- Update from 7.80.0 to 7.81.0
- Update of rootfile
- Changelog
7.81.0
This release includes the following changes:
o mime: use percent-escaping for multipart form field and file names [1]
This release includes the following bugfixes:
o asyn-ares: ares_getaddrinfo needs no happy eyeballs timer [73]
o azure: make the "w/o HTTP/SMTP/IMAP" build disable SSL proper [12]
o BINDINGS: add cURL client for PostgreSQL [68]
o BINDINGS: add one from Everything curl and update a link
o checksrc: detect more kinds of NULL comparisons we avoid [105]
o CI: build examples for additional code verification [75]
o CI: bump job to use mbedtls 3.1.0 [90]
o cmake: don't set _USRDLL on a static Windows build [22]
o cmake: prevent dev warning due to mismatched arg [94]
o cmake: private identifiers use CURL_ instead of CMAKE_ prefix [40]
o config.d: update documentation to match the path search
o configure: add -lm to configure for rustls build. [13]
o configure: better diagnostics if hyper is built wrong [6]
o configure: don't enable TLS when --without-* flags are used [17]
o configure: fix runtime-lib detection on macOS [21]
o curl.1: require "see also" for every documented option [27]
o curl: improve error message for --head with -J [42]
o curl_easy_cleanup.3: remove from multi handle first [3]
o curl_easy_escape.3: call curl_easy_cleanup in example [58]
o curl_easy_unescape.3: call curl_easy_cleanup in example [57]
o curl_multi_init.3: fix EXAMPLE formatting
o curl_multi_perform/socket_action.3: clarify what errors mean [70]
o curl_share_setopt.3: split out options into their own manpages [14]
o CURLOPT_STDERR.3: does not work with libcurl as a win32 DLL [51]
o digest: compute user:realm:pass digest w/o userhash [45]
o docs/checksrc: Add documentation for STRERROR [18]
o docs/cmdline-opts: do not say "protocols: all" [26]
o docs/examples: workaround broken -Wno-pedantic-ms-format
o docs/HTTP3: describe how to setup a h3 reverse-proxy for testing [88]
o docs/INSTALL.md: typo fix : added missing "get" verb [31]
o docs/URL-SYNTAX.md: space is not fine in a given URL
o docs: add known bugs list to HTTP3.md [83]
o docs: address proselint nits [16]
o docs: consistent manpage SYNOPSIS [47]
o docs: fix dead links, remove ECH.md
o docs: fix typo in OpenSSL 3 build instructions [80]
o docs: Update the Reducing Size section
o example/progressfunc: remove code for old libcurls [78]
o examples/multi-single.c: remove WAITMS() [98]
o FAQ: typo fix : "yout" ➤ "your" [30]
o ftp: disable warning 4706 in MSVC [85]
o gen.pl: improve example output format [29]
o github workflow: add wolfssl (removed from zuul) [103]
o github/workflows: add mbedtls and mbedtls-clang (removed from zuul) [92]
o gtls: check return code for gnutls_alpn_set_protocols [86]
o hash: lazy-alloc the table in Curl_hash_add() [54]
o http2:set_transfer_url() return early on OOM [53]
o HTTP3: update quiche build instructions [37]
o http: enable haproxy support for hyper backend [20]
o http: Fix CURLOPT_HTTP200ALIASES [89]
o http_proxy: don't close the socket (too early) [100]
o insecure.d: detail its use for SFTP and SCP as well [32]
o insecure.d: expand and clarify [28]
o libcurl-multi.3: "SOCKS proxy handshakes" are not blocking
o libcurl-security.3: mention address and URL mitigations
o libssh2: fix error message for sha256 mismatch
o libtest: avoid "assignment within conditional expression" [84]
o lift: ignore is a deprecated config option, use ignoreRules [35]
o linkcheck.yml: add CI job that checks markdown links [82]
o m4/curl-compilers: tell clang -Wno-pointer-bool-conversion [99]
o Makefile.m32: rename -winssl option to -schannel and tidy up [33]
o mbedTLS: add support for CURLOPT_CAINFO_BLOB [44]
o mbedtls: fix CURLOPT_SSLCERT_BLOB [72]
o mbedtls: fix private member designations for v3.1.0 [93]
o misc: remove unused doh flags when CURL_DISABLE_DOH is defined [71]
o misc: s/e-mail/email [74]
o multi: cleanup the socket hash when destroying it [55]
o multi: handle errors returned from socket/timer callbacks [52]
o multi: shut down CONNECT in Curl_detach_connnection [2]
o netrc.d: edit the .netrc example to look nicer [24]
o ngtcp2: verify the server cert on connect (quictls) [102]
o ngtcp2: verify the server certificate for the gnutls case [101]
o nss:set_cipher don't clobber the cipher list [38]
o openldap: implement STARTTLS [56]
o openldap: process search query response messages one by one [50]
o openldap: several minor improvements [69]
o openldap: simplify ldif generation code [77]
o openssl: check the return value of BIO_new() [43]
o openssl: define HAVE_OPENSSL_VERSION for OpenSSL 1.1.0+
o openssl: remove `RSA_METHOD_FLAG_NO_CHECK` handling if unavailable
o openssl: remove usage of deprecated `SSL_get_peer_certificate`
o openssl: use non-deprecated API to read key parameters
o page-footer: add a mention of how to report bugs to the man page
o page-footer: document more environment variables [23]
o request.d: refer to 'method' rather than 'command' [59]
o retry-all-errors.d: make the example complete
o runtests: make the SSH library a testable feature
o rustls: read of zero bytes might be okay [9]
o rustls: remove comment about checking handshaking [15]
o rustls: remove incorrect EOF check [10]
o sha256/md5: return errors when init fails [79]
o socks5: use appropriate ATYP for numerical IP address host names [91]
o test1156: enable for hyper [65]
o test1156: fixup the stdout check for Windows [60]
o test1525: tweaked for hyper [64]
o test1526: enable for hyper [63]
o test1527: enable for hyper [62]
o test1528: enable for hyper [61]
o test1554: adjust for hyper [49]
o test1556: adjust for hyper [48]
o test302[12]: run only with the libssh2 backend [8]
o test661: enable for hyper [66]
o tests/CI.md: add more information on CI environments [39]
o tests/data/test302[12]: fix MSYS2 path conversion of hostpubsha256 [76]
o tftp: mark protocol as not possible to do over CONNECT [25]
o tool_findfile: updated search for a file in the homedir [46]
o tool_operate: only set SSH related libcurl options for SSH URLs [11]
o tool_operate: warn if too many output arguments were found [87]
o url.c: fix the SIGPIPE comment for Curl_close [4]
o url: check ssl_config when re-use proxy connection [81]
o url: reduce ssl backend count for CURL_DISABLE_PROXY builds [96]
o urlapi: accept port number zero [34]
o urlapi: if possible, shorten given numerical IPv6 addresses [95]
o urlapi: provide more detailed return codes [36]
o urlapi: reject short file URLs [41]
o version_win32: Check build number and platform id
o vtls/rustls: adapt to the updated rustls_version proto [19]
o writeout: fix %{http_version} for HTTP/3 [7]
o x509asn1: return early on errors [67]
o zuul.d: update rustls-ffi to version 0.8.2 [5]
o zuul: fix quiche build pointing to wrong Cargo [104]
This release includes the following known bugs:
o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 7.79.1 to 7.80.0
- Update of rootfile
- Changelog is too long to include here.
This update fixes 172 bugs the details of which can be found in the CHANGES file in
the source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 7.78.0 to 7.79.1
- Update of rootfile not required
- Changelog
Fixed in 7.79.1 - September 22 2021
Bugfixes:
Curl_http2_setup: don't change connection data on repeat invokes
curl_multi_fdset: make FD_SET() not operate on sockets out of range
dist: provide lib/.checksrc in the tarball
FAQ: add GOPHERS + curl works on data, not files
hsts: CURLSTS_FAIL from hsts read callback should fail transfer
hsts: handle unlimited expiry
http: fix the broken >3 digit response code detection
strerror: use sys_errlist instead of strerror on Windows
test1184: disable
tests/sshserver.pl: make it work with openssh-8.7p1
Fixed in 7.79.0 - September 15 2021
Changes:
bearssl: support CURLOPT_CAINFO_BLOB
http: consider cookies over localhost to be secure
secure transport: support CURLINFO_CERTINFO
Bugfixes:
CVE-2021-22945: clear the leftovers pointer when sending succeeds
CVE-2021-22946: do not ignore --ssl-reqd
CVE-2021-22947: reject STARTTLS server response pipelining
ares: use ares_getaddrinfo()
asyn-ares.c: move all version number checks to the top
auth: do not append zero-terminator to authorisation id in kerberos
auth: properly handle byte order in kerberos security message
auth: use sasl authzid option in kerberos
auth: we do not support a security layer after kerberos authentication
BINDINGS.md: update links to use https where available
build: fix compiler warnings
c-hyper: deal with Expect: 100-continue combined with POSTFIELDS
c-hyper: fix header value passed to debug callback
c-hyper: handle HTTP/1.1 => HTTP/1.0 downgrade on reused connection
c-hyper: initial step for 100-continue support
c-hyper: initial support for "dumping" 1xx HTTP responses
c-hyper: remove the hyper_executor_poll() loop from Curl_http
CI/cirrus: reduce compile time with increased parallism
CI: use GitHub Container Registry instead of Docker Hub
cirrus: Add FreeBSD 13.0 job and disable sanitizer build
cmake: avoid poll() on macOS
cmake: sync CURL_DISABLE options
codeql: fix error "Resource not accessible by integration"
compressed.d: it's a request, not an order
config.d: escape the backslash properly
config.d: note that curlrc is used even when --config
config: get rid of the unused HAVE_SIG_ATOMIC_T et. al.
configure.ac: revert bad nghttp2 library detection improvements
configure: error out if both ngtcp2 and quiche are specified
configure: make --disable-hsts work
configure: set classic mingw minimum OS version to XP
configure: tweak nghttp2 library name fix
connect: get local port + ip also when reusing connections
connect: remove superfluous conditional
curl-openssl.m4: check lib64 for the pkg-config file
curl-openssl.m4: show correct output for OpenSSL v3
curl.1: mention "global" flags
curl.1: provide examples for each option
curl: add warning for ignored data after quoted form parameter
curl: add warning for incompatible parameters usage
curl: better error message when -O fails to get a good name
curl: stop retry if Retry-After: is longer than allowed
curl_easy_setopt.3: improve the string copy wording
Curl_hsts_loadcb: don't attempt to load if hsts wasn't inited
curl_setup.h: sync values for HTTP_ONLY
curl_url_get.3: clarify about path and query
CURLMOPT_TIMERFUNCTION.3: remove misplaced "time"
CURLOPT_DOH_URL.3: CURLOPT_OPENSOCKETFUNCTION is not inherited
CURLOPT_SSL_CTX_*.3: tidy up the example
CURLOPT_UNIX_SOCKET_PATH.3: remove nginx reference, add see also
docs/MQTT: update state of username/password support
docs: remove experimental mentions from HSTS and MQTT
docs: the security list is reached at security at curl.se now
easy: use a custom implementation of wcsdup on Windows
examples/*hiperfifo.c: fix calloc arguments to match function proto
examples/cookie_interface: avoid printfing time_t directly
examples/cookie_interface: fix scan-build printf warning
examples/ephiperfifo.c: simplify signal handler
FAQ: add two dev related questions
getparameter: fix the --local-port number parser
happy-eyeballs-timeout-ms.d: polish the wording
hostip: Make Curl_ipv6works function independent of getaddrinfo
http2: Curl_http2_setup needs to init stream data in all invokes
http2: revert a change that broke upgrade to h2c
http2: revert call the handle-closed function correctly on closed stream
http: disallow >3-digit response codes
http: ignore content-length if any transfer-encoding is used
http_proxy: clear 'sending' when the outgoing request is sent
http_proxy: fix the User-Agent inclusion in CONNECT
http_proxy: fix user-agent and custom headers for CONNECT with hyper
http_proxy: only wait for writable socket while sending request
INTERNALS: bump c-ares requirement to 1.16.0
INTERNALS: c-ares has a new home: c-ares.org
lib: don't use strerror()
libcurl-errors.3: clarify two CURLUcode errors
limit-rate.d: clarify base unit
mailing lists: move from cool.haxx.se to lists.haxx.se
mbedtls: avoid using a large buffer on the stack
mbedTLS: initial 3.0.0 support
mbedtls_threadlock: fix unused variable warning
mksymbolsmanpage.pl: Fix showing symbol's last used version
mksymbolsmanpage.pl: match symbols case insenitively
multi: fix compiler warning with `CURL_DISABLE_WAKEUP`
ngtcp2: compile with the latest ngtcp2 and nghttp3
ngtcp2: fix build with ngtcp2 and nghttp3
ngtcp2: remove the acked_crypto_offset struct field init
ngtcp2: replace deprecated functions with nghttp3_conn_shutdown_stream_read
ngtcp2: reset the oustanding send buffer again when drained
ngtcp2: rework the return value handling of ngtcp2_conn_writev_stream
ngtcp2: stop buffering crypto data
ngtcp2: utilize crypto API functions to simplify
openssl: annotate SSL3_MT_SUPPLEMENTAL_DATA
openssl: when creating a new context, there cannot be an old one
opt-docs: make sure all man pages have examples
opt-docs: verify man page sections + order
opts docs: unify phrasing in NAME header
output.d: add method to suppress response bodies
page-header: add GOPHERS, simplify wording in the 1st para
progress: fix a compile warning on some systems
progress: make trspeed avoid floats
runtests: add option -u to error on server unexpectedly alive
schannel: Work around typo in classic mingw macro
scripts: invoke interpreters through /usr/bin/env
setopt: enable CURLOPT_IGNORE_CONTENT_LENGTH for hyper
strerror.h: remove the #include from files not using it
symbols-in-versions: fix CURLSSLBACKEND_QSOSSL last used version
test1138: remove trailing space to make work with hyper
test1173: check references to libcurl options
test1280: CRLFify the response to please hyper
test1565: fix windows build errors
test365: verify response with chunked AND Content-Length headers
tests/*server.pl: flush output before executing subprocess
tests/*server.py: remove pidfile on server termination
tests/runtests.pl: cleanup copy&paste mistakes and unused code
tests/server/*.c: align handling of portfile argument and file
tests: adjust the tftpd output to work with hyper mode
tests: be explicit about using 'python3' instead of 'python'
tests: enable test 1129 for hyper builds
tests: make three tests pass until 2037
tool/tests: fix potential year 2038 issues
tool_operate: Fix --fail-early with parallel transfers
url: fix compiler warning in no-verbose builds
urlapi.c:seturl: assert URL instead of using if-check
vtls: fix typo in schannel_verify.c
winbuild/README.md: clarify GEN_PDB option
wolfssl: clean up wolfcrypt error queue
write-out.d: clarify size_download/upload
x509asn1: fix heap over-read when parsing x509 certificates
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 7.77.0 to 7.78.0
- Update of rootfile not required
- Changelog
Changes:
curl_url_set: reject spaces in URLs w/o CURLU_ALLOW_SPACE
CURLE_SETOPT_OPTION_SYNTAX: new error name for wrong setopt syntax
hostip: make 'localhost' return fixed values
mbedtls: add support for cert and key blob options
metalink: remove all support for it
mqtt: add support for username and password
Bugfixes:
--socks4[a]: clarify where the host name is resolved
ares: always store IPv6 addresses first
asyn-ares: remove check for 'data' in Curl_resolver_cancel
bearssl: explicitly initialize all fields of Curl_ssl
bearssl: remove incorrect const on variable that is modified
build: fix compiler warnings when CURL_DISABLE_VERBOSE_STRINGS
c-hyper: abort CONNECT response reading early on non 2xx responses
c-hyper: add support for transfer-encoding in the request
c-hyper: bail on too long response headers
c-hyper: clear NTLM auth buffer when request is issued
c-hyper: convert HYPERE_INVALID_PEER_MESSAGE to CURLE_UNSUPPORTED_PROTOCOL
c-hyper: fix NTLM on closed connection tested with test159
c-hyper: fix the uploaded field in progress callbacks
c-hyper: handle NULL from hyper_buf_copy()
c-hyper: support CURLINFO_STARTTRANSFER_TIME
c-hyper: support CURLOPT_HEADER
ccsidcurl: fix the compile errors
CI/cirrus: install impacket from PyPI instead of FreeBSD packages
CI: add bearssl build
CI: add Circle CI
CI: add jobs using Zuul
CI: delete --enable-hsts option (it is the default now)
CI: remove travis details
cleanup: spell DoH with a lowercase o
cmake: add CURL_DISABLE_NTLM option
cmake: avoid leaking absolute paths into exported config
cmake: fix IoctlSocket FIONBIO check
cmake: fix support for UnixSockets feature on Win32
cmake: remove libssh2 feature checks
cmake: try well-known send/recv signature for Apple
configure.ac: make non-executable
configure/cmake: remove checks for many unused functions
configure: add --disable-ntlm option
configure: disable RTSP when hyper is selected
configure: do not strip out debug flags
configure: fix nghttp2 library name for static builds
configure: inhibit the implicit-fallthrough warning on gcc-12
configure: rename get-easy-option configure option to get-easy-options
conn_shutdown: if closed during CONNECT cleanup properly
conncache: lowercase the hash key for better match
cookies: track expiration in jar to optimize removals
copyright: add boiler-plate headers to CI config files
crustls: bump crustls version and use new URL
curl.h: <sys/select.h> is supported by VxWorks7
curl.h: include sys/select.h for NuttX RTOS
curl: ignore blank --output-dir
curl_endian: remove the unused Curl_write64_le function
curl_multibyte: Remove local encoding fallbacks
Curl_ntlm_core_mk_nt_hash: fix OOM in error path
Curl_ssl_getsessionid: fail if no session cache exists
CURLOPT_WRITEFUNCTION.3: minor update of the example
docs/BINDINGS: fix outdated links
docs/examples: use curl_multi_poll() in multi examples
docs/INSTALL: remove mentions of configure --with-darwin-ssl
docs: document missing arguments to commands
docs: fix inconsistencies in EGDSOCKET documentation
docs: fix incorrect argument name reference
docs: Fix typos
docs: make docs for --etag-save match the program behaviour
docs: use --max-redirs instead of --max-redir
doh: (void)-prefix call to curl_easy_setopt
doh: fix wrong DEBUGASSERT for doh private_data
easy: during upkeep, attach Curl_easy to connections in the cache
examples/multi-single: fix scan-build warning
examples: length-limit two sscanf() uses of %s
examples: safer and more proper read callback logic
filecheck: quietly remove test-place/*~
formdata: avoid "Argument cannot be negative" warning
formdata: correct typecast in curl_mime_data call
GHA: add a linux-hyper job
GHA: add several libcurl tests to the hyper job
GHA: run the newly fixed tests with hyper
github: timeout jobs on macOS after 90 minutes
glob: pass an 'int' as len when using printf's %*s
gnutls: set the preferred TLS versions in correct order
GOVERNANCE: add 'user', 'committer' and 'contributor'
hostip: (macOS) free returned memory of SCDynamicStoreCopyProxies
hostip: bad CURLOPT_RESOLVE syntax now returns error
hsts: ignore numberical IP address hosts
HSTS: not experimental anymore
http2: clarify 'Using HTTP2' verbose message
http2: init recvbuf struct for pushed streams
http2_connisdead: handle trailing GOAWAY better
http: fix crash in rate-limited upload
http: make the haproxy support work with unix domain sockets
http_proxy: deal with non-200 CONNECT response with Hyper
hyper: propagate errors back up from read callbacks
HYPER: remove mentions of deprecated development branch
idn: fix libidn2 with windows unicode builds
infof: remove newline from format strings, always append it
lib: don't compare fd to FD_SETSIZE when using poll
lib: fix compiler warnings with CURL_DISABLE_NETRC
lib: fix type of len passed to *printf's %*s
lib: more %u for port and int for %*s fixes
lib: use %u instead of %ld for port number printf
libcurl-security.3: mention file descriptors and forks
libssh2: limit time a disconnect can take to 1 second
mbedtls: make mbedtls_strerror always work
mbedtls: Remove unnecessary include
mqtt: detect illegal and too large file size
mqtt: extend the error message for no topic
msnprintf: return number of printed characters excluding null byte
multi: add scan-build-6 work-around in curl_multi_fdset
multi: alter transfer timeout ordering
multi: do not switch off connect_only flag when closing
multi: fix crash in curl_multi_wait / curl_multi_poll
netrc: skip 'macdef' definitions
ngtcp2: disable TLSv1.3 compatible mode when using GnuTLS
openssl: avoid static variable for seed flag
openssl: don't remove session id entry in disassociate
pinnedpubkey.d: fix formatting for version support lists
proto.d: fix formatting for paragraphs after margin changes
quiche: use send() instead of sendto() to avoid macOS issue
Revert "c-hyper: handle body on HYPER_TASK_EMPTY"
Revert "ftp: Expression 'ftpc->wait_data_conn' is always false"
runtests: also find the last test in Makefile.inc
runtests: enable 'hyper mode' only for HTTP tests
runtests: init $VERSION to avoid warnings when using -l
runtests: parse data/Makefile.inc instead of using make
runtests: skip disabled tests unless -f is used
rustls: remove native_roots fallback
schannel: set ALPN length correctly for HTTP/2
SChannel: Use '_tcsncmp()' instead
sectransp: check for client certs by name first, then file
setopt: fix incorrect comments
socketpair: fix potential hangs
socks4: scan for the IPv4 address in resolve results
ssl: read pending close notify alert before closing the connection
sws: malloc request struct instead of using stack
telnet: fix option parser to not send uninitialized contents
test1116: hyper doesn't pass through "surprise-trailers"
test1147: hyper doesn't allow "crazy" request headers like built-in
test1151: added missing CRLF to work with hyper
test1216: adjusted for hyper mode
test1218: adjusted for hyper mode
test1230: adjust to work in hyper mode
test1340/1341: adjusted for hyper mode
test1438/1457: add HTTP keyword to make hyper mode work
test1514: add a CRLF to the response to make it correct
test1518: adjusted to work with hyper
test1519: adjusted to work with hyper
test1594/1595/1596: fix to work in hyper mode
test269: disable for hyper
test3010: work with hyper mode
test328: avoid a header-looking body to make hyper mode work
test339: CRLFify better to work in hyper mode
test347: CRLFify to work in hyper mode
test393: make Content-Length fit within 64 bit for hyper
test394: hyper returns a different error
test395: hyper cannot work around > 64 bit content-lengths like built-in
test433: adjust for hyper mode
test434: add HTTP keyword
test500: adjust to work with hyper mode
test566: adjust to work with hyper mode
test599: adjusted to work in hyper mode
test644: remove as duplicate of test 587
tests: fix Accept-Encoding strips to work with Hyper builds
TLS: prevent shutdown loops to get stuck
tool: make _lseeki64() macro work with the PellesC compiler
tool_help: document that --tlspassword takes a password
tool_help: remove unused define
url.c: remove two variable assigns that are never read
url: (void)-prefix a curl_url_get() call
url: bad CURLOPT_CONNECT_TO syntax now returns error
version: turn version number functions into returning void
vtls: exit addsessionid if no cache is inited
vtls: fix connection reuse checks for issuer cert and case sensitivity
vtls: only store TIMER_APPCONNECT for non-proxy connect
vtls: use free() not curl_free()
warnless: simplify type size handling
Win32: fix build with Watt-32
winbuild/README: VC should be set to 6 'or larger'
winbuild: support alternate nghttp2 static lib name
wolfssl: failing to set a session id is not reason to error out
write-out.d: clarify urlnum is not unique for de-globbed URLs
zuul: use the new rustls directory name
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 7.76.1 to 7.77.0
- Update rootfile
- Changelog is too large to include here. It can be accesed at
https://curl.se/changes.html
There are 5 changes and 133 bug fixes of which 3 are related to CVE's
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 7.75.0 to 7.76.1
- Update of rootfile
- Changelog is too large to include here.
Full details can be found in the CHANGES file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Hi,
For details see:
https://curl.haxx.se/changes.html
This came rather unexpected - if I'd known, I'd have waited with 7.63.0.
"Changes:
cookies: leave secure cookies alone
hostip: support wildcard hosts
http: Implement trailing headers for chunked transfers
http: added options for allowing HTTP/0.9 responses
timeval: Use high resolution timestamps on Windows
Bugfixes:
CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
CVE-2019-3823: SMTP end-of-response out-of-bounds read
FAQ: remove mention of sourceforge for github
OS400: handle memory error in list conversion
OS400: upgrade ILE/RPG binding.
README: add codacy code quality badge
Revert http_negotiate: do not close connection
THANKS: added several missing names from year <= 2000
build: make 'tidy' target work for metalink builds
cmake: added checks for variadic macros
cmake: updated check for HAVE_POLL_FINE to match autotools
cmake: use lowercase for function name like the rest of the code
configure: detect xlclang separately from clang
configure: fix recv/send/select detection on Android
configure: rewrite --enable-code-coverage
conncache_unlock: avoid indirection by changing input argument type
cookie: fix comment typo
cookies: allow secure override when done over HTTPS
cookies: extend domain checks to non psl builds
cookies: skip custom cookies when redirecting cross-site
curl --xattr: strip credentials from any URL that is stored
curl -J: refuse to append to the destination file
curl/urlapi.h: include "curl.h" first
curl_multi_remove_handle() don't block terminating c-ares requests
darwinssl: accept setting max-tls with default min-tls
disconnect: separate connections and easy handles better
disconnect: set conn->data for protocol disconnect
docs/version.d: mention MultiSSL
docs: fix the --tls-max description
docs: use $(INSTALL_DATA) to install man page
docs: use meaningless port number in CURLOPT_LOCALPORT example
gopher: always include the entire gopher-path in request
http2: clear pause stream id if it gets closed
if2ip: remove unused function Curl_if_is_interface_name
libssh: do not let libssh create socket
libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh
libssh: free sftp_canonicalize_path() data correctly
libtest/stub_gssapi: use "real" snprintf
mbedtls: use VERIFYHOST
multi: multiplexing improvements
multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
ntlm: fix NTMLv2 compliance
ntlm_sspi: add support for channel binding
openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
openssl: fix the SSL_get_tlsext_status_ocsp_resp call
openvms: fix OpenSSL discovery on VAX
openvms: fix typos in documentation
os400: add a missing closing bracket
os400: fix extra parameter syntax error
pingpong: change default response timeout to 120 seconds
pingpong: ignore regular timeout in disconnect phase
printf: fix format specifiers
runtests.pl: Fix perl call to include srcdir
schannel: fix compiler warning
schannel: preserve original certificate path parameter
schannel: stop calling it "winssl"
sigpipe: if mbedTLS is used, ignore SIGPIPE
smb: fix incorrect path in request if connection reused
ssh: log the libssh2 error message when ssh session startup fails
test1558: verify CURLINFO_PROTOCOL on file:// transfer
test1561: improve test name
test1653: make it survive torture tests
tests: allow tests to pass by 2037-02-12
tests: move objnames-* from lib into tests
timediff: fix math for unsigned time_t
timeval: Disable MSVC Analyzer GetTickCount warning
tool_cb_prg: avoid integer overflow
travis: added cmake build for osx
urlapi: Fix port parsing of eol colon
urlapi: distinguish possibly empty query
urlapi: fix parsing ipv6 with zone index
urldata: rename easy_conn to just conn
winbuild: conditionally use /DZLIB_WINAPI
wolfssl: fix memory-leak in threaded use
spnego_sspi: add support for channel binding"
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Most of these files still used old dates and/or domain names for contact
mail addresses. This is now replaced by an up-to-date copyright line.
Just some housekeeping... :-)
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Update curl to 7.59.0 which fixes a number of bugs and
some minor security issues.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
curl did not find the certificate bundle so that server
certificates could not be verified.
Fixes#10995
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
