Google Git
Sign in
android / platform / external / curl / 445085ad1110e215636704c9530ba16ae3e87329 / . / RELEASE-NOTES
blob: cd13827f5ba58d0fb3aa4df78f69d35b492ec392 [file] [log] [blame]
Haibo Huang445085a2019-09-11 13:33:50 -0700[diff] [blame^]1curl and libcurl 7.66.0
Lucas Eckels9bd90e62012-08-06 15:07:02 -0700[diff] [blame]2
Haibo Huang445085a2019-09-11 13:33:50 -0700[diff] [blame^]3 Public curl releases: 185
4 Command line options: 225
5 curl_easy_setopt() options: 269
6 Public functions in libcurl: 81
Haibo Huang001784b2019-07-19 05:27:28 -0700[diff] [blame]7 Contributors: 1991
Lucas Eckels9bd90e62012-08-06 15:07:02 -0700[diff] [blame]8
Haibo Huang445085a2019-09-11 13:33:50 -0700[diff] [blame^]9This release includes the following changes:
10
11 o CURLINFO_RETRY_AFTER: parse the Retry-After header value [35]
12 o HTTP3: initial (experimental still not working) support [5]
13 o curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool [27]
14 o curl: support parallel transfers with -Z [4]
15 o curl_multi_poll: a sister to curl_multi_wait() that waits more [28]
16 o sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID [27]
17
Lucas Eckels9bd90e62012-08-06 15:07:02 -0700[diff] [blame]18This release includes the following bugfixes:
19
Haibo Huang445085a2019-09-11 13:33:50 -0700[diff] [blame^]20 o CVE-2019-5481: FTP-KRB double-free [64]
21 o CVE-2019-5482: TFTP small blocksize heap buffer overflow [65]
22 o CI: remove duplicate configure flag for LGTM.com
23 o CMake: remove needless newlines at end of gss variables
24 o CMake: use platform dependent name for dlopen() library [62]
25 o CURLINFO docs: mention that in redirects times are added [55]
26 o CURLOPT_ALTSVC.3: use a "" file name to not load from a file
27 o CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED
28 o CURLOPT_HEADERFUNCTION.3: clarify [54]
29 o CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly [33]
30 o CURLOPT_READFUNCTION.3: provide inline example
31 o CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2 [51]
32 o Curl_addr2string: take an addrlen argument too [61]
33 o Curl_fillreadbuffer: avoid double-free trailer buf on error [66]
34 o HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown [10]
35 o alt-svc: add protocol version selection masking [31]
36 o alt-svc: fix removal of expired cache entry [30]
37 o alt-svc: make it use h3-22 with ngtcp2 as well
38 o alt-svc: more liberal ALPN name parsing [17]
39 o alt-svc: send Alt-Used: in redirected requests [32]
40 o alt-svc: with quiche, use the quiche h3 alpn string [16]
41 o appveyor: pass on -k to make
42 o asyn-thread: create a socketpair to wait on [14]
43 o build-openssl: fix build with Visual Studio 2019 [45]
44 o cleanup: move functions out of url.c and make them static [58]
45 o cleanup: remove the 'numsocks' argument used in many places [25]
46 o configure: avoid undefined check_for_ca_bundle [37]
47 o curl.h: add CURL_HTTP_VERSION_3 to the version enum
48 o curl.h: fix outdated comment [23]
49 o curl: cap the maximum allowed values for retry time arguments [13]
50 o curl: handle a libcurl build without netrc support [63]
51 o curl: make use of CURLINFO_RETRY_AFTER when retrying [35]
52 o curl: remove outdated comment [24]
53 o curl: use .curlrc (with a dot) on Windows [52]
54 o curl: use CURLINFO_PROTOCOL to check for HTTP(s)
55 o curl_global_init_mem.3: mention it was added in 7.12.0
56 o curl_version: bump string buffer size to 250
57 o curl_version_info.3: mentioned ALTSVC and HTTP3
58 o curl_version_info: offer quic (and h3) library info [38]
59 o curl_version_info: provide nghttp2 details [2]
60 o defines: avoid underscore-prefixed defines [47]
61 o docs/ALTSVC: remove what works and the experimental explanation [34]
62 o docs/EXPERIMENTAL: explain what it means and what's experimental now
63 o docs/MANUAL.md: converted to markdown from plain text [3]
64 o docs/examples/curlx: fix errors [48]
65 o docs: s/curl_debug/curl_dbg_debug in comments and docs [36]
66 o easy: resize receive buffer on easy handle reset [9]
67 o examples: Avoid reserved names in hiperfifo examples [8]
68 o examples: add http3.c, altsvc.c and http3-present.c [40]
69 o getenv: support up to 4K environment variable contents on windows [21]
70 o http09: disable HTTP/0.9 by default in both tool and library [29]
71 o http2: when marked for closure and wanted to close == OK [56]
72 o http2_recv: trigger another read when the last data is returned [11]
73 o http: fix use of credentials from URL when using HTTP proxy [44]
74 o http_negotiate: improve handling of gss_init_sec_context() failures [18]
75 o md4: Use our own MD4 when no crypto libraries are available [15]
76 o multi: call detach_connection before Curl_disconnect [6]
77 o netrc: make the code try ".netrc" on Windows [52]
78 o nss: use TLSv1.3 as default if supported [39]
79 o openssl: build warning free with boringssl [50]
80 o openssl: use SSL_CTX_set_<min|max>_proto_version() when available [68]
81 o plan9: add support for running on Plan 9 [22]
82 o progress: reset download/uploaded counter between transfers [12]
83 o readwrite_data: repair setting the TIMER_STARTTRANSFER stamp [26]
84 o scp: fix directory name length used in memcpy [46]
85 o smb: init *msg to NULL in smb_send_and_recv() [60]
86 o smtp: check for and bail out on too short EHLO response [59]
87 o source: remove names from source comments [1]
88 o spnego_sspi: add typecast to fix build warning [49]
89 o src/makefile: fix uncompressed hugehelp.c generation [19]
90 o ssh-libssh: do not specify O_APPEND when not in append mode [7]
91 o ssh: move code into vssh for SSH backends [53]
92 o sspi: fix memory leaks [67]
93 o tests: Replace outdated test case numbering documentation [43]
94 o tftp: return error when packet is too small for options
95 o timediff: make it 64 bit (if possible) even with 32 bit time_t [20]
96 o travis: reduce number of torture tests in 'coverage' [42]
97 o url: make use of new HTTP version if alt-svc has one [16]
98 o urlapi: verify the IPv6 numerical address [69]
99 o urldata: avoid 'generic', use dedicated pointers [57]
100 o vauth: Use CURLE_AUTH_ERROR for auth function errors [41]
Lucas Eckels9bd90e62012-08-06 15:07:02 -0700[diff] [blame]101
102This release includes the following known bugs:
103
Alex Deymod15eaac2016-06-28 14:49:26 -0700[diff] [blame]104 o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)
Lucas Eckels9bd90e62012-08-06 15:07:02 -0700[diff] [blame]105
106This release would not have looked like this without help, code, reports and
107advice from friends like these:
108
Haibo Huang445085a2019-09-11 13:33:50 -0700[diff] [blame^]109 Alessandro Ghedini, Alex Mayorga, Amit Katyal, Balazs Kovacsics,
110 Brad Spencer, Brandon Dong, Carlo Marcelo Arenas Belón, Christopher Head,
111 Clément Notin, codesniffer13 on github, Daniel Gustafsson, Daniel Stenberg,
112 Dominik Hölzl, Eric Wong, Felix Hädicke, Gergely Nagy, Gisle Vanem,
113 Igor Makarov, Ironbars13 on github, Jason Lee, Jeremy Lainé,
114 Jonathan Cardoso Machado, Junho Choi, Kamil Dudka, Kyle Abramowitz,
115 Kyohei Kadota, Lance Ware, Marcel Raad, Max Dymond, Michael Lee,
116 Michal Čaplygin, migueljcrum on github, Mike Crowe, niallor on github,
117 osabc on github, patnyb on github, Patrick Monnerat, Peter Wu, Ray Satiro,
118 Rolf Eike Beer, Steve Holme, Tatsuhiro Tsujikawa, The Infinnovation team,
119 Thomas Vegas, Tom van der Woerdt, Yiming Jing,
120 (46 contributors)
Lucas Eckels9bd90e62012-08-06 15:07:02 -0700[diff] [blame]121
122 Thanks! (and sorry if I forgot to mention someone)
Bertrand SIMONNETe6cd7382015-07-01 15:39:44 -0700[diff] [blame]123
124References to bug reports and discussions on issues:
125
Haibo Huang445085a2019-09-11 13:33:50 -0700[diff] [blame^]126 [1] = https://curl.haxx.se/bug/?i=4129
127 [2] = https://curl.haxx.se/bug/?i=4121
128 [3] = https://curl.haxx.se/bug/?i=4131
129 [4] = https://curl.haxx.se/bug/?i=3804
130 [5] = https://curl.haxx.se/bug/?i=3500
131 [6] = https://curl.haxx.se/bug/?i=4144
132 [7] = https://curl.haxx.se/bug/?i=4147
133 [8] = https://curl.haxx.se/bug/?i=4153
134 [9] = https://curl.haxx.se/bug/?i=4143
135 [10] = https://curl.haxx.se/bug/?i=4138
136 [11] = https://curl.haxx.se/bug/?i=4043
137 [12] = https://curl.haxx.se/bug/?i=4084
138 [13] = https://curl.haxx.se/bug/?i=4166
139 [14] = https://curl.haxx.se/bug/?i=4157
140 [15] = https://curl.haxx.se/bug/?i=3780
141 [16] = https://curl.haxx.se/bug/?i=4183
142 [17] = https://curl.haxx.se/bug/?i=4182
143 [18] = https://curl.haxx.se/bug/?i=3992
144 [19] = https://curl.haxx.se/bug/?i=4176
145 [20] = https://curl.haxx.se/bug/?i=4165
146 [21] = https://curl.haxx.se/bug/?i=4174
147 [22] = https://curl.haxx.se/bug/?i=3701
148 [23] = https://curl.haxx.se/bug/?i=4167
149 [24] = https://curl.haxx.se/bug/?i=4172
150 [25] = https://curl.haxx.se/bug/?i=4169
151 [26] = https://curl.haxx.se/bug/?i=4136
152 [27] = https://curl.haxx.se/bug/?i=3653
153 [28] = https://curl.haxx.se/bug/?i=4163
154 [29] = https://curl.haxx.se/bug/?i=4191
155 [30] = https://curl.haxx.se/bug/?i=4192
156 [31] = https://curl.haxx.se/bug/?i=4201
157 [32] = https://curl.haxx.se/bug/?i=4199
158 [33] = https://curl.haxx.se/bug/?i=4197
159 [34] = https://curl.haxx.se/bug/?i=4198
160 [35] = https://curl.haxx.se/bug/?i=3794
161 [36] = https://curl.haxx.se/bug/?i=3794
162 [37] = https://curl.haxx.se/bug/?i=4213
163 [38] = https://curl.haxx.se/bug/?i=4216
164 [39] = https://curl.haxx.se/bug/?i=4187
165 [40] = https://curl.haxx.se/bug/?i=4221
166 [41] = https://curl.haxx.se/bug/?i=3848
167 [42] = https://curl.haxx.se/bug/?i=4223
168 [43] = https://curl.haxx.se/bug/?i=4227
169 [44] = https://curl.haxx.se/bug/?i=4228
170 [45] = https://curl.haxx.se/bug/?i=4188
171 [46] = https://curl.haxx.se/bug/?i=4258
172 [47] = https://curl.haxx.se/bug/?i=4254
173 [48] = https://curl.haxx.se/bug/?i=4248
174 [49] = https://curl.haxx.se/bug/?i=4245
175 [50] = https://curl.haxx.se/bug/?i=4244
176 [51] = https://curl.haxx.se/bug/?i=4241
177 [52] = https://curl.haxx.se/bug/?i=4230
178 [53] = https://curl.haxx.se/bug/?i=4235
179 [54] = https://curl.haxx.se/bug/?i=4273
180 [55] = https://curl.haxx.se/bug/?i=4250
181 [56] = https://curl.haxx.se/bug/?i=4267
182 [57] = https://curl.haxx.se/bug/?i=4290
183 [58] = https://curl.haxx.se/bug/?i=4289
184 [59] = https://curl.haxx.se/bug/?i=4287
185 [60] = https://curl.haxx.se/bug/?i=4286
186 [61] = https://curl.haxx.se/bug/?i=4283
187 [62] = https://curl.haxx.se/bug/?i=4279
188 [63] = https://curl.haxx.se/bug/?i=4302
189 [64] = https://curl.haxx.se/docs/CVE-2019-5481.html
190 [65] = https://curl.haxx.se/docs/CVE-2019-5482.html
191 [66] = https://curl.haxx.se/bug/?i=4307
192 [67] = https://curl.haxx.se/bug/?i=4299
193 [68] = https://curl.haxx.se/bug/?i=4304
194 [69] = https://curl.haxx.se/bug/?i=4315