mirror of https://github.com/moparisthebest/curl
version: start working on 7.24.1-DEV
This commit is contained in:
Yang Tse
parent
75b6f7d9ef
commit
93e344bbf4
123
RELEASE-NOTES
123
RELEASE-NOTES
|
|
@ -1,4 +1,4 @@
|
|||
Curl and libcurl 7.24.0
|
||||
Curl and libcurl 7.24.1
|
||||
|
||||
Public curl releases: 127
|
||||
Command line options: 149
|
||||
|
|
@ -9,76 +9,15 @@ Curl and libcurl 7.24.0
|
|||
|
||||
This release includes the following security fixes:
|
||||
|
||||
o curl was vulnerable to a data injection attack for certain protocols
|
||||
http://curl.haxx.se/docs/adv_20120124.html
|
||||
o curl was vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL
|
||||
http://curl.haxx.se/docs/adv_20120124B.html
|
||||
o
|
||||
|
||||
This release includes the following changes:
|
||||
|
||||
o CURLOPT_QUOTE: SFTP supports the '*'-prefix now [24]
|
||||
o CURLOPT_DNS_SERVERS: set name servers if possible [23]
|
||||
o Add support for using nettle instead of gcrypt as gnutls backend [22]
|
||||
o CURLOPT_INTERFACE: avoid resolving interfaces names with magic prefixes [21]
|
||||
o Added CURLOPT_ACCEPTTIMEOUT_MS [30]
|
||||
o configure: add symbols versioning option --enable-versioned-symbols [31]
|
||||
o
|
||||
|
||||
This release includes the following bugfixes:
|
||||
|
||||
o SSL session share: move the age counter to the share object [1]
|
||||
o -J -O: use -O name if no Content-Disposition header comes! [2]
|
||||
o protocol_connect: show verbose connect and set connect time [3]
|
||||
o query-part: ignore the URI part for given protocols [4]
|
||||
o gnutls: only translate winsock errors for old versions [5]
|
||||
o POP3: fix end of body detection [6]
|
||||
o POP3: detect when LIST returns no mails
|
||||
o TELNET: improved treatment of options [7]
|
||||
o configure: add support for pkg-config detection of libidn [8]
|
||||
o CyaSSL 2.0+ library initialization adjustment [9]
|
||||
o multi interface: only use non-NULL socker function pointer
|
||||
o call opensocket callback properly for active FTP
|
||||
o don't call close socket callback for sockets created with accept() [10]
|
||||
o differentiate better between host/proxy errors [11]
|
||||
o SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5 [12]
|
||||
o multi: handle timeouts on DNS servers by checking for new sockets [13]
|
||||
o CURLOPT_DNS_SERVERS: fix return code
|
||||
o POP3: fixed escaped dot not being stripped out [14]
|
||||
o OpenSSL: check for the SSLv2 function in configure [15]
|
||||
o MakefileBuild: fix the static build [16]
|
||||
o create_conn: don't switch to HTTP protocol if tunneling is enabled [17]
|
||||
o multi interface: fix block when CONNECT_ONLY option is used [18]
|
||||
o Fix connection reuse for TLS upgraded connections [19]
|
||||
o multiple file upload with -F and custom type [20]
|
||||
o multi interface: active FTP connections are no longer blocking [25]
|
||||
o Android build fix [26]
|
||||
o timer: restore PRETRANSFER timing [27]
|
||||
o libcurl.m4: Fix quoting arguments of AC_LANG_PROGRAM [28]
|
||||
o appconnect time fixed for non-blocking connect ssl backends [29]
|
||||
o do not include SSL handshake into time spent waiting for 100-continue [32]
|
||||
o handle dns cache case insensitive
|
||||
o use new host name casing for subsequent HTTP requests [33]
|
||||
o CURLOPT_RESOLVE: avoid adding already present host names
|
||||
o SFTP mkdir: use correct permission [34]
|
||||
o resolve: don't leak pre-populated dns entries [35]
|
||||
o --retry: Retry transfers on timeout and DNS errors
|
||||
o negotiate with SSPI backend: use the correct buffer for input [36]
|
||||
o SFTP dir: increase buffer size counter to avoid cut off file names [37]
|
||||
o TFTP: fix resending (again) [38]
|
||||
o c-ares: don't include getaddrinfo-using code [39]
|
||||
o FTP: CURLE_PARTIAL_FILE will not close the control channel [40]
|
||||
o win32-threaded-resolver: stop using a dummy socket
|
||||
o OpenSSL: remove reference to openssl internal struct [41]
|
||||
o OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option no longer enabled
|
||||
o OpenSSL: fix PKCS#12 certificate parsing related memory leak
|
||||
o OpenLDAP: fix LDAP connection phase memory leak [42]
|
||||
o Telnet: Use correct file descriptor for telnet upload
|
||||
o Telnet: Remove bogus optimisation of telnet upload
|
||||
o URL parse: user name with ipv6 numerical address
|
||||
o polarssl: show cipher suite name correctly with 1.1.0
|
||||
o polarssl: havege_rand is not present in version 1.1.0 WARNING, we still
|
||||
use the old API which is said to be insecure. See
|
||||
http://polarssl.org/trac/wiki/SecurityAdvisory201102
|
||||
o gnutls: enforced use of SSLv3 [43]
|
||||
o
|
||||
|
||||
This release includes the following known bugs:
|
||||
|
||||
|
|
@ -87,60 +26,10 @@ This release includes the following known bugs:
|
|||
This release would not have looked like this without help, code, reports and
|
||||
advice from friends like these:
|
||||
|
||||
Alejandro Alvarez Ayllon, Jason Glasgow, Jonas Schnelli, Mark Brand,
|
||||
Martin Storsjo, Yang Tse, Laurent Rabret, Jason Glasgow, Steve Holme,
|
||||
Reza Arbab, Jason Liu, Gokhan Sengun, Rob Ward, Dan Fandrich,
|
||||
Naveen Chandran, Ward Willats, Vladimir Grishchenko, Colin Hogben,
|
||||
Alessandro Ghedini, Cedric Deltheil, Toni Moreno, Bernhard Reutner-Fischer,
|
||||
Sven Wegener, Alex Vinnik, Kamil Dudka, Mamoru Tasaka, Patrice Guerin,
|
||||
Armel Asselin, Arthur Murray, Steve H Truong, Peter Sylvester,
|
||||
Johannes Bauer, Brandon Wang, Pierre Joye, Robert Schumann,
|
||||
Christian Grothoff, Nikos Mavrogiannopoulos
|
||||
|
||||
|
||||
Thanks! (and sorry if I forgot to mention someone)
|
||||
|
||||
References to bug reports and discussions on issues:
|
||||
|
||||
[1] = http://curl.haxx.se/mail/lib-2011-11/0116.html
|
||||
[2] = http://curl.haxx.se/mail/archive-2011-11/0030.htm
|
||||
[3] = http://curl.haxx.se/mail/archive-2011-11/0035.html
|
||||
[4] = http://curl.haxx.se/mail/lib-2011-11/0218.html
|
||||
[5] = http://curl.haxx.se/mail/lib-2011-11/0267.html
|
||||
[6] = http://curl.haxx.se/mail/lib-2011-11/0279.html
|
||||
[7] = http://curl.haxx.se/mail/lib-2011-11/0247.html
|
||||
[8] = http://curl.haxx.se/mail/lib-2011-11/0294.html
|
||||
[9] = http://curl.haxx.se/bug/view.cgi?id=3442068
|
||||
[10] = http://curl.haxx.se/mail/lib-2011-12/0018.html
|
||||
[11] = http://curl.haxx.se/mail/archive-2011-12/0010.html
|
||||
[12] = http://curl.haxx.se/bug/view.cgi?id=3451592
|
||||
[13] = http://curl.haxx.se/mail/lib-2011-11/0371.html
|
||||
[14] = http://curl.haxx.se/mail/lib-2011-11/0368.html
|
||||
[15] = http://curl.haxx.se/mail/archive-2011-12/0012.html
|
||||
[16] = http://curl.haxx.se/mail/lib-2011-12/0063.html
|
||||
[17] = http://curl.haxx.se/mail/lib-2011-12/0010.html
|
||||
[18] = http://curl.haxx.se/mail/lib-2011-12/0070.html
|
||||
[19] = http://curl.haxx.se/mail/lib-2011-11/0022.html
|
||||
[20] = http://curl.haxx.se/mail/lib-2011-12/0121.html
|
||||
[21] = http://curl.haxx.se/mail/lib-2011-12/0107.html
|
||||
[22] = http://curl.haxx.se/mail/lib-2011-11/0164.html
|
||||
[23] = http://curl.haxx.se/mail/lib-2011-11/0067.html
|
||||
[24] = http://curl.haxx.se/mail/lib-2011-11/0205.html
|
||||
[25] = http://curl.haxx.se/mail/lib-2011-12/0179.html
|
||||
[26] = http://curl.haxx.se/mail/lib-2011-12/0215.html
|
||||
[27] = http://curl.haxx.se/mail/archive-2011-12/0022.html
|
||||
[28] = http://curl.haxx.se/mail/lib-2011-12/0218.html
|
||||
[29] = http://curl.haxx.se/mail/lib-2011-12/0211.html
|
||||
[30] = http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTACCEPTTIMOUTMS
|
||||
[31] = http://curl.haxx.se/mail/lib-2011-12/0133.html
|
||||
[32] = https://bugzilla.redhat.com/767490
|
||||
[33] = http://curl.haxx.se/mail/lib-2011-12/0314.html
|
||||
[34] = http://curl.haxx.se/mail/lib-2011-12/0249.html
|
||||
[35] = http://curl.haxx.se/bug/view.cgi?id=3463121
|
||||
[36] = http://curl.haxx.se/bug/view.cgi?id=3466497
|
||||
[37] = http://curl.haxx.se/mail/lib-2011-12/0249.html
|
||||
[38] = http://curl.haxx.se/mail/lib-2012-01/0146.html
|
||||
[39] = http://curl.haxx.se/mail/lib-2012-01/0160.html
|
||||
[40] = http://curl.haxx.se/mail/lib-2012-01/0096.html
|
||||
[41] = http://curl.haxx.se/mail/lib-2012-01/0049.html
|
||||
[42] = http://curl.haxx.se/bug/view.cgi?id=3474308
|
||||
[43] = http://curl.haxx.se/mail/lib-2012-01/0225.html
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
* | (__| |_| | _ <| |___
|
||||
* \___|\___/|_| \_\_____|
|
||||
*
|
||||
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
*
|
||||
* This software is licensed as described in the file COPYING, which
|
||||
* you should have received as part of this distribution. The terms
|
||||
|
|
@ -30,13 +30,13 @@
|
|||
|
||||
/* This is the version number of the libcurl package from which this header
|
||||
file origins: */
|
||||
#define LIBCURL_VERSION "7.24.0-DEV"
|
||||
#define LIBCURL_VERSION "7.24.1-DEV"
|
||||
|
||||
/* The numeric version number is also available "in parts" by using these
|
||||
defines: */
|
||||
#define LIBCURL_VERSION_MAJOR 7
|
||||
#define LIBCURL_VERSION_MINOR 24
|
||||
#define LIBCURL_VERSION_PATCH 0
|
||||
#define LIBCURL_VERSION_PATCH 1
|
||||
|
||||
/* This is the numeric version of the libcurl version number, meant for easier
|
||||
parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
|
||||
|
|
@ -53,7 +53,7 @@
|
|||
and it is always a greater number in a more recent release. It makes
|
||||
comparisons with greater than and less than work.
|
||||
*/
|
||||
#define LIBCURL_VERSION_NUM 0x071800
|
||||
#define LIBCURL_VERSION_NUM 0x071801
|
||||
|
||||
/*
|
||||
* This is the date and time when the full source package was created. The
|
||||
|
|
|
|||
Loading…
Reference in New Issue