Description of problem:
Today curl upstream announced that they are going to completely remove support for metalink from curl already in the next release of curl due to a number of difficult to fix security issues:
I believe it is not too late to follow this decision in RHEL-9, too. We could hardly support it ourselves till RHEL-9 EOL when it is broken and unsupported upstream since the beginning.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. curl -V | grep -i metalink
We might want to do the same with wget and consider removing libmetalink, which seems to be dead upstream:
I will file separate bugs for wget and libmetalink for consideration.
Fedora commit: https://src.fedoraproject.org/rpms/curl/c/ddaf41062c974e64f5ce0b74825174554c80f7ad?branch=rawhide