diff options
-rw-r--r-- | RELEASE-NOTES | 74 |
1 files changed, 58 insertions, 16 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 73eb12c1d..7a1211271 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,10 +1,10 @@ curl and libcurl 7.68.0 - Public curl releases: 187 + Public curl releases: 188 Command line options: 229 curl_easy_setopt() options: 269 Public functions in libcurl: 82 - Contributors: 2056 + Contributors: 2088 This release includes the following changes: @@ -17,10 +17,13 @@ This release includes the following changes: This release includes the following bugfixes: + o CVE-2019-15601: file: on Windows, refuse paths that start with \\ [106] o Azure Pipelines: add several builds o CMake: add support for building with the NSS vtls backend [43] o CURL-DISABLE: initial docs for the CURL_DISABLE_* defines [19] + o CURLOPT_HEADERFUNCTION.3: Document that size is always 1 [100] o CURLOPT_QUOTE.3: fix typos [78] + o CURLOPT_READFUNCTION.3: fix the example [107] o CURLOPT_URL.3: "curl supports SMB version 1 (only)" o CURLOPT_VERBOSE.3: see also ERRORBUFFER o HISTORY: added cmake, HTTP/3 and parallel downloads with curl @@ -30,6 +33,7 @@ This release includes the following bugfixes: o KNOWN_BUGS: LDAP on Windows doesn't work correctly [86] o KNOWN_BUGS: TLS session cache doesn't work with TFO [56] o OPENSOCKETFUNCTION.3: correct the purpose description [48] + o TrackMemory tests: always remove CR before LF [111] o altsvc: bump to h3-24 [6] o altsvc: make the save function ignore NULL filenames [67] o build: Disable Visual Studio warning "conditional expression is constant" [49] @@ -46,29 +50,42 @@ This release includes the following bugfixes: o conncache: fix multi-thread use of shared connection cache [61] o copyrights: fix copyright year range [25] o create_conn: prefer multiplexing to using new connections [76] + o curl -w: handle a blank input file correctly [105] o curl.h: add two missing defines for "pre ISO C" compilers [75] o curl/parseconfig: fix mem-leak [81] o curl/parseconfig: use curl_free() to free memory allocated by libcurl [80] + o curl: cleanup multi handle on failure [103] o curl: fix --upload-file . hangs if delay in STDIN [35] o curl: fix -T globbing [16] o curl: improved cleanup in upload error path [69] + o curl: make a few char pointers point to const char instead [95] + o curl: properly free mimepost data [104] o curl: show better error message when no homedir is found [47] + o curl: show error for --http3 if libcurl lacks support [108] o curl_setup_once: consistently use WHILE_FALSE in macros [54] o define: remove HAVE_ENGINE_LOAD_BUILTIN_ENGINES, not used anymore [83] o docs: Change 'experiemental' to 'experimental' [30] o docs: TLS SRP doesn't work with TLS 1.3 [87] o docs: fix several typos [62] + o docs: mention CURL_MAX_INPUT_LENGTH restrictions [109] o doh: improved both encoding and decoding [11] o doh: make it behave when built without proxy support [68] + o examples/postinmemory.c: Call curl_global_cleanup always [101] + o examples/url2file.c: corrected erroneous comment [102] o examples: add multi-poll.c [14] o global_init: undo the "intialized" bump in case of failure [52] o hostip: suppress compiler warning [64] o http_ntlm: Remove duplicate NSS initialisation [55] o lib: Move lib/ssh.h -> lib/vssh/ssh.h [9] + o lib: fix compiler warnings with `CURL_DISABLE_VERBOSE_STRINGS` [93] + o lib: fix warnings found when porting to NuttX [99] o lib: remove ASSIGNWITHINCONDITION exceptions, use our code style [84] + o lib: remove erroneous +x file permission on some c files [99] o libssh2: add support for ECDSA and ed25519 knownhost keys [89] + o multi.h: remove INITIAL_MAX_CONCURRENT_STREAMS from public header [110] o multi: free sockhash on OOM [63] o multi_poll: avoid busy-loop when called without easy handles attached [15] + o ngtcp2: Support the latest update key callback type [92] o ngtcp2: fix thread-safety bug in error-handling [33] o ngtcp2: free used resources on disconnect [7] o ngtcp2: handle key updates as ngtcp2 master branch tells us [8] @@ -107,6 +124,8 @@ This release includes the following bugfixes: o tests/unit1607: fix mem-leak in OOM [66] o tests/unit1609: fix mem-leak in OOM [66] o tests/unit1620: fix bad free in OOM [66] + o tests: Change NTLM tests to require SSL [96] + o tests: Fix bounce requests with truncated writes [94] o tests: fix build with `CURL_DISABLE_DOH` [64] o tests: fix permissions of ssh keys in WSL [58] o tests: make it possible to set executable extensions [58] @@ -114,13 +133,14 @@ This release includes the following bugfixes: o tests: set LC_ALL=en_US.UTF-8 instead of blank in several tests [74] o tests: use DoH feature for DoH tests [64] o tests: use \r\n for log messages in WSL [58] + o tool_operate: fix mem leak when failed config parse [98] + o travis: Fix error detection [97] o travis: abandon coveralls, it is not reliable [57] o travis: build ngtcp2 with --enable-lib-only [32] o travis: export the CC/CXX variables when set [34] o vtls: make BearSSL possible to set with CURL_SSL_BACKEND [72] o winbuild: Define CARES_STATICLIB when WITH_CARES=static [59] o winbuild: Document CURL_STATICLIB requirement for static libcurl [88] - o ngtcp2: Support the latest update key callback type [92] This release includes the following known bugs: @@ -130,20 +150,23 @@ This release would not have looked like this without help, code, reports and advice from friends like these: 3dyd on github, Anderson Sasaki, Andreas Falkenhahn, Andrew Ishchuk, - bdry on github, Bjoern Franke, bxac on github, Bylon2 on github, - Christian Schmitz, Christopher Reid, Christoph M. Becker, Cynthia Coan, - Dan Fandrich, Daniel Gustafsson, Daniel Stenberg, David Benjamin, - Gergely Nagy, Gisle Vanem, JanB on github, Javier Blazquez, Jeff Mears, - Jeffrey Walton, John Schroeder, Kamil Dudka, Kunal Ekawde, Leonardo Taccari, - Marcel Raad, Marc Hörsken, Maros Priputen, Massimiliano Fantuzzi, - Max Kellermann, Melissa Mears, Michael Forney, Michael Vittiglio, - Mohammad Hasbini, Niall O'Reilly, Paul Groke, Paul Hoffman, - Paulo Roberto Tomasi, Pavel Löbl, Pavel Pavlov, Peter Wu, Ram Krushna Mishra, - Ray Satiro, Richard Alcock, Richard Bowker, Santino Keupp, sayrer on github, - Shailesh Kapse, SLDiggie on github, Steve Holme, Tatsuhiro Tsujikawa, + bdry on github, Bjoern Franke, Brian Carpenter, bxac on github, + Bylon2 on github, Christian Schmitz, Christopher Head, Christopher Reid, + Christoph M. Becker, Cynthia Coan, Dan Fandrich, Daniel Gustafsson, + Daniel Stenberg, David Benjamin, Emil Engler, Fernando Muñoz, Frank Gevaerts, + Geeknik Labs, Gergely Nagy, Gisle Vanem, JanB on github, Javier Blazquez, + Jeff Mears, Jeffrey Walton, John Schroeder, Kamil Dudka, + kouzhudong on github, Kunal Ekawde, Leonardo Taccari, Marc Aldorasi, + Marcel Raad, marc-groundctl on github, Marc Hörsken, Maros Priputen, + Massimiliano Fantuzzi, Max Kellermann, Melissa Mears, Michael Forney, + Michael Vittiglio, Mohammad Hasbini, Niall O'Reilly, Paul Groke, + Paul Hoffman, Paul Joyce, Paulo Roberto Tomasi, Pavel Löbl, Pavel Pavlov, + Peter Wu, Ram Krushna Mishra, Ray Satiro, Richard Alcock, Richard Bowker, + Rickard Hallerbäck, Santino Keupp, sayrer on github, Shailesh Kapse, + Simon Warta, SLDiggie on github, Steve Holme, Tatsuhiro Tsujikawa, Tom van der Woerdt, Victor Magierski, Vlastimil Ovčáčík, Wyatt O'Day, - Xiaoyin Liu, - (57 contributors) + Xiang Xiao, Xiaoyin Liu, + (70 contributors) Thanks! (and sorry if I forgot to mention someone) @@ -241,3 +264,22 @@ References to bug reports and discussions on issues: [90] = https://curl.haxx.se/bug/?i=4720 [91] = https://curl.haxx.se/bug/?i=4715 [92] = https://curl.haxx.se/bug/?i=4735 + [93] = https://curl.haxx.se/bug/?i=4775 + [94] = https://github.com/curl/curl/pull/4717#issuecomment-570240785 + [95] = https://curl.haxx.se/bug/?i=4771 + [96] = https://curl.haxx.se/bug/?i=4768 + [97] = https://curl.haxx.se/bug/?i=3730 + [98] = https://curl.haxx.se/bug/?i=4767 + [99] = https://curl.haxx.se/bug/?i=4756 + [100] = https://curl.haxx.se/bug/?i=4758 + [101] = https://curl.haxx.se/bug/?i=4751 + [102] = https://curl.haxx.se/bug/?i=4745 + [103] = https://curl.haxx.se/bug/?i=4772 + [104] = https://curl.haxx.se/bug/?i=4781 + [105] = https://curl.haxx.se/bug/?i=4786 + [106] = https://curl.haxx.se/docs/CVE-2019-15601.html + [107] = https://curl.haxx.se/bug/?i=4787 + [108] = https://curl.haxx.se/bug/?i=4785 + [109] = https://curl.haxx.se/bug/?i=4783 + [110] = https://curl.haxx.se/bug/?i=4790 + [111] = https://curl.haxx.se/bug/?i=4788 |