aboutsummaryrefslogtreecommitdiffstats
path: root/RELEASE-NOTES
diff options
context:
space:
mode:
Diffstat (limited to 'RELEASE-NOTES')
-rw-r--r--RELEASE-NOTES462
1 files changed, 263 insertions, 199 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 0d8d2781..4cdab8d1 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,115 +1,144 @@
-Curl and libcurl 7.61.1
+Curl and libcurl 7.62.0
- Public curl releases: 176
- Command line options: 218
- curl_easy_setopt() options: 258
- Public functions in libcurl: 74
- Contributors: 1787
+ Public curl releases: 177
+ Command line options: 219
+ curl_easy_setopt() options: 261
+ Public functions in libcurl: 80
+ Contributors: 1808
+
+This release includes the following changes:
+
+ o multiplex: enable by default [4]
+ o url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled [4]
+ o setopt: add CURLOPT_DOH_URL [7]
+ o curl: --doh-url added [7]
+ o setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size [8]
+ o imap: change from "FETCH" to "UID FETCH" [9]
+ o configure: add option to disable automatic OpenSSL config loading [10]
+ o upkeep: add a connection upkeep API: curl_easy_upkeep() [11]
+ o URL-API: added five new functions [12]
+ o vtls: MesaLink is a new TLS backend [23]
This release includes the following bugfixes:
- o security advisory (CVE-2018-14618): NTLM password overflow via integer overflow [73]
- o CURLINFO_SIZE_UPLOAD: fix missing counter update [46]
- o CURLOPT_ACCEPT_ENCODING.3: list them comma-separated
- o CURLOPT_SSL_CTX_FUNCTION.3: might cause accidental connection reuse [72]
- o Curl_getoff_all_pipelines: improved for multiplexed [3]
- o DEPRECATE: remove release date from 7.62.0
- o HTTP: Don't attempt to needlessly decompress redirect body [30]
- o INTERNALS: require GnuTLS >= 2.11.3 [62]
- o README.md: add LGTM.com code quality grade for C/C++ [42]
- o SSLCERTS: improve the openssl command line
- o Silence GCC 8 cast-function-type warnings [47]
- o ares: check for NULL in completed-callback [3]
- o asyn-thread: Remove unused macro [40]
- o auth: only pick CURLAUTH_BEARER if we *have* a Bearer token [15]
- o auth: pick Bearer authentication whenever a token is available [15]
- o cmake: CMake config files are defining CURL_STATICLIB for static builds [54]
- o cmake: Respect BUILD_SHARED_LIBS [35]
- o cmake: Update scripts to use consistent style [9]
- o cmake: bumped minimum version to 3.4 [34]
- o cmake: link curl to the OpenSSL targets instead of lib absolute paths [34]
- o configure: conditionally enable pedantic-errors [64]
- o configure: fix for -lpthread detection with OpenSSL and pkg-config [38]
- o conn: remove the boolean 'inuse' field [3]
- o content_encoding: accept up to 4 unknown trailer bytes after raw deflate data [5]
- o cookie tests: treat files as text
- o cookies: support creation-time attribute for cookies [75]
- o curl: Fix segfault when -H @headerfile is empty [23]
- o curl: add http code 408 to transient list for --retry [78]
- o curl: fix time-of-check, time-of-use race in dir creation [71]
- o curl: use Content-Disposition before the "URL end" for -OJ [29]
- o curl: warn the user if a given file name looks like an option [56]
- o curl_threads: silence bad-function-cast warning [69]
- o darwinssl: add support for ALPN negotiation [7]
- o docs/CURLOPT_URL: fix indentation [20]
- o docs/CURLOPT_WRITEFUNCTION: size is always 1 [19]
- o docs/SECURITY-PROCESS: mention bounty, drop pre-notify
- o docs/examples: add hiperfifo example using linux epoll/timerfd [21]
- o docs: add disallow-username-in-url.d and haproxy-protocol.d to dist [50]
- o docs: clarify NO_PROXY env variable functionality [70]
- o docs: improved the manual pages of some callbacks [48]
- o docs: mention NULL is fine input to several functions [43]
- o formdata: Remove unused macro HTTPPOST_CONTENTTYPE_DEFAULT [40]
- o gopher: Do not translate `?' to `%09' [67]
- o header output: switch off all styles, not just unbold [8]
- o hostip: fix unused variable warning
- o http2: Use correct format identifier for stream_id [77]
- o http2: abort the send_callback if not setup yet [63]
- o http2: avoid set_stream_user_data() before stream is assigned [61]
- o http2: check nghttp2_session_set_stream_user_data return code [55]
- o http2: clear the drain counter in Curl_http2_done [27]
- o http2: make sure to send after RST_STREAM [58]
- o http2: separate easy handle from connections better [12]
- o http: fix for tiny "HTTP/0.9" response [51]
- o http_proxy: Remove unused macro SELECT_TIMEOUT [40]
- o lib/Makefile: only do symbol hiding if told to [32]
- o lib1502: fix memory leak in torture test [44]
- o lib1522: fix curl_easy_setopt argument type
- o libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation [66]
- o mime: check Curl_rand_hex's return code [22]
- o multi: always do the COMPLETED procedure/state [3]
- o openssl: assume engine support in 1.0.0 or later [2]
- o openssl: fix debug messages [39]
- o projects: Improve Windows perl detection in batch scripts [49]
- o retry: return error if rewind was necessary but didn't happen [28]
- o reuse_conn(): memory leak - free old_conn->options [17]
- o schannel: client certificate store opening fix [68]
- o schannel: enable CALG_TLS1PRF for w32api >= 5.1
- o schannel: fix MinGW compile break [1]
- o sftp: don't send post-qoute sequence when retrying a connection [79]
- o smb: fix memory leak on early failure [26]
- o smb: fix memory-leak in URL parse error path [4]
- o smb_getsock: always wait for write socket too [11]
- o ssh-libssh: fix infinite connect loop on invalid private key [53]
- o ssh-libssh: reduce excessive verbose output about pubkey auth [53]
- o ssh-libssh: use FALLTHROUGH to silence gcc8 [76]
- o ssl: set engine implicitly when a PKCS#11 URI is provided [36]
- o sws: handle EINTR when calling select() [24]
- o system_win32: fix version checking [16]
- o telnet: Remove unused macros TELOPTS and TELCMDS [40]
- o test1143: disable MSYS2's POSIX path conversion [10]
- o test1148: disable if decimal separator is not point [65]
- o test1307: (fnmatch testing) disabled [31]
- o test1422: add required file feature [6]
- o test1531: Add timeout [41]
- o test1540: Remove unused macro TEST_HANG_TIMEOUT [40]
- o test214: disable MSYS2's POSIX path conversion for URL
- o test320: treat curl320.out file as binary [14]
- o tests/http_pipe.py: Use /usr/bin/env to find python
- o tests: Don't use Windows path %PWD for SSH tests [74]
- o tests: fixes for Windows line endlings [13]
- o tool_operate: Fix setting proxy TLS 1.3 ciphers
- o travis: build darwinssl on macos 10.12 to fix linker errors [33]
- o travis: execute "set -eo pipefail" for coverage build [45]
- o travis: run a 'make checksrc' too [25]
- o travis: update to GCC-8 [52]
- o travis: verify that man pages can be regenerated [50]
- o upload: allocate upload buffer on-demand [60]
- o upload: change default UPLOAD_BUFSIZE to 64KB [60]
- o urldata: remove unused pipe_broke struct field [57]
- o vtls: reinstantiate engine on duplicated handles [59]
- o windows: implement send buffer tuning [37]
- o wolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random [18]
+ o CVE-2018-16839: SASL password overflow via integer overflow [107]
+ o CVE-2018-16840: use-after-free in handle close [108]
+ o CVE-2018-16842: warning message out-of-buffer read [114]
+ o CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated [5]
+ o Curl_dedotdotify(): always nul terminate returned string [46]
+ o Curl_follow: Always free the passed new URL [87]
+ o Curl_http2_done: fix memleak in error path [51]
+ o Curl_retry_request: fix memory leak [49]
+ o Curl_saferealloc: Fixed typo in docblock [40]
+ o FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output [78]
+ o GnutTLS: TLS 1.3 support [39]
+ o SECURITY-PROCESS: mention the bountygraph program [42]
+ o VS projects: add USE_IPV6: [91]
+ o Windows: fixes for MinGW targeting Windows Vista [82]
+ o anyauthput: fix compiler warning on 64-bit Windows [21]
+ o appveyor: add WinSSL builds [81]
+ o appveyor: run test suite (on Windows!) [65]
+ o certs: generate tests certs with sha256 digest algorithm [37]
+ o checksrc: enable strict mode and warnings [63]
+ o checksrc: handle zero scoped ignore commands [62]
+ o cmake: Backport to work with CMake 3.0 again [55]
+ o cmake: Improve config installation [60]
+ o cmake: add support for transitive ZLIB target [113]
+ o cmake: disable -Wpedantic-ms-format [84]
+ o cmake: don't require OpenSSL if USE_OPENSSL=OFF [35]
+ o cmake: fixed path used in generation of docs/tests [56]
+ o cmake: remove unused *SOCKLEN_T variables [102]
+ o cmake: suppress MSVC warning C4127 for libtest
+ o cmake: test and set missed defines during configuration [64]
+ o comment: Fix multiple typos in function parameters [69]
+ o config: Remove unused SIZEOF_VOIDP [104]
+ o config_win32: enable LDAPS [92]
+ o configure: force-use -lpthreads on HPUX [41]
+ o configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T [101]
+ o configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE [53]
+ o cookies: Remove redundant expired check [14]
+ o cookies: fix leak when writing cookies to file [15]
+ o curl-config.in: remove dependency on bc [99]
+ o curl.1: --ipv6 mutexes ipv4 (fixed typo) [98]
+ o curl: enabled Windows VT Support and UTF-8 output [57]
+ o curl: update the documentation of --tlsv1.0 [17]
+ o curl_multi_wait: call getsock before figuring out timeout [34]
+ o curl_ntlm_wb: check aprintf() return codes [75]
+ o curl_threads: fix classic MinGW compile break [54]
+ o darwinssl: Fix realloc memleak [32]
+ o darwinssl: more specific and unified error codes [6]
+ o data-binary.d: clarify default content-type is x-www-form-urlencoded [71]
+ o docs/BUG-BOUNTY: explain the bounty program [76]
+ o docs/CIPHERS: Mention the options used to set TLS 1.3 ciphers [89]
+ o docs/CIPHERS: fix the TLS 1.3 cipher names [95]
+ o docs/CIPHERS: mention the colon separation for OpenSSL [73]
+ o docs/examples: URL updates [45]
+ o docs: add "see also" links for SSL options [85]
+ o example/asiohiper: insert warning comment about its status [18]
+ o example/htmltidy: fix include paths of tidy libraries [52]
+ o examples/Makefile.m32: sync with core [44]
+ o examples/http2-pushinmemory: receive HTTP/2 pushed files in memory [33]
+ o examples/parseurl.c: show off the URL API [43]
+ o examples: Fix memory leaks from realloc errors [31]
+ o examples: do not wait when no transfers are running [16]
+ o ftp: include command in Curl_ftpsend sendbuffer [25]
+ o gskit: make sure to terminate version string [79]
+ o gtls: Values stored to but never read [97]
+ o hostip: fix check on Curl_shuffle_addr return value [77]
+ o http2: fix memory leaks on error-path [29]
+ o http: fix memleak in rewind error path [50]
+ o krb5: fix memory leak in krb_auth [25]
+ o ldap: show precise LDAP call in error message on Windows [83]
+ o lib: fix gcc8 warning on Windows [20]
+ o memory: add missing curl_printf header [30]
+ o memory: ensure to check allocation results [68]
+ o multi: Fix error handling in the SENDPROTOCONNECT state [112]
+ o multi: fix memory leak in content encoding related error path [59]
+ o multi: make the closure handle "inherit" CURLOPT_NOSIGNAL [90]
+ o netrc: free temporary strings if memory allocation fails [103]
+ o nss: fix nssckbi module loading on Windows [70]
+ o nss: try to connect even if libnssckbi.so fails to load [36]
+ o ntlm_wb: Fix memory leaks in ntlm_wb_response [24]
+ o ntlm_wb: bail out if the response gets overly large [13]
+ o openssl: assume engine support in 0.9.8 or later [27]
+ o openssl: enable TLS 1.3 post-handshake auth [47]
+ o openssl: fix gcc8 warning [19]
+ o openssl: load built-in engines too [48]
+ o openssl: make 'done' a proper boolean [97]
+ o openssl: output the correct cipher list on TLS 1.3 error [95]
+ o openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuer [6]
+ o openssl: show "proper" version number for libressl builds [28]
+ o pipelining: deprecated [1]
+ o rand: add comment to skip a clang-tidy false positive
+ o rtmp: fix for compiling with lwIP [100]
+ o runtests: ignore disabled even when ranges are given [74]
+ o runtests: skip ld_preload tests on macOS [80]
+ o runtests: use Windows paths for Windows curl
+ o schannel: unified error code handling [6]
+ o sendf: Fix whitespace in infof/failf concatenation [26]
+ o ssh: free the session on init failures [96]
+ o ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code [6]
+ o system.h: use proper setting with Sun C++ as well [109]
+ o test1299: use single quotes around asterisk [72]
+ o test1452: mark as flaky [2]
+ o test1651: unit test Curl_extract_certinfo() [110]
+ o test320: strip out more HTML when comparing [66]
+ o tests/negtelnetserver.py: fix Python2-ism in neg TELNET server [67]
+ o tests: add unit tests for url.c [3]
+ o timeval: fix use of weak symbol clock_gettime() on Apple platforms [61]
+ o tool_cb_hdr: handle failure of rename() [94]
+ o travis: add a "make tidy" build that runs clang-tidy [105]
+ o travis: add build for "configure --disable-verbose" [93]
+ o travis: bump the Secure Transport build to use xcode [58]
+ o travis: make distcheck scan for BOM markers [86]
+ o unit1300: fix stack-use-after-scope AddressSanitizer warning [106]
+ o urldata: Fix "connecting" comment
+ o urlglob: improve error message on bad globs [22]
+ o vtls: fix ssl version "or later" behavior change for many backends [38]
+ o x509asn1: Fix SAN IP address verification [88]
+ o x509asn1: always check return code from getASN1Element() [110]
+ o x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse cert [6]
+ o x509asn1: suppress left shift on signed value [111]
This release includes the following known bugs:
@@ -118,99 +147,134 @@ This release includes the following known bugs:
This release would not have looked like this without help, code, reports and
advice from friends like these:
- adnn on github, Anderson Toshiyuki Sasaki, Andrei Virtosu, Anton Gerasimov,
- Bas van Schaik, Carie Pointer, Christopher Head, clbr on github,
- Dan Fandrich, Daniel Gustafsson, Daniel Jeliński, Daniel Stenberg,
- Darío Hereñú, Even Rouault, Harry Sintonen, Ihor Karpenko, Jakub Zakrzewski,
- Jeffrey Walton, Jeroen Ooms, Johannes Schindelin, John Butterfield,
- Josh Bialkowski, Kamil Dudka, Kirill Marchuk, Laurent Bonnans,
- Leonardo Taccari, Marcel Raad, Markus Elfring, Michael Kaufmann,
- Nick Zitzmann, Nikos Mavrogiannopoulos, Patrick Monnerat, Paul Howarth,
- Przemysław Tomaszewski, pszemus on github, Ran Mozes, Ray Satiro,
- Rikard Falkeborn, Rodger Combs, Ruslan Baratov, Sergei Nikulov,
- Thomas Klausner, Tobias Blomberg, Viktor Szakats, Zero King, Zhaoyang Wu,
- (46 contributors)
+ Alexey Eremikhin, Brad King, Brian Carpenter, Christian Heimes, Colin Hogben,
+ Daniel Gustafsson, Daniel Shahaf, Daniel Stenberg, Dario Weißer,
+ Dave Reisner, Dima Pasechnik, Dmitry Kostjuchenko, Doron Behar,
+ Eason-Yu on github, Erik Minekus, Even Rouault, Gisle Vanem, Han Han,
+ Harry Sintonen, jakirkham on github, Jean Fabrice, Jim Fuller, Kamil Dudka,
+ Loganaden Velvindron, Marcel Raad, Marc Hörsken, Martin Ankerl,
+ Matthew Whitehead, Max Dymond, Maxime Legros, Michael Kaufmann, Nate Prewitt,
+ Nicklas Avén, Nick Zitzmann, Patrick Monnerat, Philipp Waehnert, Rainer Jung,
+ Ray Satiro, Rich Turner, Rick Deist, Ricky-Tigg on github, Rikard Falkeborn,
+ Ruslan Baratov, Sergei Nikulov, Shaun Jackman, Thomas Glanzmann, Tuomo Rinne,
+ Viktor Szakats, Yiming Jing,
+ (49 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
- [1] = https://github.com/curl/curl/pull/2721#issuecomment-403636043
- [2] = https://curl.haxx.se/bug/?i=2732
- [3] = https://curl.haxx.se/bug/?i=2733
- [4] = https://curl.haxx.se/bug/?i=2740
- [5] = https://curl.haxx.se/bug/?i=2719
- [6] = https://curl.haxx.se/bug/?i=2741
- [7] = https://curl.haxx.se/bug/?i=2731
- [8] = https://curl.haxx.se/bug/?i=2736
- [9] = https://curl.haxx.se/bug/?i=2727
- [10] = https://curl.haxx.se/bug/?i=2765
- [11] = https://curl.haxx.se/bug/?i=2768
- [12] = https://curl.haxx.se/bug/?i=2751
- [13] = https://curl.haxx.se/bug/?i=2772
- [14] = https://curl.haxx.se/bug/?i=2776
- [15] = https://curl.haxx.se/bug/?i=2754
- [16] = https://curl.haxx.se/bug/?i=2792
- [17] = https://curl.haxx.se/bug/?i=2790
- [18] = https://curl.haxx.se/bug/?i=2784
- [19] = https://curl.haxx.se/bug/?i=2787
- [20] = https://curl.haxx.se/bug/?i=2788
- [21] = https://curl.haxx.se/bug/?i=2804
- [22] = https://curl.haxx.se/bug/?i=2795
- [23] = https://curl.haxx.se/bug/?i=2797
- [24] = https://curl.haxx.se/bug/?i=2808
- [25] = https://curl.haxx.se/bug/?i=2811
- [26] = https://curl.haxx.se/bug/?i=2769
- [27] = https://curl.haxx.se/bug/?i=2800
- [28] = https://curl.haxx.se/bug/?i=2801
- [29] = https://curl.haxx.se/bug/?i=2783
- [30] = https://curl.haxx.se/bug/?i=2798
- [31] = https://curl.haxx.se/bug/?i=2825
- [32] = https://curl.haxx.se/bug/?i=2830
- [33] = https://curl.haxx.se/bug/?i=2835
- [34] = https://curl.haxx.se/bug/?i=2753
- [35] = https://curl.haxx.se/bug/?i=2755
- [36] = https://curl.haxx.se/bug/?i=2333
- [37] = https://curl.haxx.se/mail/lib-2018-07/0080.html
- [38] = https://curl.haxx.se/bug/?i=2848
- [39] = https://curl.haxx.se/bug/?i=2806
- [40] = https://curl.haxx.se/bug/?i=2852
- [41] = https://curl.haxx.se/bug/?i=2853
- [42] = https://curl.haxx.se/bug/?i=2857
- [43] = https://curl.haxx.se/bug/?i=2837
- [44] = https://curl.haxx.se/bug/?i=2861
- [45] = https://curl.haxx.se/bug/?i=2862
- [46] = https://curl.haxx.se/bug/?i=2847
- [47] = https://curl.haxx.se/bug/?i=2860
- [48] = https://curl.haxx.se/bug/?i=2868
- [49] = https://curl.haxx.se/bug/?i=2865
- [50] = https://curl.haxx.se/bug/?i=2856
- [51] = https://curl.haxx.se/bug/?i=2420
- [52] = https://curl.haxx.se/bug/?i=2869
- [53] = https://curl.haxx.se/bug/?i=2879
- [54] = https://curl.haxx.se/bug/?i=2817
- [55] = https://curl.haxx.se/bug/?i=2880
- [56] = https://curl.haxx.se/bug/?i=2885
- [57] = https://curl.haxx.se/bug/?i=2871
- [58] = https://curl.haxx.se/bug/?i=2882
- [59] = https://curl.haxx.se/bug/?i=2829
- [60] = https://curl.haxx.se/bug/?i=2892
- [61] = https://curl.haxx.se/bug/?i=2894
- [62] = https://curl.haxx.se/bug/?i=2890
- [63] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10012
- [64] = https://curl.haxx.se/bug/?i=2747
- [65] = https://curl.haxx.se/bug/?i=2786
- [66] = https://curl.haxx.se/bug/?i=2904
- [67] = https://curl.haxx.se/bug/?i=2910
- [68] = https://curl.haxx.se/mail/lib-2018-08/0198.html
- [69] = https://curl.haxx.se/bug/?i=2908
- [70] = https://curl.haxx.se/bug/?i=2773
- [71] = https://curl.haxx.se/bug/?i=2739
- [72] = https://curl.haxx.se/bug/?i=2915
- [73] = https://curl.haxx.se/docs/CVE-2018-14618.html
- [74] = https://curl.haxx.se/bug/?i=2920
- [75] = https://curl.haxx.se/bug/?i=2524
- [76] = https://curl.haxx.se/bug/?i=2922
- [77] = https://curl.haxx.se/bug/?i=2928
- [78] = https://curl.haxx.se/bug/?i=2925
- [79] = https://curl.haxx.se/bug/?i=2939
+ [1] = https://curl.haxx.se/bug/?i=2705
+ [2] = https://curl.haxx.se/bug/?i=2941
+ [3] = https://curl.haxx.se/bug/?i=2937
+ [4] = https://curl.haxx.se/bug/?i=2709
+ [5] = https://curl.haxx.se/bug/?i=2942
+ [6] = https://curl.haxx.se/bug/?i=2901
+ [7] = https://curl.haxx.se/bug/?i=2668
+ [8] = https://curl.haxx.se/bug/?i=2896
+ [9] = https://curl.haxx.se/bug/?i=2789
+ [10] = https://curl.haxx.se/bug/?i=2724
+ [11] = https://curl.haxx.se/bug/?i=1641
+ [12] = https://curl.haxx.se/bug/?i=2842
+ [13] = https://curl.haxx.se/bug/?i=2959
+ [14] = https://curl.haxx.se/bug/?i=2962
+ [15] = https://curl.haxx.se/bug/?i=2957
+ [16] = https://curl.haxx.se/bug/?i=2948
+ [17] = https://curl.haxx.se/bug/?i=2955
+ [18] = https://curl.haxx.se/bug/?i=2407
+ [19] = https://curl.haxx.se/bug/?i=2980
+ [20] = https://curl.haxx.se/bug/?i=2979
+ [21] = https://curl.haxx.se/bug/?i=2972
+ [22] = https://curl.haxx.se/bug/?i=2763
+ [23] = https://curl.haxx.se/bug/?i=2984
+ [24] = https://curl.haxx.se/bug/?i=2966
+ [25] = https://curl.haxx.se/bug/?i=2985
+ [26] = https://curl.haxx.se/bug/?i=2986
+ [27] = https://curl.haxx.se/bug/?i=2983
+ [28] = https://curl.haxx.se/bug/?i=2989
+ [29] = https://curl.haxx.se/bug/?i=2992
+ [30] = https://curl.haxx.se/bug/?i=2999
+ [31] = https://curl.haxx.se/bug/?i=2991
+ [32] = https://curl.haxx.se/bug/?i=3005
+ [33] = https://curl.haxx.se/bug/?i=3004
+ [34] = https://curl.haxx.se/bug/?i=2996
+ [35] = https://curl.haxx.se/bug/?i=3001
+ [36] = https://curl.haxx.se/bug/?i=3016
+ [37] = https://curl.haxx.se/bug/?i=3014
+ [38] = https://curl.haxx.se/bug/?i=2969
+ [39] = https://curl.haxx.se/bug/?i=2971
+ [40] = https://curl.haxx.se/bug/?i=3029
+ [41] = https://curl.haxx.se/bug/?i=2697
+ [42] = https://curl.haxx.se/bug/?i=3032
+ [43] = https://curl.haxx.se/bug/?i=3030
+ [44] = https://curl.haxx.se/bug/?i=3033
+ [45] = https://curl.haxx.se/bug/?i=3036
+ [46] = https://curl.haxx.se/bug/?i=3039
+ [47] = https://curl.haxx.se/bug/?i=3026
+ [48] = https://curl.haxx.se/bug/?i=3023
+ [49] = https://curl.haxx.se/bug/?i=3042
+ [50] = https://curl.haxx.se/bug/?i=3044
+ [51] = https://curl.haxx.se/bug/?i=3046
+ [52] = https://curl.haxx.se/bug/?i=3050
+ [53] = https://curl.haxx.se/bug/?i=3006
+ [54] = https://github.com/curl/curl/issues/2924#issuecomment-424334807
+ [55] = https://curl.haxx.se/bug/?i=3055
+ [56] = https://curl.haxx.se/bug/?i=3056
+ [57] = https://curl.haxx.se/bug/?i=3008
+ [58] = https://curl.haxx.se/bug/?i=3062
+ [59] = https://curl.haxx.se/bug/?i=3063
+ [60] = https://curl.haxx.se/bug/?i=2849
+ [61] = https://curl.haxx.se/bug/?i=3048
+ [62] = https://curl.haxx.se/bug/?i=3096
+ [63] = https://curl.haxx.se/bug/?i=3090
+ [64] = https://curl.haxx.se/bug/?i=3097
+ [65] = https://curl.haxx.se/bug/?i=3100
+ [66] = https://curl.haxx.se/bug/?i=3093
+ [67] = https://curl.haxx.se/bug/?i=2929
+ [68] = https://curl.haxx.se/bug/?i=3084
+ [69] = https://curl.haxx.se/bug/?i=3079
+ [70] = https://curl.haxx.se/bug/?i=3086
+ [71] = https://curl.haxx.se/bug/?i=3085
+ [72] = https://github.com/curl/curl/issues/1751#issuecomment-321522580
+ [73] = https://curl.haxx.se/bug/?i=3077
+ [74] = https://curl.haxx.se/bug/?i=3075
+ [75] = https://curl.haxx.se/bug/?i=3111
+ [76] = https://curl.haxx.se/bug/?i=3067
+ [77] = https://curl.haxx.se/bug/?i=3110
+ [78] = https://curl.haxx.se/bug/?i=3083
+ [79] = https://curl.haxx.se/bug/?i=3105
+ [80] = https://curl.haxx.se/bug/?i=2394
+ [81] = https://curl.haxx.se/bug/?i=3104
+ [82] = https://curl.haxx.se/bug/?i=3113
+ [83] = https://curl.haxx.se/bug/?i=3118
+ [84] = https://curl.haxx.se/bug/?i=3120
+ [85] = https://curl.haxx.se/bug/?i=3121
+ [86] = https://curl.haxx.se/bug/?i=3126
+ [87] = https://curl.haxx.se/bug/?i=3124
+ [88] = https://curl.haxx.se/bug/?i=3102
+ [89] = https://curl.haxx.se/bug/?i=3159
+ [90] = https://curl.haxx.se/bug/?i=3138
+ [91] = https://curl.haxx.se/bug/?i=3137
+ [92] = https://curl.haxx.se/bug/?i=3137
+ [93] = https://curl.haxx.se/bug/?i=3144
+ [94] = https://curl.haxx.se/bug/?i=3140
+ [95] = https://curl.haxx.se/bug/?i=3178
+ [96] = https://curl.haxx.se/bug/?i=3179
+ [97] = https://curl.haxx.se/bug/?i=3176
+ [98] = https://curl.haxx.se/bug/?i=3171
+ [99] = https://curl.haxx.se/bug/?i=3143
+ [100] = https://curl.haxx.se/bug/?i=3155
+ [101] = https://curl.haxx.se/bug/?i=3168
+ [102] = https://curl.haxx.se/bug/?i=3166
+ [103] = https://curl.haxx.se/bug/?i=3122
+ [104] = https://curl.haxx.se/bug/?i=3162
+ [105] = https://curl.haxx.se/bug/?i=3182
+ [106] = https://curl.haxx.se/bug/?i=3182
+ [107] = https://curl.haxx.se/docs/CVE-2018-16839.html
+ [108] = https://curl.haxx.se/docs/CVE-2018-16840.html
+ [109] = https://curl.haxx.se/bug/?i=3181
+ [110] = https://curl.haxx.se/bug/?i=3163
+ [111] = https://curl.haxx.se/bug/?i=3163
+ [112] = https://curl.haxx.se/bug/?i=3170
+ [113] = https://curl.haxx.se/bug/?i=3123
+ [114] = https://curl.haxx.se/docs/CVE-2018-16842.html
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-24 05:21:43 +0000