1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00

7.15.0 time

This commit is contained in:
Daniel Stenberg 2005-10-13 08:19:09 +00:00
parent 943aea6267
commit 96cec4dfd7
2 changed files with 18 additions and 1 deletions

16
CHANGES
View File

@ -8,6 +8,22 @@
Version 7.15.0 (13 October 2005)
Daniel (12 October 2005)
- Michael Sutton of iDEFENSE reported and I fixed a securitfy flaw in the NTLM
code that would overflow a buffer if given a too long user name or domain
name. This would happen if you enable NTLM authentication and either
A - pass in a user name and domain name to libcurl that together are longer
than 192 bytes
B - allow (lib)curl to follow HTTP "redirects" (Location: and the
appropriate HTTP 30x response code) and the new URL contains a URL with
a user name and domain name that together are longer than 192 bytes
See http://curl.haxx.se/docs/security.html for further details and updates
Daniel (5 October 2005) Daniel (5 October 2005)
- Darryl House reported a problem with using -z to download files from FTP. - Darryl House reported a problem with using -z to download files from FTP.
It turned out that if the given time stamp was exact the same as the remote It turned out that if the given time stamp was exact the same as the remote

View File

@ -5,7 +5,7 @@ Curl and libcurl 7.15.0
Available command line options: 109 Available command line options: 109
Available curl_easy_setopt() options: 124 Available curl_easy_setopt() options: 124
Number of public functions in libcurl: 46 Number of public functions in libcurl: 46
Amount of public web site mirrors: 25 Amount of public web site mirrors: 24
Number of known libcurl bindings: 32 Number of known libcurl bindings: 32
Number of contributors: 451 Number of contributors: 451
@ -16,6 +16,7 @@ This release includes the following changes:
This release includes the following bugfixes: This release includes the following bugfixes:
o user+domain name buffer overflow in the NTLM code (security flaw)
o -z over FTP now considers equal timestamps "not modified since" o -z over FTP now considers equal timestamps "not modified since"
o Weird characters removed from the configure script o Weird characters removed from the configure script
o Fixed time zone offsets for MEST and CEST for the time parser o Fixed time zone offsets for MEST and CEST for the time parser