diff options
author | Daniel Stenberg <daniel@haxx.se> | 2024-01-27 22:02:50 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2024-01-27 22:02:50 +0100 |
commit | ecb5d6bee9da7a6a0687f4eed0798268cce87d46 (patch) | |
tree | 3f33673c9cc14720b3dec88bd8ce5bee1a77e4b2 | |
parent | 066ed4e51417492605ac3465cb052e62f322d78b (diff) | |
download | curl-ecb5d6bee9da7a6a0687f4eed0798268cce87d46.tar.gz |
RELEASE-NOTES: synced
-rw-r--r-- | RELEASE-NOTES | 84 |
1 files changed, 69 insertions, 15 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 2b7c8491a..b9a14f459 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.6.0 Command line options: 258 curl_easy_setopt() options: 304 Public functions in libcurl: 93 - Contributors: 3073 + Contributors: 3078 This release includes the following changes: @@ -13,6 +13,8 @@ This release includes the following changes: o add CURLOPT_SERVER_RESPONSE_TIMEOUT_MS: add [39] o asyn-thread: use GetAddrInfoExW on >= Windows 8 [55] o configure: make libpsl detection failure cause error [109] + o docs/cmdline: change to .md for cmdline docs [77] + o docs: introduce "curldown" for libcurl man page format [102] o runtests: support -gl. Like -g but for lldb. [47] This release includes the following bugfixes: @@ -30,15 +32,17 @@ This release includes the following bugfixes: o cf-h1-proxy: no CURLOPT_USERAGENT in CONNECT with hyper [133] o cf-socket: show errno in tcpkeepalive error messages [120] o CI/distcheck: run full tests [31] + o CI: remove unnecessary OpenSSL 3 option `enable-tls1_3` [168] o cmake: add option to disable building docs o cmake: fix generation for system name iOS [53] o cmake: fix typo [5] o cmake: prefill/cache `HAVE_STRUCT_SOCKADDR_STORAGE` [45] + o cmake: rework options to enable curl and libcurl docs [161] o cmake: when USE_MANUAL=YES, build the curl.1 man page [113] - o cmdline-docs: use .IP consistently [13] o cmdline-opts/write-out.d: remove spurious double quotes o cmdline-opts: update availability for the *-ca-native options [66] o cmdline/gen: fix the sorting of the man page options [33] + o configure: add libngtcp2_crypto_boringssl detection [155] o configure: fix no default int compile error in ipv6 detection [69] o configure: when enabling QUIC, check that TLS supports QUIC [87] o connect: remove margin from eyeballer alloc [79] @@ -54,18 +58,22 @@ This release includes the following bugfixes: o CURLOPT_POSTFIELDS.3: fix incorrect C string escape in example [27] o CURLOPT_SSH_*_KEYFILE: clarify [57] o dist: add tests/errorcodes.pl to the tarball [6] - o docs/cmdline: change to .md for cmdline docs [77] o docs: clean up Protocols: for cmdline options [32] o docs: describe and highlight super cookies [80] - o docs: introduce "curldown" for libcurl man page format [102] + o docs: do not start lines/sentences with So, But nor And [140] + o docs: install curl.1 with cmake as well [166] o docs: mention env vars not used by schannel [124] o doh: remove unused local variable [34] o examples: add four new examples [99] + o file+ftp: use stack buffers instead of data->state.buffer [138] o ftp: handle the PORT parsing without allocation [44] o ftp: use dynbuf to store entrypath [83] o ftp: use memdup0 to store the OS from a SYST 215 response [82] + o ftpserver.pl: send 213 SIZE response without spurious newline o gen.pl: support ## for doing .IP in table-like lists [105] o gen: do italics/bold for a range of letters, not just single word [78] + o GHA: add a job scanning for "bad words" in markdown [164] + o GHA: bump ngtcp2, gnutls, mod_h2, quiche [158] o gnutls: fix build with --disable-verbose [3] o haproxy-clientip.d: document the arg [68] o headers: make sure the trailing newline is not stored [97] @@ -76,8 +84,13 @@ This release includes the following bugfixes: o http3/quiche: fix result code on a stream reset [91] o http3: initial support for OpenSSL 3.2 QUIC stack [110] o http: adjust_pollset fix [85] + o http: check for "Host:" case insensitively [154] o http: fix off-by-one error in request method length check [14] + o http: only act on 101 responses when they are HTTP/1.1 [98] + o http: remove comment reference to a removed solution [156] + o http: use stack scratch buffer [150] o http_proxy: a blank CURLOPT_USERAGENT should not be used in CONNECT [90] + o krb5: add prototype to silence clang warnings on mvsnprintf() [119] o lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT [62] o lib: fix variable undeclared error caused by `infof` changes [2] o lib: reduce use of strncpy [30] @@ -94,30 +107,40 @@ This release includes the following bugfixes: o mime: use memdup0 instead of malloc + memcpy [63] o mksymbolsmanpage.pl: provide references to where the symbol is used o mprintf: overhaul and bugfixes [52] + o mqtt: use stack scratch buffer for recv+publish [148] o multi: remove total timer reset in file_do() while fetching file:// [89] o ngtcp2: put h3 at the front of alpn [58] + o ntlm_wb: do not use data->state.buffer any longer [151] o openldap: fix an LDAP crash [75] o openldap: fix STARTTLS [67] o openssl: re-match LibreSSL deinit with init [17] o openssl: when verifystatus fails, remove session id from cache [100] + o pingpong: stop using the download buffer [159] o pop3: replace calloc + memcpy with memdup0 [60] + o pytest: scorecard tracking CPU and RSS [157] o quiche: return CURLE_HTTP3 on send to invalid stream [65] o readwrite_data: loop less [21] o Revert "urldata: move async resolver state from easy handle to connectdata" [16] o rtsp: deal with borked server responses [129] o runtests: for mode="text" on <stdout>, fix newlines on both parts [64] + o sasl: make login option string override http auth [142] o schannel: fix `-Warith-conversion` gcc 13 warning [28] o sectransp: do verify_cert without memdup for blobs [93] o sectransp_ make TLSCipherNameForNumber() available in non-verbose config [1] o sendf: fix compiler warning with CURL_DISABLE_HEADERS_API [38] o setopt: clear mimepost when formp is freed [92] o setopt: use memdup0 when cloning COPYPOSTFIELDS [107] + o socks: fix generic output string to say SOCKS instead of SOCKS4 [144] + o socks: use own buffer instead of data->state.buffer [143] o ssh: fix namespace of two local macros [51] + o ssh: use stack scratch buffer for seeks [146] o strerror: repair get_winsock_error() [56] o system.h: sync mingw `CURL_TYPEOF_CURL_SOCKLEN_T` with other compilers [9] o system_win32: fix a function pointer assignment warning [71] o telnet: use dynbuf instad of malloc for escape buffer [108] + o telnet: use stack scratch buffer for do [149] o tests/server: delete workaround for old-mingw [25] + o tests: avoid int/size_t conversion size/sign warnings [163] o tests: respect $TMPDIR when creating unix domain sockets [50] o tool: make parser reject blank arguments if not supported [86] o tool: prepend output_dir in header callback [95] @@ -133,16 +156,20 @@ This release includes the following bugfixes: o transfer: remove warning: Value stored to 'blen' is never read [136] o url: don't set default CA paths for Secure Transport backend [126] o url: for disabled protocols, mention if found in redirect [7] + o urlapi: remove assert [162] o verify-examples.pl: fail verification on unescaped backslash [72] o version: show only the libpsl version, not its dependencies [130] o vquic: extract TLS setup into own source [88] o vtls: fix missing multissl version info [73] + o vtls: receive max buffer [139] o vtls: remove the Curl_cft_ssl_proxy object if CURL_DISABLE_PROXY [41] o websockets: check for negative payload lengths [123] o websockets: refactor decode chain [122] o windows: delete redundant headers [43] o windows: simplify detecting and using system headers [10] o wolfssl: load certificate *chain* for PEM client certs [84] + o x509asn1: remove code for WANT_VERIFYHOST [132] + o x509asn1: switch from malloc to dynbuf [112] This release includes the following known bugs: @@ -161,16 +188,17 @@ advice from friends like these: bubbleguuum on github, Cajus Pollmeier, calvin2021y on github, Chara White, Chris Sauer, Dan Fandrich, Daniel Gustafsson, Daniel Stenberg, dependabot[bot], Dmitry Karpov, Gabe, Geeknik Labs, Gisle Vanem, - Hans-Christian Egtvedt, Harry Sintonen, Haydar Alaidrus, hgdagon on github, - Hiroki Kurosawa, iAroc on github, ivanfywang, janko-js on github, Jay Wu, - Jess Lowe, Karthikdasari0423 on github, Lealem Amedie, Lin Sun, Marcel Raad, - Mark Huang, Mark Sinkovics, Mauricio Scheffer, Michał Antoniak, Mike Hommey, - Mohammadreza Hendiani, Ozan Cansel, Patrick Monnerat, Pavel Pavlov, - Ray Satiro, RevaliQaQ on github, Richard Levitte, Sergey Bronnikov, - Sergey Markelov, sfan5 on github, Stefan Eissing, Tatsuhiko Miyagawa, Theo, - Thomas Ferguson, Viktor Szakats, Xi Ruoyao, Yadhu Krishna M, Yedaya Katsman, - Yifei Kong, YX Hao, zengwei, zengwei2000 - (60 contributors) + Graham Campbell, Hans-Christian Egtvedt, Harry Sintonen, Haydar Alaidrus, + hgdagon on github, Hiroki Kurosawa, iAroc on github, ivanfywang, + janko-js on github, Jay Wu, Jess Lowe, Karthikdasari0423 on github, + Lealem Amedie, Lin Sun, Marcel Raad, Mark Huang, Mark Sinkovics, + Mauricio Scheffer, Michał Antoniak, Mike Hommey, Mohammadreza Hendiani, + Ozan Cansel, Patrick Monnerat, Pavel Pavlov, promptfuzz_ on hackerone, + Ray Satiro, RevaliQaQ on github, Richard Levitte, Scarlett McAllister, + Sergey Bronnikov, Sergey Markelov, sfan5 on github, Stefan Eissing, + Tatsuhiko Miyagawa, Tatsuhiro Tsujikawa, Theo, Thomas Ferguson, + Viktor Szakats, Xi Ruoyao, Yadhu Krishna M, Yedaya Katsman, Yifei Kong, + YX Hao, zengwei, zengwei2000, ウさん (65 contributors) References to bug reports and discussions on issues: @@ -186,7 +214,6 @@ References to bug reports and discussions on issues: [10] = https://curl.se/bug/?i=12495 [11] = https://curl.se/bug/?i=12489 [12] = https://curl.se/bug/?i=12224 - [13] = https://curl.se/bug/?i=12535 [14] = https://curl.se/bug/?i=12534 [15] = https://curl.se/mail/archive-2023-12/0026.html [16] = https://curl.se/bug/?i=12524 @@ -271,6 +298,7 @@ References to bug reports and discussions on issues: [95] = https://curl.se/bug/?i=12614 [96] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65661 [97] = https://curl.se/mail/lib-2024-01/0019.html + [98] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66184 [99] = https://curl.se/bug/?i=12671 [100] = https://curl.se/bug/?i=12760 [102] = https://curl.se/bug/?i=12730 @@ -282,10 +310,12 @@ References to bug reports and discussions on issues: [108] = https://curl.se/bug/?i=12652 [109] = https://curl.se/bug/?i=12661 [110] = https://curl.se/bug/?i=12734 + [112] = https://curl.se/bug/?i=12808 [113] = https://curl.se/bug/?i=12742 [115] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65839 [116] = https://curl.se/bug/?i=12727 [117] = https://curl.se/bug/?i=12720 + [119] = https://curl.se/bug/?i=12803 [120] = https://curl.se/bug/?i=12726 [121] = https://curl.se/bug/?i=12645 [122] = https://curl.se/bug/?i=12713 @@ -298,7 +328,31 @@ References to bug reports and discussions on issues: [129] = https://curl.se/bug/?i=12701 [130] = https://curl.se/bug/?i=12700 [131] = https://curl.se/bug/?i=12695 + [132] = https://curl.se/bug/?i=12804 [133] = https://curl.se/bug/?i=12697 [134] = https://curl.se/bug/?i=12691 [136] = https://curl.se/bug/?i=12693 [137] = https://curl.se/bug/?i=12480 + [138] = https://curl.se/bug/?i=12789 + [139] = https://curl.se/bug/?i=12801 + [140] = https://curl.se/bug/?i=12802 + [142] = https://curl.se/bug/?i=10259 + [143] = https://curl.se/bug/?i=12788 + [144] = https://curl.se/bug/?i=12797 + [146] = https://curl.se/bug/?i=12794 + [148] = https://curl.se/bug/?i=12792 + [149] = https://curl.se/bug/?i=12793 + [150] = https://curl.se/bug/?i=12791 + [151] = https://curl.se/bug/?i=12787 + [154] = https://curl.se/bug/?i=12784 + [155] = https://curl.se/bug/?i=12724 + [156] = https://curl.se/bug/?i=12785 + [157] = https://curl.se/bug/?i=12765 + [158] = https://curl.se/bug/?i=12778 + [159] = https://curl.se/bug/?i=12757 + [161] = https://curl.se/bug/?i=12773 + [162] = https://curl.se/bug/?i=12775 + [163] = https://curl.se/bug/?i=12768 + [164] = https://curl.se/bug/?i=12764 + [166] = https://curl.se/bug/?i=12759 + [168] = https://curl.se/bug/?i=12758 |