Opened 9 years ago
Closed 9 years ago
#7000 closed enhancement (fixed)
curl-7.45.0
| Reported by: | Fernando de Oliveira | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | 7.9 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
http://curl.haxx.se/download/curl-7.45.0.tar.lzma
http://curl.haxx.se/download/curl-7.45.0.tar.lzma.asc
http://curl.haxx.se/docs/vuln-7.45.0.html
curl 7.45.0 - Single version vulnerability summary curl version 7.45.0 was released on October 7 2015. The following 0 security problems are known to exist in this version. Yay - there are no published security vulnerabilities for this version!
http://curl.haxx.se/mail/archive-2015-08/0001.html
or
http://curl.haxx.se/changes.html#7_45_0
curl-users
[RELEASE] Curl and libcurl 7.45.0
From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 7 Oct 2015 10:28:31 +0200 (CEST)
This release includes the following changes:
o added CURLOPT_DEFAULT_PROTOCOL [6]
o added new tool option --proto-default [6]
o getinfo: added CURLINFO_ACTIVESOCKET
o turned CURLINFO_* option docs as stand-alone man pages
o curl: point out unnecessary uses of -X in verbose mode [17]
This release includes the following bugfixes:
o curl_global_init_mem.3: Stronger thread safety warning [1]
o buildconf.bat: Fixed issues when ran in directories with special
chars [2]
o cmake: Fix CurlTests check for gethostbyname_r with 5 arguments
o generate.bat: Fixed issues when ran in directories with special
chars
o generate.bat: Only call buildconf.bat if it exists
o generate.bat: Added support for generating only the prerequisite
files
o curl.1: Document weaknesses in SSLv2 and SSLv3
o CURLOPT_HTTP_VERSION.3: connection re-use goes before version
o docs: Update the redirect protocols disabled by default
o inet_pton.c: Fix MSVC run-time check failure
o CURLMOPT_PUSHFUNCTION.3: fix argument types
o rtsp: support basic/digest authentication
o rtsp: stop reading empty DESCRIBE responses
o travis: Upgrading to container based build [3]
o travis.yml: Add OS X testbot
o FTP: make state machine not get stuck in state
o openssl: handle lack of server cert when strict checking disabled
[4]
o configure: change functions to detect openssl (clones) [5]
o configure: detect latest boringssl [5]
o runtests: Allow for spaces in server-verify curl custom path
o http2: on_frame_recv: get a proper 'conn' for the debug logging
o ntlm: mark deliberate switch case fall-through
o http2: remove dead code
o curl_easy_{escape,unescape}.3: "char *" vs. "const char *" [7]
o curl: point out the conflicting HTTP methods if used
o cmake: added Windows SSL support [8]
o curl_easy_{escape,setopt}.3: fix example
o curl_easy_escape.3: escape '\n' [9]
o libcurl.m4: Put braces around empty if body [10]
o buildconf.bat: Fixed double blank line in 'curl manual' warning
output
o sasl: Only define Curl_sasl_digest_get_pair() when CRYPTO_AUTH
enabled
o inet_pton.c: Fix MSVC run-time check failure
o CURLOPT_FOLLOWLOCATION.3: mention methods for redirects
o http2: don't pass on Connection: headers [11]
o nss: do not directly access SSL_ImplementedCiphers [12]
o docs: numerous cleanups and spelling fixes
o FTP: do_more: add check for wait_data_conn in upload case [13]
o parse_proxy: reject illegal port numbers [14]
o cmake: IPv6 : disable Unix header check on Windows platform [15]
o winbuild: run buildconf.bat if necessary
o buildconf.bat: fix syntax error
o curl_sspi: fix possibly undefined CRYPT_E_REVOKED [16]
o nss: prevent NSS from incorrectly re-using a session [18]
o libcurl-errors.3: add two missing error codes
o openssl: fix build with < 0.9.8
o openssl: refactor certificate parsing to use OpenSSL memory BIO [19]
o openldap: only part of LDAP query results received [20]
o ssl: add server cert's "sha256//" hash to verbose [21]
o NTLM: Reset auth-done when using a fresh connection [22]
o curl: generate easysrc only on --libcurl [23]
o tests: disable 1801 until fixed [24]
o CURLINFO_TLS_SESSION: always return backend info
o gnutls: Support CURLOPT_KEYPASSWD
o gnutls: Report actual GnuTLS error message for certificate errors
o tests: disable 1510 due to CI-problems on github
o cmake: Put "winsock2.h" before "windows.h" during configure checks
o cmake: Ensure discovered include dirs are considered
o configure: Add missing ')' for CURL_CHECK_OPTION_RT [25]
o build: fix failures with -Wcast-align and -Werror [26]
o FTP: fix uploading ASCII with unknown size
o readwrite_data: set a max number of loops
o http2: avoid superfluous Curl_expire() calls
o http2: set TCP_NODELAY unconditionally [27]
o docs: fix unescaped '\n' in man pages
o openssl: Fix algorithm init to make (gost) engines work [28]
o win32: make recent Borland compilers use long long
o runtests: Fix pid check in checkdied
o gopher: don't send NUL byte [29]
o tool_setopt: fix c_escape truncated octal [30]
o hiperfifo: fix the pointer passed to WRITEDATA [31]
o getinfo: Fix return code for unknown CURLINFO options [32]
References to bug reports and discussions on issues:
[1] = http://curl.haxx.se/mail/lib-2015-08/0016.html
[2] = https://github.com/bagder/curl/pull/379
[3] = http://curl.haxx.se/bug/?i=388
[4] = http://curl.haxx.se/bug/?i=392
[5] = https://android.googlesource.com/platform/external/curl/+/f551028d5caab
29d4b4a4ae8c159c76c3cfd4887%5E!/
[6] = http://curl.haxx.se/bug/?i=351
[7] = http://curl.haxx.se/bug/?i=395
[8] = http://curl.haxx.se/bug/?i=399
[9] = http://curl.haxx.se/bug/?i=398
[10] = http://curl.haxx.se/bug/?i=402
[11] = http://curl.haxx.se/bug/?i=401
[12] = https://lists.fedoraproject.org/pipermail/devel/2015-September/214117.html
[13] = http://curl.haxx.se/bug/?i=405
[14] = http://curl.haxx.se/bug/?i=415
[15] = http://curl.haxx.se/bug/?i=409
[16] = http://curl.haxx.se/bug/?i=411
[17] = http://daniel.haxx.se/blog/2015/09/11/unnecessary-use-of-curl-x/
[18] = https://bugzilla.mozilla.org/1202264
[19] = http://curl.haxx.se/bug/?i=427
[20] = http://curl.haxx.se/bug/?i=440
[21] = http://curl.haxx.se/bug/?i=410
[22] = http://curl.haxx.se/bug/?i=435
[23] = http://curl.haxx.se/bug/?i=429
[24] = http://curl.haxx.se/bug/?i=380
[25] = http://curl.haxx.se/bug/?i=456
[26] = http://curl.haxx.se/bug/?i=457
[27] = http://curl.haxx.se/mail/lib-2015-09/0097.html
[28] = http://curl.haxx.se/bug/?i=447
[29] = http://curl.haxx.se/bug/?i=466
[30] = http://curl.haxx.se/bug/?i=469
[31] = http://curl.haxx.se/bug/?i=471
[32] = http://curl.haxx.se/bug/?i=468
--
/ daniel.haxx.se
Change History (2)
comment:1 by , 9 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 9 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at revision 16537.