mirror of
https://github.com/curl/curl.git
synced 2026-04-14 18:21:40 +03:00
RELEASE-NOTES: synced
This commit is contained in:
Daniel Stenberg
parent
18af4e4e10
commit
ed966832b6
1 changed files with 62 additions and 15 deletions
|
|
@ -4,7 +4,7 @@ curl and libcurl 8.18.0
|
|||
Command line options: 273
|
||||
curl_easy_setopt() options: 308
|
||||
Public functions in libcurl: 100
|
||||
Contributors: 3562
|
||||
Contributors: 3563
|
||||
|
||||
This release includes the following changes:
|
||||
|
||||
|
|
@ -20,6 +20,7 @@ This release includes the following bugfixes:
|
|||
o alt-svc: more flexibility on same destination [298]
|
||||
o altsvc: make it one malloc instead of three per entry [266]
|
||||
o AmigaOS: increase minimum stack size for tool_main [137]
|
||||
o apple sectrust: fix ancient evaluation [327]
|
||||
o apple-sectrust: always ask when `native_ca_store` is in use [162]
|
||||
o asyn-ares: handle Curl_dnscache_mk_entry() OOM error [199]
|
||||
o asyn-ares: remove hostname free on OOM [122]
|
||||
|
|
@ -39,6 +40,7 @@ This release includes the following bugfixes:
|
|||
o build: set `-Wno-format-signedness` [288]
|
||||
o build: tidy-up MSVC CRT warning suppression macros [140]
|
||||
o ccsidcurl: make curl_mime_data_ccsid() use the converted size [74]
|
||||
o cf-h1-proxy: support folded headers in CONNECT responses [296]
|
||||
o cf-https-connect: allocate ctx at first in cf_hc_create() [79]
|
||||
o cf-socket: drop feature check for `IPV6_V6ONLY` on Windows [210]
|
||||
o cf-socket: enable Win10 `TCP_KEEP*` options with old SDKs [323]
|
||||
|
|
@ -48,6 +50,7 @@ This release includes the following bugfixes:
|
|||
o checksrc.pl: detect assign followed by more than one space [26]
|
||||
o cmake: adjust defaults for target platforms not supporting shared libs [35]
|
||||
o cmake: define dependencies as `IMPORTED` interface targets [223]
|
||||
o cmake: delete unused file `CMake/CMakeConfigurableFile.in` [363]
|
||||
o cmake: disable `CURL_CA_PATH` auto-detection if `USE_APPLE_SECTRUST=ON` [16]
|
||||
o cmake: fix `ws2_32` reference in `curl-config.cmake` [201]
|
||||
o cmake: honor `CURL_DISABLE_INSTALL` and `CURL_ENABLE_EXPORT_TARGET` [106]
|
||||
|
|
@ -66,8 +69,10 @@ This release includes the following bugfixes:
|
|||
o conncontrol: reuse handling [170]
|
||||
o connect: reshuffle Curl_timeleft_ms to avoid 'redundant condition' [100]
|
||||
o connection: attached transfer count [228]
|
||||
o content_encoding: avoid strcpy [331]
|
||||
o cookie. return proper error on OOM [330]
|
||||
o cookie: allocate the main struct once cookie is fine [259]
|
||||
o cookie: flush better [218]
|
||||
o cookie: only keep and use the canonical cleaned up path [256]
|
||||
o cookie: propagate errors better, cleanup the internal API [118]
|
||||
o cookie: return error on OOM [131]
|
||||
|
|
@ -76,6 +81,7 @@ This release includes the following bugfixes:
|
|||
o curl: fix progress meter in parallel mode [15]
|
||||
o curl_fopen: do not pass invalid mode flags to `open()` on Windows [84]
|
||||
o curl_gssapi: make sure Curl_gss_log_error() has an initialized buffer [257]
|
||||
o curl_ntlm_core: fix DES_* symbols for some wolfSSL builds [281]
|
||||
o curl_sasl: if redirected, require permission to use bearer [250]
|
||||
o curl_sasl: make Curl_sasl_decode_mech compare case insensitively [160]
|
||||
o curl_setup.h: document more funcs flagged by `_CRT_SECURE_NO_WARNINGS` [124]
|
||||
|
|
@ -88,14 +94,18 @@ This release includes the following bugfixes:
|
|||
o CURLMOPT_SOCKETFUNCTION.md: fix the callback argument use [206]
|
||||
o CURLOPT_ACCEPT_ENCODING.md: warn about the expansion [224]
|
||||
o CURLOPT_FOLLOWLOCATION.md: s/Authentication:/Authorization:/ [283]
|
||||
o CURLOPT_HAPROXY_CLIENT_IP.md: emphasize reused connection use [328]
|
||||
o CURLOPT_READFUNCTION.md: clarify the size of the buffer [47]
|
||||
o CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example
|
||||
o curlx/fopen: replace open CRT functions their with `_s` counterparts (Windows) [204]
|
||||
o curlx/multibyte: stop setting macros for non-Windows [226]
|
||||
o curlx/strerr: use `strerror_s()` on Windows [75]
|
||||
o curlx: add `curlx_rename()`, fix to support long filenames on Windows [354]
|
||||
o curlx: curlx_strcopy() instead of strcpy() [326]
|
||||
o curlx: limit use of system allocators to the minimum possible [169]
|
||||
o curlx: replace `mbstowcs`/`wcstombs` with `_s` counterparts (Windows) [143]
|
||||
o curlx: replace `sprintf` with `snprintf` [194]
|
||||
o curlx: use curl alloc in `curlx_win32_stat()` (Windows) [360]
|
||||
o curlx: use curlx allocators in non-memdebug builds (Windows) [155]
|
||||
o DEPRECATE: add CMake <3.18 deprecation for April 2026 [291]
|
||||
o digest_sspi: fix a memory leak on error path [149]
|
||||
|
|
@ -116,6 +126,7 @@ This release includes the following bugfixes:
|
|||
o docs: switch more URLs to https:// [229]
|
||||
o docs: use .example URLs for proxies
|
||||
o docs: use mresult as variable name for CURLMcode
|
||||
o escape: add a length check in curl_easy_escape [284]
|
||||
o example: fix formatting nits [232]
|
||||
o examples/crawler: fix variable [92]
|
||||
o examples/multi-uv: fix invalid req->data access [177]
|
||||
|
|
@ -172,6 +183,7 @@ This release includes the following bugfixes:
|
|||
o lib/sendf.h: forward declare two structs [221]
|
||||
o lib: cleanup for some typos about spaces and code style [3]
|
||||
o lib: create unitprotos.h in the builddir, not srcdir [322]
|
||||
o lib: drop unused protocol headers [270]
|
||||
o lib: eliminate size_t casts [112]
|
||||
o lib: error for OOM when extracting URL query [127]
|
||||
o lib: fix formatting nits (part 2) [253]
|
||||
|
|
@ -182,17 +194,20 @@ This release includes the following bugfixes:
|
|||
o lib: refactor the type of funcs which have useless return and checks [1]
|
||||
o lib: replace `_tcsncpy`/`wcsncpy`/`wcscpy` with `_s` counterparts (Windows) [164]
|
||||
o lib: timer stats improvements [190]
|
||||
o lib: use `SOCKET_WRITABLE()`/`SOCKET_READABLE()` where possible [350]
|
||||
o libssh2: add paths to error messages for quote commands [114]
|
||||
o libssh2: cleanup ssh_force_knownhost_key_type [64]
|
||||
o libssh2: consider strdup() failures OOM and return correctly [72]
|
||||
o libssh2: replace atoi() in ssh_force_knownhost_key_type [63]
|
||||
o libssh: fix state machine loop to progress as it should
|
||||
o libssh: properly free sftp_attributes [153]
|
||||
o libssh: set both knownhosts options to the same file [271]
|
||||
o libtests: replace `atoi()` with `curlx_str_number()` [120]
|
||||
o limit-rate: add example using --limit-rate and --max-time together [89]
|
||||
o localtime: detect thread-safe alternatives and use them [325]
|
||||
o m4/sectrust: fix test(1) operator [4]
|
||||
o manage: expand the 'libcurl support required' message [208]
|
||||
o mbedTLS: cleanup insecure/deprecated code [351]
|
||||
o mbedtls: fix potential use of uninitialized `nread` [8]
|
||||
o mbedtls: sync format across log messages [213]
|
||||
o mbedtls_threadlock: avoid calloc, use array [244]
|
||||
|
|
@ -210,6 +225,7 @@ This release includes the following bugfixes:
|
|||
o multibyte: limit `curlx_convert_*wchar*()` functions to Unicode builds [135]
|
||||
o ngtcp2+openssl: fix leak of session [172]
|
||||
o ngtcp2: remove the unused Curl_conn_is_ngtcp2 function [85]
|
||||
o ngtcp2: retune window sizes [365]
|
||||
o noproxy: fix build on systems without IPv6 [264]
|
||||
o noproxy: fix ipv6 handling [239]
|
||||
o noproxy: replace atoi with curlx_str_number [67]
|
||||
|
|
@ -223,6 +239,7 @@ This release includes the following bugfixes:
|
|||
o openssl: toggling CURLSSLOPT_NO_PARTIALCHAIN makes a different CA cache [313]
|
||||
o OS400/ccsidcurl: fix curl_easy_setopt_ccsid for non-converted blobs [94]
|
||||
o OS400/makefile.sh: fix shellcheck warning SC2038 [86]
|
||||
o os400sys: replace `strcpy()` with `memcpy()` [273]
|
||||
o osslq: code readability [5]
|
||||
o progress: show fewer digits [78]
|
||||
o projects/README.md: Markdown fixes [148]
|
||||
|
|
@ -262,6 +279,7 @@ This release includes the following bugfixes:
|
|||
o sftp: fix range downloads in both SSH backends [82]
|
||||
o slist: constify Curl_slist_append_nodup() string argument [195]
|
||||
o smb: fix a size check to be overflow safe [161]
|
||||
o socketpair: drop redundant `_WIN32` branch and include [367]
|
||||
o socks_sspi: use free() not FreeContextBuffer() [93]
|
||||
o speedcheck: do not trigger low speed cancel on transfers with CURL_READFUNC_PAUSE [113]
|
||||
o speedlimit: also reset on send unpausing [197]
|
||||
|
|
@ -282,6 +300,7 @@ This release includes the following bugfixes:
|
|||
o test568: fix codespell, catch it next time early in CI [299]
|
||||
o test568: remove what looks like an email and a URL [304]
|
||||
o test787: fix possible typo `&` -> `%` in curl option [241]
|
||||
o test96: fix to accept non-unity memdump content with MSVC [339]
|
||||
o tests/data: move `--libcurl` output to external data files [34]
|
||||
o tests/data: replace hard-coded test numbers with `%TESTNUMBER` [33]
|
||||
o tests/data: support using native newlines on disk, drop `.gitattributes` [91]
|
||||
|
|
@ -317,6 +336,7 @@ This release includes the following bugfixes:
|
|||
o tool_paramhlp: refuse --proto remove all protocols [10]
|
||||
o tool_urlglob: acknowledge OOM in peek_ipv6 [175]
|
||||
o tool_urlglob: clean up used memory on errors better [44]
|
||||
o tool_urlglob: constify an argument [361]
|
||||
o tool_urlglob: support globs as long as config line lengths [282]
|
||||
o tool_writeout: bail out proper on OOM [104]
|
||||
o url: fix return code for OOM in parse_proxy() [193]
|
||||
|
|
@ -329,11 +349,13 @@ This release includes the following bugfixes:
|
|||
o vquic: do not pass invalid mode flags to `open()` (Windows) [58]
|
||||
o vquic: do_sendmsg full init [171]
|
||||
o vquic: ignore 0-length UDP packets [336]
|
||||
o vquic: initialize new callback in nghttp3 1.14.0+ [317]
|
||||
o vtls: fix CURLOPT_CAPATH use [51]
|
||||
o vtls: handle possible malicious certs_num from peer [53]
|
||||
o vtls: pinned key check [98]
|
||||
o wcurl: import v2025.11.09 [29]
|
||||
o windows: assume `USE_WIN32_LARGE_FILES` [292]
|
||||
o windows: fix `CreateFile()` calls to support long filenames [356]
|
||||
o windows: use `_strdup()` instead of `strdup()` where missing [145]
|
||||
o wolfSSL: able to differentiate between IP and DNS in alt names [13]
|
||||
o wolfssl: avoid NULL dereference in OOM situation [77]
|
||||
|
|
@ -342,6 +364,7 @@ This release includes the following bugfixes:
|
|||
o wolfssl: fix possible assert with `!HAVE_NO_EX` wolfSSL builds [261]
|
||||
o wolfssl: proof use of wolfSSL_i2d_SSL_SESSION [314]
|
||||
o wolfssl: simplify wssl_send_earlydata [111]
|
||||
o x509asn1: drop unused `hostcheck.h`, `vtls_int.h` includes [340]
|
||||
|
||||
This release includes the following known bugs:
|
||||
|
||||
|
|
@ -363,21 +386,22 @@ Planned upcoming removals include:
|
|||
This release would not have looked like this without help, code, reports and
|
||||
advice from friends like these:
|
||||
|
||||
Aleksandr Sergeev, Aleksei Bavshin, Andrew Kirillov,
|
||||
Aleksandr Sergeev, Aleksei Bavshin, Alexander Batischev, Andrew Kirillov,
|
||||
anonymous237 on hackerone, BANADDA, boingball, Brad King, bttrfl on github,
|
||||
Christian Schmitz, Dan Fandrich, Daniel McCarney, Daniel Stenberg,
|
||||
Denis Goleshchikhin, Deniz Parlak, dependabot[bot], Fabian Keil,
|
||||
Fd929c2CE5fA on github, ffath-vo on github, Gabriel Marin,
|
||||
Georg Schulz-Allgaier, Gisle Vanem, Greg Hudson, Harry Sintonen, Jeff King,
|
||||
Jiyong Yang, John Haugabook, Juliusz Sosinowicz, Kai Pastor,
|
||||
Leonardo Taccari, letshack9707 on hackerone, Marc Aldorasi, Marcel Raad,
|
||||
Max Faxälv, nait-furry, ncaklovic on github, Nick Korepanov,
|
||||
Omdahake on github, Patrick Monnerat, pelioro on hackerone, Ray Satiro,
|
||||
renovate[bot], Robert W. Van Kirk, Samuel Henrique, Sergey Katsubo,
|
||||
st751228051 on github, Stanislav Fort, Stefan Eissing, Sunny, Theo Buehler,
|
||||
Thomas Klausner, Viktor Szakats, Wesley Moore, Xiaoke Wang, Yedaya Katsman,
|
||||
Yuhao Jiang, yushicheng7788 on github
|
||||
(56 contributors)
|
||||
Christian Schmitz, Dan Fandrich, Daniel McCarney, Daniel Pouzzner,
|
||||
Daniel Santos, Daniel Stenberg, Denis Goleshchikhin, Deniz Parlak,
|
||||
dependabot[bot], Fabian Keil, Fd929c2CE5fA on github, ffath-vo on github,
|
||||
Gabriel Marin, Georg Schulz-Allgaier, Gisle Vanem, Greg Hudson,
|
||||
Harry Sintonen, Jeff King, Jiyong Yang, John Haugabook, Juliusz Sosinowicz,
|
||||
Kai Pastor, koujaz on github, Leonardo Taccari, letshack9707 on hackerone,
|
||||
Marc Aldorasi, Marcel Raad, Mathesh V, Max Faxälv, nait-furry,
|
||||
ncaklovic on github, Nick Korepanov, Omdahake on github, Patrick Monnerat,
|
||||
pelioro on hackerone, Ray Satiro, renovate[bot], Robert W. Van Kirk,
|
||||
Samuel Henrique, Sergey Katsubo, st751228051 on github, Stanislav Fort,
|
||||
Stefan Eissing, Sunny, Theo Buehler, Thomas Klausner, Viktor Szakats,
|
||||
Wesley Moore, Wyatt O'Day, Xiaoke Wang, Yedaya Katsman, Yuhao Jiang,
|
||||
yushicheng7788 on github
|
||||
(62 contributors)
|
||||
|
||||
References to bug reports and discussions on issues:
|
||||
|
||||
|
|
@ -598,6 +622,7 @@ References to bug reports and discussions on issues:
|
|||
[215] = https://curl.se/bug/?i=19764
|
||||
[216] = https://curl.se/bug/?i=18009
|
||||
[217] = https://curl.se/bug/?i=19763
|
||||
[218] = https://curl.se/bug/?i=20090
|
||||
[219] = https://curl.se/bug/?i=19759
|
||||
[220] = https://curl.se/bug/?i=19756
|
||||
[221] = https://curl.se/bug/?i=19761
|
||||
|
|
@ -649,7 +674,10 @@ References to bug reports and discussions on issues:
|
|||
[267] = https://curl.se/bug/?i=19858
|
||||
[268] = https://curl.se/bug/?i=19753
|
||||
[269] = https://curl.se/bug/?i=19965
|
||||
[270] = https://curl.se/bug/?i=20093
|
||||
[271] = https://curl.se/bug/?i=20092
|
||||
[272] = https://curl.se/bug/?i=20026
|
||||
[273] = https://curl.se/bug/?i=20089
|
||||
[274] = https://curl.se/bug/?i=19964
|
||||
[275] = https://curl.se/bug/?i=18189
|
||||
[276] = https://curl.se/bug/?i=19922
|
||||
|
|
@ -657,8 +685,10 @@ References to bug reports and discussions on issues:
|
|||
[278] = https://curl.se/bug/?i=19920
|
||||
[279] = https://curl.se/bug/?i=19918
|
||||
[280] = https://curl.se/bug/?i=19770
|
||||
[281] = https://curl.se/bug/?i=20083
|
||||
[282] = https://curl.se/bug/?i=19960
|
||||
[283] = https://curl.se/bug/?i=19915
|
||||
[284] = https://curl.se/bug/?i=20086
|
||||
[285] = https://curl.se/bug/?i=19911
|
||||
[286] = https://curl.se/bug/?i=19900
|
||||
[288] = https://curl.se/bug/?i=19907
|
||||
|
|
@ -666,6 +696,7 @@ References to bug reports and discussions on issues:
|
|||
[292] = https://curl.se/bug/?i=19888
|
||||
[294] = https://curl.se/bug/?i=19901
|
||||
[295] = https://curl.se/bug/?i=19899
|
||||
[296] = https://curl.se/bug/?i=20080
|
||||
[297] = https://curl.se/bug/?i=19894
|
||||
[298] = https://curl.se/bug/?i=19740
|
||||
[299] = https://curl.se/bug/?i=19945
|
||||
|
|
@ -684,6 +715,7 @@ References to bug reports and discussions on issues:
|
|||
[313] = https://curl.se/bug/?i=20009
|
||||
[314] = https://curl.se/bug/?i=20008
|
||||
[316] = https://curl.se/bug/?i=19997
|
||||
[317] = https://curl.se/bug/?i=20077
|
||||
[318] = https://curl.se/bug/?i=20002
|
||||
[319] = https://curl.se/bug/?i=19995
|
||||
[320] = https://curl.se/bug/?i=20001
|
||||
|
|
@ -692,8 +724,23 @@ References to bug reports and discussions on issues:
|
|||
[323] = https://curl.se/bug/?i=19999
|
||||
[324] = https://curl.se/bug/?i=19980
|
||||
[325] = https://curl.se/bug/?i=19957
|
||||
[326] = https://curl.se/bug/?i=20067
|
||||
[327] = https://curl.se/bug/?i=20074
|
||||
[328] = https://curl.se/bug/?i=20075
|
||||
[329] = https://curl.se/bug/?i=19996
|
||||
[330] = https://curl.se/bug/?i=19992
|
||||
[331] = https://curl.se/bug/?i=20072
|
||||
[334] = https://curl.se/bug/?i=19984
|
||||
[335] = https://curl.se/bug/?i=19986
|
||||
[336] = https://curl.se/bug/?i=19978
|
||||
[339] = https://curl.se/bug/?i=20064
|
||||
[340] = https://curl.se/bug/?i=20063
|
||||
[350] = https://curl.se/bug/?i=20052
|
||||
[351] = https://curl.se/bug/?i=19983
|
||||
[354] = https://curl.se/bug/?i=20042
|
||||
[356] = https://curl.se/bug/?i=19286
|
||||
[360] = https://curl.se/bug/?i=20043
|
||||
[361] = https://curl.se/bug/?i=20045
|
||||
[363] = https://curl.se/bug/?i=20038
|
||||
[365] = https://curl.se/bug/?i=20030
|
||||
[367] = https://curl.se/bug/?i=20032
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue