aboutsummaryrefslogtreecommitdiff
path: root/RELEASE-NOTES
blob: 66abd7d86d9b796801c7ae31c2eb987d6eed915c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
Curl and libcurl 7.30.0

 Public curl releases:         132
 Command line options:         152
 curl_easy_setopt() options:   199
 Public functions in libcurl:  58
 Known libcurl bindings:       42
 Contributors:                 1005

***
  krb4 support is up for removal. If you care about it at all, speak up
  on the curl-library list asap!
***

This release includes the following changes:

 o imap: Changed response tag generation to be completely unique
 o imap: Added support for SASL-IR extension
 o imap: Added support for the list command
 o imap: Added support for the append command
 o imap: Added custom request parsing
 o imap: Added support to the fetch command for UID and SECTION properties
 o imap: Added parsing and verification of the UIDVALIDITY mailbox attribute
 o darwinssl: Make certificate errors less techy
 o imap/pop3/smtp: Added support for the STARTTLS capability
 o checksrc: ban use of sprintf, vsprintf, strcat, strncat and gets
 o curl_global_init() now accepts the CURL_GLOBAL_ACK_EINTR flag [10]
 o Added CURLMOPT_MAX_HOST_CONNECTIONS, CURLMOPT_MAX_TOTAL_CONNECTIONS for
   new multi interface connection handling
 o Added CURLMOPT_MAX_PIPELINE_LENGTH, CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE,
   CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE, CURLMOPT_PIPELINING_SITE_BL and
   CURLMOPT_PIPELINING_SERVER_BL for new pipelining control [15]

This release includes the following bugfixes:

 o SECURITY ADVISORY: cookie tailmatching to avoid cross-domain leakage [25]
 o darwinssl: Fix build under Leopard
 o DONE: consider callback-aborted transfers premature [1]
 o ntlm: Fixed memory leaks
 o smtp: Fixed an issue when processing EHLO failure responses
 o pop3: Fixed incorrect return value from pop3_endofresp()
 o pop3: Fixed SASL authentication capability detection
 o pop3: Fixed blocking SSL connect when connecting via POP3S
 o imap: Fixed memory leak when performing multiple selects 
 o nss: fix misplaced code enabling non-blocking socket mode
 o AddFormData: prevent only directories from being posted [2]
 o darwinssl: fix infinite loop if server disconnected abruptly [3]
 o metalink: fix improbable crash parsing metalink filename
 o show proper host name on failed resolve
 o MacOSX-Framework: Make script work in Xcode 4.0 and later
 o strlcat: remove function [4]
 o darwinssl: Fix send glitchiness with data > 32 or so KB [5]
 o polarssl: better 1.1.x and 1.2.x support
 o various documentation improvements
 o multi: NULL pointer reference when closing an unused multi handle [9]
 o SOCKS: fix socks proxy when noproxy matched [7]
 o install-sh: updated to support multiple source files as arguments [6]
 o PolarSSL: added human readable error strings
 o resolver_error: remove wrong error message output
 o docs: updates HTML index and general improvements
 o curlbuild.h.dist: enhance non-configure GCC ABI detection logic
 o sasl: Fixed null pointer reference when decoding empty digest challenge [8]
 o easy: do not ignore poll() failures other than EINTR
 o darwinssl: disable ECC ciphers under Mountain Lion by default
 o CONNECT: count received headers [11]
 o build: fixes for VMS
 o CONNECT: clear 'rewindaftersend' on success [12]
 o HTTP proxy: insert slash in URL if missing [13]
 o hiperfifo: updated to use current libevent API [14]
 o getinmemory.c: abort the transfer nicely if not enough memory
 o improved win32 memorytracking
 o corrected proxy header response headers count [16]
 o FTP quote operations on re-used connection [17]
 o tcpkeepalive on win32 [18]
 o tcpkeepalive on Mac OS X [23]
 o easy: acknowledge the CURLOPT_MAXCONNECTS option properly [19]
 o easy interface: restore default MAXCONNECTS to 5
 o win32: don't set SO_SNDBUF for windows vista or later versions [20]
 o HTTP: made cookie sort function more deterministic
 o winssl: Fixed memory leak if connection was not successful
 o FTP: wait on both connections during active STOR state [21]
 o connect: treat a failed local bind of an interface as a non-fatal error [22]
 o darwinssl: disable insecure ciphers by default
 o FTP: handle "rubbish" in front of directory name in 257 responses [24]
 o mk-ca-bundle: Fixed lost OpenSSL output with "-t"

This release includes the following known bugs:

 o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)

This release would not have looked like this without help, code, reports and
advice from friends like these:

 Kamil Dudka, Steve Holme, Nick Zitzmann, Patricia Muscalu, Dan Fandrich,
 Gisle Vanem, Guenter Knauf, Yang Tse, Oliver Gondža, Aki Koskinen,
 Alexander Klauer, Kim Vandry, Willem Sparreboom, Jeremy Huddleston,
 Bruno de Carvalho, Rainer Jung, Jeremy Huddleston, Kim Vandry, Jiri Hruska,
 Alexander Klauer, Saran Neti, Alessandro Ghedini, Linus Nielsen Feltzing,
 Martin Jansen, John E. Malmberg, Tom Grace, Patrick Monnerat,
 Zdenek Pavlas, Myk Taylor, Cédric Deltheil, Robert Wruck, Sam Deane,
 Clemens Gruber, Marc Hoersken, Tomas Mlcoch, Fredrik Thulin, Steven Gu,
 Andrew Kurushin, Christian Hägele, Daniel Theron, Bill Middlecamp,
 Richard Michael, Yamada Yasuharu

        Thanks! (and sorry if I forgot to mention someone)

References to bug reports and discussions on issues:

 [1] = http://curl.haxx.se/bug/view.cgi?id=1184
 [2] = http://curl.haxx.se/mail/archive-2013-02/0040.html
 [3] = http://curl.haxx.se/mail/lib-2013-03/0014.html
 [4] = http://curl.haxx.se/bug/view.cgi?id=1192
 [5] = http://curl.haxx.se/mail/lib-2013-02/0145.html
 [6] = http://curl.haxx.se/bug/view.cgi?id=1195
 [7] = http://curl.haxx.se/bug/view.cgi?id=1190
 [8] = http://curl.haxx.se/bug/view.cgi?id=1193
 [9] = http://curl.haxx.se/bug/view.cgi?id=1194
 [10] = http://curl.haxx.se/bug/view.cgi?id=1168
 [11] = http://curl.haxx.se/bug/view.cgi?id=1204
 [12] = https://groups.google.com/d/msg/msysgit/B31LNftR4BI/KhRTz0iuGmUJ
 [13] = http://curl.haxx.se/bug/view.cgi?id=1206
 [14] = http://curl.haxx.se/bug/view.cgi?id=1199
 [15] = http://daniel.haxx.se/blog/2013/03/26/better-pipelining-in-libcurl-7-30-0/
 [16] = http://curl.haxx.se/bug/view.cgi?id=1204
 [17] = http://curl.haxx.se/mail/lib-2013-03/0319.html
 [18] = http://curl.haxx.se/bug/view.cgi?id=1209
 [19] = http://curl.haxx.se/bug/view.cgi?id=1212
 [20] = http://curl.haxx.se/bug/view.cgi?id=1188
 [21] = http://curl.haxx.se/bug/view.cgi?id=1183
 [22] = http://curl.haxx.se/bug/view.cgi?id=1189
 [23] = http://curl.haxx.se/bug/view.cgi?id=1214
 [24] = http://curl.haxx.se/mail/lib-2013-04/0113.html
 [25] = http://curl.haxx.se/docs/adv_20130412.html