shellcheck warning SC2034 [88]
 o vquic-tls/gnutls: call Curl_gtls_verifyserver unconditionally [96]
 o vquic: do not pass invalid mode flags to `open()` (Windows) [58]
 o vquic: do_sendmsg full init [171]
 o vtls: fix CURLOPT_CAPATH use [51]
 o vtls: handle possible malicious certs_num from peer [53]
 o vtls: pinned key check [98]
 o wcurl: import v2025.11.09 [29]
 o windows: assume `USE_WIN32_LARGE_FILES` [292]
 o windows: use `_strdup()` instead of `strdup()` where missing [145]
 o wolfSSL: able to differentiate between IP and DNS in alt names [13]
 o wolfssl: avoid NULL dereference in OOM situation [77]
 o wolfssl: fix a potential memory leak of session [6]
 o wolfssl: fix cipher list, skip 5.8.4 regression [117]
 o wolfssl: fix possible assert with `!HAVE_NO_EX` wolfSSL builds [261]
 o wolfssl: simplify wssl_send_earlydata [111]

This release includes the following known bugs:

 See https://curl.se/docs/knownbugs.html

For all changes ever done in curl:

 See https://curl.se/changes.html

Planned upcoming removals include:

 o OpenSSL-QUIC
 o RTMP support
 o Support for c-ares versions before 1.16.0
 o Support for Windows XP/2003

 See https://curl.se/dev/deprecate.html

This release would not have looked like this without help, code, reports and
advice from friends like these:

  Aleksandr Sergeev, Aleksei Bavshin, Andrew Kirillov,
  anonymous237 on hackerone, BANADDA, boingball, Brad King, bttrfl on github,
  Christian Schmitz, Dan Fandrich, Daniel McCarney, Daniel Stenberg,
  Denis Goleshchikhin, Deniz Parlak, dependabot[bot], Fabian Keil,
  Fd929c2CE5fA on github, ffath-vo on github, Gabriel Marin,
  Georg Schulz-Allgaier, Gisle Vanem, Greg Hudson, Harry Sintonen, Jiyong Yang,
  Juliusz Sosinowicz, Kai Pastor, Leonardo Taccari, letshack9707 on hackerone,
  Marc Aldorasi, Marcel Raad, Max Faxälv, nait-furry, ncaklovic on github,
  Nick Korepanov, Omdahake on github, Patrick Monnerat, pelioro on hackerone,
  Ray Satiro, renovate[bot], Robert W. Van Kirk, Samuel Henrique,
  st751228051 on github, Stanislav Fort, Stefan Eissing, Sunny, Theo Buehler,
  Thomas Klausner, Viktor Szakats, Wesley Moore, Xiaoke Wang, Yedaya Katsman,
  Yuhao Jiang, yushicheng7788 on github
  (53 contributors)

References to bug reports and discussions on issues:

 [1] = https://curl.se/bug/?i=19386
 [2] = https://curl.se/bug/?i=19366
 [3] = https://curl.se/bug/?i=19370
 [4] = https://curl.se/bug/?i=19371
 [5] = https://curl.se/bug/?i=19394
 [6] = https://curl.se/bug/?i=19555
 [7] = https://curl.se/bug/?i=19385
 [8] = https://curl.se/bug/?i=19393
 [9] = https://curl.se/bug/?i=19389
 [10] = https://curl.se/bug/?i=19388
 [11] = https://curl.se/bug/?i=19557
 [12] = https://curl.se/bug/?i=19426
 [13] = https://curl.se/bug/?i=19364
 [14] = https://curl.se/bug/?i=19377
 [15] = https://curl.se/bug/?i=19383
 [16] = https://curl.se/bug/?i=19380
 [17] = https://curl.se/bug/?i=19378
 [18] = https://curl.se/bug/?i=19365
 [19] = https://curl.se/bug/?i=19381
 [20] = https://curl.se/bug/?i=19382
 [21] = https://curl.se/bug/?i=19379
 [22] = https://curl.se/bug/?i=19440
 [23] = https://curl.se/bug/?i=19423
 [24] = https://curl.se/bug/?i=19502
 [25] = https://curl.se/bug/?i=19439
 [26] = https://curl.se/bug/?i=19375
 [27] = https://curl.se/bug/?i=19438
 [28] = https://curl.se/bug/?i=19354
 [29] = https://curl.se/bug/?i=19430
 [30] = https://curl.se/bug/?i=19434
 [31] = https://curl.se/bug/?i=19716
 [32] = https://curl.se/bug/?i=19429
 [33] = https://curl.se/bug/?i=19427
 [34] = https://curl.se/bug/?i=19799
 [35] = https://curl.se/bug/?i=19420
 [36] = https://curl.se/bug/?i=19498
 [37] = https://curl.se/bug/?i=19419
 [38] = https://hackerone.com/reports/3427460
 [39] = https://curl.se/bug/?i=19415
 [40] = https://curl.se/bug/?i=19411
 [41] = https://curl.se/bug/?i=19410
 [42] = https://curl.se/bug/?i=19409
 [43] = https://curl.se/bug/?i=19405
 [44] = https://curl.se/bug/?i=19614
 [45] = https://curl.se/bug/?i=19544
 [46] = https://curl.se/bug/?i=19412
 [47] = https://curl.se/bug/?i=19402
 [48] = https://curl.se/bug/?i=19403
 [49] = https://curl.se/bug/?i=19404
 [50] = https://curl.se/bug/?i=19406
 [51] = https://curl.se/bug/?i=19401
 [52] = https://curl.se/bug/?i=19490
 [53] = https://curl.se/bug/?i=19397
 [54] = https://curl.se/bug/?i=19399
 [55] = https://curl.se/bug/?i=19336
 [56] = https://curl.se/bug/?i=19396
 [57] = https://curl.se/bug/?i=19671
 [58] = https://curl.se/bug/?i=19670
 [59] = https://curl.se/bug/?i=19630
 [60] = https://curl.se/bug/?i=18330
 [61] = https://curl.se/bug/?i=19484
 [62] = https://curl.se/bug/?i=17931
 [63] = https://curl.se/bug/?i=19479
 [64] = https://curl.se/bug/?i=19479
 [65] = https://curl.se/bug/?i=19478
 [66] = https://curl.se/bug/?i=19477
 [67] = https://curl.se/bug/?i=19475
 [68] = https://curl.se/bug/?i=19480
 [69] = https://curl.se/bug/?i=17927
 [70] = https://curl.se/bug/?i=19464
 [71] = https://curl.se/bug/?i=19461
 [72] = https://curl.se/bug/?i=19791
 [73] = https://curl.se/bug/?i=19359
 [74] = https://curl.se/bug/?i=19465
 [75] = https://curl.se/bug/?i=19646
 [76] = https://curl.se/bug/?i=19463
 [77] = https://curl.se/bug/?i=19459
 [78] = https://curl.se/bug/?i=19431
 [79] = https://curl.se/bug/?i=19454
 [80] = https://curl.se/bug/?i=19452
 [81] = https://curl.se/bug/?i=19425
 [82] = https://curl.se/bug/?i=19460
 [83] = https://curl.se/bug/?i=19647
 [84] = https://curl.se/bug/?i=19645
 [85] = https://curl.se/bug/?i=19725
 [86] = https://curl.se/bug/?i=19451
 [87] = https://curl.se/bug/?i=19450
 [88] = https://curl.se/bug/?i=19449
 [89] = https://curl.se/bug/?i=19473
 [90] = https://curl.se/bug/?i=19432
 [91] = https://curl.se/bug/?i=19398
 [92] = https://curl.se/bug/?i=19446
 [93] = https://curl.se/bug/?i=19445
 [94] = https://curl.se/bug/?i=19444
 [95] = https://curl.se/bug/?i=19530
 [96] = https://curl.se/bug/?i=19531
 [97] = https://curl.se/bug/?i=19520
 [98] = https://curl.se/bug/?i=19529
 [99] = https://curl.se/bug/?i=19525
 [100] = https://curl.se/bug/?i=19523
 [101] = https://curl.se/bug/?i=19524
 [102] = https://curl.se/bug/?i=19518
 [103] = https://curl.se/bug/?i=19519
 [104] = https://curl.se/bug/?i=19667
 [105] = https://curl.se/bug/?i=19517
 [106] = https://curl.se/bug/?i=19144
 [107] = https://curl.se/bug/?i=19512
 [108] = https://curl.se/bug/?i=19513
 [109] = https://curl.se/bug/?i=19727
 [110] = https://curl.se/bug/?i=19510
 [111] = https://curl.se/bug/?i=19509
 [112] = https://curl.se/bug/?i=19495
 [113] = https://curl.se/bug/?i=19653
 [114] = https://curl.se/bug/?i=19605
 [115] = https://curl.se/bug/?i=19855
 [116] = https://curl.se/bug/?i=19724
 [117] = https://curl.se/bug/?i=19644
 [118] = https://curl.se/bug/?i=19493
 [119] = https://curl.se/bug/?i=19483
 [120] = https://curl.se/bug/?i=19506
 [121] = https://curl.se/bug/?i=19606
 [122] = https://curl.se/bug/?i=19658
 [123] = https://curl.se/bug/?i=19602
 [124] = https://curl.se/bug/?i=19597
 [125] = https://curl.se/bug/?i=19651
 [126] = https://curl.se/bug/?i=19596
 [127] = https://curl.se/bug/?i=19594
 [128] = https://curl.se/bug/?i=19650
 [129] = https://curl.se/bug/?i=19649
 [130] = https://curl.se/bug/?i=19593
 [131] = https://curl.se/bug/?i=19591
 [132] = https://curl.se/bug/?i=19590
 [133] = https://curl.se/bug/?i=19471
 [134] = https://curl.se/bug/?i=19583
 [135] = https://curl.se/bug/?i=19796
 [136] = https://curl.se/bug/?i=19586
 [137] = https://curl.se/bug/?i=19578
 [138] = https://curl.se/bug/?i=19580
 [139] = https://curl.se/bug/?i=19579
 [140] = https://curl.se/bug/?i=19175
 [141] = https://curl.se/bug/?i=19854
 [142] = https://curl.se/bug/?i=19572
 [143] = https://curl.se/bug/?i=19581
 [144] = https://curl.se/bug/?i=19571
 [145] = https://curl.se/bug/?i=19794
 [146] = https://curl.se/bug/?i=19543
 [147] = https://curl.se/bug/?i=19568
 [148] = https://curl.se/bug/?i=19569
 [149] = https://curl.se/bug/?i=19567
 [150] = https://curl.se/bug/?i=19561
 [151] = https://curl.se/bug/?i=19560
 [152] = https://curl.se/bug/?i=19556
 [153] = https://curl.se/bug/?i=19564
 [154] = https://curl.se/bug/?i=19566
 [155] = https://curl.se/bug/?i=19788
 [156] = https://curl.se/bug/?i=19541
 [157] = https://curl.se/bug/?i=19520
 [158] = https://curl.se/bug/?i=19618
 [159] = https://curl.se/bug/?i=19540
 [160] = https://curl.se/bug/?i=19535
 [161] = https://curl.se/bug/?i=19640
 [162] = https://curl.se/bug/?i=19636
 [163] = https://curl.se/bug/?i=19637
 [164] = https://curl.se/bug/?i=19589
 [165] = https://curl.se/bug/?i=19790
 [166] = https://curl.se/bug/?i=19615
 [167] = https://curl.se/bug/?i=19609
 [168] = https://curl.se/bug/?i=19612
 [169] = https://curl.se/bug/?i=19748
 [170] = https://curl.se/bug/?i=19333
 [171] = https://curl.se/bug/?i=19714
 [172] = https://curl.se/bug/?i=19717
 [173] = https://curl.se/bug/?i=19789
 [174] = https://curl.se/bug/?i=19849
 [175] = https://curl.se/bug/?i=19784
 [176] = https://curl.se/bug/?i=19786
 [177] = https://curl.se/bug/?i=19462
 [178] = https://curl.se/bug/?i=19703
 [179] = https://curl.se/bug/?i=19705
 [180] = https://curl.se/bug/?i=19704
 [181] = https://curl.se/bug/?i=19702
 [182] = https://curl.se/bug/?i=19879
 [183] = https://curl.se/bug/?i=19701
 [184] = https://curl.se/bug/?i=19785
 [185] = https://curl.se/bug/?i=19781
 [186] = https://curl.se/bug/?i=19782
 [187] = https://curl.se/bug/?i=19164
 [188] = https://curl.se/bug/?i=19877
 [189] = https://curl.se/bug/?i=19604
 [190] = https://curl.se/bug/?i=19269
 [191] = https://curl.se/bug/?i=19663
 [192] = https://curl.se/bug/?i=19780
 [193] = https://curl.se/bug/?i=19779
 [194] = https://curl.se/bug/?i=19681
 [195] = https://curl.se/bug/?i=19692
 [196] = https://curl.se/bug/?i=19692
 [197] = https://curl.se/bug/?i=19687
 [198] = https://curl.se/bug/?i=19689
 [199] = https://curl.se/bug/?i=19688
 [200] = https://curl.se/bug/?i=19774
 [201] = https://curl.se/bug/?i=19775
 [202] = https://curl.se/bug/?i=19669
 [203] = https://curl.se/bug/?i=19683
 [204] = https://curl.se/bug/?i=19643
 [205] = https://curl.se/bug/?i=19838
 [206] = https://curl.se/bug/?i=19840
 [207] = https://curl.se/bug/?i=19844
 [208] = https://curl.se/bug/?i=19665
 [209] = https://curl.se/bug/?i=19384
 [210] = https://curl.se/bug/?i=19769
 [211] = https://curl.se/bug/?i=19768
 [212] = https://curl.se/bug/?i=19843
 [213] = https://curl.se/bug/?i=19842
 [214] = https://curl.se/bug/?i=19812
 [215] = https://curl.se/bug/?i=19764
 [216] = https://curl.se/bug/?i=18009
 [217] = https://curl.se/bug/?i=19763
 [219] = https://curl.se/bug/?i=19759
 [220] = https://curl.se/bug/?i=19756
 [221] = https://curl.se/bug/?i=19761
 [222] = https://curl.se/bug/?i=16973
 [223] = https://curl.se/bug/?i=16973
 [225] = https://curl.se/bug/?i=19754
 [226] = https://curl.se/bug/?i=19751
 [228] = https://curl.se/bug/?i=19836
 [229] = https://curl.se/bug/?i=19872
 [230] = https://curl.se/bug/?i=19745
 [231] = https://curl.se/bug/?i=19970
 [232] = https://curl.se/bug/?i=19746
 [233] = https://curl.se/bug/?i=19853
 [234] = https://curl.se/bug/?i=19870
 [235] = https://curl.se/bug/?i=19869
 [236] = https://curl.se/bug/?i=19830
 [237] = https://curl.se/bug/?i=19866
 [238] = https://curl.se/bug/?i=19786
 [239] = https://curl.se/bug/?i=19828
 [240] = https://curl.se/bug/?i=19829
 [241] = https://curl.se/bug/?i=19826
 [242] = https://curl.se/bug/?i=19734
 [243] = https://curl.se/bug/?i=19733
 [244] = https://curl.se/bug/?i=19732
 [245] = https://curl.se/bug/?i=19824
 [246] = https://curl.se/bug/?i=19823
 [247] = https://curl.se/bug/?i=19798
 [248] = https://curl.se/bug/?i=19811
 [249] = https://curl.se/bug/?i=19813
 [250] = https://curl.se/bug/?i=19933
 [251] = https://curl.se/bug/?i=19970
 [252] = https://curl.se/bug/?i=19809
 [253] = https://curl.se/bug/?i=19800
 [254] = https://curl.se/bug/?i=19808
 [255] = https://curl.se/bug/?i=19803
 [256] = https://curl.se/bug/?i=19864
 [257] = https://curl.se/bug/?i=19802
 [258] = https://curl.se/bug/?i=19864
 [259] = https://curl.se/bug/?i=19864
 [260] = https://curl.se/bug/?i=19863
 [261] = https://curl.se/bug/?i=19816
 [262] = https://curl.se/bug/?i=19862
 [263] = https://curl.se/bug/?i=19861
 [264] = https://curl.se/bug/?i=19860
 [265] = https://github.com/curl/curl/commit/ce06fe7771052549ff430c86173b2eaca91f8a9c#r172215567
 [266] = https://curl.se/bug/?i=19857
 [267] = https://curl.se/bug/?i=19858
 [268] = https://curl.se/bug/?i=19753
 [269] = https://curl.se/bug/?i=19965
 [274] = https://curl.se/bug/?i=19964
 [275] = https://curl.se/bug/?i=18189
 [276] = https://curl.se/bug/?i=19922
 [277] = https://curl.se/bug/?i=19949
 [278] = https://curl.se/bug/?i=19920
 [279] = https://curl.se/bug/?i=19918
 [280] = https://curl.se/bug/?i=19770
 [282] = https://curl.se/bug/?i=19960
 [283] = https://curl.se/bug/?i=19915
 [285] = https://curl.se/bug/?i=19911
 [286] = https://curl.se/bug/?i=19900
 [288] = https://curl.se/bug/?i=19907
 [291] = https://curl.se/bug/?i=19902
 [292] = https://curl.se/bug/?i=19888
 [294] = https://curl.se/bug/?i=19901
 [295] = https://curl.se/bug/?i=19899
 [297] = https://curl.se/bug/?i=19894
 [298] = https://curl.se/bug/?i=19740
 [299] = https://curl.se/bug/?i=19945
 [301] = https://curl.se/bug/?i=19896
 [302] = https://curl.se/bug/?i=19942
 [303] = https://curl.se/bug/?i=19934
 [304] = https://curl.se/bug/?i=19944
 [305] = https://curl.se/bug/?i=19891
 [307] = https://curl.se/bug/?i=19875
 [308] = https://curl.se/bug/?i=19887
 [309] = https://curl.se/bug/?i=19886
 [311] = https://curl.se/bug/?i=19938