1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00
curl/RELEASE-NOTES

122 lines
5.5 KiB
Plaintext
Raw Normal View History

Curl and libcurl 7.36.0
2014-01-29 02:35:58 -05:00
Public curl releases: 138
Command line options: 161
curl_easy_setopt() options: 206
Public functions in libcurl: 58
2013-02-16 08:26:28 -05:00
Known libcurl bindings: 42
2014-01-29 02:35:58 -05:00
Contributors: 1123
2014-03-25 17:57:47 -04:00
This release includes the following SECURITY ADVISORIES:
o wrong re-use of connections [16]
o IP address wildcard certificate validation [17]
o not verifying certs for TLS to IP address / Darwinssl [18]
o not verifying certs for TLS to IP address / Winssl [19]
This release includes the following changes:
2008-09-01 10:27:24 -04:00
2014-01-30 19:20:32 -05:00
o ntlm: Added support for NTLMv2 [2]
o tool: Added support for URL specific options [3]
o openssl: add ALPN support
o gtls: add ALPN support
o nss: add ALPN and NPN support
2014-02-13 17:35:32 -05:00
o added CURLOPT_EXPECT_100_TIMEOUT_MS [7]
o tool: add --no-alpn and --no-npn
o added CURLOPT_SSL_ENABLE_NPN and CURLOPT_SSL_ENABLE_ALPN
o winssl: enable TLSv1.1 and TLSv1.2 by default
o winssl: TLSv1.2 disables certificate signatures using MD5 hash
2014-02-24 16:28:56 -05:00
o winssl: enable hostname verification of IP address using SAN or CN [11]
2014-03-02 05:11:12 -05:00
o darwinssl: Don't omit CN verification when an IP address is used [12]
o http2: build with current nghttp2 version
2014-03-19 11:18:21 -04:00
o polarssl: dropped support for PolarSSL < 1.3.0
2014-03-19 18:10:56 -04:00
o openssl: info message with SSL version used
This release includes the following bugfixes:
o nss: allow to use ECC ciphers if NSS implements them [1]
2014-01-30 19:20:32 -05:00
o netrc: Fixed a memory leak in an OOM condition
o ftp: fixed a memory leak on wildcard error path
o pipeline: Fixed a NULL pointer dereference on OOM
o nss: prefer highest available TLS version
o 100-continue: fix timeout condition [4]
o ssh: Fixed a NULL pointer dereference on OOM condition
o formpost: use semicolon in multipart/mixed [5]
o --help: add missing --tlsv1.x options
o formdata: Fixed memory leak on OOM condition
2014-02-13 17:35:32 -05:00
o ConnectionExists: reusing possible HTTP+NTLM connections better [6]
o mingw32: fix compilation
o chunked decoder: track overflows correctly [8]
o curl_easy_setopt.3: add CURL_HTTP_VERSION_2_0
2014-02-17 05:16:41 -05:00
o dict: fix memory leak in OOM exit path
o valgrind: added suppression on optimized code
o curl: output protocol headers using binary mode
o tool: Added URL index to password prompt for multiple operations
o ConnectionExists: re-use non-NTLM connections better [9]
o axtls: call ssl_read repeatedly
o multi: make MAXCONNECTS default 4 x number of easy handles function
o configure: Fix the --disable-crypto-auth option
o multi: ignore SIGPIPE internally
2014-02-23 06:24:46 -05:00
o curl.1: update the description of --tlsv1
o SFTP: skip reading the dir when NOBODY=1 [10]
o easy: Fixed a memory leak on OOM condition
o tool: Fixed incorrect return code when setting HTTP request fails
2014-03-02 05:11:12 -05:00
o configure: Tiny fix to honor POSIX
o tool: Do not output libcurl source for the information only parameters
2014-03-09 15:44:10 -04:00
o Rework Open Watcom make files to use standard Wmake features
o x509asn: moved out Curl_verifyhost from NSS builds
o configure: call it GSS-API
o hostcheck: Curl_cert_hostcheck is not used by NSS builds
o multi_runsingle: move timestamp into INIT [13]
o remote_port: allow connect to port 0
o parse_remote_port: error out on illegal port numbers better
o ssh: Pass errors from libssh2_sftp_read up the stack
o docs: remove documentation on setting up krb4 support
2014-03-19 11:18:21 -04:00
o polarssl: build fixes to work with PolarSSL 1.3.x
o polarssl: fix possible handshake timeout issue in multi
o nss: allow to enable/disable cipher-suites better
o ssh: prevent a logic error that could result in an infinite loop
o http2: free resources on disconnect
o polarssl: avoid extra newlines in debug messages
o rtsp: parse "Session:" header properly [14]
o trynextip: don't store 'ai' on failed connects
2014-03-25 17:57:47 -04:00
o Curl_cert_hostcheck: strip trailing dots in host name and wildcard
2010-12-15 09:54:17 -05:00
This release includes the following known bugs:
o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
2014-03-09 15:44:10 -04:00
Adam Sampson, Arvid Norberg, Brad Spencer, Colin Hogben, Dan Fandrich,
2014-03-19 11:18:21 -04:00
Daniel Stenberg, David Ryskalczyk, Fabian Frank, Gaël PORTAY, Gisle Vanem,
Hubert Kario, Jeff King, Jiri Malak, Kamil Dudka, Maks Naumov, Marc Hoersken,
Michael Osipov, Mike Hasselberg, Nick Zitzmann, Patrick Monnerat, Prash Dush,
Remi Gacogne, Rob Davies, Romulo A. Ceccon, Shao Shuchao, Steve Holme,
Tatsuhiro Tsujikawa, Thomas Braun, Tiit Pikma, Yehezkel Horowitz,
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
[1] = https://bugzilla.redhat.com/1058776
2014-01-30 19:20:32 -05:00
[2] = http://curl.haxx.se/mail/lib-2014-01/0183.html
[3] = http://curl.haxx.se/mail/archive-2013-11/0006.html
[4] = http://curl.haxx.se/bug/view.cgi?id=1334
[5] = http://curl.haxx.se/bug/view.cgi?id=1333
2014-02-13 17:35:32 -05:00
[6] = http://curl.haxx.se/mail/lib-2014-02/0100.html
[7] = http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTEXPECT100TIMEOUTMS
[8] = http://curl.haxx.se/mail/lib-2014-02/0097.html
2014-02-17 05:16:41 -05:00
[9] = http://thread.gmane.org/gmane.comp.version-control.git/242213
2014-02-23 06:24:46 -05:00
[10] = http://curl.haxx.se/mail/lib-2014-02/0155.html
2014-02-24 16:28:56 -05:00
[11] = http://curl.haxx.se/mail/lib-2014-02/0243.html
2014-03-02 05:11:12 -05:00
[12] = https://github.com/bagder/curl/pull/93
2014-03-09 15:44:10 -04:00
[13] = http://curl.haxx.se/mail/lib-2014-02/0036.html
[14] = http://curl.haxx.se/mail/lib-2014-03/0134.html
[15] = http://curl.haxx.se/bug/view.cgi?id=1337
2014-03-25 17:57:47 -04:00
[16] = http://curl.haxx.se/docs/adv_20140326A.html
[17] = http://curl.haxx.se/docs/adv_20140326B.html
[18] = http://curl.haxx.se/docs/adv_20140326C.html
[19] = http://curl.haxx.se/docs/adv_20140326D.html