RELEASE-NOTES: synced

Start working on the next release
2025-04-18 16:30:45 +08:00 · 2024-12-11 11:16:48 +01:00 · 2024-12-11 11:16:48 +01:00 · 6907638631
commit 6907638631
parent 98b30eda79
2 changed files with 13 additions and 172 deletions
--- a/179
+++ b/179
@ -1,6 +1,6 @@
-curl and libcurl 8.11.1
+curl and libcurl 8.11.2

- Public curl releases:         263
+ Public curl releases:         264
 Command line options:         266
 curl_easy_setopt() options:   306
 Public functions in libcurl:  94
@ -11,85 +11,9 @@ This release includes the following changes:

 This release includes the following bugfixes:

- o build: fix ECH to always enable HTTPS RR [35]
- o build: fix MSVC UWP builds [32]
- o build: omit certain deps from `libcurl.pc` unless found via `pkg-config` [27]
- o build: use `_fseeki64()` on Windows, drop detections [41]
- o cmake: do not echo most inherited `LDFLAGS` to config files [55]
- o cmake: drop cmake args list from `buildinfo.txt` [8]
- o cmake: include `wolfssl/options.h` first [53]
- o cmake: remove legacy unused IMMEDIATE keyword [21]
- o cmake: restore cmake args list in `buildinfo.txt` [26]
- o cmake: set `CURL_STATICLIB` for static lib when `SHARE_LIB_OBJECT=OFF` [64]
- o cmake: sync GSS config code with other deps [28]
- o cmake: typo in comment
- o cmake: work around `ios.toolchain.cmake` breaking feature-detections [37]
- o cmakelint: fix to check root `CMakeLists.txt` [36]
- o cmdline/ech.md: formatting cleanups [13]
- o configure: add FIXMEs for disabled pkg-config references
- o configure: do not echo most inherited `LDFLAGS` to config files [31]
- o configure: replace `$#` shell syntax [25]
- o cookie: treat cookie name case sensitively [4]
- o curl-rustls.m4: keep existing `CPPFLAGS`/`LDFLAGS` when detected [40]
- o curl.h: mark two error codes as obsolete [19]
- o curl: --continue-at is mutually exclusive with --no-clobber [51]
- o curl: --continue-at is mutually exclusive with --range [61]
- o curl: --continue-at is mutually exclusive with --remove-on-error [50]
- o curl: --test-duphandle in debug builds runs "duphandled" [6]
- o curl: do more command line parsing in sub functions [71]
- o curl: rename struct var to fix AIX build [24]
- o curl: use realtime in trace timestamps [52]
- o curl_multi_socket_all.md: soften the deprecation warning [56]
- o CURLOPT_PREREQFUNCTION.md: add result code on failure [23]
- o digest: produce a shorter cnonce in Digest headers [70]
- o DISTROS: update Alt Linux links
- o dmaketgz: use --no-cache when building docker image [66]
- o docs: bring back ALTSVC.md and HSTS.md [76]
- o docs: document default `User-Agent` [57]
- o docs: suggest --ssl-reqd instead of --ftp-ssl [62]
- o duphandle: also init netrc [3]
- o ECH: enable support for the AWS-LC backend [5]
- o hostip: don't use the resolver for FQDN localhost [45]
- o http_negotiate: allow for a one byte larger channel binding buffer [63]
- o http_proxy: move dynhds_add_custom here from http.c [18]
- o KNOWN_BUGS: setting a disabled option should return CURLE_NOT_BUILT_IN [74]
- o krb5: fix socket/sockindex confusion, MSVC compiler warnings [22]
- o lib: fixes for wolfSSL OPENSSL_COEXIST [73]
- o libssh: use libssh sftp_aio to upload file [47]
- o libssh: when using IPv6 numerical address, add brackets [43]
- o macos: disable gcc `availability` workaround as needed [7]
- o mbedtls: call psa_crypt_init() in global init [2]
- o mime: fix reader stall on small read lengths [65]
- o mk-ca-bundle: remove CKA_NSS_SERVER_DISTRUST_AFTER conditions [39]
- o mprintf: fix the integer overflow checks [44]
- o multi: add clarifying comment for wakeup_write() [9]
- o multi: fix callback for `CURLMOPT_TIMERFUNCTION` not being called again when... [48]
- o netrc: address several netrc parser flaws [17]
- o netrc: support large file, longer lines, longer tokens [14]
- o nghttp2: use custom memory functions [1]
- o OpenSSL: improvde error message on expired certificate [59]
- o openssl: remove three "Useless Assignments" [72]
- o openssl: stop using SSL_CTX_ function prefix for our functions [20]
- o os400: Fix IBMi builds [33]
- o os400: Fix IBMi EBCDIC conversion of arguments [34]
- o pytest: add test for use of CURLMOPT_MAX_HOST_CONNECTIONS [60]
- o rtsp: check EOS in the RTSP receive and return an error code [49]
- o schannel: remove TLS 1.3 ciphersuite-list support [54]
- o setopt: fix CURLOPT_HTTP_CONTENT_DECODING [15]
- o setopt: fix missing options for builds without HTTP & MQTT [10]
- o show-headers.md: clarify the headers are saved with the data [58]
- o socket: handle binding to "host!<ip>" [16]
- o socketpair: fix enabling `USE_EVENTFD` [30]
- o strtok: use namespaced `strtok_r` macro instead of redefining it [29]
- o tests: add the ending time stamp in testcurl.pl
- o tests: re-enable 2086, and 472, 1299, 1613 for Windows [38]
- o TODO: consider OCSP stapling by default [11]
- o tool_formparse: remove use of sscanf() [68]
- o tool_getparam: parse --localport without using sscanf [67]
- o tool_getpass: fix UWP `-Wnull-dereference` [46]
- o tool_getpass: replace `getch()` call with `_getch()` on Windows [42]
- o tool_urlglob: parse character globbing range without sscanf [69]
- o vtls: fix compile warning when ALPN is not available [12]
+ o cookie: parse only the exact expire date [3]
+ o lib517: extend the getdate test with quotes and leading "junk" [4]
+ o RELEASE-PROCEDURE.md: mention how to publish security advisories [2]

 This release includes the following known bugs:

@ -108,94 +32,11 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:

-  Alexis Savin, Andrew Ayer, Andrew Kirillov, Andy Fiddaman, Ben Greear,
-  Bo Anderson, Brendon Smith, chemodax, Dan Fandrich, Daniel Engberg,
-  Daniel Pouzzner, Daniel Stenberg, Dan Rosser, delogicsreal on github,
-  dengjfzh on github, Ethan Everett, Florian Eckert, galen11 on github,
-  Harmen Stoppels, Harry Sintonen, henrikjehgmti on github, hiimmat on github,
-  Jacob Champion, Jeroen Ooms, Jesus Malo Poyatos, jethrogb on github,
-  Kai Pastor, Logan Buth, Maarten Billemont, marcos-ng on github, Moritz,
-  newfunction on hackerone, Nicolas F., Peter Kokot, Peter Marko, Ray Satiro,
-  renovate[bot], Samuel Henrique, Stefan Eissing, SuperStormer on github,
-  Tal Regev, Thomas, tinyboxvk, tkzv on github, tranzystorekk on github,
-  Viktor Szakats, Vladislavs Sokurenko, wxiaoguang on github, Wyatt O'Day,
-  xiaofeng, Yoshimasa Ohno
-  (51 contributors)
+  Daniel Stenberg, Viktor Szakats
+  (2 contributors)

 References to bug reports and discussions on issues:

- [1] = https://curl.se/bug/?i=15527
- [2] = https://curl.se/bug/?i=15500
- [3] = https://curl.se/bug/?i=15496
- [4] = https://curl.se/bug/?i=15492
- [5] = https://curl.se/bug/?i=15499
- [6] = https://curl.se/bug/?i=15504
- [7] = https://curl.se/bug/?i=15508
- [8] = https://curl.se/bug/?i=15501
- [9] = https://curl.se/bug/?i=15600
- [10] = https://curl.se/bug/?i=15634
- [11] = https://curl.se/bug/?i=15483
- [12] = https://curl.se/bug/?i=15515
- [13] = https://curl.se/bug/?i=15506
- [14] = https://curl.se/bug/?i=15513
- [15] = https://curl.se/bug/?i=15511
- [16] = https://curl.se/bug/?i=15553
- [17] = https://curl.se/bug/?i=15586
- [18] = https://curl.se/bug/?i=15672
- [19] = https://curl.se/bug/?i=15538
- [20] = https://curl.se/bug/?i=15673
- [21] = https://curl.se/bug/?i=15661
- [22] = https://curl.se/bug/?i=15585
- [23] = https://curl.se/bug/?i=15542
- [24] = https://curl.se/bug/?i=15580
- [25] = https://curl.se/bug/?i=15584
- [26] = https://curl.se/bug/?i=15563
- [27] = https://curl.se/bug/?i=15469
- [28] = https://curl.se/bug/?i=15545
- [29] = https://curl.se/bug/?i=15549
- [30] = https://curl.se/bug/?i=15561
- [31] = https://curl.se/bug/?i=15533
- [32] = https://curl.se/bug/?i=15657
- [33] = https://curl.se/bug/?i=15566
- [34] = https://curl.se/bug/?i=15570
- [35] = https://curl.se/bug/?i=15648
- [36] = https://curl.se/bug/?i=15565
- [37] = https://curl.se/bug/?i=15557
- [38] = https://curl.se/bug/?i=15644
- [39] = https://curl.se/bug/?i=15547
- [40] = https://curl.se/bug/?i=15546
- [41] = https://curl.se/bug/?i=15525
- [42] = https://curl.se/bug/?i=15642
- [43] = https://curl.se/bug/?i=15522
- [44] = https://curl.se/bug/?i=15699
- [45] = https://curl.se/bug/?i=15676
- [46] = https://curl.se/bug/?i=15638
- [47] = https://curl.se/bug/?i=15625
- [48] = https://curl.se/bug/?i=15627
- [49] = https://curl.se/bug/?i=15624
- [50] = https://curl.se/bug/?i=15645
- [51] = https://curl.se/bug/?i=15645
- [52] = https://curl.se/bug/?i=15614
- [53] = https://curl.se/bug/?i=15620
- [54] = https://hackerone.com/reports/2792484
- [55] = https://curl.se/bug/?i=15617
- [56] = https://curl.se/mail/lib-2024-11/0029.html
- [57] = https://curl.se/bug/?i=15608
- [58] = https://curl.se/bug/?i=15605
- [59] = https://curl.se/bug/?i=15612
- [60] = https://curl.se/bug/?i=15494
- [61] = https://curl.se/bug/?i=15646
- [62] = https://curl.se/bug/?i=15658
- [63] = https://curl.se/bug/?i=15685
- [64] = https://curl.se/bug/?i=15695
- [65] = https://curl.se/bug/?i=15688
- [66] = https://curl.se/bug/?i=15689
- [67] = https://curl.se/bug/?i=15681
- [68] = https://curl.se/bug/?i=15683
- [69] = https://curl.se/bug/?i=15682
- [70] = https://curl.se/bug/?i=15653
- [71] = https://curl.se/bug/?i=15680
- [72] = https://curl.se/bug/?i=15679
- [73] = https://curl.se/bug/?i=15650
- [74] = https://curl.se/bug/?i=15472
- [76] = https://curl.se/bug/?i=15705
+ [2] = https://curl.se/bug/?i=15714
+ [3] = https://curl.se/bug/?i=15709
+ [4] = https://curl.se/bug/?i=15708
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@ -32,13 +32,13 @@

 /* This is the version number of the libcurl package from which this header
   file origins: */
-#define LIBCURL_VERSION "8.11.1-DEV"
+#define LIBCURL_VERSION "8.11.2-DEV"

 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBCURL_VERSION_MAJOR 8
 #define LIBCURL_VERSION_MINOR 11
-#define LIBCURL_VERSION_PATCH 1
+#define LIBCURL_VERSION_PATCH 2

 /* This is the numeric version of the libcurl version number, meant for easier
   parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will
@ -59,7 +59,7 @@
   CURL_VERSION_BITS() macro since curl's own configure script greps for it
   and needs it to contain the full number.
 */
-#define LIBCURL_VERSION_NUM 0x080b01
+#define LIBCURL_VERSION_NUM 0x080b02

 /*
 * This is the date and time when the full source package was created. The