Opened 5 months ago
Closed 5 months ago
#20628 closed enhancement (fixed)
curl-8.11.0
| Reported by: | Xi Ruoyao | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | elevated | Milestone: | 12.3 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description ¶
New minor version.
Change History (3)
comment:1 by , 5 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 5 months ago
| Priority: | normal → elevated |
|---|
comment:3 by , 5 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at c98aac9e02634dd0df58eec04230d81caf447540
SA-12.2-039 issued
Note:
See TracTickets
for help on using tickets.
Release notes:
Changes: curl: --create-dirs works for --dump-header as well gtls: Add P12 format support ipfs: add options to disable TLS: TLSv1.3 earlydata support for curl WebSockets: make support official (non-experimental) Bugfixes: alt-svc: honor data->state.httpwant altsvc: avoid using local buffer and memcpy asyn-ares: remove typecast, fix expire autotools: add support for 'unity' builds, enable in CI bearssl: avoid strpcy() when generating TLS version log message bearssl: improved session handling, test exceptions bufq: unwrite fix build: add `ldap` to `libcurl.pc` `Requires:` build: add pytest targets build: clarify CA embed is for curl tool, mark default, improve summary build: detect and use `_setmode()` with Cygwin/MSYS, also use on Windows build: disable warning `-Wunreachable-code-break` build: fix clang-cl builds, add CI job build: fix cross-compile check for poll with bionic build: fix possible `-Wformat-overflow` in lib557 build: limit arc4random detection to no-SSL configs build: show if CA bundle to embed was found build: tidy up and improve versioned-symbols options build: tidy up deprecation suppression, enable warnings for clang certs: add missing `-CAcreateserial` option for LibreSSL checksrc: add check for spaces around logical AND operators checksrc: Added checks for colon operator in ternary expressions checksrc: check for spaces around '?', '>' and '<' ci: dump `curl_config.h` to log in all jobs CI: run with standard mod_http2 cmake, Makefile.mk: use -isystem for headers, silence BearSSL issues cmake/FindCares: fix version detection for c-ares 1.34.1 cmake/FindNGTCP2: use library path as hint for finding crypto module cmake: add missed variable to comment cmake: add native `pkg-config` detection for mbedTLS, MSH3, Quiche, Rustls, wolfSSL cmake: allow building tests in unity mode cmake: apply `WIN32_LEAN_AND_MEAN` to all feature checks cmake: avoid setting `BUILD_TESTING` cmake: clear package version after `pkg-config` detection cmake: delete unused NEED_LBER_H, HAVE_LDAP_H cmake: detect `HAVE_NETINET_IN6_H`, `HAVE_CLOSESOCKET_CAMEL`, `HAVE_PROTO_BSDSOCKET_H` cmake: detect GNU GSS cmake: disable default OpenSSL if BearSSL, GnuTLS or Rustls is enabled cmake: do not propagate unused `HAVE_GSSAPI_GSSAPI_KRB5_H` to C cmake: document `-D` and env build options cmake: drop obsolete items from `TODO` and `INSTALL-CMAKE` cmake: drop redundant assignments cmake: drop redundant zlib var, rename function (internals) cmake: expand CURL_USE_PKGCONFIG to non-cross MINGW cmake: fix broken dependency chain for cmdline-opts, tidy-ups cmake: fix compile warnings for clang-cl cmake: fix missing spacing in log message cmake: limit `CURL_STATIC_CRT` to MSVC cmake: make `test-ci` target skip building dependencies cmake: mark as advanced some internal Find* variables cmake: readd `generate-curl.1` dependency for `src` just in case cmake: rename LDAP dependency config variables to match Find modules cmake: replace `check_include_file_concat()` for LDAP and GSS detection cmake: replace `CURL_*_DIR` with `{PROJECT,CMAKE_CURRENT}_*_DIR` cmake: require quictls (or fork) when using msh3 on non-Windows cmake: separate target for examples, optimize CI, fix fallouts cmake: set version for `project()` and add CPack support cmake: stop adding dependency headers to global `CMAKE_REQUIRED_INCLUDES` cmake: sync torture test parallelism with autotools cmake: tidy up `CURL_DISABLE_FORM_API` initialization cmake: tidy up and shorten symbol hiding initialization cmake: tidy up line order cmake: tidy up picky warning initialization cmake: tidy-ups and rebase fixups cmake: tweaks around debug mode and hidden symbols cmake: untangle feature detection interdependencies cmake: use `list(APPEND)` on `CURL_INCLUDES` cmake: use OpenSSL for LDAP detection only if available cmake: use the `BSD` variable config: rename the OS define to CURL_OS to reduce collision risk configure: add GSS to `libcurl.pc` `Depends:` configure: catch Apple in more target triplets configure: drop duplicate feature checks for `poll()`, `if_nametoindex()` configure: drop unused bare `socket.h` detection configure: improve help string for some options conncache: find bundle again in case it is removed conncache: more efficient implementation of cpool_remove_bundle cookie: overhaul and cleanup curl-rustls.m4: set linker flags to allow rustls build on macos curl.h: remove the struct pointer for CURL/CURLSH/CURLM typedefs curl: add build options for safe/no CA bundle search (Windows) curl: detect ECH support dynamically, not at build time curl_addrinfo: support operating systems with only getaddrinfo(3) curl_multi_perform.md: fix typo curl_trc: fix build with verbose messages disabled curl_url_set.md: document HOST handling when URL is parsed curl_ws_recv.md: the 'meta' pointer is only returned on success curl_ws_recv: return recv 0 and point meta to NULL on all errors CURLMOPT_PIPELINING.md: clarify that CURLPIPE_NOTHING is not default CURLOPT_APPEND.md: goes for SFTP as well CURLOPT_HEADERFUNCTION.md: do not modify the passed in buffer DISABLED: disable test 1060 with hyper DISTROS: avoid use of "very" Dockerfile: update Docker digest to d830561 docs/cmdline-opts: GnuTLS supports PKCS#11 URI in --cert option docs: clarify FTP over HTTP proxy functionality somewhat docs: fix a typo in some cipher options ech: spelling, whitespace, say `--ech` default config ftp: fix 0-length last write on upload from stdin ftp: move listen handling to socket filter GHA: optimize test prereq steps gnutls: use session cache for QUIC hsts: avoid the local buffer and memcpy on lookup hsts: improve subdomain handling hsts: support "implied LWS" properly around max-age http2: auto reset stream on server eos http_aws_sigv4: avoid local buffer and strcpy INSTALL-CMAKE.md: mention focus on shared libraries INSTALL-CMAKE: fix punctuation and a typo INSTALL.md: fix a typo that slipped in to RISC OS json.md: cli-option `--json` is an alias of `--data-binary` lib, src, tests: added space around ternary expressions lib/cw-out: initialize 'flush_all' directly lib/src: white space edits to comply better with code style lib: avoid assigning 'result' temporarily lib: fix disabled-verbose-strings + enable-debug build warnings lib: fix unity builds with BearSSL, MSH3, Quiche, OmniOS lib: move curl_path.[ch] into vssh/ lib: msnprintf tidy-ups lib: remove Curl_ prefix from static functions lib: remove function pointer typecasts for hmac/sha256/md5 lib: use bool/TRUE/FALSE properly libcurl/opts: improve phrasing for connection cap related options libssh.c: handle EGAINS during proto-connect correctly libssh2: delete duplicate `break` libssh2: put the readdir buffers into struct libssh2: use the Curl_* memory functions to avoid memdebug libssh2: use the filename buffer when getting the homedir libtests: generate the lib1521 atomically mbedTLS: fix handling of TLSv1.3 sessions mbedtls: handle session as blobs mbedtls: remove failf() use from mbedtls_random mk-lib1521: fix the long return code check mprintf: do not ignore length modifiers of `%o`, `%x`, `%X` mprintf: treat `%o` as unsigned, add tests for `%o`, `%x`, `%X` mqtt: fix mqtt.md wording and add clearer explanation multi.c: make stronger check for paused transfer before asserting multi.c: warn/assert on stall only without timer multi: avoid reading whole struct pointer from pointer multi: convert Curl_follow to static multi_follow multi: make curl_multi_cleanup invalidate magic latter multi: make multi_handle_timeout use the connect timeout multi: split multi_runsingle into sub functions negotiate: conditional check around GSS & SSL specific code netrc: cache the netrc file in memory ngtcp2: do not loop on recv ngtcp2: set max window size to 10x of initial (128KB) openssl quic: populate x509 store before handshake openssl: convert a memcpy to dynbuf use openssl: extend the OpenSSL error messages openssl: improve retries on shutdown openssl: remove two strcpy() calls OS400: don't delete source files when building with debug packages/OS400/curlmain: remove the strncpy calls processhelp.pm: improve taskkill calls (Windows) pytest: fix run against multissl curl pytest: improve pytest_07_42a reliability pytest: include `buildinfo.txt` in the output pytest: include curl version string and python platform in log pytest: show curl features and protocols quic: use send/recvmmsg when available quic: use the session cache with wolfSSL as well request: on shutdown send, proceed normally on timeout runtests.md: suggest a value for -j for torture tests runtests: add comment for handle64 pathsep requirement runtests: drop unused code for old/classic-mingw support runtests: pass single backslashes with Windows Perl runtests: use deterministic sort for `TESTINFO` lines schannel: fix TLS cert verification by IP SAN schannel: ignore error on recv beyond close notify schannel: reclassify extra-verbose schannel_recv messages select: use poll() if existing, avoid poll() with no sockets sendf: add condition to max-filesize check server/mqttd: fix two memory leaks setopt: avoid superfluous length checks before strcmp() setopt: return error for bad input to CURLOPT_RTSP_REQUEST setopt_cptr: make overflow check only done when needed singleuse: make `git grep` faster, add Apple `nm` support smb: do not redefine `getpid` on Windows smb: replace use of strcpy() with snprintf() socks_gssapi: switch to dynbuf from buffer with strcpy source: avoid use of 'very' in comments src/lib: remove redundant ternary operators src: guard for double declaration of `curl_ca_embed` in unity builds sws: fix unused static function with `TCP_NODELAY` undefined telnet: avoid two strcpy() by pointing to the strings instead test1035: convert host name back to utf8 as should be test1515: add tracing and more debug info test1540: add debug logging test190: replace %FTPTIME2 with a fixed value test1915: add tracing and connect timeout test1915: remove wrong comment test2502: add libtest debug tracing test504: fix handling on pending connect testrun: explicitly set proper IP address for stunnel listen/connect tests/http: fix ubuntu GnuTLS CI failures tests/scorecard: allow remote server test tests/server/util.c: remove use of strncpy tests/valgrind.pm: fix warnings with no valgrind report to show tests/valgrind.supp: remove a travis suppression, add a Debian tests: add and use `%PERL` variable to refer to the Perl binary tests: add codeset-utf8 as a feature tests: add file: tests with existing files tests: allow pytests to run in out-of-tree builds tests: capture stdin to get the vsftpd version number tests: change Python code style to pass ruff checks tests: check http/2 and http/3 server responsiveness tests: delete duplicate macro check tests: enable additional ruff Python lint options tests: fix `%POSIX_PWD` on native Windows Perl tests: fix callback signatures to please UndefinedBehaviorSanitizer tests: Fix FILEFORMAT <file name=""> directive tests: fix keyword for test1411 tests: fix shell quoting on native Windows Perl tests: fix some Python typing issues tests: fixup `checkcmd` `PATH` on non-unixy platforms tests: improve mqtt server handling tests: introduce %CLIENT6IP-NB tests: let openssl generate random cert serials tests: libtests and unit tests need explicit #include memdebug tests: make precheck for HTTP on 127.0.0.1 into a feature tests: Only log warnings or worse by default in smbserver tests: postcheck is now in verify tests: remove all valgrind disable instructions tests: remove debug requirement on 38 tests tests: remove the %FTPTIME3 variable tests: replace `%PWD` with `%FILE_PWD` for `file://` tests: replace `%PWD` with `%SSH_PWD` in SCP/SFTP tests tests: replace hard-coded `/dev/null` with variable tests: simplify `pathhelp.pm`, avoid using external tools tests: speed up builds with single-binary test bundles tests: testrunner fairness tests: testrunner reliability improvements tests: use '-4' where needed tests: use a set for several of the curl_props tftp: avoid two memcpy/strcpy tidy-up: rename CURL_WINDOWS_APP to CURL_WINDOWS_UWP tls: avoid abusing CURLE_SSL_ENGINE_INITFAILED tool: support --show-headers AND --remote-header-name tool_doswin: simplify; remove unused options and strncpy calls tool_getparam: drop unused time() call tool_getparam: replace two uses of strncpy(), ban strncpy tool_operate: make --skip-existing work for --parallel tool_operate: reuse the schannel backend check tool_xattr: create the user.creator xattr attribute unit1307: tidy up Apple OS detection unit1660: fix unreachable code warning in no-SSL builds url: connection reuse on h3 connections url: use same credentials on redirect urlapi: drop unused header urlapi: normalize the IPv6 address version: minor cleanups version: say quictls in MSH3 builds vquic: fix compiler warning with gcc + MUSL vquic: recv_mmsg, use fewer, but larger buffers vtls: convert Curl_pin_peer_pubkey to use dynbuf vtls: convert pubkey_pem_to_der to use dynbuf warnless: remove curlx_sktosi and curlx_sitosk winbuild/README: consolidate command prompt section winbuild/README: document how to clean a build winbuild: add initial wolfSSL support winbuild: drop `gen_resp_file.bat` wolfssl: convert malloc + memcpys to dynbuf for cipher string wolfSSL: fix handling of TLSv1.3 sessions wolfssl: no more use of the OpenSSL API wolfssl: use old version API without openssl extraSecurity Advisory: