curl 7.34.0 is released

Arieh

Verified User
Joined
May 27, 2008
Messages
1,236
Location
The Netherlands
curl and libcurl 7.34.0 is released
Hello friends,

I'm happy to announce that yet another curl and libcurl release has found its way out in the open. 7.34.0 contains a security fix, 10 notable changes, at least 41 bug fixes and no less than 24 new contributors are credited.

[...]

Curl and libcurl 7.34.0

Public curl releases: 136
Command line options: 161
curl_easy_setopt() options: 206
Public functions in libcurl: 58
Known libcurl bindings: 42
Contributors: 1104

This release includes the following security fix:
o gtls: respect *VERIFYHOST independently of *VERIFYPEER [26]

This release includes the following changes:

o SSL: protocol version can be specified more precisely [1]
o imap/pop3/smtp: Added graceful cancellation of SASL authentication
o Add "Happy Eyeballs" for IPv4/IPv6 dual connect attempts
o base64: Added validation of base64 input strings when decoding [8]
o curl_easy_setopt: Added the ability to set the login options separately
o smtp: Added support for additional SMTP commands
o curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
o nss: allow to use TLS > 1.0 if built against recent NSS [18]
o SECURITY: added this document to describe our security processes [22]
o parseconfig: warn if unquoted white spaces are detected

This release includes the following bugfixes:

o darwinssl: un-break iOS build after PKCS#12 feature added
o tool: use XFERFUNCTION to save some casts [2]
o usercertinmem: fix memory leaks
o ssh: Handle successful SSH_USERAUTH_NONE [3]
o NSS: acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option [4]
o test906: Fixed failing test on some platforms [5]
o sasl: initialize NSS before using NTLM crypto
o sasl: Fixed memory leak in OAUTH2 message creation
o imap/pop3/smtp: Fixed QUIT / LOGOUT being sent when SSL connect fails
o cmake: unbreak for non-Windows platforms [6]
o ssh: initialize per-handle data in ssh_connect()
o glob: fix broken URLs
o configure: check for long long when building with cyassl
o CURLOPT_RESOLVE: mention they don't time-out [7]
o docs/examples/httpput.c: fix build for MSVC
o FTP: make the data connection work when going through proxy
o NSS: support for CERTINFO feature
o curl_multi_wait: accept 0 from multi_timeout() as valid timeout
o glob_range: pass the closing bracket for a-z ranges
o tool_help: Updated --list-only description to include POP3
o Curl_ssl_push_certinfo_len: don't %.*s non-zero-terminated string [9]
o cmake: fix Windows build with IPv6 support [10]
o ares: Fixed compilation under Visual Studio 2012 [11]
o curl_easy_setopt.3: clarify CURLOPT_SSL_VERIFYHOST documentation [12]
o curl.1: mention that -O does no URL decoding [13]
o darwinssl: PKCS#12 import feature now requires Lion or later [14]
o darwinssl: check for SSLSetSessionOption() presence when toggling BEAST
o configure: Fix test with -Werror=implicit-function-declaration [15]
o sigpipe: factor out sigpipe_reset from easy.c
o curl_multi_cleanup: ignore SIGPIPE
o globbing: curl glob counter mismatch with {} list use [16]
o parseconfig: dash options can't specified with colon or equals [17]
o digest: fix CURLAUTH_DIGEST_IE [19]
o curl.h: <sys/select.h> for OpenBSD [20]
o darwinssl: Fix #if 10.6.0 for SecKeychainSearch
o TFTP: fix return codes for connect timeout [21]
o login options: remove the ;[options] support from CURLOPT_USERPWD [23]
o imap: Fixed incorrect fallback to clear text authentication
o parsedate: avoid integer overflow
o curl.1: document -J doesn't %-decode [25]
o multi: add timer inaccuracy margin to timeout/connecttimeout [24]

This release includes the following known bugs:

o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)

[...]
 
Back
Top