mirror of
https://github.com/moparisthebest/curl
synced 2024-11-10 03:25:04 -05:00
68d2830ee9
Although it is not explicitly stated in the documentation, NSS uses *pRetCert and *pRetKey even if the client authentication hook returns a failure. Namely, if we destroy *pRetCert without clearing *pRetCert afterwards, NSS destroys the certificate once again, which causes a double free. Reported by: Bob Relyea
32 lines
739 B
Plaintext
32 lines
739 B
Plaintext
Curl and libcurl 7.28.2
|
|
|
|
Public curl releases: 131
|
|
Command line options: 152
|
|
curl_easy_setopt() options: 199
|
|
Public functions in libcurl: 58
|
|
Known libcurl bindings: 39
|
|
Contributors: 993
|
|
|
|
This release includes the following changes:
|
|
|
|
o
|
|
|
|
This release includes the following bugfixes:
|
|
|
|
o nss: prevent NSS from crashing on client auth hook failure
|
|
|
|
This release includes the following known bugs:
|
|
|
|
o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)
|
|
|
|
This release would not have looked like this without help, code, reports and
|
|
advice from friends like these:
|
|
|
|
|
|
|
|
Thanks! (and sorry if I forgot to mention someone)
|
|
|
|
References to bug reports and discussions on issues:
|
|
|
|
|