diff options
Diffstat (limited to 'RELEASE-NOTES')
-rw-r--r-- | RELEASE-NOTES | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index f482e29cd..c4b2dd8e0 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -22,10 +22,12 @@ This release includes the following changes: o url: Added smtp and pop3 hostnames to the protocol detection list o imap/pop3/smtp: Added support for enabling the SASL initial response [8] o curl -E: allow to use ':' in certificate nicknames [10] - o This release includes the following bugfixes: + o SECURITY VULNERABILITY: curl_easy_unescape() may parse data beyond the end + of the input buffer [26] + o FTP: access files in root dir correctly [1] o configure: try pthread_create without -lpthread [2] o FTP: handle a 230 welcome response [3] @@ -63,6 +65,7 @@ This release includes the following bugfixes: o lib1900: use tutil_tvnow instead of gettimeofday o curl_easy_perform: avoid busy-looping [23] o CURLOPT_COOKIELIST: take cookie share lock [24] + o multi_socket: react on socket close immediately [25] This release includes the following known bugs: @@ -78,7 +81,8 @@ advice from friends like these: Renaud Guillard, John Gardiner Myers, Jared Jennings, Eric Hu, Yamada Yasuharu, Stefan Neis, Mike Giancola, Eric S. Raymond, Andrii Moiseiev, Christian Weisgerber, Peter Gal, Aleksey Tulinov, Hang Su, Sergei Nikulov, - Miguel Angel, Nach M. S., Benjamin Gilbert + Miguel Angel, Nach M. S., Benjamin Gilbert, Erik Johansson, Timo Sirainen, + Guenter Knauf Thanks! (and sorry if I forgot to mention someone) @@ -108,3 +112,5 @@ References to bug reports and discussions on issues: [22] = http://curl.haxx.se/bug/view.cgi?id=1235 [23] = http://curl.haxx.se/bug/view.cgi?id=1238 [24] = http://curl.haxx.se/bug/view.cgi?id=1215 + [25] = http://curl.haxx.se/bug/view.cgi?id=1248 + [26] = http://curl.haxx.se/docs/adv_20130622.html |