1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 16:18:48 -05:00

version: start working on 7.24.1-DEV

This commit is contained in:
Yang Tse 2012-01-25 11:27:39 +01:00
parent 75b6f7d9ef
commit 93e344bbf4
2 changed files with 10 additions and 121 deletions

View File

@ -1,4 +1,4 @@
Curl and libcurl 7.24.0 Curl and libcurl 7.24.1
Public curl releases: 127 Public curl releases: 127
Command line options: 149 Command line options: 149
@ -9,76 +9,15 @@ Curl and libcurl 7.24.0
This release includes the following security fixes: This release includes the following security fixes:
o curl was vulnerable to a data injection attack for certain protocols o
http://curl.haxx.se/docs/adv_20120124.html
o curl was vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL
http://curl.haxx.se/docs/adv_20120124B.html
This release includes the following changes: This release includes the following changes:
o CURLOPT_QUOTE: SFTP supports the '*'-prefix now [24] o
o CURLOPT_DNS_SERVERS: set name servers if possible [23]
o Add support for using nettle instead of gcrypt as gnutls backend [22]
o CURLOPT_INTERFACE: avoid resolving interfaces names with magic prefixes [21]
o Added CURLOPT_ACCEPTTIMEOUT_MS [30]
o configure: add symbols versioning option --enable-versioned-symbols [31]
This release includes the following bugfixes: This release includes the following bugfixes:
o SSL session share: move the age counter to the share object [1] o
o -J -O: use -O name if no Content-Disposition header comes! [2]
o protocol_connect: show verbose connect and set connect time [3]
o query-part: ignore the URI part for given protocols [4]
o gnutls: only translate winsock errors for old versions [5]
o POP3: fix end of body detection [6]
o POP3: detect when LIST returns no mails
o TELNET: improved treatment of options [7]
o configure: add support for pkg-config detection of libidn [8]
o CyaSSL 2.0+ library initialization adjustment [9]
o multi interface: only use non-NULL socker function pointer
o call opensocket callback properly for active FTP
o don't call close socket callback for sockets created with accept() [10]
o differentiate better between host/proxy errors [11]
o SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5 [12]
o multi: handle timeouts on DNS servers by checking for new sockets [13]
o CURLOPT_DNS_SERVERS: fix return code
o POP3: fixed escaped dot not being stripped out [14]
o OpenSSL: check for the SSLv2 function in configure [15]
o MakefileBuild: fix the static build [16]
o create_conn: don't switch to HTTP protocol if tunneling is enabled [17]
o multi interface: fix block when CONNECT_ONLY option is used [18]
o Fix connection reuse for TLS upgraded connections [19]
o multiple file upload with -F and custom type [20]
o multi interface: active FTP connections are no longer blocking [25]
o Android build fix [26]
o timer: restore PRETRANSFER timing [27]
o libcurl.m4: Fix quoting arguments of AC_LANG_PROGRAM [28]
o appconnect time fixed for non-blocking connect ssl backends [29]
o do not include SSL handshake into time spent waiting for 100-continue [32]
o handle dns cache case insensitive
o use new host name casing for subsequent HTTP requests [33]
o CURLOPT_RESOLVE: avoid adding already present host names
o SFTP mkdir: use correct permission [34]
o resolve: don't leak pre-populated dns entries [35]
o --retry: Retry transfers on timeout and DNS errors
o negotiate with SSPI backend: use the correct buffer for input [36]
o SFTP dir: increase buffer size counter to avoid cut off file names [37]
o TFTP: fix resending (again) [38]
o c-ares: don't include getaddrinfo-using code [39]
o FTP: CURLE_PARTIAL_FILE will not close the control channel [40]
o win32-threaded-resolver: stop using a dummy socket
o OpenSSL: remove reference to openssl internal struct [41]
o OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option no longer enabled
o OpenSSL: fix PKCS#12 certificate parsing related memory leak
o OpenLDAP: fix LDAP connection phase memory leak [42]
o Telnet: Use correct file descriptor for telnet upload
o Telnet: Remove bogus optimisation of telnet upload
o URL parse: user name with ipv6 numerical address
o polarssl: show cipher suite name correctly with 1.1.0
o polarssl: havege_rand is not present in version 1.1.0 WARNING, we still
use the old API which is said to be insecure. See
http://polarssl.org/trac/wiki/SecurityAdvisory201102
o gnutls: enforced use of SSLv3 [43]
This release includes the following known bugs: This release includes the following known bugs:
@ -87,60 +26,10 @@ This release includes the following known bugs:
This release would not have looked like this without help, code, reports and This release would not have looked like this without help, code, reports and
advice from friends like these: advice from friends like these:
Alejandro Alvarez Ayllon, Jason Glasgow, Jonas Schnelli, Mark Brand,
Martin Storsjo, Yang Tse, Laurent Rabret, Jason Glasgow, Steve Holme,
Reza Arbab, Jason Liu, Gokhan Sengun, Rob Ward, Dan Fandrich,
Naveen Chandran, Ward Willats, Vladimir Grishchenko, Colin Hogben,
Alessandro Ghedini, Cedric Deltheil, Toni Moreno, Bernhard Reutner-Fischer,
Sven Wegener, Alex Vinnik, Kamil Dudka, Mamoru Tasaka, Patrice Guerin,
Armel Asselin, Arthur Murray, Steve H Truong, Peter Sylvester,
Johannes Bauer, Brandon Wang, Pierre Joye, Robert Schumann,
Christian Grothoff, Nikos Mavrogiannopoulos
Thanks! (and sorry if I forgot to mention someone) Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues: References to bug reports and discussions on issues:
[1] = http://curl.haxx.se/mail/lib-2011-11/0116.html
[2] = http://curl.haxx.se/mail/archive-2011-11/0030.htm
[3] = http://curl.haxx.se/mail/archive-2011-11/0035.html
[4] = http://curl.haxx.se/mail/lib-2011-11/0218.html
[5] = http://curl.haxx.se/mail/lib-2011-11/0267.html
[6] = http://curl.haxx.se/mail/lib-2011-11/0279.html
[7] = http://curl.haxx.se/mail/lib-2011-11/0247.html
[8] = http://curl.haxx.se/mail/lib-2011-11/0294.html
[9] = http://curl.haxx.se/bug/view.cgi?id=3442068
[10] = http://curl.haxx.se/mail/lib-2011-12/0018.html
[11] = http://curl.haxx.se/mail/archive-2011-12/0010.html
[12] = http://curl.haxx.se/bug/view.cgi?id=3451592
[13] = http://curl.haxx.se/mail/lib-2011-11/0371.html
[14] = http://curl.haxx.se/mail/lib-2011-11/0368.html
[15] = http://curl.haxx.se/mail/archive-2011-12/0012.html
[16] = http://curl.haxx.se/mail/lib-2011-12/0063.html
[17] = http://curl.haxx.se/mail/lib-2011-12/0010.html
[18] = http://curl.haxx.se/mail/lib-2011-12/0070.html
[19] = http://curl.haxx.se/mail/lib-2011-11/0022.html
[20] = http://curl.haxx.se/mail/lib-2011-12/0121.html
[21] = http://curl.haxx.se/mail/lib-2011-12/0107.html
[22] = http://curl.haxx.se/mail/lib-2011-11/0164.html
[23] = http://curl.haxx.se/mail/lib-2011-11/0067.html
[24] = http://curl.haxx.se/mail/lib-2011-11/0205.html
[25] = http://curl.haxx.se/mail/lib-2011-12/0179.html
[26] = http://curl.haxx.se/mail/lib-2011-12/0215.html
[27] = http://curl.haxx.se/mail/archive-2011-12/0022.html
[28] = http://curl.haxx.se/mail/lib-2011-12/0218.html
[29] = http://curl.haxx.se/mail/lib-2011-12/0211.html
[30] = http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTACCEPTTIMOUTMS
[31] = http://curl.haxx.se/mail/lib-2011-12/0133.html
[32] = https://bugzilla.redhat.com/767490
[33] = http://curl.haxx.se/mail/lib-2011-12/0314.html
[34] = http://curl.haxx.se/mail/lib-2011-12/0249.html
[35] = http://curl.haxx.se/bug/view.cgi?id=3463121
[36] = http://curl.haxx.se/bug/view.cgi?id=3466497
[37] = http://curl.haxx.se/mail/lib-2011-12/0249.html
[38] = http://curl.haxx.se/mail/lib-2012-01/0146.html
[39] = http://curl.haxx.se/mail/lib-2012-01/0160.html
[40] = http://curl.haxx.se/mail/lib-2012-01/0096.html
[41] = http://curl.haxx.se/mail/lib-2012-01/0049.html
[42] = http://curl.haxx.se/bug/view.cgi?id=3474308
[43] = http://curl.haxx.se/mail/lib-2012-01/0225.html

View File

@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
* *
* This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms
@ -30,13 +30,13 @@
/* This is the version number of the libcurl package from which this header /* This is the version number of the libcurl package from which this header
file origins: */ file origins: */
#define LIBCURL_VERSION "7.24.0-DEV" #define LIBCURL_VERSION "7.24.1-DEV"
/* The numeric version number is also available "in parts" by using these /* The numeric version number is also available "in parts" by using these
defines: */ defines: */
#define LIBCURL_VERSION_MAJOR 7 #define LIBCURL_VERSION_MAJOR 7
#define LIBCURL_VERSION_MINOR 24 #define LIBCURL_VERSION_MINOR 24
#define LIBCURL_VERSION_PATCH 0 #define LIBCURL_VERSION_PATCH 1
/* This is the numeric version of the libcurl version number, meant for easier /* This is the numeric version of the libcurl version number, meant for easier
parsing and comparions by programs. The LIBCURL_VERSION_NUM define will parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@ -53,7 +53,7 @@
and it is always a greater number in a more recent release. It makes and it is always a greater number in a more recent release. It makes
comparisons with greater than and less than work. comparisons with greater than and less than work.
*/ */
#define LIBCURL_VERSION_NUM 0x071800 #define LIBCURL_VERSION_NUM 0x071801
/* /*
* This is the date and time when the full source package was created. The * This is the date and time when the full source package was created. The