RELEASE-NOTES: Synced with 6f89f86c3d

RELEASE-NOTES

@@ -12,6 +12,7 @@ This release includes the following changes:
  o winbuild: Added option to build with c-ares
  o Added --cert-status [9]
  o Added CURLOPT_SSL_VERIFYSTATUS [10]
+ o sasl: implement EXTERNAL authentication mechanism
 
 This release includes the following bugfixes:
 
@@ -43,6 +44,36 @@ This release includes the following bugfixes:
  o openvms: Handle openssl/0.8.9zb version parsing
  o configure: detect libresssl
  o configure: remove detection of the old yassl emulation API
+ o curl_setup: Disable SMB/CIFS support when HTTP only
+ o imap: remove automatic password setting: it breaks external sasl authentication
+ o sasl: remove XOAUTH2 from default enabled authentication mechanism
+ o runtests: identify BoringSSL and libressl
+ o security: avoid compiler warning
+ o ldap: build with BoringSSL
+ o des: Added Curl_des_set_odd_parity()
+ o CURLOPT_SEEKFUNCTION.3: also when server closes a connection
+ o CURLOPT_HTTP_VERSION.3: CURL_HTTP_VERSION_2_0 added in 7.33.0
+ o build: Removed unused Visual Studio bscmake settings
+ o build: Enabled DEBUGBUILD in Visual Studio debug builds
+ o build: Renamed top level Visual Studio solution files
+ o build: Removed Visual Studio SuppressStartupBanner directive for VC8+
+ o libcurl-symbols: first basic shot for autogenerated docs
+ o Makefile.am: fix 'make distcheck'
+ o getpass_r: read from stdin, not stdout! [12]
+ o getpass: protect include with proper #ifdef
+ o opts: CURLOPT_CAINFO availability depends on SSL engine
+ o more cleanup of 'CURLcode result' return code 
+ o MD4: replace implementation
+ o MD5: replace implementation
+ o openssl: SSL_SESSION->ssl_version no longer exist [13]
+ o md5: use axTLS's own MD5 functions when available
+ o schannel: Removed curl_ prefix from source files
+ o curl.1: add warning when using -H and redirects
+ o curl.1: clarify that -X is used for all requests
+ o gskit: Fix exclusive SSLv3 option
+ o polarssl: Fix exclusive SSL protocol version options [14]
+ o http2: Fix bug that associated stream canceled on PUSH_PROMISE
+ o ftp: accept all 2xx responses to the PORT command
  o 
 
 This release includes the following known bugs:
@@ -52,10 +83,13 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Alessandro Ghedini, Chris Young, Daniel Stenberg, Guenter Knauf,
-  Jean-Francois Durand, Joe Mason, John E. Malmberg, Kyle J. McKay, Leith Bade,
-  Marc Hoersken, Mohammad AlSaleh, Patrick Monnerat, Sam Schanken, Steve Holme,
-  Thomas Klausner, Viktor Szakats, Vojtěch Král, Yun SangHo
+  Alessandro Ghedini, Alexander Peslyak, Brad Spencer, Chris Young,
+  Dan Fandrich, Daniel Stenberg, Gisle Vanem, Guenter Knauf, Jay Satiro,
+  Jean-Francois Durand, Joe Mason, John E. Malmberg, Jon Seymour,
+  Kyle J. McKay, Leith Bade, Marc Hoersken, Michael Kaufmann, Michael Wallner,
+  Mohammad AlSaleh, Patrick Monnerat, Sam Schanken, Steve Holme, Tamir,
+  Tatsuhiro Tsujikawa, Thomas Klausner, Viktor Szakats, Vojtěch Král,
+  Yun SangHo
 
         Thanks! (and sorry if I forgot to mention someone)
 
@@ -72,4 +106,7 @@ References to bug reports and discussions on issues:
  [9] = http://curl.haxx.se/docs/manpage.html#--cert-status
  [10] = http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYSTATUS.html
  [11] = http://curl.haxx.se/bug/view.cgi?id=1471
+ [12] = http://curl.haxx.se/bug/view.cgi?id=1476
+ [13] = http://curl.haxx.se/mail/lib-2015-02/0034.html
+ [14] = http://curl.haxx.se/mail/lib-2015-01/0002.html