From b3e3a08c3c2f223fcab8631e31b1c59f29e0b4c0 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 15 Jun 2017 10:49:20 +0200
Subject: [PATCH] RELEASE-NOTES: synced with 2ad80eec5

---
 RELEASE-NOTES | 211 ++++----------------------------------------------
 1 file changed, 16 insertions(+), 195 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 532a20304..e72b49683 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,6 +1,6 @@
-Curl and libcurl 7.54.1
+Curl and libcurl 7.55.0
 
- Public curl releases:         166
+ Public curl releases:         167
  Command line options:         207
  curl_easy_setopt() options:   245
  Public functions in libcurl:  61
@@ -8,125 +8,15 @@ Curl and libcurl 7.54.1
 
 This release includes the following changes:
 
- o curl: show the libcurl release date in --version output [32]
+ o 
 
 This release includes the following bugfixes:
 
- o CVE-2017-9502: file: URL buffer overflow [65]
- o openssl: fix memory leak in servercert
- o tests: remove the html and PDF versions from the tarball
- o mbedtls: enable NTLM (& SMB) even if MD4 support is unavailable
- o typecheck-gcc: handle function pointers properly [1]
- o llist: no longer uses malloc [2]
- o gnutls: removed some code when --disable-verbose is configured
- o lib: fix maybe-uninitialized warnings
- o multi: clarify condition in curl_multi_wait [3]
- o schannel: Don't treat encrypted partial record as pending data [4]
- o configure: fix the -ldl check for openssl, add -lpthread check [5]
- o configure: accept -Og and -Ofast GCC flags [6]
- o Makefile: avoid use of GNU-specific form of $< [7]
- o if2ip: fix -Wcast-align warning
- o configure: stop prepending to LDFLAGS, CPPFLAGS [8]
- o curl: set a 100K buffer size by default [9]
- o typecheck-gcc: fix _curl_is_slist_info [10]
- o nss: do not leak PKCS #11 slot while loading a key [11]
- o nss: load libnssckbi.so if no other trust is specified [12]
- o examples: ftpuploadfrommem.c [13]
- o url: declare get_protocol_family() static [14]
- o examples/cookie_interface.c: changed to example.com
- o test1443: test --remote-time
- o curl: use utimes instead of obsolescent utime when available
- o url: fixed a memory leak on OOM while setting CURLOPT_BUFFERSIZE
- o curl_rtmp: fix missing-variable-declarations warnings
- o tests: fixed OOM handling of unit tests to abort test
- o curl_setup: Ensure no more than one IDN lib is enabled [15]
- o tool: Fix missing prototype warnings for CURL_DOES_CONVERSIONS [16]
- o CURLOPT_BUFFERSIZE: 1024 bytes is now the minimum size [17]
- o curl: non-boolean command line args reject --no- prefixes [18]
- o telnet: Write full buffer instead of byte-by-byte [19]
- o typecheck-gcc: add missing string options [20]
- o typecheck-gcc: add support for CURLINFO_SOCKET [21]
- o opt man pages: they all have examples now
- o curl_setup_once: use SEND_QUAL_ARG2 for swrite [22]
- o test557: set a known good numeric locale
- o schannel: return a more specific error code for SEC_E_UNTRUSTED_ROOT
- o tests/server: make string literals const
- o runtests: use -R for random order [23]
- o unit1305: fix compiler warning
- o curl_slist_append.3: clarify a NULL input creates a new list
- o tests/server: run checksrc by default in debug-builds
- o tests: fix -Wcast-qual warnings
- o runtests.pl: simplify the datacheck read section
- o curl: remove --environment and tool_writeenv.c [24]
- o buildconf: fix hang on IRIX [25]
- o tftp: silence bad-function-cast warning
- o asyn-thread: fix unused macro warnings
- o tool_parsecfg: fix -Wcast-qual warning
- o sendrecv: fix MinGW-w64 warning
- o test537: use correct variable type [26]
- o rand: treat fake entropy the same regardless of endianness [27]
- o curl: generate the --help output [28]
- o tests: removed redundant --trace-ascii arguments
- o multi: assign IDs to all timers and make each timer singleton
- o multi: use a fixed array of timers instead of malloc [29]
- o mbedtls: Support server renegotiation request [30]
- o pipeline: fix mistakenly trying to pipeline POSTs [31]
- o lib510: don't write past the end of the buffer if it's too small
- o CURLOPT_HTTPPROXYTUNNEL.3: clarify, add example
- o SecureTransport/DarwinSSL: Implement public key pinning [33]
- o curl.1: clarify --config
- o curl_sasl: fix build error with CURL_DISABLE_CRYPTO_AUTH + USE_NTLM [34]
- o darwinssl: Fix exception when processing a client-side certificate [35]
- o curl.1: mention --oauth2-bearer's <token> argument
- o mkhelp.pl: do not add current time into curl binary [36]
- o asiohiper.cpp / evhiperfifo.c: deal with negative timerfunction input [37]
- o ssh: fix memory leak in disconnect due to timeout [38]
- o tests: stabilize test 1034 [39]
- o cmake: auto detection of CURL_CA_BUNDLE/CURL_CA_PATH [40]
- o assert: avoid, use DEBUGASSERT instead [41]
- o LDAP: using ldap_bind_s on Windows with methods [42]
- o redirect: store the "would redirect to" URL when max redirs is reached [43]
- o winbuild: fix the nghttp2 build [44]
- o examples: fix -Wimplicit-fallthrough warnings
- o time: fix type conversions and compiler warnings [45]
- o mbedtls: fix variable shadow warning
- o test557: fix ubsan runtime error due to int left shift [46]
- o transfer: init the infilesize from the postfields [47]
- o docs: clarify NO_PROXY further [48]
- o build-wolfssl: Sync config with wolfSSL 3.11
- o curl-compilers.m4: enable -Wshift-sign-overflow for clang [49]
- o example/externalsocket.c: make it use CLOSESOCKETFUNCTION too
- o lib574.c: use correct callback proto
- o lib583: fix compiler warning
- o curl-compilers.m4: fix compiler_num for clang [50]
- o typecheck-gcc.h: separate getinfo slist checks from other pointers [51]
- o typecheck-gcc.h: check CURLINFO_TLS_SSL_PTR and CURLINFO_TLS_SESSION
- o typecheck-gcc.h: check CURLINFO_CERTINFO [52]
- o build: provide easy code coverage measuring [53]
- o test1537: dedicated tests of the URL (un)escape API calls [54]
- o curl_endian: remove unused functions [55]
- o test1538: verify the libcurl strerror API calls
- o MD(4|5): silence cast-align clang warning
- o dedotdot: fixed output for ".." and "." only input [56]
- o cyassl: define build macros before including ssl.h [57]
- o updatemanpages.pl: error out on too old git version
- o curl_sasl: fix unused-variable warning
- o x509asn1: fix implicit-fallthrough warning with GCC 7
- o libtest: fix implicit-fallthrough warnings with GCC 7
- o BINDINGS: add Ring binding [58]
- o curl_ntlm_core: pass unsigned char to toupper
- o test1262: verify ftp download with -z for "if older than this"
- o test1521: test all curl_easy_setopt options [59]
- o typecheck-gcc: allow CURLOPT_STDERR to be NULL too
- o metalink: remove unused printf() argument
- o file: make speedcheck use current time for checks [60]
- o configure: fix link with librtmp when specifying path [61]
- o examples/multi-uv.c: fix deprecated symbol [62]
- o cmake: Fix inconsistency regarding mbed TLS include directory [63]
- o setopt: check CURLOPT_ADDRESS_SCOPE option range
- o gitignore: ignore all vim swap files [64]
- o urlglob: fix division by zero
- o libressl: OCSP and intermediate certs workaround no longer needed [66]
+ o includes: remove curl/curlbuild.h and curl/curlrules.h [1]
+ o dist: make the hugehelp.c not get regenerated unnecessarily [2]
+ o timers: store internal time stamps as time_t instead of doubles [3]
+ o progress: let "current speed" be UL + DL speeds combined [4]
+ o http-proxy: do the HTTP CONNECT process entirely non-blocking [5]
 
 This release includes the following known bugs:
 
@@ -135,85 +25,16 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Akhil Kedia, Alan Jenkins, Anatol Belski, Bernhard M. Wiedemann,
-  Brian Childs, canavan at github, Chris Carlmar, Dan Fandrich,
-  Daniel Stenberg, Edward Thomson, Gisle Vanem, GwanYeong Kim,
-  Helmut K. C. Tessarek, Joel Depooter, jonrumsey at github, Kai Engert,
-  Kamil Dudka, Kevin Ji, Lloyd Fournier, Mahmoud Samir Fayed, Marcel Raad,
-  Martin Kepplinger, Max Dymond, Michael Kaufmann, Nick Zitzmann, Paul Harris,
-  Phil Crump, Piotr Dobrogost, Ray Satiro, Richard Hsu, Ron Eldor,
-  Ryuichi KAWAMATA, Sergei Nikulov, Simon Warta, stootill at github,
-  Stuart Henderson, TheAssassin at github, Thomas Klausner, Travis Burtrum,
-  Vincas Razma, wyattoday at github,
-  (41 contributors)
+  Daniel Stenberg, Marcel Raad, Paul Harris, Ray Satiro, Simon Warta,
+  (5 contributors)
 
         Thanks! (and sorry if I forgot to mention someone)
 
 References to bug reports and discussions on issues:
 
- [1] = https://curl.haxx.se/bug/?i=1403
- [2] = https://curl.haxx.se/bug/?i=1435
- [3] = https://curl.haxx.se/bug/?i=1439
- [4] = https://curl.haxx.se/bug/?i=1392
- [5] = https://curl.haxx.se/bug/?i=1427
- [6] = https://curl.haxx.se/bug/?i=1440
- [7] = https://curl.haxx.se/bug/?i=1432
- [8] = https://curl.haxx.se/bug/?i=1420
- [9] = https://curl.haxx.se/bug/?i=1446
- [10] = https://curl.haxx.se/bug/?i=1447
- [11] = https://bugzilla.redhat.com/1444860
- [12] = https://curl.haxx.se/bug/?i=1414
- [13] = https://curl.haxx.se/bug/?i=1451
- [14] = https://curl.haxx.se/mail/lib-2017-04/0127.html
- [15] = https://github.com/curl/curl/issues/1441#issuecomment-297689856
- [16] = https://curl.haxx.se/bug/?i=1460
- [17] = https://curl.haxx.se/bug/?i=1449
- [18] = https://curl.haxx.se/bug/?i=1453
- [19] = https://curl.haxx.se/bug/?i=1389
- [20] = https://curl.haxx.se/bug/?i=1452
- [21] = https://curl.haxx.se/bug/?i=1452
- [22] = https://curl.haxx.se/bug/?i=1464
- [23] = https://curl.haxx.se/bug/?i=1466
- [24] = https://curl.haxx.se/bug/?i=1463
- [25] = https://curl.haxx.se/bug/?i=1471
- [26] = https://curl.haxx.se/bug/?i=1469
- [27] = https://curl.haxx.se/bug/?i=1315
- [28] = https://curl.haxx.se/bug/?i=1465
- [29] = https://curl.haxx.se/bug/?i=1472
- [30] = https://curl.haxx.se/bug/?i=1475
- [31] = https://curl.haxx.se/bug/?i=1481
- [32] = https://curl.haxx.se/bug/?i=1474
- [33] = https://curl.haxx.se/bug/?i=1400
- [34] = https://curl.haxx.se/bug/?i=1487
- [35] = https://curl.haxx.se/bug/?i=1450
- [36] = https://curl.haxx.se/bug/?i=1490
- [37] = https://curl.haxx.se/bug/?i=1253
- [38] = https://curl.haxx.se/bug/?i=1479
- [39] = https://curl.haxx.se/bug/?i=1488
- [40] = https://curl.haxx.se/bug/?i=1461
- [41] = https://curl.haxx.se/bug/?i=1504
- [42] = https://curl.haxx.se/bug/?i=878
- [43] = https://curl.haxx.se/bug/?i=1489
- [44] = https://curl.haxx.se/bug/?i=1321
- [45] = https://curl.haxx.se/bug/?i=1499
- [46] = https://curl.haxx.se/bug/?i=1516
- [47] = https://curl.haxx.se/bug/?i=1294
- [48] = https://curl.haxx.se/bug/?i=1208
- [49] = https://curl.haxx.se/bug/?i=1516
- [50] = https://curl.haxx.se/bug/?i=1522
- [51] = https://curl.haxx.se/bug/?i=1524
- [52] = https://curl.haxx.se/bug/?i=846
- [53] = https://curl.haxx.se/bug/?i=1528
- [54] = https://curl.haxx.se/bug/?i=1530
- [55] = https://curl.haxx.se/bug/?i=1529
- [56] = https://curl.haxx.se/bug/?i=1532
- [57] = https://curl.haxx.se/bug/?i=1536
- [58] = https://curl.haxx.se/bug/?i=1539
- [59] = https://curl.haxx.se/bug/?i=1543
- [60] = https://curl.haxx.se/bug/?i=1550
- [61] = https://curl.haxx.se/mail/lib-2017-06/0017.html
- [62] = https://curl.haxx.se/bug/?i=1557
- [63] = https://curl.haxx.se/bug/?i=1541
- [64] = https://curl.haxx.se/bug/?i=1561
- [65] = https://curl.haxx.se/docs/adv_20170614.html
- [66] = https://curl.haxx.se/mail/lib-2017-06/0038.html
+ [1] = https://daniel.haxx.se/blog/2017/06/15/target-independent-libcurl-headers/
+ [2] = https://curl.haxx.se/bug/?i=1565
+ [3] = https://curl.haxx.se/bug/?i=1531
+ [4] = https://curl.haxx.se/bug/?i=1556
+ [5] = https://curl.haxx.se/bug/?i=1547
+