1 Curl and libcurl 7.34.0
3 Public curl releases: 136
4 Command line options: 161
5 curl_easy_setopt() options: 206
6 Public functions in libcurl: 58
7 Known libcurl bindings: 42
10 This release includes the following security fix:
11 o gtls: respect *VERIFYHOST independently of *VERIFYPEER [26]
13 This release includes the following changes:
15 o SSL: protocol version can be specified more precisely [1]
16 o imap/pop3/smtp: Added graceful cancellation of SASL authentication
17 o Add "Happy Eyeballs" for IPv4/IPv6 dual connect attempts
18 o base64: Added validation of base64 input strings when decoding [8]
19 o curl_easy_setopt: Added the ability to set the login options separately
20 o smtp: Added support for additional SMTP commands
21 o curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
22 o nss: allow to use TLS > 1.0 if built against recent NSS [18]
23 o SECURITY: added this document to describe our security processes [22]
24 o parseconfig: warn if unquoted white spaces are detected
26 This release includes the following bugfixes:
28 o darwinssl: un-break iOS build after PKCS#12 feature added
29 o tool: use XFERFUNCTION to save some casts [2]
30 o usercertinmem: fix memory leaks
31 o ssh: Handle successful SSH_USERAUTH_NONE [3]
32 o NSS: acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option [4]
33 o test906: Fixed failing test on some platforms [5]
34 o sasl: initialize NSS before using NTLM crypto
35 o sasl: Fixed memory leak in OAUTH2 message creation
36 o imap/pop3/smtp: Fixed QUIT / LOGOUT being sent when SSL connect fails
37 o cmake: unbreak for non-Windows platforms [6]
38 o ssh: initialize per-handle data in ssh_connect()
39 o glob: fix broken URLs
40 o configure: check for long long when building with cyassl
41 o CURLOPT_RESOLVE: mention they don't time-out [7]
42 o docs/examples/httpput.c: fix build for MSVC
43 o FTP: make the data connection work when going through proxy
44 o NSS: support for CERTINFO feature
45 o curl_multi_wait: accept 0 from multi_timeout() as valid timeout
46 o glob_range: pass the closing bracket for a-z ranges
47 o tool_help: Updated --list-only description to include POP3
48 o Curl_ssl_push_certinfo_len: don't %.*s non-zero-terminated string [9]
49 o cmake: fix Windows build with IPv6 support [10]
50 o ares: Fixed compilation under Visual Studio 2012 [11]
51 o curl_easy_setopt.3: clarify CURLOPT_SSL_VERIFYHOST documentation [12]
52 o curl.1: mention that -O does no URL decoding [13]
53 o darwinssl: PKCS#12 import feature now requires Lion or later [14]
54 o darwinssl: check for SSLSetSessionOption() presence when toggling BEAST
55 o configure: Fix test with -Werror=implicit-function-declaration [15]
56 o sigpipe: factor out sigpipe_reset from easy.c
57 o curl_multi_cleanup: ignore SIGPIPE
58 o globbing: curl glob counter mismatch with {} list use [16]
59 o parseconfig: dash options can't specified with colon or equals [17]
60 o digest: fix CURLAUTH_DIGEST_IE [19]
61 o curl.h: <sys/select.h> for OpenBSD [20]
62 o darwinssl: Fix #if 10.6.0 for SecKeychainSearch
63 o TFTP: fix return codes for connect timeout [21]
64 o login options: remove the ;[options] support from CURLOPT_USERPWD [23]
65 o imap: Fixed incorrect fallback to clear text authentication
66 o parsedate: avoid integer overflow
67 o curl.1: document -J doesn't %-decode [25]
68 o multi: add timer inaccuracy margin to timeout/connecttimeout [24]
70 This release includes the following known bugs:
72 o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)
74 This release would not have looked like this without help, code, reports and
75 advice from friends like these:
77 Alessandro Ghedini, Andreas Rieke, Björn Stenberg, Chris Conlon,
78 Christian Grothoff, Christian Weisgerber, Dave Reisner, David Walser,
79 Dima Tisnek, Fabian Keil, Felix Yan, Gergely Nagy, Gisle Vanem,
80 Ishan SinghLevett, James Dury, Javier Barroso, Jeff King, Kamil Dudka,
81 Kim Vandry, Marcin Gryszkalis, Melissa Mears, Michael Osipov, Nick Zitzmann,
82 Oliver Kuckertz, Patrick Monnerat, Paul Donohue, Paul Marks, Romulo A. Ceccon,
83 Rémy Léone, Sergey Tatarincev, Steve Holme, Tomas Hoger, Tyler Hall,
84 Yaakov Selkowitz, Eric Lubin, Petr Bahula, He Qin, Marc Deslauriers
86 Thanks! (and sorry if I forgot to mention someone)
88 References to bug reports and discussions on issues:
90 [1] = https://github.com/bagder/curl/pull/79
91 [2] = http://curl.haxx.se/mail/lib-2013-10/0089.html
92 [3] = http://curl.haxx.se/mail/lib-2013-10/0096.html
93 [4] = http://curl.haxx.se/mail/lib-2013-10/0113.html
94 [5] = http://sourceforge.net/p/curl/bugs/1291
95 [6] = http://sourceforge.net/p/curl/bugs/1292
96 [7] = http://curl.haxx.se/mail/lib-2013-10/0062.html
97 [8] = http://curl.haxx.se/mail/lib-2013-10/0242.html
98 [9] = http://curl.haxx.se/bug/view.cgi?id=1295
99 [10] = http://sourceforge.net/p/curl/bugs/1064
100 [11] = http://curl.haxx.se/mail/lib-2013-11/0057.html
101 [12] = https://github.com/bagder/curl/pull/83
102 [13] = http://sourceforge.net/p/curl/bugs/1299
103 [14] = http://curl.haxx.se/mail/lib-2013-11/0076.html
104 [15] = http://curl.haxx.se/bug/view.cgi?id=1304
105 [16] = http://curl.haxx.se/bug/view.cgi?id=1305
106 [17] = http://curl.haxx.se/bug/view.cgi?id=1297
107 [18] = http://curl.haxx.se/mail/lib-2013-11/0162.html
108 [19] = http://curl.haxx.se/bug/view.cgi?id=1308
109 [20] = http://curl.haxx.se/mail/lib-2013-12/0017.html
110 [21] = http://curl.haxx.se/bug/view.cgi?id=1310
111 [22] = http://curl.haxx.se/dev/security.html
112 [23] = http://curl.haxx.se/bug/view.cgi?id=1311
113 [24] = http://curl.haxx.se/bug/view.cgi?id=1298
114 [25] = http://curl.haxx.se/bug/view.cgi?id=1294
115 [26] = http://curl.haxx.se/docs/adv_20131217.html
projects / platform / upstream / curl.git / blob