380 lines
17 KiB
Plaintext
380 lines
17 KiB
Plaintext
curl and libcurl 8.7.0
|
|
|
|
Public curl releases: 255
|
|
Command line options: 258
|
|
curl_easy_setopt() options: 304
|
|
Public functions in libcurl: 93
|
|
Contributors: 3134
|
|
|
|
This release includes the following changes:
|
|
|
|
o configure: add --disable-docs flag [16]
|
|
o CURLINFO_USED_PROXY: return bool whether the proxy was used [24]
|
|
o digest: support SHA-512/256 [118]
|
|
o DoH: add trace configuration [61]
|
|
o write-out: add '%{proxy_used}' [24]
|
|
|
|
This release includes the following bugfixes:
|
|
|
|
o ALTSVC.md: correct a typo [14]
|
|
o asyn-ares: fix data race warning [88]
|
|
o asyn-thread: use wakeup_close to close the read descriptor [1]
|
|
o badwords: use hostname, not host name [46]
|
|
o BINDINGS: add mcurl, the python binding [67]
|
|
o bufq: writing into a softlimit queue cannot be partial [49]
|
|
o c-hyper: add header collection writer in hyper builds [70]
|
|
o cd2nroff: gen: make `\>` in input to render as plain '>' in output
|
|
o cd2nroff: remove backticks from titles
|
|
o checksrc.pl: fix handling .checksrc with CRLF [43]
|
|
o cmake: add USE_OPENSSL_QUIC support [21]
|
|
o cmake: add warning for using TLS libraries without 1.3 support [25]
|
|
o cmake: enable `ENABLE_CURL_MANUAL` by default [112]
|
|
o cmake: fix `CURL_WINDOWS_SSPI=ON` with Schannel disabled [117]
|
|
o cmake: fix function description in comment [47]
|
|
o cmake: fix install for older CMake versions [53]
|
|
o cmake: fix libcurl.pc and curl-config library specifications [115]
|
|
o cmdline-docs/Makefile: avoid using a fixed temp file name [5]
|
|
o cmdline-docs: quote and angle bracket cleanup [45]
|
|
o cmdline-opts/_EXITCODES: sync with libcurl-errors [80]
|
|
o cmdline-opts/_VARIABLES.md: improve the description [105]
|
|
o cmdline-opts/_VERSION: provide %VERSION correctly [87]
|
|
o cmdline-opts: shorter help texts [148]
|
|
o configure: add pkg-config support to rustls detection [151]
|
|
o configure: add warning for using TLS libraries without 1.3 support [26]
|
|
o configure: build & install shell completions when enabled [85]
|
|
o configure: do not link with nghttp3 unless necessary [7]
|
|
o configure: Don't build shell completions when disabled [68]
|
|
o configure: Don't make shell completions without perl [83]
|
|
o configure: find libpsl with pkg-config [79]
|
|
o connect.c: fix typo [17]
|
|
o CONTRIBUTE: update the section on documentation format [96]
|
|
o cookie.md: provide an example sending a fixed cookie [13]
|
|
o cookie: if psl fails, reject the cookie [107]
|
|
o curl: exit on config file parser errors [40]
|
|
o curl: make --libcurl output better CURLOPT_*SSLVERSION [127]
|
|
o curl: when allocating variables, add the name into the struct [37]
|
|
o curl_setup.h: add curl_uint64_t internal type
|
|
o curldown: fix email address in Copyright [89]
|
|
o CURLMOPT_MAX*: mention what happens if changed mid-transfer [154]
|
|
o CURLOPT_INTERFACE.md: remove spurious amp, add see-also [137]
|
|
o CURLOPT_POSTQUOTE.md: fix typo [36]
|
|
o CURLOPT_SSL_CTX_FUNCTION.md: no promises of lifetime after return [104]
|
|
o CURLOPT_WRITEFUNCTION.md: typo fix [41]
|
|
o digest: add check for hashing error [111]
|
|
o dist: make sure the http tests are in the tarball [29]
|
|
o DISTROS: add document with distro pointers [144]
|
|
o docs/libcurl: add TLS backend info for all TLS options [155]
|
|
o docs/libcurl: generate PROTOCOLS from meta-data [153]
|
|
o docs: add missing slashes to SChannel client certificate documentation [11]
|
|
o docs: add necessary setup for nghttp3 [51]
|
|
o docs: ascii version of manpage without nroff [121]
|
|
o docs: dist curl*.1 and install without perl [64]
|
|
o docs: make curldown do angle brackets like markdown [54]
|
|
o docs: make each libcurl man specify protocol(s) [157]
|
|
o docs: make sure curl.1 is included in dist tarballs [35]
|
|
o docs: update minimal binary size in INSTALL.md
|
|
o docs: use present tense [103]
|
|
o examples: use present tense in comments [97]
|
|
o file: use xfer buf for file:// transfers [23]
|
|
o fopen: fix narrowing conversion warning on 32-bit Android [100]
|
|
o form-string.md: correct the example [4]
|
|
o ftp: do lineend conversions in client writer [32]
|
|
o ftp: fix socket wait activity in ftp_domore_getsock [28]
|
|
o ftp: tracing improvements [33]
|
|
o ftp: treat a 226 arriving before data as a signal to read data [19]
|
|
o gen.pl: make the "manpageification" faster [95]
|
|
o gen: make `\>` in input to render as plain '>' in output [78]
|
|
o getparam: make --ftp-ssl work again [90]
|
|
o GHA/linux: add sysctl trick to work-around GitHub runner issue [129]
|
|
o GIT-INFO: convert to markdown [114]
|
|
o GOVERNANCE: document the core team [133]
|
|
o header.md: remove backslash, make nicer markdown [48]
|
|
o HTTP/2: write response directly [12]
|
|
o http2, http3: return CURLE_PARTIAL_FILE when bytes were received [160]
|
|
o http2: fix push discard [124]
|
|
o http2: memory errors in the push callbacks are fatal [132]
|
|
o http2: minor tweaks to optimize two struct sizes [130]
|
|
o http2: push headers better cleanup [113]
|
|
o http2: remove the third (unused) argument from http2_data_done() [159]
|
|
o HTTP3.md: adjust the OpenSSL QUIC install instructions [34]
|
|
o http: better error message for HTTP/1.x response without status line [86]
|
|
o http: improve response header handling, save cpu cycles [138]
|
|
o http: move headers collecting to writer [71]
|
|
o http: remove stale comment about rewindbeforesend [136]
|
|
o http: separate response parsing from response action [158]
|
|
o http_chunks: fix the accounting of consumed bytes [22]
|
|
o http_chunks: remove unused 'endptr' variable [58]
|
|
o https-proxy: use IP address and cert with ip in alt names [50]
|
|
o hyper: implement unpausing via client reader [98]
|
|
o ipv6.md: mention IPv4 mapped addresses [147]
|
|
o KNOWN_BUGS: POP3 issue when reading small chunks [134]
|
|
o lib1598: fix `CURLOPT_POSTFIELDSIZE` usage [128]
|
|
o lib582: remove code causing warning that is never run [38]
|
|
o lib: add `void *ctx` to reader/writer instances [122]
|
|
o lib: convert Curl_get_line to use dynbuf [42]
|
|
o lib: Curl_read/Curl_write clarifications [101]
|
|
o lib: enhance client reader resume + rewind [92]
|
|
o lib: initialize output pointers to NULL before calling strto[ff,l,ul] [63]
|
|
o lib: keep conn IP information together [109]
|
|
o lib: move 'done' parameter to SingleRequests [142]
|
|
o lib: remove curl_mimepart object when CURL_DISABLE_MIME [72]
|
|
o libcurl-docs: cleanups
|
|
o libcurl-security.md: Active FTP passes on the local IP address [6]
|
|
o libssh/libssh2: return error on too big range [75]
|
|
o MANUAL.md: fix typo [66]
|
|
o mbedtls: fix building when MBEDTLS_X509_REMOVE_INFO flag is defined [27]
|
|
o mbedtls: fix pytest for newer versions [146]
|
|
o mbedtls: properly cleanup the thread-shared entropy [140]
|
|
o mbedtls: use mbedtls_ssl_conf_{min|max}_tls_version [59]
|
|
o md4: include strdup.h for the memdup proto [10]
|
|
o mime: add client reader [126]
|
|
o misc: fix typos in docs and lib [84]
|
|
o mkhelp: simplify the generated hugehelp program [120]
|
|
o mprintf: fix format prefix I32/I64 for windows compilers [77]
|
|
o multi: add xfer_buf to multi handle [30]
|
|
o multi: fix multi_sock handling of select_bits [81]
|
|
o multi: make add_handle free any multi_easy [102]
|
|
o ngtcp2: no recvbuf for stream [108]
|
|
o ntml_wb: fix buffer type typo [2]
|
|
o OpenSSL QUIC: adapt to v3.3.x [65]
|
|
o openssl-quic: check on Windows that socket conv to int is possible [8]
|
|
o openssl-quic: fix BIO leak and Windows warning [93]
|
|
o openssl-quic: fix unity build, casing, indentation [94]
|
|
o OS400: avoid using awk in the build scripts [20]
|
|
o paramhlp: fix CRLF-stripping files with "-d @file" [116]
|
|
o proxy1.0.md: fix example [15]
|
|
o pytest: adapt to API change [106]
|
|
o request: clarify message when request has been sent off [143]
|
|
o rustls: make curl compile with 0.12.0 [73]
|
|
o schannel: fix hang on unexpected server close [57]
|
|
o scripts: fix cijobs.pl for Azure and GHA
|
|
o sendf: ignore response body to HEAD [18]
|
|
o setopt: fix check for CURLOPT_PROXY_TLSAUTH_TYPE value [76]
|
|
o setopt: fix disabling all protocols [99]
|
|
o sha512_256: add support for GnuTLS and OpenSSL [110]
|
|
o smtp: fix STARTTLS [91]
|
|
o SPONSORS: describe the basics [131]
|
|
o strtoofft: fix the overflow check [74]
|
|
o test 1541: verify getinfo values on first header callback [149]
|
|
o test1165: improve pattern matching [60]
|
|
o tests: support setting/using blank content env variables
|
|
o TIMER_STARTTRANSFER: set the same for everyone [82]
|
|
o TLS: start shutdown only when peer did not already close [150]
|
|
o TODO: update 13.11 with more information [152]
|
|
o tool_cb_hdr: only parse etag + content-disposition for 2xx [9]
|
|
o tool_getparam: accept a blank -w "" [139]
|
|
o tool_getparam: handle non-existing (out of range) short-options [141]
|
|
o tool_operate: change precedence of server Retry-After time [44]
|
|
o tool_operate: do not set CURLOPT_QUICK_EXIT in debug builds [3]
|
|
o trace-config.md: remove the mutexed options list [119]
|
|
o transfer.c: break receive loop in speed limited transfers [125]
|
|
o transfer: improve Windows SO_SNDBUF update limit [56]
|
|
o urldata: move authneg bit from conn to Curl_easy [69]
|
|
o version: allow building with ancient libpsl [52]
|
|
o vquic-tls: fix the error code returned for bad CA file [135]
|
|
o vtls: fix tls proxy peer verification [55]
|
|
o vtls: revert "receive max buffer" + add test case [39]
|
|
o VULN-DISCLOSURE-POLICY.md: update detail about CVE requests [123]
|
|
o websocket: fix curl_ws_recv() [62]
|
|
o wolfSSL: do not call the stub function wolfSSL_BIO_set_init() [145]
|
|
o write-out.md: clarify error handling details [31]
|
|
|
|
This release includes the following known bugs:
|
|
|
|
o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
|
|
|
|
Planned upcoming removals include:
|
|
|
|
o support for space-separated NOPROXY patterns
|
|
|
|
See https://curl.se/dev/deprecate.html for details
|
|
|
|
This release would not have looked like this without help, code, reports and
|
|
advice from friends like these:
|
|
|
|
5533asdg on github, Alan Coopersmith, Andreas Kiefer, Andrew Kaster,
|
|
Andy Fiddaman, Arjan van de Ven, av223119 on github, awesomekosm on github,
|
|
Boris Verkhovskiy, Brett Buddin, Brian Clemens, chensong1211 on github,
|
|
Chris Webb, chrysos349 on github, Dan Fandrich, Daniel Gustafsson,
|
|
Daniel Stenberg, Daniel Szmulewicz, Dan McDonald, DasKutti on github,
|
|
dependabot[bot], Dexter Gerig, dfdity on github, Dirk Hünniger,
|
|
Dmitry Karpov, Dmitry Tretyakov, edmcln on github, Erik Schnetter,
|
|
Evgeny Grin (Karlson2k), Fabian Keil, Fabian Vogt, Fabrice Fontaine,
|
|
Faraz Fallahi, Gaelan Steele, Geeknik Labs, Gisle Vanem, graywolf on github,
|
|
Harry Sintonen, HsiehYuho on github, Jan Macku, Jiawen Geng, Jiří Bok,
|
|
Joel Depooter, John Marshall, Jonathan Perkin, Jon Rumsey, Jordan Brown,
|
|
Josh Soref, Karthikdasari0423, Karthikdasari0423 on github, Kevin Daudt,
|
|
Konstantin Vlasov, kpcyrd, Lars Kellogg-Stedman, LeeRiva, Louis Solofrizzo,
|
|
Lukáš Zaoral, Marcel Raad, Marcus Müller, Matt Jolly, Michael Forney,
|
|
Michael Kaufmann, Michał Antoniak, Michał Górny, Mohammadreza Hendiani,
|
|
Nikita Taranov, Outvi V, Patrick Monnerat, Paweł Witas, Pēteris Caune,
|
|
Peter Krefting, RainRat, Ramiro Garcia, Ray Satiro, Richard Levitte,
|
|
Robert Moreton, Ross Burton, Rudi Heitbaum, Ryan Carsten Schmidt,
|
|
Scott Mutter, Scott Talbert, Sean Molenaar, Sebastian Neubauer,
|
|
Sergey Bronnikov, Simon K, Stefan Eissing, Tal Regev, Thomas Pyle,
|
|
Till Wegmüller, Viktor Szakats, vulnerabilityspotter on hackerone,
|
|
Winni Neessen
|
|
(92 contributors)
|
|
|
|
References to bug reports and discussions on issues:
|
|
|
|
[1] = https://curl.se/bug/?i=12836
|
|
[2] = https://curl.se/bug/?i=12825
|
|
[3] = https://curl.se/bug/?i=12834
|
|
[4] = https://curl.se/bug/?i=12822
|
|
[5] = https://curl.se/bug/?i=12829
|
|
[6] = https://curl.se/bug/?i=12867
|
|
[7] = https://curl.se/bug/?i=12833
|
|
[8] = https://curl.se/bug/?i=12861
|
|
[9] = https://curl.se/bug/?i=12866
|
|
[10] = https://curl.se/bug/?i=12849
|
|
[11] = https://curl.se/bug/?i=12854
|
|
[12] = https://curl.se/bug/?i=12828
|
|
[13] = https://curl.se/bug/?i=12868
|
|
[14] = https://curl.se/bug/?i=12852
|
|
[15] = https://curl.se/bug/?i=12856
|
|
[16] = https://curl.se/bug/?i=12832
|
|
[17] = https://curl.se/bug/?i=12858
|
|
[18] = https://curl.se/mail/lib-2024-02/0000.html
|
|
[19] = https://curl.se/bug/?i=12823
|
|
[20] = https://curl.se/bug/?i=12826
|
|
[21] = https://curl.se/bug/?i=13034
|
|
[22] = https://curl.se/bug/?i=12937
|
|
[23] = https://curl.se/bug/?i=12750
|
|
[24] = https://curl.se/bug/?i=12719
|
|
[25] = https://curl.se/bug/?i=12900
|
|
[26] = https://curl.se/bug/?i=12900
|
|
[27] = https://curl.se/bug/?i=12904
|
|
[28] = https://curl.se/bug/?i=12901
|
|
[29] = https://curl.se/bug/?i=12914
|
|
[30] = https://curl.se/bug/?i=12805
|
|
[31] = https://curl.se/bug/?i=12909
|
|
[32] = https://curl.se/bug/?i=12878
|
|
[33] = https://curl.se/bug/?i=12902
|
|
[34] = https://curl.se/bug/?i=12896
|
|
[35] = https://curl.se/bug/?i=12892
|
|
[36] = https://curl.se/bug/?i=12926
|
|
[37] = https://curl.se/bug/?i=12891
|
|
[38] = https://curl.se/bug/?i=12890
|
|
[39] = https://curl.se/bug/?i=12885
|
|
[40] = https://curl.se/mail/archive-2024-02/0008.html
|
|
[41] = https://curl.se/bug/?i=12889
|
|
[42] = https://curl.se/bug/?i=12846
|
|
[43] = https://curl.se/bug/?i=12924
|
|
[44] = https://curl.se/mail/archive-2024-01/0022.html
|
|
[45] = https://curl.se/bug/?i=12884
|
|
[46] = https://curl.se/bug/?i=12888
|
|
[47] = https://curl.se/bug/?i=12879
|
|
[48] = https://curl.se/bug/?i=12877
|
|
[49] = https://curl.se/bug/?i=13020
|
|
[50] = https://curl.se/bug/?i=12838
|
|
[51] = https://curl.se/bug/?i=12859
|
|
[52] = https://curl.se/mail/archive-2024-02/0004.html
|
|
[53] = https://curl.se/bug/?i=12920
|
|
[54] = https://curl.se/bug/?i=12869
|
|
[55] = https://curl.se/bug/?i=12831
|
|
[56] = https://curl.se/bug/?i=12911
|
|
[57] = https://curl.se/bug/?i=12894
|
|
[58] = https://curl.se/bug/?i=12996
|
|
[59] = https://curl.se/bug/?i=12905
|
|
[60] = https://curl.se/bug/?i=12903
|
|
[61] = https://curl.se/bug/?i=12411
|
|
[62] = https://curl.se/bug/?i=12945
|
|
[63] = https://curl.se/bug/?i=12995
|
|
[64] = https://curl.se/bug/?i=12921
|
|
[65] = https://curl.se/bug/?i=12933
|
|
[66] = https://curl.se/bug/?i=12965
|
|
[67] = https://curl.se/bug/?i=12962
|
|
[68] = https://curl.se/bug/?i=13027
|
|
[69] = https://curl.se/bug/?i=12949
|
|
[70] = https://curl.se/bug/?i=12880
|
|
[71] = https://curl.se/bug/?i=12880
|
|
[72] = https://curl.se/bug/?i=12948
|
|
[73] = https://curl.se/bug/?i=12989
|
|
[74] = https://curl.se/bug/?i=12990
|
|
[75] = https://curl.se/bug/?i=12983
|
|
[76] = https://curl.se/bug/?i=12981
|
|
[77] = https://curl.se/bug/?i=12944
|
|
[78] = https://curl.se/bug/?i=12977
|
|
[79] = https://curl.se/bug/?i=12947
|
|
[80] = https://curl.se/bug/?i=13015
|
|
[81] = https://curl.se/bug/?i=12971
|
|
[82] = https://curl.se/bug/?i=13052
|
|
[83] = https://curl.se/bug/?i=13022
|
|
[84] = https://curl.se/bug/?i=13019
|
|
[85] = https://curl.se/bug/?i=12906
|
|
[86] = https://curl.se/bug/?i=13045
|
|
[87] = https://curl.se/bug/?i=13008
|
|
[88] = https://curl.se/bug/?i=13065
|
|
[89] = https://curl.se/bug/?i=12997
|
|
[90] = https://curl.se/bug/?i=13006
|
|
[91] = https://curl.se/bug/?i=13048
|
|
[92] = https://curl.se/bug/?i=13026
|
|
[93] = https://curl.se/bug/?i=13043
|
|
[94] = https://curl.se/bug/?i=13044
|
|
[95] = https://curl.se/bug/?i=13041
|
|
[96] = https://curl.se/bug/?i=13046
|
|
[97] = https://curl.se/bug/?i=13003
|
|
[98] = https://curl.se/bug/?i=13075
|
|
[99] = https://curl.se/bug/?i=13004
|
|
[100] = https://curl.se/bug/?i=12998
|
|
[101] = https://curl.se/bug/?i=12964
|
|
[102] = https://curl.se/bug/?i=12992
|
|
[103] = https://curl.se/bug/?i=13001
|
|
[104] = https://curl.se/bug/?i=12999
|
|
[105] = https://curl.se/bug/?i=13040
|
|
[106] = https://curl.se/bug/?i=13037
|
|
[107] = https://curl.se/bug/?i=13033
|
|
[108] = https://curl.se/bug/?i=13073
|
|
[109] = https://curl.se/bug/?i=13084
|
|
[110] = https://curl.se/bug/?i=13070
|
|
[111] = https://curl.se/bug/?i=13072
|
|
[112] = https://curl.se/bug/?i=13028
|
|
[113] = https://curl.se/bug/?i=13054
|
|
[114] = https://curl.se/bug/?i=13074
|
|
[115] = https://curl.se/bug/?i=6169
|
|
[116] = https://curl.se/bug/?i=13063
|
|
[117] = https://curl.se/bug/?i=13061
|
|
[118] = https://curl.se/bug/?i=12897
|
|
[119] = https://curl.se/bug/?i=13031
|
|
[120] = https://curl.se/bug/?i=13047
|
|
[121] = https://curl.se/bug/?i=13047
|
|
[122] = https://curl.se/bug/?i=13035
|
|
[123] = https://curl.se/bug/?i=13088
|
|
[124] = https://curl.se/bug/?i=13055
|
|
[125] = https://curl.se/mail/lib-2024-03/0001.html
|
|
[126] = https://curl.se/bug/?i=13039
|
|
[127] = https://curl.se/bug/?i=13127
|
|
[128] = https://curl.se/bug/?i=13085
|
|
[129] = https://curl.se/bug/?i=13124
|
|
[130] = https://curl.se/bug/?i=13082
|
|
[131] = https://curl.se/bug/?i=13119
|
|
[132] = https://curl.se/bug/?i=13081
|
|
[133] = https://curl.se/bug/?i=13118
|
|
[134] = https://curl.se/bug/?i=12063
|
|
[135] = https://curl.se/bug/?i=13115
|
|
[136] = https://curl.se/bug/?i=13187
|
|
[137] = https://curl.se/bug/?i=13149
|
|
[138] = https://curl.se/bug/?i=13143
|
|
[139] = https://curl.se/bug/?i=13144
|
|
[140] = https://curl.se/bug/?i=11919
|
|
[141] = https://curl.se/bug/?i=13101
|
|
[142] = https://curl.se/bug/?i=13096
|
|
[143] = https://curl.se/bug/?i=13093
|
|
[144] = https://curl.se/bug/?i=13178
|
|
[145] = https://curl.se/bug/?i=13164
|
|
[146] = https://curl.se/bug/?i=13132
|
|
[147] = https://curl.se/bug/?i=13112
|
|
[148] = https://curl.se/bug/?i=13169
|
|
[149] = https://curl.se/bug/?i=13128
|
|
[150] = https://curl.se/bug/?i=10290
|
|
[151] = https://curl.se/bug/?i=13179
|
|
[152] = https://curl.se/bug/?i=13173
|
|
[153] = https://curl.se/bug/?i=13175
|
|
[154] = https://curl.se/bug/?i=13176
|
|
[155] = https://curl.se/bug/?i=13168
|
|
[157] = https://curl.se/bug/?i=13166
|
|
[158] = https://curl.se/bug/?i=13134
|
|
[159] = https://curl.se/bug/?i=13154
|
|
[160] = https://curl.se/bug/?i=13151
|