Bertrand SIMONNET | e6cd738 | 2015-07-01 15:39:44 -0700 | [diff] [blame] | 1 | Curl and libcurl 7.43.0 |
Lucas Eckels | 9bd90e6 | 2012-08-06 15:07:02 -0700 | [diff] [blame] | 2 | |
Bertrand SIMONNET | e6cd738 | 2015-07-01 15:39:44 -0700 | [diff] [blame] | 3 | Public curl releases: 147 |
| 4 | Command line options: 176 |
| 5 | curl_easy_setopt() options: 219 |
Lucas Eckels | 9bd90e6 | 2012-08-06 15:07:02 -0700 | [diff] [blame] | 6 | Public functions in libcurl: 58 |
Bertrand SIMONNET | e6cd738 | 2015-07-01 15:39:44 -0700 | [diff] [blame] | 7 | Contributors: 1291 |
Lucas Eckels | 9bd90e6 | 2012-08-06 15:07:02 -0700 | [diff] [blame] | 8 | |
| 9 | This release includes the following changes: |
| 10 | |
Bertrand SIMONNET | e6cd738 | 2015-07-01 15:39:44 -0700 | [diff] [blame] | 11 | o Added CURLOPT_PROXY_SERVICE_NAME[11] |
| 12 | o Added CURLOPT_SERVICE_NAME[12] |
| 13 | o New curl option: --proxy-service-name[13] |
| 14 | o Mew curl option: --service-name [14] |
| 15 | o New curl option: --data-raw [5] |
| 16 | o Added CURLOPT_PIPEWAIT [15] |
| 17 | o Added support for multiplexing transfers using HTTP/2, enable this |
| 18 | with the new CURLPIPE_MULTIPLEX bit for CURLMOPT_PIPELINING [16] |
| 19 | o HTTP/2: requires nghttp2 1.0.0 or later |
| 20 | o scripts: add zsh.pl for generating zsh completion |
| 21 | o curl.h: add CURL_HTTP_VERSION_2 |
Lucas Eckels | 9bd90e6 | 2012-08-06 15:07:02 -0700 | [diff] [blame] | 22 | |
| 23 | This release includes the following bugfixes: |
| 24 | |
Bertrand SIMONNET | e6cd738 | 2015-07-01 15:39:44 -0700 | [diff] [blame] | 25 | o CVE-2015-3236: lingering HTTP credentials in connection re-use [30] |
| 26 | o CVE-2015-3237: SMB send off unrelated memory contents [31] |
| 27 | o nss: fix compilation failure with old versions of NSS [1] |
| 28 | o curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION |
| 29 | o schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error |
| 30 | o Curl_ossl_init: load builtin modules [2] |
| 31 | o configure: follow-up fix for krb5-config [3] |
| 32 | o sasl_sspi: Populate domain from the realm in the challenge [4] |
| 33 | o netrc: support 'default' token |
| 34 | o README: convert to UTF-8 |
| 35 | o cyassl: Implement public key pinning |
| 36 | o nss: implement public key pinning for NSS backend |
| 37 | o mingw build: add arch -m32/-m64 to LDFLAGS |
| 38 | o schannel: Fix out of bounds array [6] |
| 39 | o configure: remove autogenerated files by autoconf |
| 40 | o configure: remove --automake from libtoolize call |
| 41 | o acinclude.m4: fix shell test for default CA cert bundle/path |
| 42 | o schannel: fix regression in schannel_recv [7] |
| 43 | o openssl: skip trace outputs for ssl_ver == 0 [8] |
| 44 | o gnutls: properly retrieve certificate status |
| 45 | o netrc: Read in text mode when cygwin [9] |
| 46 | o winbuild: Document the option used to statically link the CRT [10] |
| 47 | o FTP: Make EPSV use the control IP address rather than the original host |
| 48 | o FTP: fix dangling conn->ip_addr dereference on verbose EPSV |
| 49 | o conncache: keep bundles on host+port bases, not only host names |
| 50 | o runtests.pl: use 'h2c' now, no -14 anymore |
| 51 | o curlver: introducing new version number (checking) macros |
| 52 | o openssl: boringssl build brekage, use SSL_CTX_set_msg_callback [17] |
| 53 | o CURLOPT_POSTFIELDS.3: correct variable names [18] |
| 54 | o curl_easy_unescape.3: update RFC reference [19] |
| 55 | o gnutls: don't fail on non-fatal alerts during handshake |
| 56 | o testcurl.pl: allow source to be in an arbitrary directory |
| 57 | o CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy |
| 58 | o SSPI-error: Change SEC_E_ILLEGAL_MESSAGE description [20] |
| 59 | o parse_proxy: switch off tunneling if non-HTTP proxy [21] |
| 60 | o share_init: fix OOM crash |
| 61 | o perl: remove subdir, not touched in 9 years |
| 62 | o CURLOPT_COOKIELIST.3: Add example |
| 63 | o CURLOPT_COOKIE.3: Explain that the cookies won't be modified [22] |
| 64 | o CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain [23] |
| 65 | o FAQ: How do I port libcurl to my OS? |
| 66 | o openssl: Use TLS_client_method for OpenSSL 1.1.0+ |
| 67 | o HTTP-NTLM: fail auth on connection close instead of looping [24] |
| 68 | o curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT [25] |
| 69 | o curl_getdate.3: update RFC reference |
| 70 | o curl_multi_info_read.3: added example |
| 71 | o curl_multi_perform.3: added example |
| 72 | o curl_multi_timeout.3: added example |
| 73 | o cookie: Stop exporting any-domain cookies [26] |
| 74 | o openssl: remove dummy callback use from SSL_CTX_set_verify() |
| 75 | o openssl: remove SSL_get_session()-using code |
| 76 | o openssl: removed USERDATA_IN_PWD_CALLBACK kludge |
| 77 | o openssl: removed error string #ifdef |
| 78 | o openssl: Fix verification of server-sent legacy intermediates [27] |
| 79 | o docs: man page indentation and syntax fixes |
| 80 | o docs: Spelling fixes |
| 81 | o fopen.c: fix a few compiler warnings |
| 82 | o CURLOPT_OPENSOCKETFUNCTION: return error at once [28] |
| 83 | o schannel: Add support for optional client certificates |
| 84 | o build: Properly detect OpenSSL 1.0.2 when using configure |
| 85 | o urldata: store POST size in state.infilesize too [29] |
| 86 | o security:choose_mech remove dead code |
| 87 | o rtsp_do: remove dead code |
| 88 | o docs: many HTTP URIs changed to HTTPS |
| 89 | o schannel: schannel_recv overhaul [32] |
Lucas Eckels | 9bd90e6 | 2012-08-06 15:07:02 -0700 | [diff] [blame] | 90 | |
| 91 | This release includes the following known bugs: |
| 92 | |
| 93 | o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html) |
| 94 | |
| 95 | This release would not have looked like this without help, code, reports and |
| 96 | advice from friends like these: |
| 97 | |
Bertrand SIMONNET | e6cd738 | 2015-07-01 15:39:44 -0700 | [diff] [blame] | 98 | Alessandro Ghedini, Alexander Dyagilev, Anders Bakken, Anthony Avina, |
| 99 | Ashish Shukla, Bert Huijben, Brian Chrisman, Brian Prodoehl, Chris Araman, |
| 100 | Dagobert Michelsen, Dan Fandrich, Daniel Melani, Daniel Stenberg, |
| 101 | Dmitry Eremin-Solenikov, Drake Arconis, Egon Eckert, Frank Meier, Fred Stluka, |
| 102 | Gisle Vanem, Grant Pannell, Isaac Boukris, Jens Rantil, Joel Depooter, |
| 103 | Kamil Dudka, Linus Nielsen Feltzing, Linus Nielsen Feltzing Feltzing, |
| 104 | Liviu Chircu, Marc Hoersken, Michael Osipov, Oren Souroujon, Orgad Shaneh, |
| 105 | Patrick Monnerat, Patrick Rapin, Paul Howarth, Paul Oliver, Rafayel Mkrtchyan, |
| 106 | Ray Satiro, Sean Boudreau, Tatsuhiro Tsujikawa, Tomas Tomecek, Viktor Szakáts, |
| 107 | Ville Skyttä, Yehezkel Horowitz, |
| 108 | (43 contributors) |
Lucas Eckels | 9bd90e6 | 2012-08-06 15:07:02 -0700 | [diff] [blame] | 109 | |
| 110 | Thanks! (and sorry if I forgot to mention someone) |
Bertrand SIMONNET | e6cd738 | 2015-07-01 15:39:44 -0700 | [diff] [blame] | 111 | |
| 112 | References to bug reports and discussions on issues: |
| 113 | |
| 114 | [1] = http://curl.haxx.se/mail/lib-2015-04/0095.html |
| 115 | [2] = https://github.com/bagder/curl/pull/206 |
| 116 | [3] = https://github.com/bagder/curl/commit/5b668606527613179d0349f21b4ab0df2971e3d2#commitcomment-10473445 |
| 117 | [4] = https://github.com/bagder/curl/pull/141 |
| 118 | [5] = https://github.com/bagder/curl/issues/198 |
| 119 | [6] = http://curl.haxx.se/mail/lib-2015-04/0199.html |
| 120 | [7] = https://github.com/bagder/curl/issues/244 |
| 121 | [8] = https://github.com/bagder/curl/issues/219 |
| 122 | [9] = https://github.com/bagder/curl/pull/258 |
| 123 | [10] = https://github.com/bagder/curl/issues/254 |
| 124 | [11] = http://curl.haxx.se/libcurl/c/CURLOPT_PROXY_SERVICE_NAME.html |
| 125 | [12] = http://curl.haxx.se/libcurl/c/CURLOPT_SERVICE_NAME.html |
| 126 | [13] = http://curl.haxx.se/docs/manpage.html#--proxy-service-name |
| 127 | [14] = http://curl.haxx.se/docs/manpage.html#--service-name |
| 128 | [15] = http://curl.haxx.se/libcurl/c/CURLOPT_PIPEWAIT.html |
| 129 | [16] = http://curl.haxx.se/libcurl/c/CURLMOPT_PIPELINING.html |
| 130 | [17] = https://github.com/bagder/curl/issues/275 |
| 131 | [18] = https://github.com/bagder/curl/issues/281 |
| 132 | [19] = https://github.com/bagder/curl/issues/282 |
| 133 | [20] = https://github.com/bagder/curl/issues/267 |
| 134 | [21] = http://curl.haxx.se/mail/lib-2015-05/0056.html |
| 135 | [22] = http://curl.haxx.se/mail/lib-2015-05/0115.html |
| 136 | [23] = http://curl.haxx.se/mail/lib-2015-05/0137.html |
| 137 | [24] = https://github.com/bagder/curl/issues/256 |
| 138 | [25] = https://github.com/bagder/curl/pull/258#issuecomment-107093055 |
| 139 | [26] = https://github.com/bagder/curl/issues/292 |
| 140 | [27] = https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest |
| 141 | [28] = http://curl.haxx.se/mail/lib-2015-06/0047.html |
| 142 | [29] = http://curl.haxx.se/mail/lib-2015-06/0019.html |
| 143 | [30] = http://curl.haxx.se/docs/adv_20150617A.html |
| 144 | [31] = http://curl.haxx.se/docs/adv_20150617B.html |
| 145 | [32] = https://github.com/bagder/curl/issues/244 |