mirror of
https://github.com/curl/curl.git
synced 2024-11-21 01:16:58 +08:00
RELEASE-NOTES: synced
This commit is contained in:
Daniel Stenberg
parent
2c4590010f
commit
f83b2f1ae1
187
RELEASE-NOTES
187
RELEASE-NOTES
@ -1,103 +1,22 @@
|
||||
curl and libcurl 7.66.0
|
||||
curl and libcurl 7.66.1
|
||||
|
||||
Public curl releases: 185
|
||||
Public curl releases: 186
|
||||
Command line options: 225
|
||||
curl_easy_setopt() options: 269
|
||||
Public functions in libcurl: 81
|
||||
Contributors: 1991
|
||||
Contributors: 2014
|
||||
|
||||
This release includes the following changes:
|
||||
|
||||
o CURLINFO_RETRY_AFTER: parse the Retry-After header value [35]
|
||||
o HTTP3: initial (experimental still not working) support [5]
|
||||
o curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool [27]
|
||||
o curl: support parallel transfers with -Z [4]
|
||||
o curl_multi_poll: a sister to curl_multi_wait() that waits more [28]
|
||||
o sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID [27]
|
||||
o
|
||||
|
||||
This release includes the following bugfixes:
|
||||
|
||||
o CVE-2019-5481: FTP-KRB double-free [64]
|
||||
o CVE-2019-5482: TFTP small blocksize heap buffer overflow [65]
|
||||
o CI: remove duplicate configure flag for LGTM.com
|
||||
o CMake: remove needless newlines at end of gss variables
|
||||
o CMake: use platform dependent name for dlopen() library [62]
|
||||
o CURLINFO docs: mention that in redirects times are added [55]
|
||||
o CURLOPT_ALTSVC.3: use a "" file name to not load from a file
|
||||
o CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED
|
||||
o CURLOPT_HEADERFUNCTION.3: clarify [54]
|
||||
o CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly [33]
|
||||
o CURLOPT_READFUNCTION.3: provide inline example
|
||||
o CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2 [51]
|
||||
o Curl_addr2string: take an addrlen argument too [61]
|
||||
o Curl_fillreadbuffer: avoid double-free trailer buf on error [66]
|
||||
o HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown [10]
|
||||
o alt-svc: add protocol version selection masking [31]
|
||||
o alt-svc: fix removal of expired cache entry [30]
|
||||
o alt-svc: make it use h3-22 with ngtcp2 as well
|
||||
o alt-svc: more liberal ALPN name parsing [17]
|
||||
o alt-svc: send Alt-Used: in redirected requests [32]
|
||||
o alt-svc: with quiche, use the quiche h3 alpn string [16]
|
||||
o appveyor: pass on -k to make
|
||||
o asyn-thread: create a socketpair to wait on [14]
|
||||
o build-openssl: fix build with Visual Studio 2019 [45]
|
||||
o cleanup: move functions out of url.c and make them static [58]
|
||||
o cleanup: remove the 'numsocks' argument used in many places [25]
|
||||
o configure: avoid undefined check_for_ca_bundle [37]
|
||||
o curl.h: add CURL_HTTP_VERSION_3 to the version enum
|
||||
o curl.h: fix outdated comment [23]
|
||||
o curl: cap the maximum allowed values for retry time arguments [13]
|
||||
o curl: handle a libcurl build without netrc support [63]
|
||||
o curl: make use of CURLINFO_RETRY_AFTER when retrying [35]
|
||||
o curl: remove outdated comment [24]
|
||||
o curl: use .curlrc (with a dot) on Windows [52]
|
||||
o curl: use CURLINFO_PROTOCOL to check for HTTP(s)
|
||||
o curl_global_init_mem.3: mention it was added in 7.12.0
|
||||
o curl_version: bump string buffer size to 250
|
||||
o curl_version_info.3: mentioned ALTSVC and HTTP3
|
||||
o curl_version_info: offer quic (and h3) library info [38]
|
||||
o curl_version_info: provide nghttp2 details [2]
|
||||
o defines: avoid underscore-prefixed defines [47]
|
||||
o docs/ALTSVC: remove what works and the experimental explanation [34]
|
||||
o docs/EXPERIMENTAL: explain what it means and what's experimental now
|
||||
o docs/MANUAL.md: converted to markdown from plain text [3]
|
||||
o docs/examples/curlx: fix errors [48]
|
||||
o docs: s/curl_debug/curl_dbg_debug in comments and docs [36]
|
||||
o easy: resize receive buffer on easy handle reset [9]
|
||||
o examples: Avoid reserved names in hiperfifo examples [8]
|
||||
o examples: add http3.c, altsvc.c and http3-present.c [40]
|
||||
o getenv: support up to 4K environment variable contents on windows [21]
|
||||
o http09: disable HTTP/0.9 by default in both tool and library [29]
|
||||
o http2: when marked for closure and wanted to close == OK [56]
|
||||
o http2_recv: trigger another read when the last data is returned [11]
|
||||
o http: fix use of credentials from URL when using HTTP proxy [44]
|
||||
o http_negotiate: improve handling of gss_init_sec_context() failures [18]
|
||||
o md4: Use our own MD4 when no crypto libraries are available [15]
|
||||
o multi: call detach_connection before Curl_disconnect [6]
|
||||
o netrc: make the code try ".netrc" on Windows [52]
|
||||
o nss: use TLSv1.3 as default if supported [39]
|
||||
o openssl: build warning free with boringssl [50]
|
||||
o openssl: use SSL_CTX_set_<min|max>_proto_version() when available [68]
|
||||
o plan9: add support for running on Plan 9 [22]
|
||||
o progress: reset download/uploaded counter between transfers [12]
|
||||
o readwrite_data: repair setting the TIMER_STARTTRANSFER stamp [26]
|
||||
o scp: fix directory name length used in memcpy [46]
|
||||
o smb: init *msg to NULL in smb_send_and_recv() [60]
|
||||
o smtp: check for and bail out on too short EHLO response [59]
|
||||
o source: remove names from source comments [1]
|
||||
o spnego_sspi: add typecast to fix build warning [49]
|
||||
o src/makefile: fix uncompressed hugehelp.c generation [19]
|
||||
o ssh-libssh: do not specify O_APPEND when not in append mode [7]
|
||||
o ssh: move code into vssh for SSH backends [53]
|
||||
o sspi: fix memory leaks [67]
|
||||
o tests: Replace outdated test case numbering documentation [43]
|
||||
o tftp: return error when packet is too small for options
|
||||
o timediff: make it 64 bit (if possible) even with 32 bit time_t [20]
|
||||
o travis: reduce number of torture tests in 'coverage' [42]
|
||||
o url: make use of new HTTP version if alt-svc has one [16]
|
||||
o urlapi: verify the IPv6 numerical address [69]
|
||||
o urldata: avoid 'generic', use dedicated pointers [57]
|
||||
o vauth: Use CURLE_AUTH_ERROR for auth function errors [41]
|
||||
o ldap: Stop using wide char version of ldapp_err2string [1]
|
||||
o winbuild/MakefileBuild.vc: Fix line endings
|
||||
o winbuild/MakefileBuild.vc: Add vssh [2]
|
||||
o asyn-thread: s/AF_LOCAL/AF_UNIX for Solaris [3]
|
||||
o setopt: make it easier to add new enum values [4]
|
||||
|
||||
This release includes the following known bugs:
|
||||
|
||||
@ -106,89 +25,15 @@ This release includes the following known bugs:
|
||||
This release would not have looked like this without help, code, reports and
|
||||
advice from friends like these:
|
||||
|
||||
Alessandro Ghedini, Alex Mayorga, Amit Katyal, Balazs Kovacsics,
|
||||
Brad Spencer, Brandon Dong, Carlo Marcelo Arenas Belón, Christopher Head,
|
||||
Clément Notin, codesniffer13 on github, Daniel Gustafsson, Daniel Stenberg,
|
||||
Dominik Hölzl, Eric Wong, Felix Hädicke, Gergely Nagy, Gisle Vanem,
|
||||
Igor Makarov, Ironbars13 on github, Jason Lee, Jeremy Lainé,
|
||||
Jonathan Cardoso Machado, Junho Choi, Kamil Dudka, Kyle Abramowitz,
|
||||
Kyohei Kadota, Lance Ware, Marcel Raad, Max Dymond, Michael Lee,
|
||||
Michal Čaplygin, migueljcrum on github, Mike Crowe, niallor on github,
|
||||
osabc on github, patnyb on github, Patrick Monnerat, Peter Wu, Ray Satiro,
|
||||
Rolf Eike Beer, Steve Holme, Tatsuhiro Tsujikawa, The Infinnovation team,
|
||||
Thomas Vegas, Tom van der Woerdt, Yiming Jing,
|
||||
(46 contributors)
|
||||
Bernhard Walle, Dagobert Michelsen, Daniel Stenberg, Ray Satiro,
|
||||
Zenju on github,
|
||||
(5 contributors)
|
||||
|
||||
Thanks! (and sorry if I forgot to mention someone)
|
||||
|
||||
References to bug reports and discussions on issues:
|
||||
|
||||
[1] = https://curl.haxx.se/bug/?i=4129
|
||||
[2] = https://curl.haxx.se/bug/?i=4121
|
||||
[3] = https://curl.haxx.se/bug/?i=4131
|
||||
[4] = https://curl.haxx.se/bug/?i=3804
|
||||
[5] = https://curl.haxx.se/bug/?i=3500
|
||||
[6] = https://curl.haxx.se/bug/?i=4144
|
||||
[7] = https://curl.haxx.se/bug/?i=4147
|
||||
[8] = https://curl.haxx.se/bug/?i=4153
|
||||
[9] = https://curl.haxx.se/bug/?i=4143
|
||||
[10] = https://curl.haxx.se/bug/?i=4138
|
||||
[11] = https://curl.haxx.se/bug/?i=4043
|
||||
[12] = https://curl.haxx.se/bug/?i=4084
|
||||
[13] = https://curl.haxx.se/bug/?i=4166
|
||||
[14] = https://curl.haxx.se/bug/?i=4157
|
||||
[15] = https://curl.haxx.se/bug/?i=3780
|
||||
[16] = https://curl.haxx.se/bug/?i=4183
|
||||
[17] = https://curl.haxx.se/bug/?i=4182
|
||||
[18] = https://curl.haxx.se/bug/?i=3992
|
||||
[19] = https://curl.haxx.se/bug/?i=4176
|
||||
[20] = https://curl.haxx.se/bug/?i=4165
|
||||
[21] = https://curl.haxx.se/bug/?i=4174
|
||||
[22] = https://curl.haxx.se/bug/?i=3701
|
||||
[23] = https://curl.haxx.se/bug/?i=4167
|
||||
[24] = https://curl.haxx.se/bug/?i=4172
|
||||
[25] = https://curl.haxx.se/bug/?i=4169
|
||||
[26] = https://curl.haxx.se/bug/?i=4136
|
||||
[27] = https://curl.haxx.se/bug/?i=3653
|
||||
[28] = https://curl.haxx.se/bug/?i=4163
|
||||
[29] = https://curl.haxx.se/bug/?i=4191
|
||||
[30] = https://curl.haxx.se/bug/?i=4192
|
||||
[31] = https://curl.haxx.se/bug/?i=4201
|
||||
[32] = https://curl.haxx.se/bug/?i=4199
|
||||
[33] = https://curl.haxx.se/bug/?i=4197
|
||||
[34] = https://curl.haxx.se/bug/?i=4198
|
||||
[35] = https://curl.haxx.se/bug/?i=3794
|
||||
[36] = https://curl.haxx.se/bug/?i=3794
|
||||
[37] = https://curl.haxx.se/bug/?i=4213
|
||||
[38] = https://curl.haxx.se/bug/?i=4216
|
||||
[39] = https://curl.haxx.se/bug/?i=4187
|
||||
[40] = https://curl.haxx.se/bug/?i=4221
|
||||
[41] = https://curl.haxx.se/bug/?i=3848
|
||||
[42] = https://curl.haxx.se/bug/?i=4223
|
||||
[43] = https://curl.haxx.se/bug/?i=4227
|
||||
[44] = https://curl.haxx.se/bug/?i=4228
|
||||
[45] = https://curl.haxx.se/bug/?i=4188
|
||||
[46] = https://curl.haxx.se/bug/?i=4258
|
||||
[47] = https://curl.haxx.se/bug/?i=4254
|
||||
[48] = https://curl.haxx.se/bug/?i=4248
|
||||
[49] = https://curl.haxx.se/bug/?i=4245
|
||||
[50] = https://curl.haxx.se/bug/?i=4244
|
||||
[51] = https://curl.haxx.se/bug/?i=4241
|
||||
[52] = https://curl.haxx.se/bug/?i=4230
|
||||
[53] = https://curl.haxx.se/bug/?i=4235
|
||||
[54] = https://curl.haxx.se/bug/?i=4273
|
||||
[55] = https://curl.haxx.se/bug/?i=4250
|
||||
[56] = https://curl.haxx.se/bug/?i=4267
|
||||
[57] = https://curl.haxx.se/bug/?i=4290
|
||||
[58] = https://curl.haxx.se/bug/?i=4289
|
||||
[59] = https://curl.haxx.se/bug/?i=4287
|
||||
[60] = https://curl.haxx.se/bug/?i=4286
|
||||
[61] = https://curl.haxx.se/bug/?i=4283
|
||||
[62] = https://curl.haxx.se/bug/?i=4279
|
||||
[63] = https://curl.haxx.se/bug/?i=4302
|
||||
[64] = https://curl.haxx.se/docs/CVE-2019-5481.html
|
||||
[65] = https://curl.haxx.se/docs/CVE-2019-5482.html
|
||||
[66] = https://curl.haxx.se/bug/?i=4307
|
||||
[67] = https://curl.haxx.se/bug/?i=4299
|
||||
[68] = https://curl.haxx.se/bug/?i=4304
|
||||
[69] = https://curl.haxx.se/bug/?i=4315
|
||||
[1] = https://curl.haxx.se/bug/?i=4272
|
||||
[2] = https://curl.haxx.se/bug/?i=4322
|
||||
[3] = https://curl.haxx.se/bug/?i=4328
|
||||
[4] = https://curl.haxx.se/bug/?i=4321
|
||||
|
||||
Loading…
Reference in New Issue
Block a user