public inbox for cygwin-announce@cygwin.com
 help / color / mirror / Atom feed
* Updated: curl, libcurl{4, -devel, -doc}, mingw64-{x86_64, i686}-curl 7.76
@ 2021-04-03 23:15 Cygwin curl Maintainer
  0 siblings, 0 replies; only message in thread
From: Cygwin curl Maintainer @ 2021-04-03 23:15 UTC (permalink / raw)
  To: Cygwin Announcements

The following packages have been upgraded in the Cygwin distribution:

* curl			7.76
* libcurl4		7.76
* libcurl-devel		7.76
* libcurl-doc		7.76
* mingw64-x86_64-curl	7.76
* mingw64-i686-curl	7.76

Command line tool and Library supporting transferring files with
URL syntax, using FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, and
FILE, SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form
based upload, proxies, cookies, user+password authentication (Basic,
Digest, NTLM, Negotiate...), file transfer resume, proxy tunneling and a
busload of other useful tricks.

For more information see the project home page:

	https://curl.se/

As there are multiple components and many changes each release please
see below or read /usr/share/doc/curl/RELEASE-NOTES after installation
for complete details:

	https://curl.se/changes.html

curl and libcurl 7.76:

* Public curl releases:         198
* Command line options:         240
* curl_easy_setopt() options:   288
* Public functions in libcurl:  85
* Contributors:                 2356

This release includes the following changes:

* cookies: Support multiple -b parameters [69]
* curl: add --fail-with-body [17]
* doh: add options to disable ssl verification [5]
* http: add support to read and store the referrer header [30]
* sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl [4]
* vtls: initial implementation of rustls backend [3]

This release includes the following known bugs:

* see /usr/share/doc/curl/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)

This release includes the following bugfixes:

* CVE-2021-22876: strip credentials from the auto-referer header field [88]
* CVE-2021-22890: add 'isproxy' argument to Curl_ssl_get/addsessionid() [55]
* asyn-ares: use consistent resolve error message [37]
* BUG-BOUNTY: removed the cooperation mention
* build: delete unused feature guards [51]
* build: fix --disable-dateparse [1]
* build: fix --disable-http-auth
* build: remove all traces of USE_BLOCKING_SOCKETS [70]
* c-hyper: Remove superfluous pointer check [56]
* c-hyper: support automatic content-encoding [74]
* CI/azure: disable test 433 on azure-ubuntu [105]
* CI/azure: replace python-impacket with python3-impacket [61]
* ci: stop building on freebsd-12-1 [38]
* cmake: fix import library name for non-MS compiler on Windows [10]
* cmake: use CMAKE_INSTALL_INCLUDEDIR indirection [49]
* cmake: support WinIDN [100]
* config: fix building SMB with configure using Win32 Crypto [91]
* config: fix detection of restricted Windows App environment
* configure: fail if --with-quiche is used and quiche isn't found [48]
* configure: make AC_TRY_* into AC_*_IFELSE
* configure: make hyper opt-in, and fail if missing [53]
* configure: only add OpenSSL paths if they are defined [68]
* configure: provide Largefile feature for curl-config [79]
* configure: remove use of deprecated macros
* configure: s/AC_HELP_STRING/AS_HELP_STRING [110]
* cookies: Fix potential NULL pointer deref with PSL [66]
* curl: set CURLOPT_NEW_FILE_PERMS if requested [65]
* curl_easy_setopt.3: add curl_easy_option* functions to SEE ALSO
* curl_multibyte: always return a heap-allocated copy of string [29]
* curl_multibyte: fall back to local code page stat/access on Windows [8]
* Curl_timeleft: check both timeouts during connect [109]
* curl_url_set.3: mention CURLU_PATH_AS_IS [13]
* CURLOPT_QUOTE.3: clarify that libcurl doesn't parse what's sent [16]
* docs/HTTP2: remove the outdated remark about multiplexing for the tool
* docs/Makefile.inc: format to be update-friendly [11]
* docs: add CURLOPT_CURLU to 'See also' in curl_url_ functions [52]
* docs: add missing Arg tag to --stderr [58]
* docs: Add SSL backend names to CURL_SSL_BACKEND [106]
* docs: clarify timeouts for queued transfers in multi API [101]
* docs: Explain DOH transfers inherit some SSL settings [107]
* docs: fix FILE example url in --metalink documentation [19]
* docs: make gen.pl support *italic* and **bold** [112]
* doh: Fix sharing user's resolve list with DOH handles [46]
* doh: Inherit CURLOPT_STDERR from user's easy handle [60]
* dynbuf: bump the max HTTP request to 1MB [39]
* examples: Remove threaded-shared-conn.c due to bug [119]
* file: Support unicode urls on windows [9]
* ftp: add 'list_only' to the transfer state struct [35]
* ftp: add 'prefer_ascii' to the transfer state struct [36]
* FTP: allow SIZE to fail when doing (resumed) upload [78]
* ftp: avoid SIZE when asking for a TYPE A file [23]
* ftp: fix Codacy/cppcheck warning about null pointer arithmetic [34]
* ftp: fix memory leak in ftp_done [96]
* ftp: never set data->set.ftp_append outside setopt [14]
* gen.pl: quote "bare" minuses in the nroff curl.1 [92]
* github: add torture-ftp for FTP-only torture testing [94]
* gnutls: assume nettle crypto support [33]
* gskit: correct the gskit_send() prototype [21]
* hostip: fix build with sync resolver [20]
* hostip: fix crash in sync resolver builds that use DOH [12]
* hsts: remove unused defines [93]
* http2: don't set KEEP_SEND when there's no more data to be sent [90]
* http2: fail if connection terminated without END_STREAM [97]
* http: cap body data amount during send speed limiting [116]
* http: do not add a referrer header with empty value [44]
* http: make 416 not fail with resume + CURLOPT_FAILONERRROR [108]
* http: remove superfluous NULL assign [75]
* http: strip default port from URL sent to proxy [104]
* http: use credentials from transfer, not connection [25]
* ldap: use correct memory free function [63]
* lib1536: check ptr against NULL before dereferencing it [83]
* lib1537: check ptr against NULL before dereferencing it [84]
* lib: remove 'conn->data' completely [45]
* libssh2: kdb_callback: get the right struct pointer [99]
* libssh2:ssh_connect: clear session pointer after free [98]
* memdebug: close debug logfile explicitly on exit [28]
* mingw: enable using strcasecmp() [50]
* multi: close the connection when h2=>h1 downgrading [122]
* multi: do once-per-transfer inits in before_perform in DID state [54]
* multi: rename the multi transfer states [43]
* multi: update pending list when removing handle [82]
* ngtcp2: adapt to the new recv_datagram callback
* ngtcp2: clarify calculation precedence [27]
* ngtcp2: Fix build error due to change in ngtcp2_addr_init [81]
* ngtcp2: sync with recent API updates [113]
* openldap: avoid NULL pointer dereferences [102]
* openssl: adapt to v3's new const for a few API calls [86]
* openssl: ensure to check SSL_CTX_set_alpn_protos return values [121]
* openssl: remove get_ssl_version_txt in favor of SSL_get_version [67]
* openssl: set the transfer pointer for logging early [123]
* OS400: update for CURLOPT_AWS_SIGV4 [2]
* parse_proxy: fix a memory leak in the OOM path [41]
* pathhelp.pm: fix use of pwd -L in Msys environment
* projects: Update VS projects for OpenSSL 1.1.x [59]
* quiche: fix build error: use 'int' for port number
* quiche: fix crash when failing to connect [87]
* retry-all-errors.d: Explain curl errors versus HTTP response errors [72]
* retry.d: Clarify transient 5xx HTTP response codes [71]
* runtests.pl: add %TESTNUMBER variable to make copying tests more convenient
* runtests.pl: add a -P option to specify an external proxy
* runtests.pl: kill processes locking test log files [62]
* setopt: error on CURLOPT_HTTP09_ALLOWED set true with Hyper [77]
* test1188: change error to check for: --fail HTTP status [26]
* test220/314: adjust to run with Hyper
* test304: header CRLF cleanup to work with Hyper
* test306: make it not run with Hyper
* tests: disable .curlrc in more environments [7]
* tests: use %TESTNUMBER instead of fixed number [103]
* tftp: remove the 3600 second default timeout [111]
* time: enable 64-bit time_t in supported mingw environments [24]
* tool_help: add missing argument for --create-file-mode [18]
* tool_help: Increase space between option and description [64]
* tool_operate: bail if set CURLOPT_HTTP09_ALLOWED returns error [76]
* travis: add a rustls build [89]
* travis: bump wolfssl to 4.7.0
* travis: only build wolfssl when needed [85]
* travis: split "torture" into a separate "events" build [95]
* travis: switch ngtcp2 build over to quictls [73]
* travis: use ubuntu nghttp2 package instead of build our own [80]
* url.c: use consistent error message for failed resolve
* url: fix memory leak if OOM in the HSTS handling [32]
* url: fix possible use-after-free in default protocol [42]
* urldata: don't touch data->set.httpversion at run-time [6]
* urldata: fix build without HTTP and MQTT [22]
* urldata: make 'actions[]' use unsigned char instead of int [47]
* urldata: merge "struct DynamicStatic" into "struct UrlState" [117]
* urldata: remove the 'rtspversion' field [15]
* urldata: remove the _ORIG suffix from string names [31]
* version.d: Add missing features to the features list [57]
* wolfssl: don't store a NULL sessionid [40]


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2021-04-03 23:17 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-03 23:15 Updated: curl, libcurl{4, -devel, -doc}, mingw64-{x86_64, i686}-curl 7.76 Cygwin curl Maintainer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).