From bc9ddd35af69662a667d983e2484f557f76cf230 Mon Sep 17 00:00:00 2001
From: Seonah Moon <seonah1.moon@samsung.com>
Date: Thu, 8 Nov 2018 14:02:01 +0900
Subject: Imported Upstream version 7.62.0

Change-Id: Ie916d8e445e0cc69e112cee470744a96a9c84799
---
 RELEASE-NOTES | 418 ++++++++++++++++++++++++++++++++++++----------------------
 1 file changed, 260 insertions(+), 158 deletions(-)

(limited to 'RELEASE-NOTES')

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 6cbfe48e6..4cdab8d13 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,100 +1,144 @@
-Curl and libcurl 7.59.0
+Curl and libcurl 7.62.0
 
- Public curl releases:         173
- Command line options:         213
- curl_easy_setopt() options:   253
- Public functions in libcurl:  74
- Contributors:                 1705
+ Public curl releases:         177
+ Command line options:         219
+ curl_easy_setopt() options:   261
+ Public functions in libcurl:  80
+ Contributors:                 1808
 
 This release includes the following changes:
 
- o curl: add --proxy-pinnedpubkey [10]
- o added: CURLOPT_TIMEVALUE_LARGE and CURLINFO_FILETIME_T [13]
- o CURLOPT_RESOLVE: Add support for multiple IP addresses per entry [37]
- o Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS [37]
- o Add new tool option --happy-eyeballs-timeout-ms [37]
- o Add CURLOPT_RESOLVER_START_FUNCTION and CURLOPT_RESOLVER_START_DATA [39]
+ o multiplex: enable by default [4]
+ o url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled [4]
+ o setopt: add CURLOPT_DOH_URL [7]
+ o curl: --doh-url added [7]
+ o setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size [8]
+ o imap: change from "FETCH" to "UID FETCH" [9]
+ o configure: add option to disable automatic OpenSSL config loading [10]
+ o upkeep: add a connection upkeep API: curl_easy_upkeep() [11]
+ o URL-API: added five new functions [12]
+ o vtls: MesaLink is a new TLS backend [23]
 
 This release includes the following bugfixes:
 
- o openldap: check ldap_get_attribute_ber() results for NULL before using [50]
- o FTP: reject path components with control codes [51]
- o readwrite: make sure excess reads don't go beyond buffer end [52]
- o lib555: drop text conversion and encode data as ascii codes [1]
- o lib517: make variable static to avoid compiler warning
- o lib544: sync ascii code data with textual data [1]
- o GSKit: restore pinnedpubkey functionality [2]
- o darwinssl: Don't import client certificates into Keychain on macOS [3]
- o parsedate: fix date parsing for systems with 32 bit long [4]
- o openssl: fix pinned public key build error in FIPS mode [5]
- o SChannel/WinSSL: Implement public key pinning [6]
- o cookies: remove verbose "cookie size:" output
- o progress-bar: don't use stderr explicitly, use bar->out [7]
- o Fixes for MSDOS
- o build: open VC15 projects with VS 2017
- o curl_ctype: private is*() type macros and functions [8]
- o configure: set PATH_SEPARATOR to colon for PATH w/o separator [9]
- o winbuild: make linker generate proper PDB [11]
- o curl_easy_reset: clear digest auth state [12]
- o curl/curl.h: fix comment typo for CURLOPT_DNS_LOCAL_IP6 [14]
- o range: commonize FTP and FILE range handling [15]
- o progress-bar docs: update to match implementation [16]
- o fnmatch: do not match the empty string with a character set
- o fnmatch: accept an alphanum to be followed by a non-alphanum in char set [17]
- o build: fix termios issue on android cross-compile [18]
- o getdate: return -1 for out of range [19]
- o formdata: use the mime-content type function [20]
- o time-cond: fix reading the file modification time on Windows [21]
- o build-openssl.bat: Extend VC15 support to include Enterprise and Professional
- o build-wolfssl.bat: Extend VC15 support to include Enterprise and Professional
- o openssl: Don't add verify locations when verifypeer==0
- o fnmatch: optimize processing of consecutive *s and ?s pattern characters [22]
- o schannel: fix compiler warnings [23]
- o content_encoding: Add "none" alias to "identity" [24]
- o get_posix_time: only check for overflows if they can happen
- o http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING [25]
- o README: language fix [26]
- o sha256: build with OpenSSL < 0.9.8 [27]
- o smtp: fix processing of initial dot in data [28]
- o --tlsauthtype: works only if libcurl is built with TLS-SRP support [29]
- o tests: new tests for http raw mode [30]
- o libcurl-security.3: man page discussion security concerns when using libcurl
- o curl_gssapi: make sure this file too uses our *printf()
- o BINDINGS: fix curb link (and remove ruby-curl-multi)
- o nss: use PK11_CreateManagedGenericObject() if available [31]
- o travis: add build with iconv enabled [32]
- o ssh: add two missing state names [33]
- o CURLOPT_HEADERFUNCTION.3: mention folded headers
- o http: fix the max header length detection logic [34]
- o header callback: don't chop headers into smaller pieces [35]
- o CURLOPT_HEADER.3: clarify problems with different data sizes
- o curl --version: show PSL if the run-time lib has it enabled
- o examples/sftpuploadresume: resume upload via CURLOPT_APPEND [36]
- o Return error if called recursively from within callbacks [38]
- o sasl: prefer PLAIN mechanism over LOGIN
- o winbuild: Use CALL to run batch scripts [40]
- o curl_share_setopt.3: connection cache is shared within multi handles
- o winbuild: Use macros for the names of some build utilities [41]
- o projects/README: remove reference to dead IDN link/package [42]
- o lib655: silence compiler warning [43]
- o configure: Fix version check for OpenSSL 1.1.1
- o docs/MANUAL: formfind.pl is not accessible on the site anymore [44]
- o unit1309: fix warning on Windows x64 [45]
- o unit1307: proper cleanup on OOM to fix torture tests
- o curl_ctype: fix macro redefinition warnings
- o build: get CFLAGS (including -werror) used for examples and tests [46]
- o NO_PROXY: fix for IPv6 numericals in the URL [47]
- o krb5: use nondeprecated functions [48]
- o winbuild: prefer documented zlib library names [49]
- o http2: mark the connection for close on GOAWAY [53]
- o limit-rate: kick in even before "limit" data has been received [54]
- o HTTP: allow "header;" to replace an internal header with a blank one [55]
- o http2: verbose output new MAX_CONCURRENT_STREAMS values
- o SECURITY: distros' max embargo time is 14 days
- o curl tool: accept --compressed also if Brotli is enabled and zlib is not
- o WolfSSL: adding TLSv1.3 [56]
- o checksrc.pl: add -i and -m options
- o CURLOPT_COOKIEFILE.3: "-" as file name means stdin
+ o CVE-2018-16839: SASL password overflow via integer overflow [107]
+ o CVE-2018-16840: use-after-free in handle close [108]
+ o CVE-2018-16842: warning message out-of-buffer read [114]
+ o CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated [5]
+ o Curl_dedotdotify(): always nul terminate returned string [46]
+ o Curl_follow: Always free the passed new URL [87]
+ o Curl_http2_done: fix memleak in error path [51]
+ o Curl_retry_request: fix memory leak [49]
+ o Curl_saferealloc: Fixed typo in docblock [40]
+ o FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output [78]
+ o GnutTLS: TLS 1.3 support [39]
+ o SECURITY-PROCESS: mention the bountygraph program [42]
+ o VS projects: add USE_IPV6: [91]
+ o Windows: fixes for MinGW targeting Windows Vista [82]
+ o anyauthput: fix compiler warning on 64-bit Windows [21]
+ o appveyor: add WinSSL builds [81]
+ o appveyor: run test suite (on Windows!) [65]
+ o certs: generate tests certs with sha256 digest algorithm [37]
+ o checksrc: enable strict mode and warnings [63]
+ o checksrc: handle zero scoped ignore commands [62]
+ o cmake: Backport to work with CMake 3.0 again [55]
+ o cmake: Improve config installation [60]
+ o cmake: add support for transitive ZLIB target [113]
+ o cmake: disable -Wpedantic-ms-format [84]
+ o cmake: don't require OpenSSL if USE_OPENSSL=OFF [35]
+ o cmake: fixed path used in generation of docs/tests [56]
+ o cmake: remove unused *SOCKLEN_T variables [102]
+ o cmake: suppress MSVC warning C4127 for libtest
+ o cmake: test and set missed defines during configuration [64]
+ o comment: Fix multiple typos in function parameters [69]
+ o config: Remove unused SIZEOF_VOIDP [104]
+ o config_win32: enable LDAPS [92]
+ o configure: force-use -lpthreads on HPUX [41]
+ o configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T [101]
+ o configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE [53]
+ o cookies: Remove redundant expired check [14]
+ o cookies: fix leak when writing cookies to file [15]
+ o curl-config.in: remove dependency on bc [99]
+ o curl.1: --ipv6 mutexes ipv4 (fixed typo) [98]
+ o curl: enabled Windows VT Support and UTF-8 output [57]
+ o curl: update the documentation of --tlsv1.0 [17]
+ o curl_multi_wait: call getsock before figuring out timeout [34]
+ o curl_ntlm_wb: check aprintf() return codes [75]
+ o curl_threads: fix classic MinGW compile break [54]
+ o darwinssl: Fix realloc memleak [32]
+ o darwinssl: more specific and unified error codes [6]
+ o data-binary.d: clarify default content-type is x-www-form-urlencoded [71]
+ o docs/BUG-BOUNTY: explain the bounty program [76]
+ o docs/CIPHERS: Mention the options used to set TLS 1.3 ciphers [89]
+ o docs/CIPHERS: fix the TLS 1.3 cipher names [95]
+ o docs/CIPHERS: mention the colon separation for OpenSSL [73]
+ o docs/examples: URL updates [45]
+ o docs: add "see also" links for SSL options [85]
+ o example/asiohiper: insert warning comment about its status [18]
+ o example/htmltidy: fix include paths of tidy libraries [52]
+ o examples/Makefile.m32: sync with core [44]
+ o examples/http2-pushinmemory: receive HTTP/2 pushed files in memory [33]
+ o examples/parseurl.c: show off the URL API [43]
+ o examples: Fix memory leaks from realloc errors [31]
+ o examples: do not wait when no transfers are running [16]
+ o ftp: include command in Curl_ftpsend sendbuffer [25]
+ o gskit: make sure to terminate version string [79]
+ o gtls: Values stored to but never read [97]
+ o hostip: fix check on Curl_shuffle_addr return value [77]
+ o http2: fix memory leaks on error-path [29]
+ o http: fix memleak in rewind error path [50]
+ o krb5: fix memory leak in krb_auth [25]
+ o ldap: show precise LDAP call in error message on Windows [83]
+ o lib: fix gcc8 warning on Windows [20]
+ o memory: add missing curl_printf header [30]
+ o memory: ensure to check allocation results [68]
+ o multi: Fix error handling in the SENDPROTOCONNECT state [112]
+ o multi: fix memory leak in content encoding related error path [59]
+ o multi: make the closure handle "inherit" CURLOPT_NOSIGNAL [90]
+ o netrc: free temporary strings if memory allocation fails [103]
+ o nss: fix nssckbi module loading on Windows [70]
+ o nss: try to connect even if libnssckbi.so fails to load [36]
+ o ntlm_wb: Fix memory leaks in ntlm_wb_response [24]
+ o ntlm_wb: bail out if the response gets overly large [13]
+ o openssl: assume engine support in 0.9.8 or later [27]
+ o openssl: enable TLS 1.3 post-handshake auth [47]
+ o openssl: fix gcc8 warning [19]
+ o openssl: load built-in engines too [48]
+ o openssl: make 'done' a proper boolean [97]
+ o openssl: output the correct cipher list on TLS 1.3 error [95]
+ o openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuer [6]
+ o openssl: show "proper" version number for libressl builds [28]
+ o pipelining: deprecated [1]
+ o rand: add comment to skip a clang-tidy false positive
+ o rtmp: fix for compiling with lwIP [100]
+ o runtests: ignore disabled even when ranges are given [74]
+ o runtests: skip ld_preload tests on macOS [80]
+ o runtests: use Windows paths for Windows curl
+ o schannel: unified error code handling [6]
+ o sendf: Fix whitespace in infof/failf concatenation [26]
+ o ssh: free the session on init failures [96]
+ o ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code [6]
+ o system.h: use proper setting with Sun C++ as well [109]
+ o test1299: use single quotes around asterisk [72]
+ o test1452: mark as flaky [2]
+ o test1651: unit test Curl_extract_certinfo() [110]
+ o test320: strip out more HTML when comparing [66]
+ o tests/negtelnetserver.py: fix Python2-ism in neg TELNET server [67]
+ o tests: add unit tests for url.c [3]
+ o timeval: fix use of weak symbol clock_gettime() on Apple platforms [61]
+ o tool_cb_hdr: handle failure of rename() [94]
+ o travis: add a "make tidy" build that runs clang-tidy [105]
+ o travis: add build for "configure --disable-verbose" [93]
+ o travis: bump the Secure Transport build to use xcode [58]
+ o travis: make distcheck scan for BOM markers [86]
+ o unit1300: fix stack-use-after-scope AddressSanitizer warning [106]
+ o urldata: Fix "connecting" comment
+ o urlglob: improve error message on bad globs [22]
+ o vtls: fix ssl version "or later" behavior change for many backends [38]
+ o x509asn1: Fix SAN IP address verification [88]
+ o x509asn1: always check return code from getASN1Element() [110]
+ o x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse cert [6]
+ o x509asn1: suppress left shift on signed value [111]
 
 This release includes the following known bugs:
 
@@ -103,76 +147,134 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Adam Marcionek, Alessandro Ghedini, Anders Bakken, Aron Bergman, Ben Greear,
-  Björn Stenberg, Bruno Grasselli, Dair Grant, Dan Fandrich, Daniel Stenberg,
-  Dario Weisser, Douglas Mencken, Duy Phan Thanh, Earnestly on github,
-  Erik Johansson, Francisco Sedano, Gisle Vanem, Guido Berhoerster,
-  Henry Roeland, Kamil Dudka, Klaus Stein, Łukasz Domeradzki, Marcel Raad,
-  Martin Dreher, Max Dymond, Michael Kaufmann, Michał Janiszewski,
-  Mohammad AlSaleh, Patrick Monnerat, Patrick Schlangen, Ray Satiro,
-  Richard Alcock, Richard Moore, Rod Widdowson, Ruurd Beerstra,
-  Sergii Kavunenko, Sergio Borghese, Somnath Kundu, steelman on github,
-  Stefan Kanthak, Steve Holme, Tim Mcdonough, Travis Burtrum, Viktor Szakats,
-  刘佩东,
-  (45 contributors)
+  Alexey Eremikhin, Brad King, Brian Carpenter, Christian Heimes, Colin Hogben,
+  Daniel Gustafsson, Daniel Shahaf, Daniel Stenberg, Dario Weißer,
+  Dave Reisner, Dima Pasechnik, Dmitry Kostjuchenko, Doron Behar,
+  Eason-Yu on github, Erik Minekus, Even Rouault, Gisle Vanem, Han Han,
+  Harry Sintonen, jakirkham on github, Jean Fabrice, Jim Fuller, Kamil Dudka,
+  Loganaden Velvindron, Marcel Raad, Marc Hörsken, Martin Ankerl,
+  Matthew Whitehead, Max Dymond, Maxime Legros, Michael Kaufmann, Nate Prewitt,
+  Nicklas Avén, Nick Zitzmann, Patrick Monnerat, Philipp Waehnert, Rainer Jung,
+  Ray Satiro, Rich Turner, Rick Deist, Ricky-Tigg on github, Rikard Falkeborn,
+  Ruslan Baratov, Sergei Nikulov, Shaun Jackman, Thomas Glanzmann, Tuomo Rinne,
+  Viktor Szakats, Yiming Jing,
+  (49 contributors)
 
         Thanks! (and sorry if I forgot to mention someone)
 
 References to bug reports and discussions on issues:
 
- [1] = https://curl.haxx.se/bug/?i=1872
- [2] = https://curl.haxx.se/bug/?i=2263
- [3] = https://curl.haxx.se/bug/?i=2085
- [4] = https://curl.haxx.se/bug/?i=2250
- [5] = https://curl.haxx.se/bug/?i=2258
- [6] = https://curl.haxx.se/bug/?i=1429
- [7] = https://github.com/curl/curl/commit/993dd5651a6c853bfe3870f6a69c7b329fa4e8ce#commitcomment-27070080
- [8] = https://curl.haxx.se/bug/?i=2269
- [9] = https://curl.haxx.se/bug/?i=2202
- [10] = https://curl.haxx.se/bug/?i=2268
- [11] = https://curl.haxx.se/bug/?i=2274
- [12] = https://curl.haxx.se/mail/lib-2018-01/0074.html
- [13] = https://curl.haxx.se/bug/?i=2238
- [14] = https://curl.haxx.se/bug/?i=2275
- [15] = https://curl.haxx.se/bug/?i=2205
- [16] = https://curl.haxx.se/bug/?i=2271
- [17] = https://curl.haxx.se/mail/lib-2018-01/0114.html
- [18] = https://curl.haxx.se/mail/lib-2018-01/0122.html
- [19] = https://curl.haxx.se/bug/?i=2278
- [20] = https://curl.haxx.se/bug/?i=2282
- [21] = https://curl.haxx.se/bug/?i=2164
- [22] = https://curl.haxx.se/bug/?i=2291
- [23] = https://curl.haxx.se/bug/?i=2296
- [24] = https://curl.haxx.se/bug/?i=2298
- [25] = https://curl.haxx.se/bug/?i=2303
- [26] = https://curl.haxx.se/bug/?i=2300
- [27] = https://curl.haxx.se/bug/?i=2305
- [28] = https://curl.haxx.se/bug/?i=2304
- [29] = https://bugzilla.redhat.com/1542256
- [30] = https://curl.haxx.se/bug/?i=2303
- [31] = https://bugzilla.redhat.com/1510247
- [32] = https://curl.haxx.se/bug/?i=1872
- [33] = https://curl.haxx.se/bug/?i=2312
- [34] = https://curl.haxx.se/mail/lib-2018-02/0056.html
- [35] = https://curl.haxx.se/bug/?i=2314
- [36] = https://curl.haxx.se/mail/lib-2018-02/0072.html
- [37] = https://curl.haxx.se/bug/?i=2260
- [38] = https://curl.haxx.se/bug/?i=2302
- [39] = https://curl.haxx.se/bug/?i=2311
- [40] = https://curl.haxx.se/bug/?i=2330
- [41] = https://curl.haxx.se/bug/?i=2329
- [42] = https://curl.haxx.se/bug/?i=2325
- [43] = https://curl.haxx.se/bug/?i=2335
- [44] = https://curl.haxx.se/bug/?i=2342
- [45] = https://curl.haxx.se/bug/?i=2341
- [46] = https://curl.haxx.se/bug/?i=2337
- [47] = https://curl.haxx.se/bug/?i=2353
- [48] = https://curl.haxx.se/bug/?i=2356
- [49] = https://curl.haxx.se/bug/?i=2354
- [50] = https://curl.haxx.se/docs/adv_2018-97a2.html
- [51] = https://curl.haxx.se/docs/adv_2018-9cd6.html
- [52] = https://curl.haxx.se/docs/adv_2018-b047.html
- [53] = https://curl.haxx.se/bug/?i=2365
- [54] = https://curl.haxx.se/bug/?i=2371
- [55] = https://curl.haxx.se/bug/?i=2357
- [56] = https://curl.haxx.se/bug/?i=2349
+ [1] = https://curl.haxx.se/bug/?i=2705
+ [2] = https://curl.haxx.se/bug/?i=2941
+ [3] = https://curl.haxx.se/bug/?i=2937
+ [4] = https://curl.haxx.se/bug/?i=2709
+ [5] = https://curl.haxx.se/bug/?i=2942
+ [6] = https://curl.haxx.se/bug/?i=2901
+ [7] = https://curl.haxx.se/bug/?i=2668
+ [8] = https://curl.haxx.se/bug/?i=2896
+ [9] = https://curl.haxx.se/bug/?i=2789
+ [10] = https://curl.haxx.se/bug/?i=2724
+ [11] = https://curl.haxx.se/bug/?i=1641
+ [12] = https://curl.haxx.se/bug/?i=2842
+ [13] = https://curl.haxx.se/bug/?i=2959
+ [14] = https://curl.haxx.se/bug/?i=2962
+ [15] = https://curl.haxx.se/bug/?i=2957
+ [16] = https://curl.haxx.se/bug/?i=2948
+ [17] = https://curl.haxx.se/bug/?i=2955
+ [18] = https://curl.haxx.se/bug/?i=2407
+ [19] = https://curl.haxx.se/bug/?i=2980
+ [20] = https://curl.haxx.se/bug/?i=2979
+ [21] = https://curl.haxx.se/bug/?i=2972
+ [22] = https://curl.haxx.se/bug/?i=2763
+ [23] = https://curl.haxx.se/bug/?i=2984
+ [24] = https://curl.haxx.se/bug/?i=2966
+ [25] = https://curl.haxx.se/bug/?i=2985
+ [26] = https://curl.haxx.se/bug/?i=2986
+ [27] = https://curl.haxx.se/bug/?i=2983
+ [28] = https://curl.haxx.se/bug/?i=2989
+ [29] = https://curl.haxx.se/bug/?i=2992
+ [30] = https://curl.haxx.se/bug/?i=2999
+ [31] = https://curl.haxx.se/bug/?i=2991
+ [32] = https://curl.haxx.se/bug/?i=3005
+ [33] = https://curl.haxx.se/bug/?i=3004
+ [34] = https://curl.haxx.se/bug/?i=2996
+ [35] = https://curl.haxx.se/bug/?i=3001
+ [36] = https://curl.haxx.se/bug/?i=3016
+ [37] = https://curl.haxx.se/bug/?i=3014
+ [38] = https://curl.haxx.se/bug/?i=2969
+ [39] = https://curl.haxx.se/bug/?i=2971
+ [40] = https://curl.haxx.se/bug/?i=3029
+ [41] = https://curl.haxx.se/bug/?i=2697
+ [42] = https://curl.haxx.se/bug/?i=3032
+ [43] = https://curl.haxx.se/bug/?i=3030
+ [44] = https://curl.haxx.se/bug/?i=3033
+ [45] = https://curl.haxx.se/bug/?i=3036
+ [46] = https://curl.haxx.se/bug/?i=3039
+ [47] = https://curl.haxx.se/bug/?i=3026
+ [48] = https://curl.haxx.se/bug/?i=3023
+ [49] = https://curl.haxx.se/bug/?i=3042
+ [50] = https://curl.haxx.se/bug/?i=3044
+ [51] = https://curl.haxx.se/bug/?i=3046
+ [52] = https://curl.haxx.se/bug/?i=3050
+ [53] = https://curl.haxx.se/bug/?i=3006
+ [54] = https://github.com/curl/curl/issues/2924#issuecomment-424334807
+ [55] = https://curl.haxx.se/bug/?i=3055
+ [56] = https://curl.haxx.se/bug/?i=3056
+ [57] = https://curl.haxx.se/bug/?i=3008
+ [58] = https://curl.haxx.se/bug/?i=3062
+ [59] = https://curl.haxx.se/bug/?i=3063
+ [60] = https://curl.haxx.se/bug/?i=2849
+ [61] = https://curl.haxx.se/bug/?i=3048
+ [62] = https://curl.haxx.se/bug/?i=3096
+ [63] = https://curl.haxx.se/bug/?i=3090
+ [64] = https://curl.haxx.se/bug/?i=3097
+ [65] = https://curl.haxx.se/bug/?i=3100
+ [66] = https://curl.haxx.se/bug/?i=3093
+ [67] = https://curl.haxx.se/bug/?i=2929
+ [68] = https://curl.haxx.se/bug/?i=3084
+ [69] = https://curl.haxx.se/bug/?i=3079
+ [70] = https://curl.haxx.se/bug/?i=3086
+ [71] = https://curl.haxx.se/bug/?i=3085
+ [72] = https://github.com/curl/curl/issues/1751#issuecomment-321522580
+ [73] = https://curl.haxx.se/bug/?i=3077
+ [74] = https://curl.haxx.se/bug/?i=3075
+ [75] = https://curl.haxx.se/bug/?i=3111
+ [76] = https://curl.haxx.se/bug/?i=3067
+ [77] = https://curl.haxx.se/bug/?i=3110
+ [78] = https://curl.haxx.se/bug/?i=3083
+ [79] = https://curl.haxx.se/bug/?i=3105
+ [80] = https://curl.haxx.se/bug/?i=2394
+ [81] = https://curl.haxx.se/bug/?i=3104
+ [82] = https://curl.haxx.se/bug/?i=3113
+ [83] = https://curl.haxx.se/bug/?i=3118
+ [84] = https://curl.haxx.se/bug/?i=3120
+ [85] = https://curl.haxx.se/bug/?i=3121
+ [86] = https://curl.haxx.se/bug/?i=3126
+ [87] = https://curl.haxx.se/bug/?i=3124
+ [88] = https://curl.haxx.se/bug/?i=3102
+ [89] = https://curl.haxx.se/bug/?i=3159
+ [90] = https://curl.haxx.se/bug/?i=3138
+ [91] = https://curl.haxx.se/bug/?i=3137
+ [92] = https://curl.haxx.se/bug/?i=3137
+ [93] = https://curl.haxx.se/bug/?i=3144
+ [94] = https://curl.haxx.se/bug/?i=3140
+ [95] = https://curl.haxx.se/bug/?i=3178
+ [96] = https://curl.haxx.se/bug/?i=3179
+ [97] = https://curl.haxx.se/bug/?i=3176
+ [98] = https://curl.haxx.se/bug/?i=3171
+ [99] = https://curl.haxx.se/bug/?i=3143
+ [100] = https://curl.haxx.se/bug/?i=3155
+ [101] = https://curl.haxx.se/bug/?i=3168
+ [102] = https://curl.haxx.se/bug/?i=3166
+ [103] = https://curl.haxx.se/bug/?i=3122
+ [104] = https://curl.haxx.se/bug/?i=3162
+ [105] = https://curl.haxx.se/bug/?i=3182
+ [106] = https://curl.haxx.se/bug/?i=3182
+ [107] = https://curl.haxx.se/docs/CVE-2018-16839.html
+ [108] = https://curl.haxx.se/docs/CVE-2018-16840.html
+ [109] = https://curl.haxx.se/bug/?i=3181
+ [110] = https://curl.haxx.se/bug/?i=3163
+ [111] = https://curl.haxx.se/bug/?i=3163
+ [112] = https://curl.haxx.se/bug/?i=3170
+ [113] = https://curl.haxx.se/bug/?i=3123
+ [114] = https://curl.haxx.se/docs/CVE-2018-16842.html
-- 
cgit v1.2.3