Command line options: 272
curl_easy_setopt() options: 308
Public functions in libcurl: 98
- Contributors: 3510
+ Contributors: 3513
This release includes the following changes:
o krb5: drop support for Kerberos FTP [43]
o libssh2: up the minimum requirement to 1.9.0 [85]
o vssh: drop support for wolfSSH [58]
+ o wcurl: import v2025.09.27 [182]
o write-out: make %header{} able to output *all* occurrences of a header [25]
This release includes the following bugfixes:
o build: show llvm/clang in platform flags and `buildinfo.txt` [126]
o cf-h2-proxy: break loop on edge case [140]
o cf-ip-happy: mention unix domain path, not port number [161]
+ o cf-socket: tweak a memcpy() to read better [177]
o cf-socket: use the right byte order for ports in bindlocal [61]
o cfilter: unlink and discard [46]
o checksrc: catch banned functions when preceded by `(` [146]
o checksrc: fix possible endless loop when detecting `BANNEDFUNC` [149]
o cmake: add `CURL_CODE_COVERAGE` option [78]
o cmake: clang detection tidy-ups [116]
+ o cmake: drop exclamation in comment looking like a name [160]
o cmake: fix building docs when the base directory contains `.3` [18]
o cmake: use modern alternatives for `get_filename_component()` [102]
o cmake: use more `COMPILER_OPTIONS`, `LINK_OPTIONS` / `LINK_FLAGS` [152]
o cmdline-docs: extended, clarified, refreshed [28]
+ o cmdline-opts/_PROGRESS.md: explain the suffixes [154]
o configure: add "-mt" for pthread support on HP-UX [52]
o cookie: avoid saving a cookie file if no transfer was done [11]
o curl_easy_getinfo: error code on NULL arg [2]
o easy_getinfo: check magic, Curl_close safety [3]
o examples: fix two issues found by CodeQL [35]
o examples: fix two more cases of `stat()` TOCTOU [147]
+ o form.md: drop reference to MANUAL [178]
o ftp: fix ftp_do_more returning with *completep unset [122]
o ftp: fix port number range loop for PORT commands [66]
o gtls: avoid potential use of uninitialized variable in trace output [83]
o hostip: remove leftover INT_MAX check in Curl_dnscache_prune [88]
o http: handle user-defined connection headers [165]
o httpsrr: free old pointers when storing new [57]
+ o INTERNALS: drop Winsock 2.2 from the dependency list [162]
+ o INTERNALS: specify minimum version for Heimdal: 7.1.0 [158]
o ip-happy: do not set unnecessary timeout [95]
+ o ip-happy: prevent event-based stall on retry [155]
o krb5: return appropriate error on send failures [22]
o ldap: do not base64 encode zero length string [42]
+ o lib: fix build error and compiler warnings with verbose strings disabled [173]
+ o lib: remove personal names from comments [168]
o lib: upgrade/multiplex handling [136]
o libcurl-multi.md: added curl_multi_get_offt mention [53]
o libcurl-security.md: mention long-running connections [6]
o mbedtls: check result of setting ALPN [127]
o mbedtls: handle WANT_WRITE from mbedtls_ssl_read() [145]
o multi.h: add CURLMINFO_LASTENTRY [51]
+ o multi_ev: remove unnecessary data check that confuses analysers [167]
o ngtcp2: check error code on connect failure [13]
o ngtcp2: fix early return [131]
o openldap: avoid indexing the result at -1 for blank responses [44]
o openldap: check ldap_get_option() return codes [119]
o openssl-quic: check results better [132]
o openssl-quic: handle error in SSL_get_stream_read_error_code [129]
+ o openssl-quic: ignore unexpected streams opened by server [176]
o openssl: clear retry flag on x509 error [130]
o openssl: fail the transfer if ossl_certchain() fails [23]
o openssl: make the asn1_object_dump name null terminated [56]
o openssl: set io_need always [99]
o OS400: fix a use-after-free/double-free case [142]
+ o pytest: skip specific tests for no-verbose builds [171]
o quic: fix min TLS version handling [14]
o quic: ignore EMSGSIZE on receive [4]
o quiche: fix verbose message when ip quadruple cannot be obtained. [128]
o quiche: when ingress processing fails, return that error code [103]
+ o runtests: tag tests that require curl verbose strings [172]
o rustls: fix clang-tidy warning [107]
o rustls: fix comment describing cr_recv() [117]
o rustls: typecast variable for safer trace output [69]
o socks_sspi: restore non-blocking socket on error paths [48]
o ssl-sessions.md: mark option experimental [12]
o sws: fix checking `sscanf()` return value [17]
+ o tcp-nodelay.md: expand the documentation [153]
o telnet: make printsub require another byte input [21]
o telnet: refuse IAC codes in content [111]
o telnet: return error on crazy TTYPE or XDISPLOC lengths [123]
o tidy-up: avoid using the reserved macro namespace [76]
o tidy-up: update MS links, allow long URLs via `checksrc` [73]
o tidy-up: URLs [101]
+ o time-cond.md: refer to the singular curl_getdate man page [148]
o TODO: fix a typo [93]
o TODO: remove already implemented or bad items [36]
o tool: fix exponential retry delay [47]
o tool_cb_hdr: size is always 1 [70]
o tool_doswin: fix to use curl socket functions [108]
o tool_getparam/set_rate: skip the multiplication on overflow [84]
+ o tool_getparam: always disable "lib-ids" for tracing [169]
+ o tool_getparam: warn if provided header looks malformed [179]
o tool_operate: improve wording in retry message [37]
o tool_operate: keep the progress meter for --out-null [33]
o tool_progress: handle possible integer overflows [164]
+ o tool_progress: make max5data() use an algorithm [170]
o transfer: avoid busy loop with tiny speed limit [100]
o urldata: FILE is not a list-only protocol [9]
o vtls: alpn setting, check proto parameter [134]
o vtls_int.h: clarify data_pending [124]
+ o vtls_scache: fix race condition [157]
o windows: replace `_beginthreadex()` with `CreateThread()` [80]
o windows: stop passing unused, optional argument for Win9x compatibility [75]
o wolfssl: check BIO read parameters [133]
This release would not have looked like this without help, code, reports and
advice from friends like these:
- Adam Light, Andrew Kirillov, Andrew Olsen, BobodevMm on github,
- Christian Schmitz, Dan Fandrich, Daniel Stenberg, dependabot[bot],
- divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett,
+ Adam Light, Alice Lee Poetics, Andrew Kirillov, Andrew Olsen,
+ BobodevMm on github, Christian Schmitz, Dan Fandrich, Daniel Stenberg,
+ dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett,
Evgeny Grin (Karlson2k), fds242 on github, Howard Chu, Javier Blazquez,
Jicea, jmaggard10 on github, Johannes Schindelin, Joseph Birr-Pixton,
Joshua Rogers, kapsiR on github, kuchara on github, Marcel Raad,
Michael Osipov, MichaĆ Petryka, Mohamed Daahir, Nir Azkiel, Patrick Monnerat,
- Ray Satiro, renovate[bot], rinsuki on github, Samuel Dionne-Riel,
- Stanislav Fort, Stefan Eissing, Viktor Szakats
- (35 contributors)
+ Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github,
+ Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing,
+ Viktor Szakats
+ (38 contributors)
References to bug reports and discussions on issues:
[145] = https://curl.se/bug/?i=18682
[146] = https://curl.se/bug/?i=18779
[147] = https://curl.se/bug/?i=18778
+ [148] = https://curl.se/bug/?i=18816
[149] = https://curl.se/bug/?i=18775
[150] = https://curl.se/bug/?i=18510
[151] = https://curl.se/bug/?i=18774
[152] = https://curl.se/bug/?i=18762
+ [153] = https://curl.se/bug/?i=18811
+ [154] = https://curl.se/bug/?i=18817
+ [155] = https://curl.se/bug/?i=18815
+ [157] = https://curl.se/bug/?i=18806
+ [158] = https://curl.se/bug/?i=18809
+ [160] = https://curl.se/bug/?i=18810
[161] = https://curl.se/bug/?i=18749
+ [162] = https://curl.se/bug/?i=18808
[163] = https://curl.se/bug/?i=18747
[164] = https://curl.se/bug/?i=18744
[165] = https://curl.se/bug/?i=18662
+ [167] = https://curl.se/bug/?i=18804
+ [168] = https://curl.se/bug/?i=18803
+ [169] = https://curl.se/bug/?i=18805
+ [170] = https://curl.se/bug/?i=18807
+ [171] = https://curl.se/bug/?i=18801
+ [172] = https://curl.se/bug/?i=18800
+ [173] = https://curl.se/bug/?i=18799
+ [176] = https://curl.se/bug/?i=18780
+ [177] = https://curl.se/bug/?i=18787
+ [178] = https://curl.se/bug/?i=18790
+ [179] = https://curl.se/bug/?i=18793
+ [182] = https://curl.se/bug/?i=18754
projects / thirdparty / curl.git / commitdiff
