diff options
author | Daniel Stenberg <daniel@haxx.se> | 2010-02-09 10:06:48 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2010-02-09 10:06:48 +0000 |
commit | f2f07dad3451d1f63b56d3de0b43160c39d275d7 (patch) | |
tree | 13b975f3b5b67ca50f11da1863bda3e85b82d480 | |
parent | 06ae8ca5a6e452e5cb555c1a511a9df8dec6657c (diff) |
spell and 7.20.0
-rw-r--r-- | CHANGES | 13 |
1 files changed, 7 insertions, 6 deletions
@@ -6,13 +6,14 @@ Changelog +Version 7.20.0 (9 February 2010) + Daniel Stenberg (9 Feb 2010) -- When downloading compressed content over HTTP and the app as asked libcurl - to automatically uncompress it with the CURLOPT_ENCODING option, libcurl - could wrongly provide the callback with more data than what the maximum - documented amount. An application could thus get tricked into badness if the - maximum limit was trusted to be enforced by libcurl itself (as it is - documented). +- When downloading compressed content over HTTP and the app asked libcurl to + automatically uncompress it with the CURLOPT_ENCODING option, libcurl could + wrongly provide the callback with more data than the maximum documented + amount. An application could thus get tricked into badness if the maximum + limit was trusted to be enforced by libcurl itself (as it is documented). This is further detailed and explained in the libcurl security advisory 20100209 at |