From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 28 May 2025 12:55:59 +0000 (+0200)
Subject: RELEASE-NOTES: synced
X-Git-Tag: curl-8_14_1~43
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=46733c585b76018eca4f8dc22083be73623e1532;p=thirdparty%2Fcurl.git

RELEASE-NOTES: synced

Bumped to 8.14.1
---

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 832e4a63e9..403b523f56 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,6 +1,6 @@
-curl and libcurl 8.14.0
+curl and libcurl 8.14.1
 
- Public curl releases:         267
+ Public curl releases:         268
  Command line options:         269
  curl_easy_setopt() options:   308
  Public functions in libcurl:  96
@@ -8,244 +8,13 @@ curl and libcurl 8.14.0
 
 This release includes the following changes:
 
- o mqtt: send ping at upkeep interval [49]
- o schannel: handle pkcs12 client certificates containing CA certificates [58]
- o TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs [113]
- o vquic: ngtcp2 + openssl support [96]
- o wcurl: import v2025.04.20 script + docs [97]
- o websocket: add option to disable auto-pong reply [52]
 
 This release includes the following bugfixes:
 
- o _SEEALSO.md: remove spaces around command and man page section [166]
- o asny-thrdd: fix detach from running thread [191]
- o asnyc-thrdd: explain how this is okay with a comment [200]
- o asyn resolver code improvements [50]
- o async-threaded resolver: use ref counter [10]
- o async: DoH improvements [99]
- o autotools: detect `wolfSSL_set_quic_use_legacy_code` like cmake does [104]
- o autotools: install shell completion files on cross build [119]
- o aws-sigv4: allow a blank string [86]
- o build: check required rustls-ffi version [46]
- o build: enable gcc-12/13+, clang-10+ picky warnings [147]
- o build: enable gcc-15 picky warnings [133]
- o certs: drop unused `default_bits` from `.prm` files [45]
- o cf-https-connect: use the passed in dns struct pointer [64]
- o cf-socket: fix FTP accept connect [153]
- o cfilters: remove assert [120]
- o cmake/FindNGTCP2: simplify multi-pkg-config detection [27]
- o cmake: append picky warnings to `CMAKE_REQUIRED_FLAGS` as string [68]
- o cmake: avoid 'target is imported but not globally visible' when consuming libcurl with old cmake [125]
- o cmake: do not install `mk-ca-bundle` script and manpage [101]
- o cmake: enable `-Wall` for MSVC when `PICKY_COMPILER=ON` [100]
- o cmake: extend integration tests [139]
- o cmake: fix `fish` install directory detection via `pkg-config` [123]
- o cmake: fix nghttp3 static linking with `USE_OPENSSL_QUIC=ON` [79]
- o cmake: fix option() and mark_as_advanced() mixed order [111]
- o cmake: fix shell completion install when just one flavor is enabled [73]
- o cmake: honor individual picky option overrides found in `CMAKE_C_FLAGS` [146]
- o cmake: install shell completions for cross-builds [112]
- o cmake: link `crypt32` for OpenSSL feature detection [105]
- o cmake: merge `CURL_WERROR` logic into `PickyWarnings.cmake` [66]
- o cmake: prefer `COMPILE_OPTIONS` over `CMAKE_C_FLAGS` for custom C options [72]
- o cmake: quotes, whitespace, use `VERSION_GREATER_EQUAL` [33]
- o cmake: revert `CURL_LTO` behavior for multi-config generators [74]
- o cmake: set `BUILDING_LIBCURL` directly for unit test targets [174]
- o cmake: stop deleting `-W<n>` from `CMAKE_C_FLAGS` (MSVC) [155]
- o cmake: tidy up and document feature detections in dependencies [107]
- o cmake: use `CMAKE_COMPILE_WARNING_AS_ERROR` if available [154]
- o cmake: use `INCLUDE_DIRECTORIES` prop to specify local header dirs [47]
- o cmake: use `LIB_NAME` in `curl-config.cmake.in` [148]
- o cmake: use absolute paths for completion targets [40]
- o cmake: use the `LINK_OPTIONS` property with CMake 3.13+ [78]
- o configure: catch asking for double resolver without https-rr [82]
- o configure: fix --disable-rt [20]
- o configure: restore link checks [25]
- o configure: suppress command not found for brew [235]
- o conncache: make Curl_cpool_init return void [15]
- o connect: shutdown timer fix [132]
- o content_encoding: Transfer-Encoding parser improvements [31]
- o CONTRIBUTE: add project guidelines for AI use [76]
- o contrithanks.sh: drop set -e [6]
- o cpool/cshutdown: force close connections under pressure [80]
- o curl: fix memory leak when -h is used in config file [161]
- o curl: only warn once for --manual in manual-disabled build [205]
- o curl_get_line: handle lines ending on the buffer boundary [62]
- o curl_krb5: only use functions if FTP is still enabled [21]
- o curl_multibyte: fixup low-level calls, include in unity builds [55]
- o curl_osslq: remove a leftover debug fprintf() call [140]
- o curl_url_get.md: don't call it normalized [212]
- o curl_version_info.md: clarify ssl_version for MultiSSL [145]
- o CURLMOPT_TIMERFUNCTION.md: correct the example [162]
- o CURLOPT_ERRORBUFFER.md: buffer is read only after curl takes ownership [93]
- o CURLOPT_FOLLOWLOCATION.md: switch to GET => no body [208]
- o CURLOPT_READFUNCTION.md: mention the seek callback [209]
- o CURLOPT_XFERINFOFUNCTION.md: fix the callback return type in example [122]
- o curlx: move the docs to docs/internals/ [184]
- o DEPRECATE.md: drop support for VS2008 [214]
- o DEPRECATE.md: drop Windows CE support [216]
- o dist: drop duplicate entry from `CMAKE_DIST` [88]
- o dns_entry: move from conn to data->state [178]
- o Dockerfile: update debian:bookworm-slim Docker digest to 90522ee [211]
- o docs/INSTALL.md: drop reference to removed configure option [83]
- o docs/libcurl: fix type and prototype problems in examples [121]
- o docs/libcurl: make examples build with picky compiler options [84]
- o docs/libcurl: mention sensitive data/headers [206]
- o docs: add missing return statement in examples [85]
- o docs: fix incorrect shell substitution in docker run example command [51]
- o docs: fix typo in retry.md [192]
- o docs: update distros links
- o doh: httpsrr fix [71]
- o doh: make sure CURLOPT_PROTOCOLS is set a with a "long" arg [124]
- o doh: reduce the DNS request buffer size [70]
- o easy_reset: fix dohfor_mid member [63]
- o ECH: reference the OpenSSL ECH feature branch [186]
- o etag-save.md: mention how using both options is a good idea [108]
- o eventfd: fix feature guards [24]
- o formdata: cleanups [219]
- o ftp: fix bug in failed init [179]
- o ftp: fix race in upload handling [207]
- o ftplistparser: add two overflow preventions [173]
- o ftplistparser: split up into more functions [215]
- o generate.bat: exclude curlinfo.c from legacy VS projects [175]
- o genserv.pl: fail with a message if `openssl` is missing or failing [14]
- o headers: enforce a max number of response header to accept [163]
- o headers: set an error message on illegal response headers [181]
- o hostip: fix build without threaded-resolver and without DoH [17]
- o hostip: show the correct name on proxy resolve error [37]
- o http2: fix stream window size after unpausing [34]
- o HTTP3.md: fix incorrect variable placeholders [30]
- o http: fix a build error when all auths are disabled [16]
- o http: fix HTTP/2 handling of TE request header using "trailers" [130]
- o http: in alt-svc negotiation only allow supported HTTP versions [59]
- o http_aws_sigv4: add additional verbose log statements [39]
- o http_aws_sigv4: improve sigv4 url encoding and canonicalization [240]
- o http_chunks: narrow variable scope for 'trlen' [199]
- o http_negotiate: fix non-SSL build with GSSAPI [23]
- o https-connect: fix httpsrr target check [36]
- o HTTPSRR.md: clarify somewhat [137]
- o if2ip: build the function also if FTP is present [19]
- o imap: remove redundant condition [196]
- o INSTALL-CMAKE.md: fix typo
- o INSTALL.md: update the minimal libcurl size example
- o KNOWN_BUGS: fix link in sivg4 issue 16.3 [26]
- o lib/src/docs/test: improve curl_easy_setopt() calls [116]
- o lib1560: use hex notation, drop non-ASCII exception [182]
- o lib3026: drop DLL pre-load perf mitigation for old mingw [222]
- o lib: add const to clientwriter tables
- o lib: drop curlx_getpid, use fake pid in SMB [172]
- o lib: include files using known path [48]
- o lib: make Curl_easyopts const [44]
- o lib: unify conversions to/from hex [3]
- o libcurl-tutorial.md: fix read callback explanation [118]
- o libssh: add NULL check for Curl_meta_get() [201]
- o libssh: fix memory leak [168]
- o libssh: remove a condition that always equals false [202]
- o libtest/first: stop defining MEMDEBUG_NODEFINES [32]
- o libtests: define CURL_DISABLE_DEPRECATION first [177]
- o make: clean tests better [60]
- o mbedtls: TLS 1.3 is max when mbedtls has 1.3 support [109]
- o metahash: add asserts to help analyzers [171]
- o mk-ca-bundle.pl: follow redirects [53]
- o mk-ca-bundle: switch URLs to GitHub versions [195]
- o mkhelp: fix to not generate a line-ending space in some cases [103]
- o mqtt: use conn/easy meta hash [141]
- o multi: do transfer book keeping using mid [91]
- o multi: init_do(): check result [114]
- o netrc: avoid NULL deref on weird input [167]
- o netrc: avoid strdup NULL [198]
- o netrc: deal with null token better [150]
- o ngtcp2: clarify ignoring of result [131]
- o openssl-quic: avoid potential `-Wnull-dereference`, add assert [126]
- o openssl-quic: fix printf mask [102]
- o openssl-quic: fix shutdown when stream not open [11]
- o openssl: enable builds for *both* engines and providers [115]
- o openssl: set the cipher string before doing private cert [138]
- o parsedate: provide Curl_wkday also for GnuTLS builds [13]
- o processhelp.pm: always call `taskkill` with `-f` (force) [69]
- o processhelp.pm: avoid potential endless loop, log more (Windows) [5]
- o progress: avoid integer overflow when gathering total transfer size [128]
- o pytest tls: extend coverage [217]
- o pytest-xdist: pytest in parallel [204]
- o pytest: add pinnedpubkey test cases [232]
- o pytest: give parameterised tests better ids for read- and parsability [142]
- o pytest: make test_07_22 more lenient to exit codes [90]
- o quic: no local idle connection timeout, ngtcp2 keep-alive [61]
- o rand: update comment on Curl_rand_bytes weak random [35]
- o RELEASE-PROCEDURE.md: release candidate git tagging explained [143]
- o rtsp: remove redundant condition [197]
- o runtests: add retry option to reduce flakiness [106]
- o runtests: fix indentation
- o runtests: recognize lowercase `windows` in `curl -V` [77]
- o runtests: remove server verification after start [89]
- o runtests: split `SSH_PWD` into `SCP_PWD` and `SFTP_PWD`, and more [75]
- o rustls: make max size of cert and key reasonable [41]
- o sasl: give help when unable to select AUTH [213]
- o scripts: completion.pl: sort the completion file for all shells [9]
- o scripts: drop unused import, formatting [95]
- o scripts: fix --opts-dir help in completion.pl
- o scripts: fix perl indentation, whitespace, semicolons [127]
- o sectransp: fix building for macOS Sierra and older [151]
- o setopt: provide info for CURLE_BAD_FUNCTION_ARGUMENT [180]
- o smb: avoid integer overflow on weird input date [129]
- o socket: use accept4 when available [7]
- o socketpair: support pipe2 where available [56]
- o spacecheck.pl: check for non-ASCII chars, fix fallouts [187]
- o spacecheck.pl: verify `tests/data/test*` for non-ASCII chars [189]
- o src: drop strcase.[ch] from tool builds [157]
- o src: include memdebug.h consistently with angle brackets <> [160]
- o src: rename curlx_safefree to tool_safefree [164]
- o test1173.pl: whitelist some option-looking names that aren't options [203]
- o test1658: add unit test for the HTTPS RR decoder [28]
- o test: make unittest 1308 into a libtest [4]
- o tests/ech_tests.sh: sync shebang with rest of bash scripts [42]
- o tests/FILEFORMAT.md: clarify %hex[] formatting [188]
- o tests/FILEFORMAT.md: document the aws feature [156]
- o tests/README.md: document --test-duphandle [8]
- o tests/README.md: list the openssl tool among the prerequisites [12]
- o tests/server/dnsd: basic DNS server for test suite [92]
- o tests/server: check for `stream != NULL` in mqttd [194]
- o tests/server: fix typo in comment
- o tests/server: stop using libcurl string comparisons [185]
- o tests/server: stop using libcurl's printf functions [190]
- o tests/serverhelp: remove last remnants of http-pipe server [1]
- o tests/tunit: make a separate directory for tool-based unit tests [54]
- o tests: add aws feature to the related tests [159]
- o tests: Add https-mtls server to force client auth [57]
- o tests: fix some test tag mismatches
- o tests: mark ipfs tests to require ipfs [2]
- o tests: move a boolean variable out of the path section
- o tests: prefer `--insecure` over `-k` [43]
- o tests: provide all non-ascii data hex encoded [183]
- o tests: remove some unused test case sections
- o tests: require IPv6 for 1265, 1324, 2086 [87]
- o tests: separate tunit tests from unit tests more [176]
- o tests: stop using libcurl's strdup [170]
- o tests: unify test case keywords
- o tests: use a more portable null device path [38]
- o TODO: remove "nicer lacking perl message" [117]
- o tool_cb_write.c: handle EINTR on flush [65]
- o tool_getparam: clear argument only when needed [98]
- o tool_operate: make retrycheck() a separate function [218]
- o tool_operate: when retrying, only truncate regular files [165]
- o tool_paramhlp: avoid integer overflow in secs2ms() [152]
- o tool_parsecfg: make get_line handle lines ending on the buffer boundary [81]
- o typecheck-gcc.h: fix the typechecks [110]
- o urlapi: redirecting to "" is considered fine [149]
- o urlapi: remove unneeded guards around PUNY2IDN [193]
- o urldata: remove the unused struct field 'hide_progress' [220]
- o VERSIONS: list all past releases [22]
- o vquic: consistent name for the stream struct across backends [135]
- o vquic: init for every call to recvmsg [134]
- o vtls: avoid NULL deref on bad PEM input [169]
- o vtls: fix build with ssl but without http [18]
- o VULN-DISCLOSURE-POLICY: use of weak algos [94]
- o winbuild: add the deprecation warning to the README [29]
- o winbuild: curl_get_line is not used for tool builds [158]
- o windows: fix builds targeting WinXP, test it in CI [227]
- o wolfssl: fix to enable ALPN when available [67]
- o ws: fix the header replace check [144]
- o ws: store protocol context as connection meta data [136]
+ o http: fail early when rewind of input failed when following redirects [2]
+ o multi: fix add_handle resizing [3]
+ o tool_getparam: refactored, simplified [4]
+ o BUG-BOUNTY.md. mention the medium bounty amount in 2025 [5]
 
 This release includes the following known bugs:
 
@@ -268,253 +37,10 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Abhinav Singhal, Aditya Garg, Alberto Leiva Popper, Andreas Westin,
-  Andrei Florea, Andrew Kirillov, Andy Pan, antypanty on hackerone,
-  Arian van Putten, bo0tzz on github, Bo Anderson, Brendan Dolan-Gavitt,
-  Brian Chrzanowski, bruce.yoon, bsr13 on hackerone, calvin2021y on github,
-  Calvin Ruocco, Carlos Henrique Lima Melara, Christian Schmitz,
-  Christoph Jabs, Cole Helbling, Corinna Brandt, Dagobert Michelsen,
-  Dan Fandrich, Daniel Engberg, Daniel Fosco, Daniel McCarney, Daniel Stenberg,
-  Demi Marie Obenour, dependabot[bot], Dirk Feytons, epicmkirzinger on github,
-  Eric Knibbe, Fujii Hironori, gkarracer on github, Gordon Parke,
-  Graham Christensen, Harry Sintonen, Helmut Grohne, Hiroki Kurosawa,
-  Int64x86 on github, Jacob Mealey, Jake Yuesong Li, James Fuller,
-  Jean-Christophe Amiel, Jeroen Ooms, Jimmy Sjölund, Jixinqi,
-  Jochen Sprickerhof, Joe Cise, JoelAtWisetech on github, Joel Depooter,
-  Johan Eliasson, John Bampton, John Haugabook, Jonathan Rosa, Kai Pastor,
-  kkalganov on github, Maksim Ściepanienka, Manuel Strehl, Marius Kleidl,
-  Mathieu Garaud, Matt Jolly, Max Eliaser, mschroeder-fzj on github, NeimadTL,
-  Niall O'Reilly, Nigel Brittain, Nils Goroll, Pavel Kropachev, PleaseJustDont,
-  Rasmus Melchior Jacobsen, Ray Satiro, renovate[bot], Samuel Henrique,
-  Sarah Gooding, sbernatsky on github, Sergey, Sören Tempel, Stefan Eissing,
-  Stephen Farrell, Tal Regev, Thomas Klausner, Tomas Volf, Travis Lane,
-  Viktor Szakats, wolfsage on hackerone, x1sc0 on github, xiadnoring on github,
-  Yedaya Katsman, zopsicle on github
-  (91 contributors)
 
 References to bug reports and discussions on issues:
 
- [1] = https://curl.se/bug/?i=16924
- [2] = https://curl.se/bug/?i=16947
- [3] = https://curl.se/bug/?i=16888
- [4] = https://curl.se/bug/?i=16891
- [5] = https://curl.se/bug/?i=16908
- [6] = https://curl.se/bug/?i=16914
- [7] = https://curl.se/bug/?i=16979
- [8] = https://curl.se/bug/?i=16944
- [9] = https://curl.se/bug/?i=16985
- [10] = https://curl.se/bug/?i=16916
- [11] = https://curl.se/bug/?i=16998
- [12] = https://curl.se/bug/?i=16942
- [13] = https://curl.se/bug/?i=16943
- [14] = https://curl.se/bug/?i=16926
- [15] = https://curl.se/bug/?i=16936
- [16] = https://curl.se/bug/?i=16939
- [17] = https://curl.se/bug/?i=16938
- [18] = https://curl.se/bug/?i=16935
- [19] = https://curl.se/bug/?i=16933
- [20] = https://curl.se/bug/?i=16932
- [21] = https://curl.se/bug/?i=16925
- [22] = https://curl.se/bug/?i=16907
- [23] = https://curl.se/bug/?i=16919
- [24] = https://curl.se/mail/lib-2025-04/0000.html
- [25] = https://curl.se/mail/lib-2025-04/0004.html
- [26] = https://curl.se/bug/?i=17007
- [27] = https://curl.se/bug/?i=16980
- [28] = https://curl.se/bug/?i=16972
- [29] = https://curl.se/bug/?i=16957
- [30] = https://curl.se/bug/?i=17008
- [31] = https://curl.se/bug/?i=16956
- [32] = https://curl.se/bug/?i=16978
- [33] = https://curl.se/bug/?i=17002
- [34] = https://curl.se/bug/?i=16955
- [35] = https://curl.se/bug/?i=16965
- [36] = https://curl.se/bug/?i=16966
- [37] = https://curl.se/bug/?i=16958
- [38] = https://curl.se/bug/?i=16929
- [39] = https://curl.se/bug/?i=16952
- [40] = https://curl.se/bug/?i=16946
- [41] = https://curl.se/bug/?i=16951
- [42] = https://curl.se/bug/?i=17001
- [43] = https://curl.se/bug/?i=16878
- [44] = https://curl.se/bug/?i=16950
- [45] = https://curl.se/bug/?i=16999
- [46] = https://curl.se/bug/?i=16922
- [47] = https://curl.se/bug/?i=16993
- [48] = https://curl.se/bug/?i=16991
- [49] = https://curl.se/bug/?i=16975
- [50] = https://curl.se/bug/?i=16963
- [51] = https://curl.se/bug/?i=16990
- [52] = https://curl.se/bug/?i=16744
- [53] = https://curl.se/bug/?i=16995
- [54] = https://curl.se/bug/?i=16983
- [55] = https://curl.se/bug/?i=16742
- [56] = https://curl.se/bug/?i=16987
- [57] = https://curl.se/bug/?i=16923
- [58] = https://curl.se/bug/?i=16825
- [59] = https://curl.se/bug/?i=17037
- [60] = https://curl.se/bug/?i=16986
- [61] = https://curl.se/bug/?i=17057
- [62] = https://curl.se/bug/?i=17036
- [63] = https://curl.se/bug/?i=17052
- [64] = https://curl.se/bug/?i=17092
- [65] = https://curl.se/bug/?i=17061
- [66] = https://curl.se/bug/?i=17062
- [67] = https://curl.se/bug/?i=17056
- [68] = https://curl.se/bug/?i=17055
- [69] = https://curl.se/bug/?i=17054
- [70] = https://curl.se/bug/?i=17087
- [71] = https://curl.se/bug/?i=17099
- [72] = https://curl.se/bug/?i=17047
- [73] = https://curl.se/bug/?i=16946
- [74] = https://curl.se/bug/?i=17042
- [75] = https://curl.se/bug/?i=17041
- [76] = https://curl.se/bug/?i=17325
- [77] = https://curl.se/bug/?i=17088
- [78] = https://curl.se/bug/?i=17039
- [79] = https://curl.se/bug/?i=17010
- [80] = https://curl.se/bug/?i=17020
- [81] = https://curl.se/bug/?i=17030
- [82] = https://curl.se/bug/?i=17025
- [83] = https://curl.se/bug/?i=17023
- [84] = https://curl.se/bug/?i=17028
- [85] = https://curl.se/bug/?i=17024
- [86] = https://curl.se/bug/?i=17176
- [87] = https://curl.se/bug/?i=17014
- [88] = https://curl.se/bug/?i=17012
- [89] = https://curl.se/bug/?i=17005
- [90] = https://curl.se/bug/?i=17083
- [91] = https://curl.se/bug/?i=16761
- [92] = https://curl.se/bug/?i=17015
- [93] = https://curl.se/bug/?i=17105
- [94] = https://curl.se/bug/?i=17220
- [95] = https://curl.se/bug/?i=17077
- [96] = https://curl.se/bug/?i=17027
- [97] = https://curl.se/bug/?i=17035
- [98] = https://curl.se/bug/?i=17112
- [99] = https://curl.se/bug/?i=16384
- [100] = https://curl.se/bug/?i=17050
- [101] = https://curl.se/bug/?i=17035
- [102] = https://curl.se/bug/?i=17106
- [103] = https://curl.se/bug/?i=17240
- [104] = https://curl.se/bug/?i=17172
- [105] = https://curl.se/bug/?i=17101
- [106] = https://curl.se/bug/?i=17091
- [107] = https://curl.se/bug/?i=17082
- [108] = https://curl.se/bug/?i=17217
- [109] = https://curl.se/bug/?i=17048
- [110] = https://curl.se/bug/?i=17143
- [111] = https://curl.se/bug/?i=17163
- [112] = https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103938
- [113] = https://curl.se/bug/?i=12982
- [114] = https://curl.se/bug/?i=17139
- [115] = https://curl.se/bug/?i=17165
- [116] = https://curl.se/bug/?i=17160
- [117] = https://curl.se/bug/?i=17233
- [118] = https://curl.se/bug/?i=17138
- [119] = https://curl.se/bug/?i=17159
- [120] = https://curl.se/bug/?i=17211
- [121] = https://curl.se/bug/?i=17231
- [122] = https://curl.se/bug/?i=17228
- [123] = https://curl.se/bug/?i=17147
- [124] = https://curl.se/bug/?i=17142
- [125] = https://curl.se/bug/?i=17140
- [126] = https://curl.se/bug/?i=17107
- [127] = https://curl.se/bug/?i=17209
- [128] = https://curl.se/bug/?i=17207
- [129] = https://curl.se/bug/?i=17206
- [130] = https://curl.se/bug/?i=17122
- [131] = https://curl.se/bug/?i=17354
- [132] = https://curl.se/bug/?i=17130
- [133] = https://curl.se/bug/?i=17199
- [134] = https://curl.se/bug/?i=17120
- [135] = https://curl.se/bug/?i=17113
- [136] = https://curl.se/bug/?i=17146
- [137] = https://curl.se/bug/?i=17204
- [138] = https://curl.se/bug/?i=17227
- [139] = https://curl.se/bug/?i=17203
- [140] = https://curl.se/bug/?i=17198
- [141] = https://curl.se/bug/?i=17221
- [142] = https://curl.se/bug/?i=17340
- [143] = https://curl.se/bug/?i=17177
- [144] = https://curl.se/bug/?i=17170
- [145] = https://curl.se/bug/?i=17308
- [146] = https://curl.se/bug/?i=17197
- [147] = https://curl.se/bug/?i=17196
- [148] = https://curl.se/bug/?i=17195
- [149] = https://curl.se/bug/?i=17188
- [150] = https://curl.se/bug/?i=17351
- [151] = https://curl.se/bug/?i=16581
- [152] = https://curl.se/bug/?i=17184
- [153] = https://curl.se/bug/?i=17186
- [154] = https://curl.se/bug/?i=17183
- [155] = https://curl.se/bug/?i=17179
- [156] = https://curl.se/bug/?i=17350
- [157] = https://curl.se/bug/?i=17289
- [158] = https://curl.se/bug/?i=17286
- [159] = https://curl.se/bug/?i=17347
- [160] = https://curl.se/bug/?i=17284
- [161] = https://curl.se/bug/?i=17306
- [162] = https://curl.se/bug/?i=17301
- [163] = https://curl.se/bug/?i=17281
- [164] = https://curl.se/bug/?i=17270
- [165] = https://curl.se/bug/?i=17371
- [166] = https://curl.se/bug/?i=17348
- [167] = https://curl.se/bug/?i=17275
- [168] = https://curl.se/bug/?i=17346
- [169] = https://curl.se/bug/?i=17274
- [170] = https://curl.se/bug/?i=17297
- [171] = https://curl.se/bug/?i=17268
- [172] = https://curl.se/bug/?i=17298
- [173] = https://curl.se/bug/?i=17397
- [174] = https://curl.se/bug/?i=17264
- [175] = https://curl.se/bug/?i=17263
- [176] = https://curl.se/bug/?i=17259
- [177] = https://curl.se/bug/?i=17373
- [178] = https://curl.se/bug/?i=17383
- [179] = https://curl.se/bug/?i=17258
- [180] = https://curl.se/bug/?i=17337
- [181] = https://curl.se/bug/?i=17330
- [182] = https://curl.se/bug/?i=17334
- [183] = https://curl.se/bug/?i=17331
- [184] = https://curl.se/bug/?i=17333
- [185] = https://curl.se/bug/?i=17328
- [186] = https://curl.se/bug/?i=17251
- [187] = https://curl.se/bug/?i=17247
- [188] = https://curl.se/bug/?i=17332
- [189] = https://curl.se/bug/?i=17329
- [190] = https://curl.se/bug/?i=17294
- [191] = https://curl.se/bug/?i=17256
- [192] = https://curl.se/bug/?i=17443
- [193] = https://curl.se/bug/?i=17364
- [194] = https://curl.se/bug/?i=17294
- [195] = https://curl.se/bug/?i=17321
- [196] = https://curl.se/bug/?i=17318
- [197] = https://curl.se/bug/?i=17317
- [198] = https://curl.se/bug/?i=17319
- [199] = https://curl.se/bug/?i=17316
- [200] = https://curl.se/bug/?i=17365
- [201] = https://curl.se/bug/?i=17359
- [202] = https://curl.se/bug/?i=17358
- [203] = https://curl.se/bug/?i=17361
- [204] = https://curl.se/bug/?i=17295
- [205] = https://curl.se/bug/?i=17441
- [206] = https://curl.se/bug/?i=17353
- [207] = https://curl.se/bug/?i=17394
- [208] = https://curl.se/bug/?i=17454
- [209] = https://curl.se/bug/?i=17455
- [211] = https://curl.se/bug/?i=17416
- [212] = https://curl.se/bug/?i=16829
- [213] = https://curl.se/bug/?i=17420
- [214] = https://curl.se/bug/?i=17380
- [215] = https://curl.se/bug/?i=17384
- [216] = https://curl.se/bug/?i=17379
- [217] = https://curl.se/bug/?i=17382
- [218] = https://curl.se/bug/?i=17381
- [219] = https://curl.se/bug/?i=17370
- [220] = https://curl.se/bug/?i=17430
- [222] = https://curl.se/bug/?i=17414
- [227] = https://curl.se/bug/?i=17415
- [232] = https://curl.se/bug/?i=17412
- [235] = https://curl.se/bug/?i=17407
- [240] = https://curl.se/bug/?i=17129
+ [2] = https://curl.se/bug/?i=17472
+ [3] = https://curl.se/bug/?i=17473
+ [4] = https://curl.se/bug/?i=17448
+ [5] = https://curl.se/bug/?i=17470
diff --git a/include/curl/curlver.h b/include/curl/curlver.h
index 5515d32e3c..38661a4440 100644
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -32,13 +32,13 @@
 
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "8.14.0-DEV"
+#define LIBCURL_VERSION "8.14.1-DEV"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 8
 #define LIBCURL_VERSION_MINOR 14
-#define LIBCURL_VERSION_PATCH 0
+#define LIBCURL_VERSION_PATCH 1
 
 /* This is the numeric version of the libcurl version number, meant for easier
    parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will
@@ -59,7 +59,7 @@
    CURL_VERSION_BITS() macro since curl's own configure script greps for it
    and needs it to contain the full number.
 */
-#define LIBCURL_VERSION_NUM 0x080e00
+#define LIBCURL_VERSION_NUM 0x080e01
 
 /*
  * This is the date and time when the full source package was created. The