From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 7 Mar 2022 08:03:36 +0000 (+0100)
Subject: RELEASE-NOTES: synced
X-Git-Tag: curl-7_83_0~178
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6df30a0ec84d96a2a7b88d3832bec94b26c24742;p=thirdparty%2Fcurl.git

RELEASE-NOTES: synced

and bump pending version to 7.82.1
---

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index b16e31f1eb..1c3c0daa35 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,6 +1,6 @@
-curl and libcurl 7.82.0
+curl and libcurl 7.82.1
 
- Public curl releases:         206
+ Public curl releases:         207
  Command line options:         245
  curl_easy_setopt() options:   295
  Public functions in libcurl:  86
@@ -8,184 +8,17 @@ curl and libcurl 7.82.0
 
 This release includes the following changes:
 
- o curl: add --json [67]
- o mesalink: remove support [23]
+ o
 
 This release includes the following bugfixes:
 
- o appveyor: update images from VS 2019 to 2022
- o appveyor: use VS 2017 image for the autotools builds
- o azure-pipelines: add a build on Windows with libssh [154]
- o bearssl: fix connect error on expired cert and no verify [132]
- o bearssl: fix EXC_BAD_ACCESS on incomplete CA cert [131]
- o bearssl: fix session resumption (session id) [133]
- o build: enable -Warith-conversion
- o build: fix -Wenum-conversion handling
- o build: fix ngtcp2 crypto library detection [63]
- o checkprefix: remove strlen calls [128]
- o checksrc: fix typo in comment [34]
- o CI: move 'distcheck' job from zuul to azure pipelines [60]
- o CI: move scan-build job from Zuul to Azure Pipelines [59]
- o CI: move the NSS job from zuul to GHA [84]
- o ci: move the OpenSSL + c-ares job from Zuul to Circle CI [75]
- o CI: move the rustls CI job to GHA from Zuul [8]
- o CI: move two jobs from Zuul to Circle CI [73]
- o CI: test building wolfssl with --enable-opensslextra [42]
- o CI: workflows/wolfssl: install impacket [47]
- o circleci: add a job using libssh [121]
- o cirlceci: also run a c-ares job on arm with debug enabled [74]
- o cmake: fix iOS CMake project generation error [13]
- o cmdline-opts/gen.pl: fix option matching to improve references [50]
- o config.d: Clarify _curlrc filename is still valid on Windows [95]
- o configure.ac: use user-specified gssapi dir when using pkg-config [136]
- o configure: change output for cross-compiled alt-svc support [140]
- o configure: fix '--enable-code-coverage' typo [110]
- o configure: remove support for "embedded ares" [82]
- o configure: requires --with-nss-deprecated to build with NSS [114]
- o configure: set CURL_LIBRARY_PATH for nghttp2 [58]
- o configure: support specification of a nghttp2 library path [101]
- o configure: use correct CFLAGS for threaded resolver with xlC on AIX [54]
- o curl tool: erase some more sensitive command line arguments [22]
- o curl-functions.m4: fix LIBRARY_PATH adjustment to avoid eval [5]
- o curl-functions.m4: revert DYLD_LIBRARY_PATH tricks in CURL_RUN_IFELSE [9]
- o curl-openssl: fix SRP check for OpenSSL 3.0 [86]
- o curl-openssl: remove the OpenSSL headers and library versions check [35]
- o curl.h: fix typo [129]
- o curl: remove "separators" (when using globbed URLs) [32]
- o curl_getdate.3: remove pointless .PP line [68]
- o curl_multi_socket.3: remove callback and typical usage descriptions [7]
- o curl_url_set.3: mention when CURLU_ALLOW_SPACE was added
- o CURLMOPT_TIMERFUNCTION/DATA.3: fix the examples [27]
- o CURLOPT_PROGRESSFUNCTION.3: fix example struct assignment [147]
- o CURLOPT_RESOLVE.3: change example port to 443
- o CURLOPT_XFERINFOFUNCTION.3: fix example struct assignment [153]
- o CURLOPT_XFERINFOFUNCTION.3: fix typo in example [81]
- o CURLSHOPT_LOCKFUNC.3: fix typo "relased" -> "released" [71]
- o des: fix compile break for OpenSSL without DES [141]
- o docs/cmdline-opts: add "mutexed" options for more http versions [25]
- o docs/DEPRECATE: remove NPN support in August 2022 [64]
- o docs: capitalize the name 'Netscape' [77]
- o docs: document HTTP/2 not insisting on TLS 1.2 [49]
- o docs: fix mandoc -T lint formatting complaints [2]
- o docs: update IETF links to use datatracker [41]
- o examples/curlx: support building with OpenSSL 1.1.0+ [148]
- o examples/multi-app.c: call curl_multi_remove_handle as well [19]
- o formdata: avoid size_t => long typecast overflows [37]
- o ftp: provide error message for control bytes in path [66]
- o gen.pl: terminate "example" sections better [4]
- o gha: add a macOS CI job with libssh [142]
- o gskit: Convert to using Curl_poll [111]
- o gskit: Fix errors from Curl_strerror refactor [113]
- o gskit: Fix initialization of Curl_ssl_gskit struct [112]
- o h2/h3: allow CURLOPT_HTTPHEADER change ":scheme" [88]
- o hostcheck: fixed to not touch used input strings [38]
- o hostcheck: reduce strlen calls on chained certificates [92]
- o hostip: avoid unused parameter error in Curl_resolv_check [144]
- o http2: move two infof calls to debug-h2-only [145]
- o http: make Curl_compareheader() take string length arguments too [87]
- o if2ip: make Curl_ipv6_scope a blank macro when IPv6-disabled [104]
- o KNOWN_BUGS: fix typo "libpsl"
- o ldap: return CURLE_URL_MALFORMAT for bad URL [24]
- o lib: remove support for CURL_DOES_CONVERSIONS [96]
- o libssh2: don't typecast socket to int for libssh2_session_handshake [151]
- o libssh: fix include files and defines use for Windows builds [156]
- o Makefile.am: Generate VS 2022 projects
- o maketgz: return error if 'make dist' fails [79]
- o mbedtls: enable use of mbedtls without CRL support [57]
- o mbedtls: enable use of mbedtls without filesystem functions support [100]
- o mbedtls: fix CURLOPT_SSLCERT_BLOB (again)
- o mbedtls: fix ssl_init error with mbedTLS 3.1.0+ [12]
- o mbedtls: remove #include <mbedtls/certs.h> [56]
- o mbedtls: return CURLcode result instead of a mbedtls error code [1]
- o md5: check md5_init_func return value
- o mime: use a define instead of the magic number 24 [89]
- o misc: allow curl to build with wolfssl --enable-opensslextra [43]
- o misc: remove BeOS code and references [30]
- o misc: remove the final watcom references [29]
- o misc: remove unused data when IPv6 is not supported [80]
- o mqtt: free 'sendleftovers' in disconnect [115]
- o mqtt: free any send leftover data when done [36]
- o multi: allow user callbacks to call curl_multi_assign [126]
- o multi: grammar fix in comment [69]
- o multi: remember connection_id before returning connection to pool [76]
- o multi: set in_callback for multi interface callbacks [28]
- o netware: remove support [72]
- o next.d. remove .fi/.nf as they are handled by gen.pl [3]
- o ngtcp2: adapt to changed end of headers callback proto [39]
- o ngtcp2: fix declaration of ‘result’ shadows a previous local [14]
- o ngtcp2: Reset dynbuf when it is fully drained [143]
- o nss: handshake callback during shutdown has no conn->bundle [55]
- o ntlm: remove unused feature defines [117]
- o openldap: fix compiler warning when built without SSL support [70]
- o openldap: implement SASL authentication [16]
- o openldap: pass string length arguments to client_write() [116]
- o openssl.h: avoid including OpenSSL headers here [15]
- o openssl: check if sessionid flag is enabled before retrieving session [125]
- o openssl: check SSL_get_ex_data to prevent potential NULL dereference [40]
- o openssl: check the return value of BIO_new_mem_buf() [18]
- o openssl: fix `ctx_option_t` for OpenSSL v3+
- o openssl: fix build for version < 1.1.0 [134]
- o openssl: return error if TLS 1.3 is requested when not supported [45]
- o os400: Add function wrapper for system command [138]
- o os400: Add link to QADRT devkit to README.OS400 [137]
- o os400: Default build to target current release [139]
- o OS400: fix typos in rpg include file [149]
- o projects: add support for Visual Studio 17 (2022) [124]
- o projects: fix Visual Studio wolfSSL configurations
- o projects: remove support for MSVC before VC10 (Visual Studio 2010) [123]
- o quiche: after leaving h3_recving state, poll again [108]
- o quiche: change qlog file extension to `.sqlog` [44]
- o quiche: fix upload for bigger content-length [146]
- o quiche: handle stream reset [83]
- o quiche: remove two leftover debug infof() outputs
- o quiche: verify the server cert on connect [33]
- o quiche: when *recv_body() returns data, drain it before polling again [109]
- o README.md: fix links [118]
- o remote-header-name.d: clarify [10]
- o runtests.pl: disable debuginfod [51]
- o runtests.pl: properly print the test if it contains binary zeros
- o runtests.pl: support the nonewline attribute for the data part [21]
- o runtests.pl: tolerate test directories without Makefile.inc [98]
- o runtests: allow client/file to specify multiple directories
- o runtests: make 'rustls' a testable feature
- o runtests: make 'wolfssl' a testable feature [6]
- o runtests: set 'oldlibssh' for libssh versions before 0.9.5 [122]
- o rustls: add CURLOPT_CAINFO_BLOB support [26]
- o schannel: move the algIds array out of schannel.h [135]
- o scripts/cijobs.pl: output data about all currect CI jobs [78]
- o scripts/completion.pl: improve zsh completion [46]
- o scripts/copyright.pl: support many provided file names on the cmdline
- o scripts/delta: check the file delta for current branch
- o sectransp: mark a 3DES cipher as weak [130]
- o setopt: do bounds-check before strdup [99]
- o setopt: fix the TLSAUTH #ifdefs for proxy-disabled builds [53]
- o sha256: Fix minimum OpenSSL version [102]
- o smb: pass socket for writing and reading data instead of FIRSTSOCKET [90]
- o ssl: reduce allocated space for ssl backend when FTP is disabled [127]
- o test3021: disable all msys2 path transformation
- o test374: gif data without new line at the end [20]
- o tests/disable-scan.pl: properly detect multiple symbols per line [94]
- o tests/unit/Makefile.am: add NSS_LIBS to build with NSS fine [85]
- o tool_findfile: check ~/.config/curlrc too [17]
- o tool_getparam: DNS options that need c-ares now fail without it [31]
- o TPF: drop support [97]
- o unit1610: init SSL library before calling SHA256 functions [152]
- o url: exclude zonefrom_url when no ipv6 is available [103]
- o url: given a user in the URL, find pwd for that user in netrc [11]
- o url: keep trailing dot in host name [62]
- o url: make Curl_disconnect return void [48]
- o urlapi: handle "redirects" smarter [119]
- o urldata: CONN_IS_PROXIED replaces bits.proxy when proxy can be disabled [52]
- o urldata: remove conn->bits.user_passwd [105]
- o version_win32: fix warning for `CURL_WINDOWS_APP` [93]
- o vtls: fix socket check conditions [150]
- o vtls: pass on the right SNI name [61]
- o vxworks: drop support [65]
- o winbuild: add parameter WITH_SSH [120]
- o wolfssl: return CURLE_AGAIN for the SSL_ERROR_NONE case [106]
- o wolfssl: when SSL_read() returns zero, check the error [107]
- o write-out.d: Fix num_headers formatting
- o x509asn1: toggle off functions not needed for diff tls backends [91]
+ o CI: install Python package impacket to run SMB test 1451 [5]
+ o connect: use TCP_KEEPALIVE only if TCP_KEEPIDLE is not defined [6]
+ o curl/system.h: update ifdef condition for MCST-LCC compiler [4]
+ o docs/HYPER.md: updated to reflect current hyper build needs
+ o GHA: build hyper with nightly rustc [7]
+ o ipv4/6.d: clarify that they are about using IP addresses [3]
+ o runtests: make 'oldlibssh' be before 0.9.4 [2]
 
 This release includes the following known bugs:
 
@@ -194,179 +27,15 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  1337vt on github, Alejandro R. Sedeño, Alessandro Ghedini, Antoine Pietri,
-  Bernhard Walle, Bjarni Ingi Gislason, Cameron Will, Charles Cazabon,
-  coralw on github, Dan Fandrich, Daniel Stenberg, Davide Cassioli,
-  Eric Musser, Fabian Keil, Fabian Yamaguchi, Farzin on github, Filip Lundgren,
-  gaoxingwang on github, Harry Sarson, Henrik Holst, Ikko Ashimine,
-  illusory-dream on github, Jan Ehrhardt, Jan-Piet Mens, Jan Venekamp,
-  Jean-Philippe Menil, jhoyla on github, Jim Beveridge, Joel Depooter,
-  John H. Ayad, jonny112 on github, Kantanat Wannapaka, Kevin Adler,
-  Kushal Das, Leah Neukirchen, Lucas Pardue, luminixinc on github,
-  Manfred Schwarb, Marcel Raad, Melroy van den Berg, Michael Kaufmann,
-  Michael Wallner, Michał Antoniak, Neal McBurnett, neutric on github,
-  Niels Martignène, Patrick Monnerat, pheiduck on github, Ray Satiro,
-  Rob Boeckermann, Ryan Schmidt, Samuel Henrique, Sandro Jaeckel,
-  Satadru Pramanik, Sebastian Sterk, siddharthchhabrap on github, Stav Nir,
-  Stefan Eissing, Stephen Boost, Stephen M. Coakley, Stewart Gebbie,
-  Tatsuhiro Tsujikawa, updatede on github, Viktor Szakats, vl409 on github,
-  Xiaoke Wang, 梦终无痕
-  (67 contributors)
+  Daniel Stenberg, Marc Hörsken, Michał Antoniak, Paul Howarth,
+  r-a-sattarov on github
+  (5 contributors)
 
 References to bug reports and discussions on issues:
 
- [1] = https://curl.se/bug/?i=8266
- [2] = https://curl.se/bug/?i=8228
- [3] = https://curl.se/bug/?i=8228
- [4] = https://curl.se/bug/?i=8228
- [5] = https://curl.se/bug/?i=8229
- [6] = https://curl.se/bug/?i=8252
- [7] = https://curl.se/bug/?i=8262
- [8] = https://curl.se/bug/?i=8251
- [9] = https://curl.se/bug/?i=8229
- [10] = https://curl.se/bug/?i=8249
- [11] = https://curl.se/bug/?i=8241
- [12] = https://curl.se/bug/?i=8238
- [13] = https://curl.se/bug/?i=8244
- [14] = https://curl.se/bug/?i=8245
- [15] = https://curl.se/bug/?i=8240
- [16] = https://curl.se/bug/?i=8152
- [17] = https://curl.se/bug/?i=8208
- [18] = https://curl.se/bug/?i=8233
- [19] = https://curl.se/bug/?i=8234
- [20] = https://curl.se/bug/?i=8239
- [21] = https://curl.se/bug/?i=8239
- [22] = https://curl.se/bug/?i=7964
- [23] = https://curl.se/bug/?i=8188
- [24] = https://curl.se/bug/?i=8170
- [25] = https://curl.se/bug/?i=8254
- [26] = https://curl.se/bug/?i=8255
- [27] = https://curl.se/bug/?i=8286
- [28] = https://curl.se/bug/?i=8282
- [29] = https://curl.se/bug/?i=8287
- [30] = https://curl.se/bug/?i=8288
- [31] = https://curl.se/bug/?i=8285
- [32] = https://curl.se/bug/?i=8278
- [33] = https://curl.se/bug/?i=8173
- [34] = https://curl.se/bug/?i=8281
- [35] = https://curl.se/bug/?i=8279
- [36] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43515
- [37] = https://hackerone.com/reports/1444539
- [38] = https://curl.se/bug/?i=8321
- [39] = https://curl.se/bug/?i=8322
- [40] = https://curl.se/bug/?i=8268
- [41] = https://curl.se/bug/?i=8317
- [42] = https://curl.se/bug/?i=8315
- [43] = https://curl.se/bug/?i=8292
- [44] = https://curl.se/bug/?i=8316
- [45] = https://curl.se/bug/?i=8309
- [46] = https://curl.se/bug/?i=8363
- [47] = https://curl.se/bug/?i=8307
- [48] = https://curl.se/bug/?i=8303
- [49] = https://curl.se/bug/?i=8235
- [50] = https://curl.se/bug/?i=8299
- [51] = https://curl.se/bug/?i=8291
- [52] = https://curl.se/bug/?i=8350
- [53] = https://curl.se/bug/?i=8350
- [54] = https://curl.se/bug/?i=8276
- [55] = https://curl.se/bug/?i=8341
- [56] = https://curl.se/bug/?i=8343
- [57] = https://curl.se/bug/?i=8344
- [58] = https://curl.se/bug/?i=8340
- [59] = https://curl.se/bug/?i=8338
- [60] = https://curl.se/bug/?i=8334
- [61] = https://curl.se/bug/?i=8320
- [62] = https://curl.se/bug/?i=8290
- [63] = https://curl.se/bug/?i=8372
- [64] = https://curl.se/bug/?i=8458
- [65] = https://curl.se/bug/?i=8362
- [66] = https://curl.se/bug/?i=8460
- [67] = https://curl.se/bug/?i=8314
- [68] = https://curl.se/bug/?i=8365
- [69] = https://curl.se/bug/?i=8368
- [70] = https://curl.se/bug/?i=8367
- [71] = https://curl.se/bug/?i=8364
- [72] = https://curl.se/bug/?i=8358
- [73] = https://curl.se/bug/?i=8359
- [74] = https://curl.se/bug/?i=8357
- [75] = https://curl.se/bug/?i=8357
- [76] = https://hackerone.com/reports/1463013
- [77] = https://curl.se/bug/?i=8354
- [78] = https://curl.se/bug/?i=8408
- [79] = https://curl.se/mail/lib-2022-02/0070.html
- [80] = https://curl.se/bug/?i=8430
- [81] = https://curl.se/bug/?i=8487
- [82] = https://curl.se/bug/?i=8397
- [83] = https://curl.se/bug/?i=8437
- [84] = https://curl.se/bug/?i=8396
- [85] = https://curl.se/bug/?i=8396
- [86] = https://curl.se/bug/?i=8394
- [87] = https://curl.se/bug/?i=8391
- [88] = https://curl.se/bug/?i=8381
- [89] = https://curl.se/bug/?i=8441
- [90] = https://curl.se/bug/?i=8383
- [91] = https://curl.se/bug/?i=8386
- [92] = https://curl.se/bug/?i=8428
- [93] = https://curl.se/bug/?i=8385
- [94] = https://curl.se/bug/?i=8384
- [95] = https://curl.se/bug/?i=8382
- [96] = https://curl.se/bug/?i=8378
- [97] = https://curl.se/bug/?i=8378
- [98] = https://curl.se/bug/?i=8379
- [99] = https://curl.se/bug/?i=8377
- [100] = https://curl.se/bug/?i=8376
- [101] = https://curl.se/bug/?i=8375
- [102] = https://curl.se/bug/?i=8464
- [103] = https://curl.se/bug/?i=8439
- [104] = https://curl.se/bug/?i=8439
- [105] = https://curl.se/bug/?i=8449
- [106] = https://curl.se/bug/?i=8431
- [107] = https://curl.se/bug/?i=8431
- [108] = https://curl.se/bug/?i=8436
- [109] = https://curl.se/bug/?i=8429
- [110] = https://curl.se/bug/?i=8425
- [111] = https://curl.se/bug/?i=8454
- [112] = https://curl.se/bug/?i=8454
- [113] = https://curl.se/bug/?i=8454
- [114] = https://curl.se/bug/?i=8395
- [115] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43646
- [116] = https://curl.se/bug/?i=8404
- [117] = https://curl.se/bug/?i=8453
- [118] = https://curl.se/bug/?i=8448
- [119] = https://curl.se/bug/?i=8450
- [120] = https://curl.se/bug/?i=8514
- [121] = https://curl.se/bug/?i=8444
- [122] = https://curl.se/bug/?i=8444
- [123] = https://curl.se/bug/?i=8442
- [124] = https://curl.se/bug/?i=8438
- [125] = https://curl.se/bug/?i=8472
- [126] = https://curl.se/bug/?i=8480
- [127] = https://curl.se/bug/?i=8471
- [128] = https://curl.se/bug/?i=8481
- [129] = https://curl.se/bug/?i=8482
- [130] = https://curl.se/bug/?i=8479
- [131] = https://curl.se/bug/?i=8476
- [132] = https://curl.se/bug/?i=8475
- [133] = https://curl.se/bug/?i=8474
- [134] = https://curl.se/bug/?i=8470
- [135] = https://curl.se/bug/?i=8469
- [136] = https://curl.se/bug/?i=8289
- [137] = https://curl.se/bug/?i=8455
- [138] = https://curl.se/bug/?i=8455
- [139] = https://curl.se/bug/?i=8455
- [140] = https://curl.se/bug/?i=8512
- [141] = https://curl.se/bug/?i=8459
- [142] = https://curl.se/bug/?i=8513
- [143] = https://curl.se/bug/?i=7351
- [144] = https://curl.se/bug/?i=8505
- [145] = https://curl.se/bug/?i=8502
- [146] = https://curl.se/bug/?i=8421
- [147] = https://curl.se/bug/?i=8500
- [148] = https://curl.se/bug/?i=8529
- [149] = https://curl.se/bug/?i=8494
- [150] = https://curl.se/bug/?i=8493
- [151] = https://curl.se/bug/?i=8492
- [152] = https://curl.se/bug/?i=8538
- [153] = https://curl.se/bug/?i=8519
- [154] = https://curl.se/bug/?i=8511
- [156] = https://curl.se/mail/lib-2022-02/0131.html
+ [2] = https://curl.se/bug/?i=8548
+ [3] = https://curl.se/bug/?i=8543
+ [4] = https://curl.se/bug/?i=8546
+ [5] = https://curl.se/bug/?i=8544
+ [6] = https://curl.se/bug/?i=8539
+ [7] = https://curl.se/bug/?i=8545
diff --git a/include/curl/curlver.h b/include/curl/curlver.h
index 8321fb8cc1..64313327e3 100644
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -30,13 +30,13 @@
 
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "7.82.0-DEV"
+#define LIBCURL_VERSION "7.82.1-DEV"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 7
 #define LIBCURL_VERSION_MINOR 82
-#define LIBCURL_VERSION_PATCH 0
+#define LIBCURL_VERSION_PATCH 1
 
 /* This is the numeric version of the libcurl version number, meant for easier
    parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will
@@ -57,7 +57,7 @@
    CURL_VERSION_BITS() macro since curl's own configure script greps for it
    and needs it to contain the full number.
 */
-#define LIBCURL_VERSION_NUM 0x075200
+#define LIBCURL_VERSION_NUM 0x075201
 
 /*
  * This is the date and time when the full source package was created. The