From 38e07886ed2792988217a2ffa482ce3a69ca92c2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 16 Jun 2015 09:36:46 +0200 Subject: RELEASE-NOTES: 7.43.0 release --- RELEASE-NOTES | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 3ef2cb0d3..82f0348ac 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -2,9 +2,9 @@ Curl and libcurl 7.43.0 Public curl releases: 147 Command line options: 176 - curl_easy_setopt() options: 218 + curl_easy_setopt() options: 219 Public functions in libcurl: 58 - Contributors: 1265 + Contributors: 1291 This release includes the following changes: @@ -22,6 +22,8 @@ This release includes the following changes: This release includes the following bugfixes: + o CVE-2015-3236: lingering HTTP credentials in connection re-use [30] + o CVE-2015-3237: SMB send off unrelated memory contents [31] o nss: fix compilation failure with old versions of NSS [1] o curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION o schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error @@ -84,6 +86,7 @@ This release includes the following bugfixes: o security:choose_mech remove dead code o rtsp_do: remove dead code o docs: many HTTP URIs changed to HTTPS + o schannel: schannel_recv overhaul [32] This release includes the following known bugs: @@ -97,11 +100,12 @@ advice from friends like these: Dagobert Michelsen, Dan Fandrich, Daniel Melani, Daniel Stenberg, Dmitry Eremin-Solenikov, Drake Arconis, Egon Eckert, Frank Meier, Fred Stluka, Gisle Vanem, Grant Pannell, Isaac Boukris, Jens Rantil, Joel Depooter, - Kamil Dudka, Linus Nielsen, Liviu Chircu, Marc Hoersken, Michael Osipov, - Oren Souroujon, Orgad Shaneh, Patrick Monnerat, Patrick Rapin, Paul Howarth, - Rafayel Mkrtchyan, Ray Satiro, Sean Boudreau, Tatsuhiro Tsujikawa, - Viktor Szakáts, Ville Skyttä, Yehezkel Horowitz, - (40 contributors) + Kamil Dudka, Linus Nielsen Feltzing, Linus Nielsen Feltzing Feltzing, + Liviu Chircu, Marc Hoersken, Michael Osipov, Oren Souroujon, Orgad Shaneh, + Patrick Monnerat, Patrick Rapin, Paul Howarth, Paul Oliver, Rafayel Mkrtchyan, + Ray Satiro, Sean Boudreau, Tatsuhiro Tsujikawa, Tomas Tomecek, Viktor Szakáts, + Ville Skyttä, Yehezkel Horowitz, + (43 contributors) Thanks! (and sorry if I forgot to mention someone) @@ -136,3 +140,6 @@ References to bug reports and discussions on issues: [27] = https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest [28] = http://curl.haxx.se/mail/lib-2015-06/0047.html [29] = http://curl.haxx.se/mail/lib-2015-06/0019.html + [30] = http://curl.haxx.se/docs/adv_20150617A.html + [31] = http://curl.haxx.se/docs/adv_20150617B.html + [32] = https://github.com/bagder/curl/issues/244 -- cgit v1.2.3