aboutsummaryrefslogtreecommitdiff
path: root/RELEASE-NOTES
diff options
context:
space:
mode:
Diffstat (limited to 'RELEASE-NOTES')
-rw-r--r--RELEASE-NOTES18
1 files changed, 12 insertions, 6 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 9908e9f34..1d38efa6f 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,7 +4,7 @@ Curl and libcurl 7.38.0
Command line options: 162
curl_easy_setopt() options: 208
Public functions in libcurl: 58
- Contributors: 1210
+ Contributors: 1216
This release includes the following changes:
@@ -23,6 +23,9 @@ This release includes the following changes:
This release includes the following bugfixes:
+ o CVE-2014-3613: cookie leak with IP address as domain [25]
+ o CVE-2014-3620: cookie leak for TLDs [26]
+
o fix a build failure on Debian when NSS support is enabled [1]
o HTTP/2: fixed compiler warnings when built disabled [2]
o cyassl: return the correct error code on no CA cert
@@ -95,11 +98,12 @@ advice from friends like these:
Alessandro Ghedini, Andre Heinecke, Anthon Pang, Askar Safin, Brandon Casey,
Catalin Patulea, Dan Fandrich, Daniel Stenberg, Dave Reisner, David Meyer,
David Shaw, David Woodhouse, Dimitrios Siganos, Ed Morley, Fabian Keil,
- Florian Weimer, Frank Meier, Haris Okanovic, Jakub Zakrzewski, Jan Ehrhardt,
- John Coffey, Jonatan Vela, Jose Alf, Kamil Dudka, Leonardo Rosati,
- Marcel Raad, Michael Osipov, Michael Wallner, Paras S, Patrick Monnerat,
- Paul Saab, Peter Wang, Rafaël Carré, Sergey Nikulov, Spork Schivago,
- Steve Holme, Tatsuhiro Tsujikawa, Toby Peterson, Vilmos Nebehaj,
+ Florian Weimer, Frank Gevaerts, Frank Meier, Haris Okanovic, Jakub Zakrzewski,
+ Jan Ehrhardt, John Coffey, Jonatan Vela, Jose Alf, Kamil Dudka,
+ Leonardo Rosati, Marcel Raad, Michael Osipov, Michael Wallner, Paras S,
+ Patrick Monnerat, Paul Saab, Peter Wang, Rafaël Carré, Sergey Nikulov,
+ Spork Schivago, Steve Holme, Tatsuhiro Tsujikawa, Tim Ruehsen, Toby Peterson,
+ Vilmos Nebehaj,
Thanks! (and sorry if I forgot to mention someone)
@@ -129,3 +133,5 @@ References to bug reports and discussions on issues:
[22] = http://curl.haxx.se/mail/lib-2014-06/0235.html
[23] = http://curl.haxx.se/bug/view.cgi?id=1419
[24] = http://curl.haxx.se/mail/lib-2014-07/0206.html
+ [25] = http://curl.haxx.se/docs/adv_20140910A.html
+ [26] = http://curl.haxx.se/docs/adv_20140910B.html