mirror of
https://github.com/curl/curl.git
synced 2024-11-27 05:50:21 +08:00
220 lines
10 KiB
Plaintext
220 lines
10 KiB
Plaintext
Curl and libcurl 7.54.1
|
|
|
|
Public curl releases: 166
|
|
Command line options: 207
|
|
curl_easy_setopt() options: 245
|
|
Public functions in libcurl: 61
|
|
Contributors: 1571
|
|
|
|
This release includes the following changes:
|
|
|
|
o curl: show the libcurl release date in --version output [32]
|
|
|
|
This release includes the following bugfixes:
|
|
|
|
o CVE-2017-9502: file: URL buffer overflow [65]
|
|
o openssl: fix memory leak in servercert
|
|
o tests: remove the html and PDF versions from the tarball
|
|
o mbedtls: enable NTLM (& SMB) even if MD4 support is unavailable
|
|
o typecheck-gcc: handle function pointers properly [1]
|
|
o llist: no longer uses malloc [2]
|
|
o gnutls: removed some code when --disable-verbose is configured
|
|
o lib: fix maybe-uninitialized warnings
|
|
o multi: clarify condition in curl_multi_wait [3]
|
|
o schannel: Don't treat encrypted partial record as pending data [4]
|
|
o configure: fix the -ldl check for openssl, add -lpthread check [5]
|
|
o configure: accept -Og and -Ofast GCC flags [6]
|
|
o Makefile: avoid use of GNU-specific form of $< [7]
|
|
o if2ip: fix -Wcast-align warning
|
|
o configure: stop prepending to LDFLAGS, CPPFLAGS [8]
|
|
o curl: set a 100K buffer size by default [9]
|
|
o typecheck-gcc: fix _curl_is_slist_info [10]
|
|
o nss: do not leak PKCS #11 slot while loading a key [11]
|
|
o nss: load libnssckbi.so if no other trust is specified [12]
|
|
o examples: ftpuploadfrommem.c [13]
|
|
o url: declare get_protocol_family() static [14]
|
|
o examples/cookie_interface.c: changed to example.com
|
|
o test1443: test --remote-time
|
|
o curl: use utimes instead of obsolescent utime when available
|
|
o url: fixed a memory leak on OOM while setting CURLOPT_BUFFERSIZE
|
|
o curl_rtmp: fix missing-variable-declarations warnings
|
|
o tests: fixed OOM handling of unit tests to abort test
|
|
o curl_setup: Ensure no more than one IDN lib is enabled [15]
|
|
o tool: Fix missing prototype warnings for CURL_DOES_CONVERSIONS [16]
|
|
o CURLOPT_BUFFERSIZE: 1024 bytes is now the minimum size [17]
|
|
o curl: non-boolean command line args reject --no- prefixes [18]
|
|
o telnet: Write full buffer instead of byte-by-byte [19]
|
|
o typecheck-gcc: add missing string options [20]
|
|
o typecheck-gcc: add support for CURLINFO_SOCKET [21]
|
|
o opt man pages: they all have examples now
|
|
o curl_setup_once: use SEND_QUAL_ARG2 for swrite [22]
|
|
o test557: set a known good numeric locale
|
|
o schannel: return a more specific error code for SEC_E_UNTRUSTED_ROOT
|
|
o tests/server: make string literals const
|
|
o runtests: use -R for random order [23]
|
|
o unit1305: fix compiler warning
|
|
o curl_slist_append.3: clarify a NULL input creates a new list
|
|
o tests/server: run checksrc by default in debug-builds
|
|
o tests: fix -Wcast-qual warnings
|
|
o runtests.pl: simplify the datacheck read section
|
|
o curl: remove --environment and tool_writeenv.c [24]
|
|
o buildconf: fix hang on IRIX [25]
|
|
o tftp: silence bad-function-cast warning
|
|
o asyn-thread: fix unused macro warnings
|
|
o tool_parsecfg: fix -Wcast-qual warning
|
|
o sendrecv: fix MinGW-w64 warning
|
|
o test537: use correct variable type [26]
|
|
o rand: treat fake entropy the same regardless of endianness [27]
|
|
o curl: generate the --help output [28]
|
|
o tests: removed redundant --trace-ascii arguments
|
|
o multi: assign IDs to all timers and make each timer singleton
|
|
o multi: use a fixed array of timers instead of malloc [29]
|
|
o mbedtls: Support server renegotiation request [30]
|
|
o pipeline: fix mistakenly trying to pipeline POSTs [31]
|
|
o lib510: don't write past the end of the buffer if it's too small
|
|
o CURLOPT_HTTPPROXYTUNNEL.3: clarify, add example
|
|
o SecureTransport/DarwinSSL: Implement public key pinning [33]
|
|
o curl.1: clarify --config
|
|
o curl_sasl: fix build error with CURL_DISABLE_CRYPTO_AUTH + USE_NTLM [34]
|
|
o darwinssl: Fix exception when processing a client-side certificate [35]
|
|
o curl.1: mention --oauth2-bearer's <token> argument
|
|
o mkhelp.pl: do not add current time into curl binary [36]
|
|
o asiohiper.cpp / evhiperfifo.c: deal with negative timerfunction input [37]
|
|
o ssh: fix memory leak in disconnect due to timeout [38]
|
|
o tests: stabilize test 1034 [39]
|
|
o cmake: auto detection of CURL_CA_BUNDLE/CURL_CA_PATH [40]
|
|
o assert: avoid, use DEBUGASSERT instead [41]
|
|
o LDAP: using ldap_bind_s on Windows with methods [42]
|
|
o redirect: store the "would redirect to" URL when max redirs is reached [43]
|
|
o winbuild: fix the nghttp2 build [44]
|
|
o examples: fix -Wimplicit-fallthrough warnings
|
|
o time: fix type conversions and compiler warnings [45]
|
|
o mbedtls: fix variable shadow warning
|
|
o test557: fix ubsan runtime error due to int left shift [46]
|
|
o transfer: init the infilesize from the postfields [47]
|
|
o docs: clarify NO_PROXY further [48]
|
|
o build-wolfssl: Sync config with wolfSSL 3.11
|
|
o curl-compilers.m4: enable -Wshift-sign-overflow for clang [49]
|
|
o example/externalsocket.c: make it use CLOSESOCKETFUNCTION too
|
|
o lib574.c: use correct callback proto
|
|
o lib583: fix compiler warning
|
|
o curl-compilers.m4: fix compiler_num for clang [50]
|
|
o typecheck-gcc.h: separate getinfo slist checks from other pointers [51]
|
|
o typecheck-gcc.h: check CURLINFO_TLS_SSL_PTR and CURLINFO_TLS_SESSION
|
|
o typecheck-gcc.h: check CURLINFO_CERTINFO [52]
|
|
o build: provide easy code coverage measuring [53]
|
|
o test1537: dedicated tests of the URL (un)escape API calls [54]
|
|
o curl_endian: remove unused functions [55]
|
|
o test1538: verify the libcurl strerror API calls
|
|
o MD(4|5): silence cast-align clang warning
|
|
o dedotdot: fixed output for ".." and "." only input [56]
|
|
o cyassl: define build macros before including ssl.h [57]
|
|
o updatemanpages.pl: error out on too old git version
|
|
o curl_sasl: fix unused-variable warning
|
|
o x509asn1: fix implicit-fallthrough warning with GCC 7
|
|
o libtest: fix implicit-fallthrough warnings with GCC 7
|
|
o BINDINGS: add Ring binding [58]
|
|
o curl_ntlm_core: pass unsigned char to toupper
|
|
o test1262: verify ftp download with -z for "if older than this"
|
|
o test1521: test all curl_easy_setopt options [59]
|
|
o typecheck-gcc: allow CURLOPT_STDERR to be NULL too
|
|
o metalink: remove unused printf() argument
|
|
o file: make speedcheck use current time for checks [60]
|
|
o configure: fix link with librtmp when specifying path [61]
|
|
o examples/multi-uv.c: fix deprecated symbol [62]
|
|
o cmake: Fix inconsistency regarding mbed TLS include directory [63]
|
|
o setopt: check CURLOPT_ADDRESS_SCOPE option range
|
|
o gitignore: ignore all vim swap files [64]
|
|
o urlglob: fix division by zero
|
|
o libressl: OCSP and intermediate certs workaround no longer needed [66]
|
|
|
|
This release includes the following known bugs:
|
|
|
|
o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)
|
|
|
|
This release would not have looked like this without help, code, reports and
|
|
advice from friends like these:
|
|
|
|
Akhil Kedia, Alan Jenkins, Anatol Belski, Bernhard M. Wiedemann,
|
|
Brian Childs, canavan at github, Chris Carlmar, Dan Fandrich,
|
|
Daniel Stenberg, Edward Thomson, Gisle Vanem, GwanYeong Kim,
|
|
Helmut K. C. Tessarek, Joel Depooter, jonrumsey at github, Kai Engert,
|
|
Kamil Dudka, Kevin Ji, Lloyd Fournier, Mahmoud Samir Fayed, Marcel Raad,
|
|
Martin Kepplinger, Max Dymond, Michael Kaufmann, Nick Zitzmann, Paul Harris,
|
|
Phil Crump, Piotr Dobrogost, Ray Satiro, Richard Hsu, Ron Eldor,
|
|
Ryuichi KAWAMATA, Sergei Nikulov, Simon Warta, stootill at github,
|
|
Stuart Henderson, TheAssassin at github, Thomas Klausner, Travis Burtrum,
|
|
Vincas Razma, wyattoday at github,
|
|
(41 contributors)
|
|
|
|
Thanks! (and sorry if I forgot to mention someone)
|
|
|
|
References to bug reports and discussions on issues:
|
|
|
|
[1] = https://curl.haxx.se/bug/?i=1403
|
|
[2] = https://curl.haxx.se/bug/?i=1435
|
|
[3] = https://curl.haxx.se/bug/?i=1439
|
|
[4] = https://curl.haxx.se/bug/?i=1392
|
|
[5] = https://curl.haxx.se/bug/?i=1427
|
|
[6] = https://curl.haxx.se/bug/?i=1440
|
|
[7] = https://curl.haxx.se/bug/?i=1432
|
|
[8] = https://curl.haxx.se/bug/?i=1420
|
|
[9] = https://curl.haxx.se/bug/?i=1446
|
|
[10] = https://curl.haxx.se/bug/?i=1447
|
|
[11] = https://bugzilla.redhat.com/1444860
|
|
[12] = https://curl.haxx.se/bug/?i=1414
|
|
[13] = https://curl.haxx.se/bug/?i=1451
|
|
[14] = https://curl.haxx.se/mail/lib-2017-04/0127.html
|
|
[15] = https://github.com/curl/curl/issues/1441#issuecomment-297689856
|
|
[16] = https://curl.haxx.se/bug/?i=1460
|
|
[17] = https://curl.haxx.se/bug/?i=1449
|
|
[18] = https://curl.haxx.se/bug/?i=1453
|
|
[19] = https://curl.haxx.se/bug/?i=1389
|
|
[20] = https://curl.haxx.se/bug/?i=1452
|
|
[21] = https://curl.haxx.se/bug/?i=1452
|
|
[22] = https://curl.haxx.se/bug/?i=1464
|
|
[23] = https://curl.haxx.se/bug/?i=1466
|
|
[24] = https://curl.haxx.se/bug/?i=1463
|
|
[25] = https://curl.haxx.se/bug/?i=1471
|
|
[26] = https://curl.haxx.se/bug/?i=1469
|
|
[27] = https://curl.haxx.se/bug/?i=1315
|
|
[28] = https://curl.haxx.se/bug/?i=1465
|
|
[29] = https://curl.haxx.se/bug/?i=1472
|
|
[30] = https://curl.haxx.se/bug/?i=1475
|
|
[31] = https://curl.haxx.se/bug/?i=1481
|
|
[32] = https://curl.haxx.se/bug/?i=1474
|
|
[33] = https://curl.haxx.se/bug/?i=1400
|
|
[34] = https://curl.haxx.se/bug/?i=1487
|
|
[35] = https://curl.haxx.se/bug/?i=1450
|
|
[36] = https://curl.haxx.se/bug/?i=1490
|
|
[37] = https://curl.haxx.se/bug/?i=1253
|
|
[38] = https://curl.haxx.se/bug/?i=1479
|
|
[39] = https://curl.haxx.se/bug/?i=1488
|
|
[40] = https://curl.haxx.se/bug/?i=1461
|
|
[41] = https://curl.haxx.se/bug/?i=1504
|
|
[42] = https://curl.haxx.se/bug/?i=878
|
|
[43] = https://curl.haxx.se/bug/?i=1489
|
|
[44] = https://curl.haxx.se/bug/?i=1321
|
|
[45] = https://curl.haxx.se/bug/?i=1499
|
|
[46] = https://curl.haxx.se/bug/?i=1516
|
|
[47] = https://curl.haxx.se/bug/?i=1294
|
|
[48] = https://curl.haxx.se/bug/?i=1208
|
|
[49] = https://curl.haxx.se/bug/?i=1516
|
|
[50] = https://curl.haxx.se/bug/?i=1522
|
|
[51] = https://curl.haxx.se/bug/?i=1524
|
|
[52] = https://curl.haxx.se/bug/?i=846
|
|
[53] = https://curl.haxx.se/bug/?i=1528
|
|
[54] = https://curl.haxx.se/bug/?i=1530
|
|
[55] = https://curl.haxx.se/bug/?i=1529
|
|
[56] = https://curl.haxx.se/bug/?i=1532
|
|
[57] = https://curl.haxx.se/bug/?i=1536
|
|
[58] = https://curl.haxx.se/bug/?i=1539
|
|
[59] = https://curl.haxx.se/bug/?i=1543
|
|
[60] = https://curl.haxx.se/bug/?i=1550
|
|
[61] = https://curl.haxx.se/mail/lib-2017-06/0017.html
|
|
[62] = https://curl.haxx.se/bug/?i=1557
|
|
[63] = https://curl.haxx.se/bug/?i=1541
|
|
[64] = https://curl.haxx.se/bug/?i=1561
|
|
[65] = https://curl.haxx.se/docs/adv_20170614.html
|
|
[66] = https://curl.haxx.se/mail/lib-2017-06/0038.html
|