curl/RELEASE-NOTES
Kamil Dudka 68d2830ee9 nss: prevent NSS from crashing on client auth hook failure
Although it is not explicitly stated in the documentation, NSS uses
*pRetCert and *pRetKey even if the client authentication hook returns
a failure.  Namely, if we destroy *pRetCert without clearing *pRetCert
afterwards, NSS destroys the certificate once again, which causes a
double free.

Reported by: Bob Relyea
2012-12-03 13:34:36 +01:00

32 lines
739 B
Plaintext

Curl and libcurl 7.28.2
Public curl releases: 131
Command line options: 152
curl_easy_setopt() options: 199
Public functions in libcurl: 58
Known libcurl bindings: 39
Contributors: 993
This release includes the following changes:
o
This release includes the following bugfixes:
o nss: prevent NSS from crashing on client auth hook failure
This release includes the following known bugs:
o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues: