RELEASE-NOTES: synced
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index b8194c9..55e3b53 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,6 +1,6 @@
-curl and libcurl 7.63.0
+curl and libcurl 7.64.0
- Public curl releases: 178
+ Public curl releases: 179
Command line options: 219
curl_easy_setopt() options: 262
Public functions in libcurl: 80
@@ -8,91 +8,17 @@
This release includes the following changes:
- o curl: add %{stderr} and %{stdout} for --write-out [24]
- o curl: add undocumented option --dump-module-paths for win32 [19]
- o setopt: add CURLOPT_CURLU [27]
+ o cookies: leave secure cookies alone [3]
+ o http: Implement trailing headers for chunked transfers [7]
This release includes the following bugfixes:
- o (lib)curl.rc: fixup for minor bugs [63]
- o CURLINFO_REDIRECT_URL: extract the Location: header field unvalidated [73]
- o CURLOPT_HEADERFUNCTION.3: match 'nitems' name in synopsis and description [45]
- o CURLOPT_WRITEFUNCTION.3: spell out that it gets called many times
- o Curl_follow: accept non-supported schemes for "fake" redirects [9]
- o KNOWN_BUGS: add --proxy-any connection issue [28]
- o NTLM: Remove redundant ifdef USE_OPENSSL [41]
- o NTLM: force the connection to HTTP/1.1 [67]
- o OS400: add URL API ccsid wrappers and sync ILE/RPG bindings
- o SECURITY-PROCESS: bountygraph shuts down again [50]
- o TODO: Have the URL API offer IDN decoding [22]
- o ares: remove fd from multi fd set when ares is about to close the fd [42]
- o axtls: removed [1]
- o checksrc: add COPYRIGHTYEAR check [62]
- o cmake: fix MIT/Heimdal Kerberos detection [53]
- o configure: include all libraries in ssl-libs fetch [55]
- o configure: show CFLAGS, LDFLAGS etc in summary [7]
- o connect: fix building for recent versions of Minix [52]
- o cookies: create the cookiejar even if no cookies to save [48]
- o cookies: expire "Max-Age=0" immediately [64]
- o curl: --local-port range was not "including" [29]
- o curl: fix --local-port integer overflow [25]
- o curl: fix memory leak reading --writeout from file [51]
- o curl: fixed UTF-8 in current console code page (Windows) [16]
- o curl_easy_perform: fix timeout handling [49]
- o curl_global_sslset(): id == -1 is not necessarily an error [68]
- o curl_multibyte: fix a malloc overcalculation [18]
- o curle: move deprecated error code to ifndef block [40]
- o docs: curl_formadd field and file names are now escaped [72]
- o docs: escape "\n" codes [26]
- o doh: fix memory leak in OOM situation [56]
- o doh: make it work for h2-disabled builds too [57]
- o examples/ephiperfifo: report error when epoll_ctl fails
- o ftp: avoid two unsigned int overflows in FTP listing parser [30]
- o host names: allow trailing dot in name resolve, then strip it [46]
- o http2: Upon HTTP_1_1_REQUIRED, retry the request with HTTP/1.1 [65]
- o http: don't set CURLINFO_CONDITION_UNMET for http status code 204 [70]
- o http: fix HTTP Digest auth to include query in URI [69]
- o http_negotiate: do not close connection until negotiation is completed [36]
- o impacket: add LICENSE [39]
- o infof: clearly indicate truncation [14]
- o ldap: fix LDAP URL parsing regressions [71]
- o libcurl: stop reading from paused transfers [20]
- o mprintf: avoid unsigned integer overflow warning [10]
- o netrc: don't ignore the login name specified with "--user" [17]
- o nss: Fall back to latest supported SSL version [60]
- o nss: Fix compatibility with nss versions 3.14 to 3.15 [61]
- o nss: fix fallthrough comment to fix picky compiler warning
- o nss: remove version selecting dead code [33]
- o nss: set default max-tls to 1.3/1.2 [32]
- o openssl: Remove SSLEAY leftovers [37]
- o openssl: do not log excess "TLS app data" lines for TLS 1.3 [34]
- o openssl: do not use file BIOs if not requested [59]
- o openssl: fix unused variable compiler warning with old openssl [66]
- o openssl: support session resume with TLS 1.3 [44]
- o openvms: fix example name [8]
- o os400: Add curl_easy_conn_upkeep() to ILE/RPG binding
- o os400: add CURLOPT_CURLU to ILE/RPG binding
- o os400: fix return type of curl_easy_pause() in ILE/RPG binding
- o packages: remove old leftover files and dirs [58]
- o pop3: only do APOP with a valid timestamp [35]
- o runtests: use the local curl for verifying [6]
- o schannel: be consistent in Schannel capitalization [23]
- o schannel: better CURLOPT_CERTINFO support [2]
- o schannel: use Curl_ prefix for global private symbols [4]
- o snprintf: renamed and we now only use msnprintf() [47]
- o ssl: fix compilation with OpenSSL 0.9.7 [43]
- o ssl: replace all internal uses of CURLE_SSL_CACERT [40]
- o symbols-in-versions: add missing CURLU_ symbols [15]
- o test328: verify Content-Encoding: none [54]
- o tests: disable SO_EXCLUSIVEADDRUSE for stunnel on Windows
- o tests: drop http_pipe.py script no longer used [5]
- o tool_cb_wrt: Silence function cast compiler warning [31]
- o tool_doswin: Fix uninitialized field warning [38]
- o travis: build with clang sanitizers [3]
- o travis: remove curl before a normal build [11]
- o url: a short host name + port is not a scheme [13]
- o url: fix IPv6 numeral address parser [12]
- o urlapi: only skip encoding the first '=' with APPENDQUERY set [21]
+ o urlapi: Fix port parsing of eol colon [1]
+ o docs: fix the --tls-max description [2]
+ o OS400: handle memory error in list conversion [4]
+ o urlapi: distinguish possibly empty query [5]
+ o gopher: always include the entire gopher-path in request [5]
+ o darwinssl: accept setting max-tls with default min-tls [6]
This release includes the following known bugs:
@@ -101,94 +27,18 @@
This release would not have looked like this without help, code, reports and
advice from friends like these:
- Alessandro Ghedini, Alexey Melnichuk, Antoni Villalonga, Ben Greear,
- bobmitchell1956 on github, Brad King, Brian Carpenter, daboul on github,
- Daniel Gustafsson, Daniel Stenberg, Dave Reisner, David Benjamin,
- Dheeraj Sangamkar, dtmsecurity on github, Elia Tufarolo, Frank Gevaerts,
- Gergely Nagy, Gisle Vanem, Hagai Auro, Han Han, infinnovation-dev on github,
- James Knight, Jérémy Rocher, Jeroen Ooms, Jim Fuller, Johannes Schindelin,
- Kamil Dudka, Konstantin Kushnir, Marcel Raad, Marc Hörsken, Marcos Diazr,
- Michael Kaufmann, NTMan on Github, Patrick Monnerat, Paul Howarth,
- Pavel Pavlov, Peter Wu, Ray Satiro, Rod Widdowson, Romain Fliedel,
- Samuel Surtees, Sevan Janiyan, Stefan Kanthak, Sven Blumenstein, Tim Rühsen,
- Tobias Hintze, Tomas Hoger, tonystz on Github, tpaukrt on github,
- Viktor Szakats, Yasuhiro Matsumoto,
- (51 contributors)
+ Andrei Neculau, Ayoub Boudhar, Daniel Gustafsson, Daniel Stenberg,
+ Leonardo Taccari, Tobias Lindgren,
+ (6 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
- [1] = https://curl.haxx.se/bug/?i=3194
- [2] = https://curl.haxx.se/bug/?i=3197
- [3] = https://curl.haxx.se/bug/?i=3190
- [4] = https://curl.haxx.se/bug/?i=3201
- [5] = https://curl.haxx.se/bug/?i=3204
- [6] = https://curl.haxx.se/mail/lib-2018-10/0118.html
- [7] = https://curl.haxx.se/bug/?i=3207
- [8] = https://curl.haxx.se/bug/?i=3217
- [9] = https://curl.haxx.se/bug/?i=3210
- [10] = https://curl.haxx.se/bug/?i=3184
- [11] = https://curl.haxx.se/bug/?i=3198
- [12] = https://curl.haxx.se/bug/?i=3218
- [13] = https://curl.haxx.se/bug/?i=3220
- [14] = https://curl.haxx.se/bug/?i=3216
- [15] = https://curl.haxx.se/bug/?i=3226
- [16] = https://curl.haxx.se/bug/?i=3211
- [17] = https://curl.haxx.se/bug/?i=3213
- [18] = https://curl.haxx.se/bug/?i=3209
- [19] = https://curl.haxx.se/bug/?i=3208
- [20] = https://curl.haxx.se/bug/?i=3240
- [21] = https://curl.haxx.se/bug/?i=3231
- [22] = https://curl.haxx.se/bug/?i=3232
- [23] = https://curl.haxx.se/bug/?i=3243
- [24] = https://curl.haxx.se/bug/?i=3115
- [25] = https://curl.haxx.se/bug/?i=3242
- [26] = https://curl.haxx.se/bug/?i=3246
- [27] = https://curl.haxx.se/bug/?i=3227
- [28] = https://curl.haxx.se/bug/?i=876
- [29] = https://curl.haxx.se/bug/?i=3251
- [30] = https://curl.haxx.se/bug/?i=3225
- [31] = https://curl.haxx.se/bug/?i=3263
- [32] = https://curl.haxx.se/bug/?i=3261
- [33] = https://curl.haxx.se/bug/?i=3262
- [34] = https://curl.haxx.se/bug/?i=3281
- [35] = https://curl.haxx.se/bug/?i=3278
- [36] = https://curl.haxx.se/bug/?i=3275
- [37] = https://curl.haxx.se/bug/?i=3270
- [38] = https://curl.haxx.se/bug/?i=3254
- [39] = https://curl.haxx.se/bug/?i=3276
- [40] = https://curl.haxx.se/bug/?i=3291
- [41] = https://curl.haxx.se/bug/?i=3269
- [42] = https://curl.haxx.se/bug/?i=3238
- [43] = https://curl.haxx.se/bug/?i=3266
- [44] = https://curl.haxx.se/bug/?i=3202
- [45] = https://curl.haxx.se/bug/?i=3295
- [46] = https://curl.haxx.se/bug/?i=3022
- [47] = https://curl.haxx.se/bug/?i=3296
- [48] = https://curl.haxx.se/bug/?i=3299
- [49] = https://curl.haxx.se/bug/?i=3305
- [50] = https://curl.haxx.se/bug/?i=3311
- [51] = https://curl.haxx.se/bug/?i=3322
- [52] = https://curl.haxx.se/bug/?i=3323
- [53] = https://curl.haxx.se/bug/?i=3316
- [54] = https://curl.haxx.se/bug/?i=3317
- [55] = https://curl.haxx.se/bug/?i=3193
- [56] = https://curl.haxx.se/bug/?i=3342
- [57] = https://curl.haxx.se/bug/?i=3325
- [58] = https://curl.haxx.se/bug/?i=3331
- [59] = https://curl.haxx.se/bug/?i=3339
- [60] = https://curl.haxx.se/bug/?i=3261
- [61] = https://curl.haxx.se/bug/?i=3337
- [62] = https://curl.haxx.se/bug/?i=3303
- [63] = https://curl.haxx.se/bug/?i=3348
- [64] = https://curl.haxx.se/bug/?i=3351
- [65] = https://curl.haxx.se/bug/?i=3349
- [66] = https://curl.haxx.se/bug/?i=3337
- [67] = https://curl.haxx.se/bug/?i=3345
- [68] = https://curl.haxx.se/bug/?i=3346
- [69] = https://curl.haxx.se/bug/?i=3353
- [70] = https://curl.haxx.se/bug/?i=3359
- [71] = https://curl.haxx.se/bug/?i=3362
- [72] = https://curl.haxx.se/bug/?i=3361
- [73] = https://curl.haxx.se/bug/?i=3340
+ [1] = https://curl.haxx.se/bug/?i=3365
+ [2] = https://curl.haxx.se/bug/?i=3368
+ [3] = https://curl.haxx.se/bug/?i=2956
+ [4] = https://curl.haxx.se/bug/?i=3372
+ [5] = https://curl.haxx.se/bug/?i=3369
+ [6] = https://curl.haxx.se/bug/?i=3367
+ [7] = https://curl.haxx.se/bug/?i=3350
