curl/RELEASE-NOTES
Kamil Dudka 584d0121c3 tool_urlglob: fix off-by-one error in glob_parse()
... causing SIGSEGV while parsing URL with too many globs.
Minimal example:

$ curl $(for i in $(seq 101); do printf '{a}'; done)

Reported-by: Romain Coltel
Bug: https://bugzilla.redhat.com/1340757
2016-06-03 13:07:22 +02:00

48 lines
1.6 KiB
Plaintext

Curl and libcurl 7.50.0
Public curl releases: 156
Command line options: 185
curl_easy_setopt() options: 224
Public functions in libcurl: 61
Contributors: 1404
This release includes the following changes:
o http: add CURLINFO_HTTP_VERSION and %{http_version} [3]
This release includes the following bugfixes:
o memdebug: fix MSVC crash with -DMEMDEBUG_LOG_SYNC [1]
o openssl: fix build with OPENSSL_NO_COMP [2]
o mbedtls: removed unused variables [4]
o cmake: Added missing mbedTLS support [5]
o URL parser: allow URLs to use one, two or three slashes [6]
o curl: fix -q [regression] [7]
o openssl: Use correct buffer sizes for error messages [8]
o curl: fix SIGSEGV while parsing URL with too many globs [9]
This release includes the following known bugs:
o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
Daniel Stenberg, Frank Gevaerts, Gisle Vanem, Marcel Raad, Michael Kaufmann,
Renaud Lehoux, vanillajonathan on github
(7 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
[1] = https://curl.haxx.se/bug/?i=828
[2] = https://curl.haxx.se/bug/?i=836
[3] = https://curl.haxx.se/bug/?i=799
[4] = https://curl.haxx.se/bug/?i=838
[5] = https://curl.haxx.se/bug/?i=837
[6] = https://curl.haxx.se/bug/?i=791
[7] = https://curl.haxx.se/bug/?i=842
[8] = https://curl.haxx.se/bug/?i=844
[9] = https://bugzilla.redhat.com/1340757