245 строки
12 KiB
Plaintext
245 строки
12 KiB
Plaintext
Curl and libcurl 7.55.0
|
|
|
|
Public curl releases: 167
|
|
Command line options: 210
|
|
curl_easy_setopt() options: 247
|
|
Public functions in libcurl: 61
|
|
Contributors: 1571
|
|
|
|
This release includes the following changes:
|
|
|
|
o curl: allow --header and --proxy-header read from file [7]
|
|
o getinfo: provide sizes as curl_off_t [6]
|
|
o curl: prevent binary output spewed to terminal [16]
|
|
o curl: added --request-target [22]
|
|
o libcurl: added CURLOPT_REQUEST_TARGET [22]
|
|
o curl: added --socks5-{basic,gssapi}: control socks5 auth [30]
|
|
o libcurl: added CURLOPT_SOCKS5_AUTH [30]
|
|
|
|
This release includes the following bugfixes:
|
|
|
|
o glob: do not parse after a strtoul() overflow range (CVE-2017-1000101) [85]
|
|
o tftp: reject file name lengths that don't fit (CVE-2017-1000100) [84]
|
|
o file: output the correct buffer to the user (CVE-2017-1000099) [83]
|
|
o includes: remove curl/curlbuild.h and curl/curlrules.h [1]
|
|
o dist: make the hugehelp.c not get regenerated unnecessarily [2]
|
|
o timers: store internal time stamps as time_t instead of doubles [3]
|
|
o progress: let "current speed" be UL + DL speeds combined [4]
|
|
o http-proxy: do the HTTP CONNECT process entirely non-blocking [5]
|
|
o lib/curl_setup.h: remove CURL_WANTS_CA_BUNDLE_ENV [8]
|
|
o fuzz: bring oss-fuzz initial code converted to C89 [10]
|
|
o configure: disable nghttp2 too if HTTP has been disabled
|
|
o mk-ca-bundle.pl: Check curl's exit code after certdata download [11]
|
|
o test1148: verify the -# progressbar [12]
|
|
o tests: stabilize test 2032 and 2033 [13]
|
|
o HTTPS-Proxy: don't offer h2 for https proxy connections [14]
|
|
o http-proxy: only attempt FTP over HTTP proxy [9]
|
|
o curl-compilers.m4: enable vla warning for clang [15]
|
|
o curl-compilers.m4: enable double-promotion warning [15]
|
|
o curl-compilers.m4: enable missing-variable-declarations clang warning [15]
|
|
o curl-compilers.m4: enable comma clang warning [15]
|
|
o Makefile.m32: enable -W for MinGW32 build [15]
|
|
o CURLOPT_PREQUOTE: not supported for SFTP [17]
|
|
o http2: fix OOM crash
|
|
o PIPELINING_SERVER_BL: cleanup the internal list use [18]
|
|
o mkhelp.pl: fix script name in usage text
|
|
o lib1521: add curl_easy_getinfo calls to the test set
|
|
o travis: do the distcheck test build out-of-tree as well
|
|
o if2ip: fix compiler warning in ISO C90 mode
|
|
o lib: fix the djgpp build [19]
|
|
o typecheck-gcc: add support for CURLINFO_OFF_T [20]
|
|
o travis: enable typecheck-gcc warnings [21]
|
|
o maketgz: switch to xz instead of lzma [23]
|
|
o CURLINFO_REDIRECT_URL.3: mention the CURLOPT_MAXREDIRS case
|
|
o curl-compilers.m4: fix unknown-warning-option on Apple clang [24]
|
|
o winbuild: fix boringssl build [25]
|
|
o curl/system.h: add check for XTENSA for 32bit gcc [26]
|
|
o test1537: fixed memory leak on OOM
|
|
o test1521: fix compiler warnings [27]
|
|
o curl: fix memory leak on test 1147 OOM [28]
|
|
o libtest/make: generate lib1521.c dynamically at build-time [29]
|
|
o curl_strequal.3: fix typo in SYNOPSIS [31]
|
|
o progress: prevent resetting t_starttransfer [32]
|
|
o openssl: improve fallback seed of PRNG with a time based hash [33]
|
|
o http2: improved PING frame handling [34]
|
|
o test1450: add simple testing for DICT [35]
|
|
o make: build the docs subdir only from within src [36]
|
|
o cmake: Added compatibility options for older Windows versions [37]
|
|
o gtls: fix build when sizeof(long) < sizeof(void *) [38]
|
|
o url: make the original string get used on subsequent transfers [39]
|
|
o timeval.c: Use long long constant type for timeval assignment [40]
|
|
o tool_sleep: typecast to avoid macos compiler warning
|
|
o travis.yml: use --enable-werror on debug builds [41]
|
|
o test1451: add SMB support to the testbed [42]
|
|
o configure: remove checks for 5 functions never used [43]
|
|
o configure: try ldap/lber in reversed order first [44]
|
|
o smb: fix build for djgpp/MSDOS [45]
|
|
o travis: install nghttp2 on linux builds [46]
|
|
o smb: add support for CURLOPT_FILETIME [47]
|
|
o cmake: fix send/recv argument scanner for windows [48]
|
|
o inet_pton: fix include on windows to get prototype [49]
|
|
o select.h: avoid macro redefinition harder
|
|
o cmake: if inet_pton is used, bump _WIN32_WINNT
|
|
o asyn-thread.c: fix unused variable warnings on macOS
|
|
o runtests: support "threaded-resolver" as a feature
|
|
o test506: skip if threaded-resolver
|
|
o cmake: remove spurious "-l" from linker flags [50]
|
|
o cmake: add CURL_WERROR for enabling "warning as errors"
|
|
o memdebug: don't setbuf() if the file open failed [51]
|
|
o curl_easy_escape.3: mention the (lack of) encoding [52]
|
|
o test1452: add telnet negotiation [53]
|
|
o CURLOPT_POSTFIELDS.3: explain the 100-continue magic better
|
|
o cmake: offer CMAKE_DEBUG_POSTFIX when building with MSVC [54]
|
|
o tests/valgrind.supp: supress OpenSSL false positive seen on travis [55]
|
|
o curl_setup_once: Remove ERRNO/SET_ERRNO macros [56]
|
|
o curl-compilers.m4: disable warning spam with Cygwin's clang [57]
|
|
o ldap: fix MinGW compiler warning [58]
|
|
o make: fix docs build on OpenBSD [59]
|
|
o curl_setup: always define WIN32_LEAN_AND_MEAN on Windows [60]
|
|
o system.h: include winsock2.h before windows.h
|
|
o winbuild: build with warning level 4 [61]
|
|
o rtspd: fix MSVC level 4 warning
|
|
o sockfilt: suppress conversion warning with explicit cast
|
|
o libtest: fix MSVC warning C4706
|
|
o darwinssl: fix pinnedpubkey build error [62]
|
|
o tests/server/resolve.c: fix deprecation warning [63]
|
|
o nss: fix a possible use-after-free in SelectClientCert() [64]
|
|
o checksrc: escape open brace in regex
|
|
o multi: mention integer overflow risk if using > 500 million sockets [65]
|
|
o darwinssl: fix --tlsv1.2 regression [66]
|
|
o timeval: struct curltime is a struct timeval replacement [67]
|
|
o curl_rtmp: fix a compiler warning [68]
|
|
o include.d: clarify that it concerns the response headers [69]
|
|
o cmake: support make uninstall [70]
|
|
o include.d: clarify --include is only for response headers [71]
|
|
o libcurl: Stop using error codes defined under CURL_NO_OLDIES [72]
|
|
o http: fix response code parser to avoid integer overflow [73]
|
|
o configure: fix the check for IdnToUnicode [74]
|
|
o multi: fix request timer management [75]
|
|
o curl_threads: fix MSVC compiler warning [76]
|
|
o travis: build on osx with openssl
|
|
o travis: build on osx with libressl
|
|
o CURLOPT_NETRC.3: mention the file name on windows
|
|
o cmake: set MSVC warning level to 4 [77]
|
|
o netrc: skip lines starting with '#' [78]
|
|
o darwinssl: fix curlssl_sha256sum() compiler warnings on first argument
|
|
o BUILD.WINDOWS: mention buildconf.bat for builds off git
|
|
o darwinssl: silence compiler warnings [79]
|
|
o travis: build on osx with darwinssl
|
|
o FTP: skip unnecessary CWD when in nocwd mode [80]
|
|
o gssapi: fix memory leak of output token in multi round context [81]
|
|
o getparameter: avoid returning uninitialized 'usedarg' [82]
|
|
o curl (debug build) easy_events: make event data static
|
|
o curl: detect and bail out early on parameter integer overflows [86]
|
|
o configure: fix recv/send/select detection on Android [87]
|
|
|
|
This release includes the following known bugs:
|
|
|
|
o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)
|
|
|
|
This release would not have looked like this without help, code, reports and
|
|
advice from friends like these:
|
|
|
|
Brad Spencer, Brian Carpenter, Dan Fandrich, Daniel Stenberg,
|
|
David E. Narváez, destman at github, Dmitry Kostjuchenko,
|
|
Dwarakanath Yadavalli, Even Rouault, Evert Pot, Frederik B, Gisle Vanem,
|
|
Hannes Magnusson, Henrik Gaßmann, Isaac Boukris, Jakub Wilk, Jeremy Tan,
|
|
Jeroen Ooms, Jesse Chisholm, Johannes Schindelin, Kamil Dudka, Marcel Raad,
|
|
Martin Kepplinger, Matteo B., Max Dymond, Michael Kaufmann, Neil Kolban,
|
|
Nick Miyake, olesteban at github, ovidiu-benea on github, Pascal Terjan,
|
|
Paul Harris, Pavel Rochnyak, Per Malmberg, Ray Satiro, Rob Sanders,
|
|
Ryan Winograd, Sergei Nikulov, Simon Warta, Timothe Litt, Viktor Szakáts,
|
|
(41 contributors)
|
|
|
|
Thanks! (and sorry if I forgot to mention someone)
|
|
|
|
References to bug reports and discussions on issues:
|
|
|
|
[1] = https://daniel.haxx.se/blog/2017/06/15/target-independent-libcurl-headers/
|
|
[2] = https://curl.haxx.se/bug/?i=1565
|
|
[3] = https://curl.haxx.se/bug/?i=1531
|
|
[4] = https://curl.haxx.se/bug/?i=1556
|
|
[5] = https://curl.haxx.se/bug/?i=1547
|
|
[6] = https://curl.haxx.se/bug/?i=1511
|
|
[7] = https://curl.haxx.se/bug/?i=1486
|
|
[8] = https://curl.haxx.se/bug/?i=1538
|
|
[9] = https://curl.haxx.se/bug/?i=1505
|
|
[10] = https://curl.haxx.se/bug/?i=1476
|
|
[11] = https://curl.haxx.se/bug/?i=1577
|
|
[12] = https://curl.haxx.se/bug/?i=1569
|
|
[13] = https://curl.haxx.se/bug/?i=1576
|
|
[14] = https://curl.haxx.se/bug/?i=1546
|
|
[15] = https://curl.haxx.se/bug/?i=1578
|
|
[16] = https://curl.haxx.se/bug/?i=1512
|
|
[17] = https://curl.haxx.se/bug/?i=1514
|
|
[18] = https://curl.haxx.se/bug/?i=1584
|
|
[19] = https://github.com/curl/curl/commit/73a2fcea0b4adea6ba342cd7ed1149782c214ae3#commitcomment-22655993
|
|
[20] = https://curl.haxx.se/bug/?i=1592
|
|
[21] = https://curl.haxx.se/bug/?i=1595
|
|
[22] = https://curl.haxx.se/bug/?i=1593
|
|
[23] = https://curl.haxx.se/bug/?i=1604
|
|
[24] = https://curl.haxx.se/bug/?i=1606
|
|
[25] = https://curl.haxx.se/bug/?i=1610
|
|
[26] = https://curl.haxx.se/bug/?i=1598
|
|
[27] = https://curl.haxx.se/bug/?i=1611
|
|
[28] = https://github.com/curl/curl/pull/1486#issuecomment-310926872
|
|
[29] = https://curl.haxx.se/bug/?i=1614
|
|
[30] = https://curl.haxx.se/bug/?i=1454
|
|
[31] = https://curl.haxx.se/bug/?i=1623
|
|
[32] = https://curl.haxx.se/bug/?i=1616
|
|
[33] = https://curl.haxx.se/bug/?i=1620
|
|
[34] = https://curl.haxx.se/bug/?i=1521
|
|
[35] = https://curl.haxx.se/bug/?i=1615
|
|
[36] = https://curl.haxx.se/bug/?i=1591
|
|
[37] = https://curl.haxx.se/bug/?i=1621
|
|
[38] = https://curl.haxx.se/bug/?i=1617
|
|
[39] = https://curl.haxx.se/bug/?i=1631
|
|
[40] = https://curl.haxx.se/mail/lib-2017-07/0003.html
|
|
[41] = https://curl.haxx.se/bug/?i=1637
|
|
[42] = https://curl.haxx.se/bug/?i=1630
|
|
[43] = https://curl.haxx.se/bug/?i=1638
|
|
[44] = https://curl.haxx.se/bug/?i=1619
|
|
[45] = https://curl.haxx.se/mail/lib-2017-07/0005.html
|
|
[46] = https://curl.haxx.se/bug/?i=1642
|
|
[47] = https://curl.haxx.se/mail/lib-2017-07/0005.html
|
|
[48] = https://curl.haxx.se/bug/?i=1640
|
|
[49] = https://curl.haxx.se/bug/?i=1639
|
|
[50] = https://curl.haxx.se/bug/?i=1552
|
|
[51] = https://github.com/curl/curl/issues/828#issuecomment-313475151
|
|
[52] = https://curl.haxx.se/bug/?i=1612
|
|
[53] = https://curl.haxx.se/bug/?i=1645
|
|
[54] = https://curl.haxx.se/bug/?i=1649
|
|
[55] = https://curl.haxx.se/bug/?i=1653
|
|
[56] = https://curl.haxx.se/bug/?i=1589
|
|
[57] = https://curl.haxx.se/bug/?i=1665
|
|
[58] = https://curl.haxx.se/bug/?i=1664
|
|
[59] = https://curl.haxx.se/bug/?i=1591
|
|
[60] = https://curl.haxx.se/bug/?i=1672
|
|
[61] = https://curl.haxx.se/bug/?i=1667
|
|
[62] = https://github.com/curl/curl/commit/eb16305#commitcomment-23035670
|
|
[63] = https://curl.haxx.se/bug/?i=1682
|
|
[64] = https://bugzilla.redhat.com/1436158
|
|
[65] = https://curl.haxx.se/bug/?i=1683
|
|
[66] = https://curl.haxx.se/bug/?i=1703
|
|
[67] = https://curl.haxx.se/bug/?i=1693
|
|
[68] = https://curl.haxx.se/bug/?i=1652
|
|
[69] = https://curl.haxx.se/bug/?i=1704
|
|
[70] = https://curl.haxx.se/bug/?i=1674
|
|
[71] = https://github.com/curl/curl/commit/de6de94#commitcomment-23370851
|
|
[72] = https://curl.haxx.se/bug/?i=1688
|
|
[73] = https://curl.haxx.se/bug/?i=1714
|
|
[74] = https://curl.haxx.se/bug/?i=1669
|
|
[75] = https://curl.haxx.se/mail/lib-2017-07/0033.html
|
|
[76] = https://curl.haxx.se/bug/?i=1717
|
|
[77] = https://curl.haxx.se/bug/?i=1711
|
|
[78] = https://curl.haxx.se/mail/lib-2017-08/0008.html
|
|
[79] = https://curl.haxx.se/bug/?i=1722
|
|
[80] = https://curl.haxx.se/bug/?i=1718
|
|
[81] = https://curl.haxx.se/bug/?i=1733
|
|
[82] = https://curl.haxx.se/bug/?i=1728
|
|
[83] = https://curl.haxx.se/docs/adv_20170809C.html
|
|
[84] = https://curl.haxx.se/docs/adv_20170809B.html
|
|
[85] = https://curl.haxx.se/docs/adv_20170809A.html
|
|
[86] = https://curl.haxx.se/bug/?i=1730
|
|
[87] = https://curl.haxx.se/bug/?i=1738
|