curl and libcurl 7.65.0 Public curl releases: 181 Command line options: 221 curl_easy_setopt() options: 268 Public functions in libcurl: 80 Contributors: 1929 This release includes the following changes: o CURLOPT_DNS_USE_GLOBAL_CACHE: removed [25] o CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse [37] o pipelining: removed [10] This release includes the following bugfixes: o --config: clarify that initial : and = might need quoting [17] o AppVeyor: enable testing for WinSSL build [23] o CURLMOPT_TIMERFUNCTION.3: warn about the recursive risk [52] o CURLOPT_ADDRESS_SCOPE: fix range check and more [32] o CURLOPT_CHUNK_BGN_FUNCTION.3: document the struct and time value [51] o CURL_MAX_INPUT_LENGTH: largest acceptable string input size [44] o Curl_disconnect: treat all CONNECT_ONLY connections as "dead" [39] o INTERNALS: Add code highlighting [47] o OS400/ccsidcurl: replace use of Curl_vsetopt [50] o OpenSSL: Report -fips in version if OpenSSL is built with FIPS [55] o README.md: fix no-consecutive-blank-lines Codacy warning [22] o VC15 project: remove MinimalRebuild o VS projects: use Unicode for VC10+ [16] o WRITEFUNCTION: add missing set_in_callback around callback [60] o altsvc: Fix building with cookies disabled [38] o build-openssl.bat: lots of improvements and polish o cirrus: Customize the disabled tests per FreeBSD version o cmake: avoid linking executable for some tests with cmake 3.6+ [18] o cmake: clear CMAKE_REQUIRED_LIBRARIES after each use [19] o cmake: rename CMAKE_USE_DARWINSSL to CMAKE_USE_SECTRANSP [46] o cmake: set SSL_BACKENDS [12] o configure: avoid unportable `==' test(1) operator [1] o configure: fix default location for fish completions [13] o cookie: Guard against possible NULL ptr deref [42] o curl_easy_getinfo.3: fix minor formatting mistake o curlver.h: use parenthesis in CURL_VERSION_BITS macro [45] o docs/BUG-BOUNTY: bug bounty time [48] o documentation: Fix several typos [7] o ftplistparser: fix LGTM alert "Empty block without comment" [14] o http: Ignore HTTP/2 prior knowledge setting for HTTP proxies [54] o http: mark bundle as not for multiuse on < HTTP/2 response [41] o http_negotiate: do not treat failure of gss_init_sec_context() as fatal [53] o lib509: add missing include for strdup [22] o lib557: initialize variables [22] o makedebug: Fix ERRORLEVEL detection after running where.exe [58] o multi: improved HTTP_1_1_REQUIRED handling [2] o nss: allow fifos and character devices for certificates [56] o nss: provide more specific error messages on failed init [43] o ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4 o openssl: mark connection for close on TLS close_notify [36] o openvms: Remove pre-processor for SecureTransport [40] o openvms: Remove pre-processors for Windows [40] o polarssl_threadlock: remove conditionally unused code [22] o resolve: apply Happy Eyeballs philosophy to parallel c-ares queries [3] o sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616 o scripts: fix typos o singleipconnect: show port in the verbose "Trying ..." message o smtp: fix compiler warning [15] o socks5: user name and passwords must be shorter than 256 [8] o socks: fix error message o socksd: new SOCKS 4+5 server for tests [31] o spnego_gssapi: fix return code on gss_init_sec_context() failure [53] o ssh: define USE_SSH if SSH is enabled (any backend) [57] o test1002: correct the name o test2100: Fix typos in test description o tests/server/util: fix Windows Unicode build [21] o tests: Run global cleanup at end of tests [29] o tests: make Impacket (SMB server) Python 3 compatible [11] o tool_cb_wrt: fix bad-function-cast warning [5] o tool_help: Warn if curl and libcurl versions do not match [28] o tool_help: include for strcasecmp [4] o transfer: fix LGTM alert "Comparison is always true" [14] o travis: allow builds on branches named "ci" o travis: install dependencies only when needed [24] o travis: update some builds do Xenial [30] o travis: updated mesalink builds [35] o url: always clone the CUROPT_CURLU handle [26] o urlapi: add CURLUPART_ZONEID to set and get [59] o urlapi: stricter CURLUPART_PORT parsing [33] o urlapi: strip off zone id from numerical IPv6 addresses [49] o urlapi: urlencode characters above 0x7f correctly [9] o vauth/cleartext: update the PLAIN login to match RFC 4616 [27] o vauth/oauth2: Fix OAUTHBEARER token generation [6] o winbuild: Support MultiSSL builds [34] o xattr: skip unittest on unsupported platforms [20] This release includes the following known bugs: o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html) This release would not have looked like this without help, code, reports and advice from friends like these: Aron Bergman, Brad Spencer, cclauss on github, Dan Fandrich, Daniel Gustafsson, Daniel Stenberg, Eli Schwartz, Even Rouault, Frank Gevaerts, Gisle Vanem, Jakub Zakrzewski, Jan Ehrhardt, Jonathan Cardoso Machado, Jonathan Moerman, Kamil Dudka, Leonardo Taccari, Marcel Raad, Mert Yazıcıoğlu, niner on github, Paolo Mossino, Patrick Monnerat, Po-Chuan Hsieh, Poul T Lomholt, Ray Satiro, Reed Loden, Ricardo Gomes, Ricky Leverence, Rikard Falkeborn, Simon Warta, Steve Holme, Taiyu Len, Tim Rühsen, Tom van der Woerdt, Tseng Jun, Wyatt O'Day, XmiliaH on github, Yiming Jing, (37 contributors) Thanks! (and sorry if I forgot to mention someone) References to bug reports and discussions on issues: [1] = https://curl.haxx.se/bug/?i=3709 [2] = https://curl.haxx.se/bug/?i=3707 [3] = https://curl.haxx.se/bug/?i=3699 [4] = https://curl.haxx.se/bug/?i=3715 [5] = https://curl.haxx.se/bug/?i=3718 [6] = https://curl.haxx.se/bug/?i=2487 [7] = https://curl.haxx.se/bug/?i=3724 [8] = https://curl.haxx.se/bug/?i=3737 [9] = https://curl.haxx.se/bug/?i=3741 [10] = https://curl.haxx.se/bug/?i=3651 [11] = https://curl.haxx.se/bug/?i=3731 [12] = https://curl.haxx.se/bug/?i=3736 [13] = https://curl.haxx.se/bug/?i=3723 [14] = https://curl.haxx.se/bug/?i=3732 [15] = https://curl.haxx.se/bug/?i=3729 [16] = https://curl.haxx.se/bug/?i=3720 [17] = https://curl.haxx.se/bug/?i=3738 [18] = https://curl.haxx.se/bug/?i=3744 [19] = https://curl.haxx.se/bug/?i=3743 [20] = https://curl.haxx.se/bug/?i=3759 [21] = https://curl.haxx.se/bug/?i=3758 [22] = https://curl.haxx.se/bug/?i=3739 [23] = https://curl.haxx.se/bug/?i=3725 [24] = https://curl.haxx.se/bug/?i=3721 [25] = https://curl.haxx.se/bug/?i=3654 [26] = https://curl.haxx.se/bug/?i=3753 [27] = https://curl.haxx.se/bug/?i=3757 [28] = https://curl.haxx.se/bug/?i=3774 [29] = https://curl.haxx.se/bug/?i=3783 [30] = https://curl.haxx.se/bug/?i=3777 [31] = https://curl.haxx.se/bug/?i=3752 [32] = https://curl.haxx.se/bug/?i=3713 [33] = https://curl.haxx.se/bug/?i=3762 [34] = https://curl.haxx.se/bug/?i=3772 [35] = https://curl.haxx.se/bug/?i=3823 [36] = https://curl.haxx.se/bug/?i=3750 [37] = https://curl.haxx.se/bug/?i=3782 [38] = https://curl.haxx.se/bug/?i=3717 [39] = https://curl.haxx.se/mail/lib-2019-04/0052.html [40] = https://curl.haxx.se/bug/?i=3768 [41] = https://curl.haxx.se/bug/?i=3813 [42] = https://curl.haxx.se/bug/?i=3820 [43] = https://curl.haxx.se/bug/?i=3808 [44] = https://curl.haxx.se/bug/?i=3805 [45] = https://curl.haxx.se/bug/?i=3809 [46] = https://curl.haxx.se/bug/?i=3769 [47] = https://curl.haxx.se/bug/?i=3801 [48] = https://curl.haxx.se/bug/?i=3488 [49] = https://curl.haxx.se/bug/?i=3817 [50] = https://curl.haxx.se/bug/?i=3833 [51] = https://curl.haxx.se/bug/?i=3829 [52] = https://curl.haxx.se/bug/?i=3537 [53] = https://curl.haxx.se/bug/?i=3726 [54] = https://curl.haxx.se/bug/?i=3570 [55] = https://curl.haxx.se/bug/?i=3771 [56] = https://curl.haxx.se/bug/?i=3807 [57] = https://curl.haxx.se/bug/?i=3846 [58] = https://curl.haxx.se/bug/?i=3838 [59] = https://curl.haxx.se/bug/?i=3834 [60] = https://curl.haxx.se/bug/?i=3837