dd0b974eb1
This release includes the following bugfixes: o security advisory (CVE-2018-14618): NTLM password overflow via integer overflow [73] o CURLINFO_SIZE_UPLOAD: fix missing counter update [46] o CURLOPT_ACCEPT_ENCODING.3: list them comma-separated o CURLOPT_SSL_CTX_FUNCTION.3: might cause accidental connection reuse [72] o Curl_getoff_all_pipelines: improved for multiplexed [3] o DEPRECATE: remove release date from 7.62.0 o HTTP: Don't attempt to needlessly decompress redirect body [30] o INTERNALS: require GnuTLS >= 2.11.3 [62] o README.md: add LGTM.com code quality grade for C/C++ [42] o SSLCERTS: improve the openssl command line o Silence GCC 8 cast-function-type warnings [47] o ares: check for NULL in completed-callback [3] o asyn-thread: Remove unused macro [40] o auth: only pick CURLAUTH_BEARER if we *have* a Bearer token [15] o auth: pick Bearer authentication whenever a token is available [15] o cmake: CMake config files are defining CURL_STATICLIB for static builds [54] o cmake: Respect BUILD_SHARED_LIBS [35] o cmake: Update scripts to use consistent style [9] o cmake: bumped minimum version to 3.4 [34] o cmake: link curl to the OpenSSL targets instead of lib absolute paths [34] o configure: conditionally enable pedantic-errors [64] o configure: fix for -lpthread detection with OpenSSL and pkg-config [38] o conn: remove the boolean 'inuse' field [3] o content_encoding: accept up to 4 unknown trailer bytes after raw deflate data [5] o cookie tests: treat files as text o cookies: support creation-time attribute for cookies [75] o curl: Fix segfault when -H @headerfile is empty [23] o curl: add http code 408 to transient list for --retry [78] o curl: fix time-of-check, time-of-use race in dir creation [71] o curl: use Content-Disposition before the "URL end" for -OJ [29] o curl: warn the user if a given file name looks like an option [56] o curl_threads: silence bad-function-cast warning [69] o darwinssl: add support for ALPN negotiation [7] o docs/CURLOPT_URL: fix indentation [20] o docs/CURLOPT_WRITEFUNCTION: size is always 1 [19] o docs/SECURITY-PROCESS: mention bounty, drop pre-notify o docs/examples: add hiperfifo example using linux epoll/timerfd [21] o docs: add disallow-username-in-url.d and haproxy-protocol.d to dist [50] o docs: clarify NO_PROXY env variable functionality [70] o docs: improved the manual pages of some callbacks [48] o docs: mention NULL is fine input to several functions [43] o formdata: Remove unused macro HTTPPOST_CONTENTTYPE_DEFAULT [40] o gopher: Do not translate `?' to `%09' [67] o header output: switch off all styles, not just unbold [8] o hostip: fix unused variable warning o http2: Use correct format identifier for stream_id [77] o http2: abort the send_callback if not setup yet [63] o http2: avoid set_stream_user_data() before stream is assigned [61] o http2: check nghttp2_session_set_stream_user_data return code [55] o http2: clear the drain counter in Curl_http2_done [27] o http2: make sure to send after RST_STREAM [58] o http2: separate easy handle from connections better [12] o http: fix for tiny "HTTP/0.9" response [51] o http_proxy: Remove unused macro SELECT_TIMEOUT [40] o lib/Makefile: only do symbol hiding if told to [32] o lib1502: fix memory leak in torture test [44] o lib1522: fix curl_easy_setopt argument type o libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation [66] o mime: check Curl_rand_hex's return code [22] o multi: always do the COMPLETED procedure/state [3] o openssl: assume engine support in 1.0.0 or later [2] o openssl: fix debug messages [39] o projects: Improve Windows perl detection in batch scripts [49] o retry: return error if rewind was necessary but didn't happen [28] o reuse_conn(): memory leak - free old_conn->options [17] o schannel: client certificate store opening fix [68] o schannel: enable CALG_TLS1PRF for w32api >= 5.1 o schannel: fix MinGW compile break [1] o sftp: don't send post-qoute sequence when retrying a connection [79] o smb: fix memory leak on early failure [26] o smb: fix memory-leak in URL parse error path [4] o smb_getsock: always wait for write socket too [11] o ssh-libssh: fix infinite connect loop on invalid private key [53] o ssh-libssh: reduce excessive verbose output about pubkey auth [53] o ssh-libssh: use FALLTHROUGH to silence gcc8 [76] o ssl: set engine implicitly when a PKCS#11 URI is provided [36] o sws: handle EINTR when calling select() [24] o system_win32: fix version checking [16] o telnet: Remove unused macros TELOPTS and TELCMDS [40] o test1143: disable MSYS2's POSIX path conversion [10] o test1148: disable if decimal separator is not point [65] o test1307: (fnmatch testing) disabled [31] o test1422: add required file feature [6] o test1531: Add timeout [41] o test1540: Remove unused macro TEST_HANG_TIMEOUT [40] o test214: disable MSYS2's POSIX path conversion for URL o test320: treat curl320.out file as binary [14] o tests/http_pipe.py: Use /usr/bin/env to find python o tests: Don't use Windows path %PWD for SSH tests [74] o tests: fixes for Windows line endlings [13] o tool_operate: Fix setting proxy TLS 1.3 ciphers o travis: build darwinssl on macos 10.12 to fix linker errors [33] o travis: execute "set -eo pipefail" for coverage build [45] o travis: run a 'make checksrc' too [25] o travis: update to GCC-8 [52] o travis: verify that man pages can be regenerated [50] o upload: allocate upload buffer on-demand [60] o upload: change default UPLOAD_BUFSIZE to 64KB [60] o urldata: remove unused pipe_broke struct field [57] o vtls: reinstantiate engine on duplicated handles [59] o windows: implement send buffer tuning [37] o wolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random [18] |
||
|---|---|---|
| .. | ||
| patches | ||
| buildlink3.mk | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| options.mk | ||
| PLIST | ||