But as curl staff point out, the "malicious server setup" patch file submitted did not apply to the latest versions of a Python tool in question. Asked about this, the original submitter responded ...