diff options
author | Seonah Moon <seonah1.moon@samsung.com> | 2020-02-24 15:56:49 +0900 |
---|---|---|
committer | Seonah Moon <seonah1.moon@samsung.com> | 2020-02-24 15:57:31 +0900 |
commit | 1127a2d91941b474b346c96a1499f3493a3f0f40 (patch) | |
tree | e6734b853d299aa98a3653cebf0233a712c07009 /RELEASE-NOTES | |
parent | bc9ddd35af69662a667d983e2484f557f76cf230 (diff) | |
download | curl-1127a2d91941b474b346c96a1499f3493a3f0f40.tar.gz curl-1127a2d91941b474b346c96a1499f3493a3f0f40.tar.bz2 curl-1127a2d91941b474b346c96a1499f3493a3f0f40.zip |
Imported Upstream version 7.68.0upstream/7.68.0
Change-Id: I37422e43c2c4c25904a4fc2a391c4a32ba3b9f5c
Diffstat (limited to 'RELEASE-NOTES')
-rw-r--r-- | RELEASE-NOTES | 525 |
1 files changed, 265 insertions, 260 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 4cdab8d13..7a1211271 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,144 +1,146 @@ -Curl and libcurl 7.62.0 +curl and libcurl 7.68.0 - Public curl releases: 177 - Command line options: 219 - curl_easy_setopt() options: 261 - Public functions in libcurl: 80 - Contributors: 1808 + Public curl releases: 188 + Command line options: 229 + curl_easy_setopt() options: 269 + Public functions in libcurl: 82 + Contributors: 2088 This release includes the following changes: - o multiplex: enable by default [4] - o url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled [4] - o setopt: add CURLOPT_DOH_URL [7] - o curl: --doh-url added [7] - o setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size [8] - o imap: change from "FETCH" to "UID FETCH" [9] - o configure: add option to disable automatic OpenSSL config loading [10] - o upkeep: add a connection upkeep API: curl_easy_upkeep() [11] - o URL-API: added five new functions [12] - o vtls: MesaLink is a new TLS backend [23] + o TLS: add BearSSL vtls implementation [37] + o XFERINFOFUNCTION: support CURL_PROGRESSFUNC_CONTINUE [36] + o curl: add --etag-compare and --etag-save [31] + o curl: add --parallel-immediate [29] + o multi: add curl_multi_wakeup() [38] + o openssl: CURLSSLOPT_NO_PARTIALCHAIN can disable partial cert chains [45] This release includes the following bugfixes: - o CVE-2018-16839: SASL password overflow via integer overflow [107] - o CVE-2018-16840: use-after-free in handle close [108] - o CVE-2018-16842: warning message out-of-buffer read [114] - o CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated [5] - o Curl_dedotdotify(): always nul terminate returned string [46] - o Curl_follow: Always free the passed new URL [87] - o Curl_http2_done: fix memleak in error path [51] - o Curl_retry_request: fix memory leak [49] - o Curl_saferealloc: Fixed typo in docblock [40] - o FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output [78] - o GnutTLS: TLS 1.3 support [39] - o SECURITY-PROCESS: mention the bountygraph program [42] - o VS projects: add USE_IPV6: [91] - o Windows: fixes for MinGW targeting Windows Vista [82] - o anyauthput: fix compiler warning on 64-bit Windows [21] - o appveyor: add WinSSL builds [81] - o appveyor: run test suite (on Windows!) [65] - o certs: generate tests certs with sha256 digest algorithm [37] - o checksrc: enable strict mode and warnings [63] - o checksrc: handle zero scoped ignore commands [62] - o cmake: Backport to work with CMake 3.0 again [55] - o cmake: Improve config installation [60] - o cmake: add support for transitive ZLIB target [113] - o cmake: disable -Wpedantic-ms-format [84] - o cmake: don't require OpenSSL if USE_OPENSSL=OFF [35] - o cmake: fixed path used in generation of docs/tests [56] - o cmake: remove unused *SOCKLEN_T variables [102] - o cmake: suppress MSVC warning C4127 for libtest - o cmake: test and set missed defines during configuration [64] - o comment: Fix multiple typos in function parameters [69] - o config: Remove unused SIZEOF_VOIDP [104] - o config_win32: enable LDAPS [92] - o configure: force-use -lpthreads on HPUX [41] - o configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T [101] - o configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE [53] - o cookies: Remove redundant expired check [14] - o cookies: fix leak when writing cookies to file [15] - o curl-config.in: remove dependency on bc [99] - o curl.1: --ipv6 mutexes ipv4 (fixed typo) [98] - o curl: enabled Windows VT Support and UTF-8 output [57] - o curl: update the documentation of --tlsv1.0 [17] - o curl_multi_wait: call getsock before figuring out timeout [34] - o curl_ntlm_wb: check aprintf() return codes [75] - o curl_threads: fix classic MinGW compile break [54] - o darwinssl: Fix realloc memleak [32] - o darwinssl: more specific and unified error codes [6] - o data-binary.d: clarify default content-type is x-www-form-urlencoded [71] - o docs/BUG-BOUNTY: explain the bounty program [76] - o docs/CIPHERS: Mention the options used to set TLS 1.3 ciphers [89] - o docs/CIPHERS: fix the TLS 1.3 cipher names [95] - o docs/CIPHERS: mention the colon separation for OpenSSL [73] - o docs/examples: URL updates [45] - o docs: add "see also" links for SSL options [85] - o example/asiohiper: insert warning comment about its status [18] - o example/htmltidy: fix include paths of tidy libraries [52] - o examples/Makefile.m32: sync with core [44] - o examples/http2-pushinmemory: receive HTTP/2 pushed files in memory [33] - o examples/parseurl.c: show off the URL API [43] - o examples: Fix memory leaks from realloc errors [31] - o examples: do not wait when no transfers are running [16] - o ftp: include command in Curl_ftpsend sendbuffer [25] - o gskit: make sure to terminate version string [79] - o gtls: Values stored to but never read [97] - o hostip: fix check on Curl_shuffle_addr return value [77] - o http2: fix memory leaks on error-path [29] - o http: fix memleak in rewind error path [50] - o krb5: fix memory leak in krb_auth [25] - o ldap: show precise LDAP call in error message on Windows [83] - o lib: fix gcc8 warning on Windows [20] - o memory: add missing curl_printf header [30] - o memory: ensure to check allocation results [68] - o multi: Fix error handling in the SENDPROTOCONNECT state [112] - o multi: fix memory leak in content encoding related error path [59] - o multi: make the closure handle "inherit" CURLOPT_NOSIGNAL [90] - o netrc: free temporary strings if memory allocation fails [103] - o nss: fix nssckbi module loading on Windows [70] - o nss: try to connect even if libnssckbi.so fails to load [36] - o ntlm_wb: Fix memory leaks in ntlm_wb_response [24] - o ntlm_wb: bail out if the response gets overly large [13] - o openssl: assume engine support in 0.9.8 or later [27] - o openssl: enable TLS 1.3 post-handshake auth [47] - o openssl: fix gcc8 warning [19] - o openssl: load built-in engines too [48] - o openssl: make 'done' a proper boolean [97] - o openssl: output the correct cipher list on TLS 1.3 error [95] - o openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuer [6] - o openssl: show "proper" version number for libressl builds [28] - o pipelining: deprecated [1] - o rand: add comment to skip a clang-tidy false positive - o rtmp: fix for compiling with lwIP [100] - o runtests: ignore disabled even when ranges are given [74] - o runtests: skip ld_preload tests on macOS [80] - o runtests: use Windows paths for Windows curl - o schannel: unified error code handling [6] - o sendf: Fix whitespace in infof/failf concatenation [26] - o ssh: free the session on init failures [96] - o ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code [6] - o system.h: use proper setting with Sun C++ as well [109] - o test1299: use single quotes around asterisk [72] - o test1452: mark as flaky [2] - o test1651: unit test Curl_extract_certinfo() [110] - o test320: strip out more HTML when comparing [66] - o tests/negtelnetserver.py: fix Python2-ism in neg TELNET server [67] - o tests: add unit tests for url.c [3] - o timeval: fix use of weak symbol clock_gettime() on Apple platforms [61] - o tool_cb_hdr: handle failure of rename() [94] - o travis: add a "make tidy" build that runs clang-tidy [105] - o travis: add build for "configure --disable-verbose" [93] - o travis: bump the Secure Transport build to use xcode [58] - o travis: make distcheck scan for BOM markers [86] - o unit1300: fix stack-use-after-scope AddressSanitizer warning [106] - o urldata: Fix "connecting" comment - o urlglob: improve error message on bad globs [22] - o vtls: fix ssl version "or later" behavior change for many backends [38] - o x509asn1: Fix SAN IP address verification [88] - o x509asn1: always check return code from getASN1Element() [110] - o x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse cert [6] - o x509asn1: suppress left shift on signed value [111] + o CVE-2019-15601: file: on Windows, refuse paths that start with \\ [106] + o Azure Pipelines: add several builds + o CMake: add support for building with the NSS vtls backend [43] + o CURL-DISABLE: initial docs for the CURL_DISABLE_* defines [19] + o CURLOPT_HEADERFUNCTION.3: Document that size is always 1 [100] + o CURLOPT_QUOTE.3: fix typos [78] + o CURLOPT_READFUNCTION.3: fix the example [107] + o CURLOPT_URL.3: "curl supports SMB version 1 (only)" + o CURLOPT_VERBOSE.3: see also ERRORBUFFER + o HISTORY: added cmake, HTTP/3 and parallel downloads with curl + o HISTORY: the SMB(S) support landed in 2014 + o INSTALL.md: provide Android build instructions [10] + o KNOWN_BUGS: Connection information when using TCP Fast Open [85] + o KNOWN_BUGS: LDAP on Windows doesn't work correctly [86] + o KNOWN_BUGS: TLS session cache doesn't work with TFO [56] + o OPENSOCKETFUNCTION.3: correct the purpose description [48] + o TrackMemory tests: always remove CR before LF [111] + o altsvc: bump to h3-24 [6] + o altsvc: make the save function ignore NULL filenames [67] + o build: Disable Visual Studio warning "conditional expression is constant" [49] + o build: fix for CURL_DISABLE_DOH [2] + o checksrc.bat: Add a check for vquic and vssh directories [40] + o checksrc: repair the copyrightyear check [25] + o cirrus-ci: enable clang sanitizers on freebsd 13 [60] + o cirrus: Drop the FreeBSD 10.4 build + o config-win32: cpu-machine-OS for Windows on ARM [13] + o configure: avoid unportable `==' test(1) operator [1] + o configure: enable IPv6 support without `getaddrinfo` [44] + o configure: fix typo in help text [4] + o conncache: CONNECT_ONLY connections assumed always in-use [71] + o conncache: fix multi-thread use of shared connection cache [61] + o copyrights: fix copyright year range [25] + o create_conn: prefer multiplexing to using new connections [76] + o curl -w: handle a blank input file correctly [105] + o curl.h: add two missing defines for "pre ISO C" compilers [75] + o curl/parseconfig: fix mem-leak [81] + o curl/parseconfig: use curl_free() to free memory allocated by libcurl [80] + o curl: cleanup multi handle on failure [103] + o curl: fix --upload-file . hangs if delay in STDIN [35] + o curl: fix -T globbing [16] + o curl: improved cleanup in upload error path [69] + o curl: make a few char pointers point to const char instead [95] + o curl: properly free mimepost data [104] + o curl: show better error message when no homedir is found [47] + o curl: show error for --http3 if libcurl lacks support [108] + o curl_setup_once: consistently use WHILE_FALSE in macros [54] + o define: remove HAVE_ENGINE_LOAD_BUILTIN_ENGINES, not used anymore [83] + o docs: Change 'experiemental' to 'experimental' [30] + o docs: TLS SRP doesn't work with TLS 1.3 [87] + o docs: fix several typos [62] + o docs: mention CURL_MAX_INPUT_LENGTH restrictions [109] + o doh: improved both encoding and decoding [11] + o doh: make it behave when built without proxy support [68] + o examples/postinmemory.c: Call curl_global_cleanup always [101] + o examples/url2file.c: corrected erroneous comment [102] + o examples: add multi-poll.c [14] + o global_init: undo the "intialized" bump in case of failure [52] + o hostip: suppress compiler warning [64] + o http_ntlm: Remove duplicate NSS initialisation [55] + o lib: Move lib/ssh.h -> lib/vssh/ssh.h [9] + o lib: fix compiler warnings with `CURL_DISABLE_VERBOSE_STRINGS` [93] + o lib: fix warnings found when porting to NuttX [99] + o lib: remove ASSIGNWITHINCONDITION exceptions, use our code style [84] + o lib: remove erroneous +x file permission on some c files [99] + o libssh2: add support for ECDSA and ed25519 knownhost keys [89] + o multi.h: remove INITIAL_MAX_CONCURRENT_STREAMS from public header [110] + o multi: free sockhash on OOM [63] + o multi_poll: avoid busy-loop when called without easy handles attached [15] + o ngtcp2: Support the latest update key callback type [92] + o ngtcp2: fix thread-safety bug in error-handling [33] + o ngtcp2: free used resources on disconnect [7] + o ngtcp2: handle key updates as ngtcp2 master branch tells us [8] + o ngtcp2: increase QUIC window size when data is consumed [12] + o ngtcp2: use overflow buffer for extra HTTP/3 data [5] + o ntlm: USE_WIN32_CRYPTO check removed to get USE_NTLM2SESSION set [3] + o ntlm_wb: fix double-free in OOM [65] + o openssl: Revert to less sensitivity for SYSCALL errors [26] + o openssl: improve error message for SYSCALL during connect [27] + o openssl: prevent recursive function calls from ctx callbacks [18] + o openssl: retrieve reported LibreSSL version at runtime [50] + o openssl: set X509_V_FLAG_PARTIAL_CHAIN by default [46] + o parsedate: offer a getdate_capped() alternative [53] + o pause: avoid updating socket if done was already called [22] + o projects: Fix Visual Studio projects SSH builds [41] + o projects: Fix Visual Studio wolfSSL configurations + o quiche: reject HTTP/3 headers in the wrong order [17] + o remove_handle: clear expire timers after multi_done() [20] + o runtests: --repeat=[num] to repeat tests [91] + o runtests: introduce --shallow to reduce huge torture tests [70] + o schannel: fix --tls-max for when min is --tlsv1 or default [39] + o setopt: Fix ALPN / NPN user option when built without HTTP2 [42] + o strerror: Add Curl_winapi_strerror for Win API specific errors [51] + o strerror: Fix an error looking up some Windows error strings + o strerror: Fix compiler warning "empty expression" [79] + o system.h: fix for MCST lcc compiler [23] + o test/sws: search for "Testno:" header unconditionally if no testno [73] + o test1175: verify symbols-in-versions and libcurl-errors.3 in sync [28] + o test1270: a basic -w redirect_url test [82] + o test1456: remove the use of a fixed local port number [77] + o test1558: use double slash after file: [21] + o test1560: require IPv6 for IPv6 aware URL parsing [24] + o tests/lib1557: fix mem-leak in OOM [66] + o tests/lib1559: fix mem-leak in OOM [66] + o tests/lib1591: free memory properly on OOM, in the trailers callback [90] + o tests/unit1607: fix mem-leak in OOM [66] + o tests/unit1609: fix mem-leak in OOM [66] + o tests/unit1620: fix bad free in OOM [66] + o tests: Change NTLM tests to require SSL [96] + o tests: Fix bounce requests with truncated writes [94] + o tests: fix build with `CURL_DISABLE_DOH` [64] + o tests: fix permissions of ssh keys in WSL [58] + o tests: make it possible to set executable extensions [58] + o tests: make sure checksrc runs on header files too + o tests: set LC_ALL=en_US.UTF-8 instead of blank in several tests [74] + o tests: use DoH feature for DoH tests [64] + o tests: use \r\n for log messages in WSL [58] + o tool_operate: fix mem leak when failed config parse [98] + o travis: Fix error detection [97] + o travis: abandon coveralls, it is not reliable [57] + o travis: build ngtcp2 with --enable-lib-only [32] + o travis: export the CC/CXX variables when set [34] + o vtls: make BearSSL possible to set with CURL_SSL_BACKEND [72] + o winbuild: Define CARES_STATICLIB when WITH_CARES=static [59] + o winbuild: Document CURL_STATICLIB requirement for static libcurl [88] This release includes the following known bugs: @@ -147,134 +149,137 @@ This release includes the following known bugs: This release would not have looked like this without help, code, reports and advice from friends like these: - Alexey Eremikhin, Brad King, Brian Carpenter, Christian Heimes, Colin Hogben, - Daniel Gustafsson, Daniel Shahaf, Daniel Stenberg, Dario Weißer, - Dave Reisner, Dima Pasechnik, Dmitry Kostjuchenko, Doron Behar, - Eason-Yu on github, Erik Minekus, Even Rouault, Gisle Vanem, Han Han, - Harry Sintonen, jakirkham on github, Jean Fabrice, Jim Fuller, Kamil Dudka, - Loganaden Velvindron, Marcel Raad, Marc Hörsken, Martin Ankerl, - Matthew Whitehead, Max Dymond, Maxime Legros, Michael Kaufmann, Nate Prewitt, - Nicklas Avén, Nick Zitzmann, Patrick Monnerat, Philipp Waehnert, Rainer Jung, - Ray Satiro, Rich Turner, Rick Deist, Ricky-Tigg on github, Rikard Falkeborn, - Ruslan Baratov, Sergei Nikulov, Shaun Jackman, Thomas Glanzmann, Tuomo Rinne, - Viktor Szakats, Yiming Jing, - (49 contributors) + 3dyd on github, Anderson Sasaki, Andreas Falkenhahn, Andrew Ishchuk, + bdry on github, Bjoern Franke, Brian Carpenter, bxac on github, + Bylon2 on github, Christian Schmitz, Christopher Head, Christopher Reid, + Christoph M. Becker, Cynthia Coan, Dan Fandrich, Daniel Gustafsson, + Daniel Stenberg, David Benjamin, Emil Engler, Fernando Muñoz, Frank Gevaerts, + Geeknik Labs, Gergely Nagy, Gisle Vanem, JanB on github, Javier Blazquez, + Jeff Mears, Jeffrey Walton, John Schroeder, Kamil Dudka, + kouzhudong on github, Kunal Ekawde, Leonardo Taccari, Marc Aldorasi, + Marcel Raad, marc-groundctl on github, Marc Hörsken, Maros Priputen, + Massimiliano Fantuzzi, Max Kellermann, Melissa Mears, Michael Forney, + Michael Vittiglio, Mohammad Hasbini, Niall O'Reilly, Paul Groke, + Paul Hoffman, Paul Joyce, Paulo Roberto Tomasi, Pavel Löbl, Pavel Pavlov, + Peter Wu, Ram Krushna Mishra, Ray Satiro, Richard Alcock, Richard Bowker, + Rickard Hallerbäck, Santino Keupp, sayrer on github, Shailesh Kapse, + Simon Warta, SLDiggie on github, Steve Holme, Tatsuhiro Tsujikawa, + Tom van der Woerdt, Victor Magierski, Vlastimil Ovčáčík, Wyatt O'Day, + Xiang Xiao, Xiaoyin Liu, + (70 contributors) Thanks! (and sorry if I forgot to mention someone) References to bug reports and discussions on issues: - [1] = https://curl.haxx.se/bug/?i=2705 - [2] = https://curl.haxx.se/bug/?i=2941 - [3] = https://curl.haxx.se/bug/?i=2937 - [4] = https://curl.haxx.se/bug/?i=2709 - [5] = https://curl.haxx.se/bug/?i=2942 - [6] = https://curl.haxx.se/bug/?i=2901 - [7] = https://curl.haxx.se/bug/?i=2668 - [8] = https://curl.haxx.se/bug/?i=2896 - [9] = https://curl.haxx.se/bug/?i=2789 - [10] = https://curl.haxx.se/bug/?i=2724 - [11] = https://curl.haxx.se/bug/?i=1641 - [12] = https://curl.haxx.se/bug/?i=2842 - [13] = https://curl.haxx.se/bug/?i=2959 - [14] = https://curl.haxx.se/bug/?i=2962 - [15] = https://curl.haxx.se/bug/?i=2957 - [16] = https://curl.haxx.se/bug/?i=2948 - [17] = https://curl.haxx.se/bug/?i=2955 - [18] = https://curl.haxx.se/bug/?i=2407 - [19] = https://curl.haxx.se/bug/?i=2980 - [20] = https://curl.haxx.se/bug/?i=2979 - [21] = https://curl.haxx.se/bug/?i=2972 - [22] = https://curl.haxx.se/bug/?i=2763 - [23] = https://curl.haxx.se/bug/?i=2984 - [24] = https://curl.haxx.se/bug/?i=2966 - [25] = https://curl.haxx.se/bug/?i=2985 - [26] = https://curl.haxx.se/bug/?i=2986 - [27] = https://curl.haxx.se/bug/?i=2983 - [28] = https://curl.haxx.se/bug/?i=2989 - [29] = https://curl.haxx.se/bug/?i=2992 - [30] = https://curl.haxx.se/bug/?i=2999 - [31] = https://curl.haxx.se/bug/?i=2991 - [32] = https://curl.haxx.se/bug/?i=3005 - [33] = https://curl.haxx.se/bug/?i=3004 - [34] = https://curl.haxx.se/bug/?i=2996 - [35] = https://curl.haxx.se/bug/?i=3001 - [36] = https://curl.haxx.se/bug/?i=3016 - [37] = https://curl.haxx.se/bug/?i=3014 - [38] = https://curl.haxx.se/bug/?i=2969 - [39] = https://curl.haxx.se/bug/?i=2971 - [40] = https://curl.haxx.se/bug/?i=3029 - [41] = https://curl.haxx.se/bug/?i=2697 - [42] = https://curl.haxx.se/bug/?i=3032 - [43] = https://curl.haxx.se/bug/?i=3030 - [44] = https://curl.haxx.se/bug/?i=3033 - [45] = https://curl.haxx.se/bug/?i=3036 - [46] = https://curl.haxx.se/bug/?i=3039 - [47] = https://curl.haxx.se/bug/?i=3026 - [48] = https://curl.haxx.se/bug/?i=3023 - [49] = https://curl.haxx.se/bug/?i=3042 - [50] = https://curl.haxx.se/bug/?i=3044 - [51] = https://curl.haxx.se/bug/?i=3046 - [52] = https://curl.haxx.se/bug/?i=3050 - [53] = https://curl.haxx.se/bug/?i=3006 - [54] = https://github.com/curl/curl/issues/2924#issuecomment-424334807 - [55] = https://curl.haxx.se/bug/?i=3055 - [56] = https://curl.haxx.se/bug/?i=3056 - [57] = https://curl.haxx.se/bug/?i=3008 - [58] = https://curl.haxx.se/bug/?i=3062 - [59] = https://curl.haxx.se/bug/?i=3063 - [60] = https://curl.haxx.se/bug/?i=2849 - [61] = https://curl.haxx.se/bug/?i=3048 - [62] = https://curl.haxx.se/bug/?i=3096 - [63] = https://curl.haxx.se/bug/?i=3090 - [64] = https://curl.haxx.se/bug/?i=3097 - [65] = https://curl.haxx.se/bug/?i=3100 - [66] = https://curl.haxx.se/bug/?i=3093 - [67] = https://curl.haxx.se/bug/?i=2929 - [68] = https://curl.haxx.se/bug/?i=3084 - [69] = https://curl.haxx.se/bug/?i=3079 - [70] = https://curl.haxx.se/bug/?i=3086 - [71] = https://curl.haxx.se/bug/?i=3085 - [72] = https://github.com/curl/curl/issues/1751#issuecomment-321522580 - [73] = https://curl.haxx.se/bug/?i=3077 - [74] = https://curl.haxx.se/bug/?i=3075 - [75] = https://curl.haxx.se/bug/?i=3111 - [76] = https://curl.haxx.se/bug/?i=3067 - [77] = https://curl.haxx.se/bug/?i=3110 - [78] = https://curl.haxx.se/bug/?i=3083 - [79] = https://curl.haxx.se/bug/?i=3105 - [80] = https://curl.haxx.se/bug/?i=2394 - [81] = https://curl.haxx.se/bug/?i=3104 - [82] = https://curl.haxx.se/bug/?i=3113 - [83] = https://curl.haxx.se/bug/?i=3118 - [84] = https://curl.haxx.se/bug/?i=3120 - [85] = https://curl.haxx.se/bug/?i=3121 - [86] = https://curl.haxx.se/bug/?i=3126 - [87] = https://curl.haxx.se/bug/?i=3124 - [88] = https://curl.haxx.se/bug/?i=3102 - [89] = https://curl.haxx.se/bug/?i=3159 - [90] = https://curl.haxx.se/bug/?i=3138 - [91] = https://curl.haxx.se/bug/?i=3137 - [92] = https://curl.haxx.se/bug/?i=3137 - [93] = https://curl.haxx.se/bug/?i=3144 - [94] = https://curl.haxx.se/bug/?i=3140 - [95] = https://curl.haxx.se/bug/?i=3178 - [96] = https://curl.haxx.se/bug/?i=3179 - [97] = https://curl.haxx.se/bug/?i=3176 - [98] = https://curl.haxx.se/bug/?i=3171 - [99] = https://curl.haxx.se/bug/?i=3143 - [100] = https://curl.haxx.se/bug/?i=3155 - [101] = https://curl.haxx.se/bug/?i=3168 - [102] = https://curl.haxx.se/bug/?i=3166 - [103] = https://curl.haxx.se/bug/?i=3122 - [104] = https://curl.haxx.se/bug/?i=3162 - [105] = https://curl.haxx.se/bug/?i=3182 - [106] = https://curl.haxx.se/bug/?i=3182 - [107] = https://curl.haxx.se/docs/CVE-2018-16839.html - [108] = https://curl.haxx.se/docs/CVE-2018-16840.html - [109] = https://curl.haxx.se/bug/?i=3181 - [110] = https://curl.haxx.se/bug/?i=3163 - [111] = https://curl.haxx.se/bug/?i=3163 - [112] = https://curl.haxx.se/bug/?i=3170 - [113] = https://curl.haxx.se/bug/?i=3123 - [114] = https://curl.haxx.se/docs/CVE-2018-16842.html + [1] = https://curl.haxx.se/bug/?i=4567 + [2] = https://curl.haxx.se/bug/?i=4565 + [3] = https://curl.haxx.se/bug/?i=3704 + [4] = https://curl.haxx.se/bug/?i=4570 + [5] = https://curl.haxx.se/bug/?i=4525 + [6] = https://curl.haxx.se/bug/?i=4604 + [7] = https://curl.haxx.se/bug/?i=4614 + [8] = https://curl.haxx.se/bug/?i=4612 + [9] = https://curl.haxx.se/bug/?i=4609 + [10] = https://curl.haxx.se/bug/?i=4606 + [11] = https://curl.haxx.se/bug/?i=4598 + [12] = https://curl.haxx.se/bug/?i=4600 + [13] = https://curl.haxx.se/bug/?i=4590 + [14] = https://curl.haxx.se/bug/?i=4596 + [15] = https://curl.haxx.se/bug/?i=4594 + [16] = https://curl.haxx.se/bug/?i=4588 + [17] = https://curl.haxx.se/bug/?i=4571 + [18] = https://curl.haxx.se/bug/?i=4585 + [19] = https://curl.haxx.se/bug/?i=4545 + [20] = https://curl.haxx.se/bug/?i=4575 + [21] = https://curl.haxx.se/bug/?i=4554 + [22] = https://curl.haxx.se/bug/?i=4563 + [23] = https://curl.haxx.se/bug/?i=4576 + [24] = https://curl.haxx.se/bug/?i=4556 + [25] = https://curl.haxx.se/bug/?i=4549 + [26] = https://curl.haxx.se/bug/?i=4624 + [27] = https://curl.haxx.se/bug/?i=4593 + [28] = https://curl.haxx.se/bug/?i=4628 + [29] = https://curl.haxx.se/bug/?i=4500 + [30] = https://curl.haxx.se/bug/?i=4618 + [31] = https://curl.haxx.se/bug/?i=4543 + [32] = https://curl.haxx.se/bug/?i=4646 + [33] = https://curl.haxx.se/bug/?i=4645 + [34] = https://curl.haxx.se/bug/?i=4637 + [35] = https://curl.haxx.se/bug/?i=2051 + [36] = https://curl.haxx.se/bug/?i=4599 + [37] = https://curl.haxx.se/bug/?i=4597 + [38] = https://curl.haxx.se/bug/?i=4418 + [39] = https://curl.haxx.se/bug/?i=4633 + [40] = https://curl.haxx.se/bug/?i=4607 + [41] = https://curl.haxx.se/bug/?i=4492 + [42] = https://curl.haxx.se/bug/?i=4668 + [43] = https://curl.haxx.se/bug/?i=4663 + [44] = https://curl.haxx.se/bug/?i=4662 + [45] = https://curl.haxx.se/bug/?i=4665 + [46] = https://curl.haxx.se/mail/lib-2019-11/0094.html + [47] = https://curl.haxx.se/bug/?i=4644 + [48] = https://curl.haxx.se/mail/lib-2019-12/0007.html + [49] = https://curl.haxx.se/bug/?i=4658 + [50] = https://curl.haxx.se/bug/?i=2425 + [51] = https://curl.haxx.se/bug/?i=4550 + [52] = https://curl.haxx.se/bug/?i=4636 + [53] = https://curl.haxx.se/bug/?i=4152 + [54] = https://curl.haxx.se/bug/?i=4649 + [55] = https://curl.haxx.se/bug/?i=3935 + [56] = https://curl.haxx.se/bug/?i=4301 + [57] = https://curl.haxx.se/bug/?i=4694 + [58] = https://curl.haxx.se/bug/?i=3899 + [59] = https://curl.haxx.se/bug/?i=4688 + [60] = https://curl.haxx.se/bug/?i=4557 + [61] = https://curl.haxx.se/bug/?i=4544 + [62] = https://curl.haxx.se/bug/?i=4680 + [63] = https://curl.haxx.se/bug/?i=4713 + [64] = https://curl.haxx.se/bug/?i=4692 + [65] = https://curl.haxx.se/bug/?i=4710 + [66] = https://curl.haxx.se/bug/?i=4709 + [67] = https://curl.haxx.se/bug/?i=4707 + [68] = https://curl.haxx.se/bug/?i=4704 + [69] = https://curl.haxx.se/bug/?i=4705 + [70] = https://curl.haxx.se/bug/?i=4699 + [71] = https://curl.haxx.se/bug/?i=4369 + [72] = https://curl.haxx.se/bug/?i=4698 + [73] = https://curl.haxx.se/bug/?i=4744 + [74] = https://curl.haxx.se/bug/?i=4738 + [75] = https://curl.haxx.se/bug/?i=4739 + [76] = https://curl.haxx.se/bug/?i=4732 + [77] = https://curl.haxx.se/bug/?i=4733 + [78] = https://curl.haxx.se/bug/?i=4736 + [79] = https://github.com/curl/curl/commit/5b22e1a#r36458547 + [80] = https://curl.haxx.se/bug/?i=4730 + [81] = https://curl.haxx.se/bug/?i=4731 + [82] = https://curl.haxx.se/bug/?i=4728 + [83] = https://curl.haxx.se/bug/?i=4725 + [84] = https://curl.haxx.se/bug/?i=4683 + [85] = https://curl.haxx.se/bug/?i=4296 + [86] = https://curl.haxx.se/bug/?i=4261 + [87] = https://curl.haxx.se/bug/?i=4262 + [88] = https://curl.haxx.se/bug/?i=4721 + [89] = https://curl.haxx.se/bug/?i=4714 + [90] = https://curl.haxx.se/bug/?i=4720 + [91] = https://curl.haxx.se/bug/?i=4715 + [92] = https://curl.haxx.se/bug/?i=4735 + [93] = https://curl.haxx.se/bug/?i=4775 + [94] = https://github.com/curl/curl/pull/4717#issuecomment-570240785 + [95] = https://curl.haxx.se/bug/?i=4771 + [96] = https://curl.haxx.se/bug/?i=4768 + [97] = https://curl.haxx.se/bug/?i=3730 + [98] = https://curl.haxx.se/bug/?i=4767 + [99] = https://curl.haxx.se/bug/?i=4756 + [100] = https://curl.haxx.se/bug/?i=4758 + [101] = https://curl.haxx.se/bug/?i=4751 + [102] = https://curl.haxx.se/bug/?i=4745 + [103] = https://curl.haxx.se/bug/?i=4772 + [104] = https://curl.haxx.se/bug/?i=4781 + [105] = https://curl.haxx.se/bug/?i=4786 + [106] = https://curl.haxx.se/docs/CVE-2019-15601.html + [107] = https://curl.haxx.se/bug/?i=4787 + [108] = https://curl.haxx.se/bug/?i=4785 + [109] = https://curl.haxx.se/bug/?i=4783 + [110] = https://curl.haxx.se/bug/?i=4790 + [111] = https://curl.haxx.se/bug/?i=4788 |