diff options
Diffstat (limited to 'RELEASE-NOTES')
-rw-r--r-- | RELEASE-NOTES | 452 |
1 files changed, 229 insertions, 223 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 363c7c947..a96762961 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,242 +1,248 @@ -curl and libcurl 7.72.0 +curl and libcurl 7.74.0 - Public curl releases: 194 - Command line options: 232 - curl_easy_setopt() options: 277 - Public functions in libcurl: 82 - Contributors: 2239 + Public curl releases: 196 + Command line options: 235 + curl_easy_setopt() options: 284 + Public functions in libcurl: 85 + Contributors: 2287 This release includes the following changes: - o content_encoding: add zstd decoding support [1] - o CURL_PUSH_ERROROUT: allow the push callback to fail the parent stream [31] - o CURLINFO_EFFECTIVE_METHOD: added [34] + o hsts: add experimental support for Strict-Transport-Security [37] This release includes the following bugfixes: - o CVE-2020-8231: libcurl: wrong connect-only connection [98] - o appveyor: collect libcurl.dll variants with prefix or suffix [38] - o asyn-ares: correct some bad comments [94] - o bearssl: fix build with disabled proxy support [16] - o buildconf: avoid array concatenation in die() [64] - o buildconf: retire ares buildconf invocation - o checksrc: ban gmtime/localtime [40] - o checksrc: invoke script with -D to find .checksrc proper [63] - o CI/azure: install libssh2 for use with msys2-based builds [67] - o CI/azure: unconditionally enable warnings-as-errors with autotools [19] - o CI/macos: enable warnings as errors for CMake builds [4] - o CI/macos: set minimum macOS version [56] - o CI/macos: unconditionally enable warnings-as-errors with autotools [21] - o CI: Add muse CI analyzer [79] - o cirrus-ci: upgrade 11-STABLE to 11.4 [2] - o CMake: don't complain about missing nroff [87] - o CMake: fix test for warning suppressions [17] - o cmake: fix windows xp build [13] - o configure.ac: Sort features name in summary [6] - o configure: allow disabling warnings [26] - o configure: cleanup wolfssl + pkg-config conflicts when cross compiling. [48] - o configure: show zstd "no" in summary when built without it [49] - o connect: remove redundant message about connect failure [66] - o curl-config: ignore REQUIRE_LIB_DEPS in --libs output [96] - o curl.1: add a few missing valid exit codes [76] - o curl: add %{method} to the -w variables - o curl: improve the existing file check with -J [43] - o curl_multi_setopt: fix compiler warning "result is always false" [42] - o curl_version_info.3: CURL_VERSION_KERBEROS4 is deprecated [9] - o CURLINFO_CERTINFO.3: fix typo [3] - o CURLOPT_NOBODY.3: clarify what setting to 0 means [46] - o docs: add date of 7.20 to CURLM_CALL_MULTI_PERFORM mentions [18] - o docs: Add video link to docs/CONTRIBUTE.md [95] - o docs: change "web site" to "website" [86] - o docs: clarify MAX_SEND/RECV_SPEED functionality [92] - o docs: Update a few leftover mentions of DarwinSSL [29] - o doh: remove redundant cast [20] - o file2memory: use a define instead of -1 unsigned value [30] - o ftp: don't do ssl_shutdown instead of ssl_close [85] - o ftpserver: don't verify SMTP MAIL FROM names [8] - o getinfo: reset retry-after value in initinfo [51] - o gnutls: repair the build with `CURL_DISABLE_PROXY` [5] - o gtls: survive not being able to get name/issuer [73] - o h2: repair trailer handling [81] - o http2: close the http2 connection when no more requests may be sent [7] - o http2: fix nghttp2_strerror -> nghttp2_http2_strerror in debug messages [11] - o libssh2: s/ssherr/sftperr/ [78] - o libtest/Makefile.am: add -no-undefined for libstubgss for Cygwin [91] - o md(4|5): don't use deprecated macOS functions [23] - o mprintf: Fix dollar string handling [54] - o mprintf: Fix stack overflows [53] - o multi: Condition 'extrawait' is always true [60] - o multi: Remove 10-year old out-commented code [97] - o multi: remove two checks always true [36] - o multi: update comment to say easyp list is linear [44] - o multi_remove_handle: close unused connect-only connections [62] - o ngtcp2: adapt to error code rename [69] - o ngtcp2: adjust to recent sockaddr updates [27] - o ngtcp2: update to modified qlog callback prototype [14] - o nss: fix build with disabled proxy support [32] - o ntlm: free target_info before (re-)malloc [55] - o openssl: fix build with LibreSSL < 2.9.1 [61] - o page-header: provide protocol details in the curl.1 man page [28] - o quiche: handle calling disconnect twice [50] - o runtests.pl: treat LibreSSL and BoringSSL as OpenSSL [59] - o runtests: move the gnutls-serv tests to a dynamic port [74] - o runtests: move the smbserver to use a dynamic port number [71] - o runtests: move the TELNET server to a dynamic port [68] - o runtests: run the DICT server on a random port number [90] - o runtests: run the http2 tests on a random port number [72] - o runtests: support dynamicly base64 encoded sections in tests [75] - o setopt: unset NOBODY switches to GET if still HEAD [47] - o smtp_parse_address: handle blank input string properly [89] - o socks: use size_t for size variable [39] - o strdup: remove the odd strlen check [24] - o test1119: verify stdout in the test [33] - o test1139: make it display the difference on test failures - o test1140: compare stdout [93] - o test1908: treat file as text [83] - o tests/FILEFORMAT.md: mention %HTTP2PORT - o tests/sshserver.pl: fix compatibility with OpenSSH for Windows - o TLS naming: fix more Winssl and Darwinssl leftovers [88] - o tls-max.d: this option is only for TLS-using connections [45] - o tlsv1.3.d. only for TLS-using connections [37] - o tool_doswin: Simplify Windows version detection [57] - o tool_getparam: make --krb option work again [10] - o TrackMemory tests: ignore realloc and free in getenv.c [84] - o transfer: fix data_pending for builds with both h2 and h3 enabled [41] - o transfer: fix memory-leak with CURLOPT_CURLU in a duped handle [15] - o transfer: move retrycount from connect struct to easy handle [77] - o travis/script.sh: fix use of `-n' with unquoted envvar [80] - o travis: add ppc64le and s390x builds [65] - o travis: update quiche builds for new boringssl layout [25] - o url: fix CURLU and location following [70] - o url: silence MSVC warning [12] - o util: silence conversion warnings [22] - o win32: Add Curl_verify_windows_version() to curlx [58] - o WIN32: stop forcing narrow-character API [52] - o windows: add unicode to feature list [35] - o windows: disable Unix Sockets for old mingw [82] + o CVE-2020-8286: Inferior OCSP verification [93] + o CVE-2020-8285: FTP wildcard stack overflow [95] + o CVE-2020-8284: trusting FTP PASV responses [97] + o acinclude: detect manually set minimum macos/ipod version [46] + o alt-svc: enable (in the build) by default [20] + o alt-svc: minimize variable scope and avoid "DEAD_STORE" [51] + o asyn: use 'struct thread_data *' instead of 'void *' [84] + o checksrc: warn on empty line before open brace [13] + o CI/appveyor: disable test 571 in two cmake builds [22] + o CI/azure: improve on flakiness by avoiding libtool wrappers [7] + o CI/tests: enable test target on TravisCI for CMake builds [38] + o CI/travis: add brotli and zstd to the libssh2 build [27] + o cirrus: build with FreeBSD 12.2 in CirrusCI [80] + o cmake: call the feature unixsockets without dash [26] + o cmake: check for linux/tcp.h [91] + o cmake: correctly handle linker flags for static libs [52] + o cmake: don't pass -fvisibility=hidden to clang-cl on Windows [53] + o cmake: don't use reserved target name 'test' [79] + o cmake: make BUILD_TESTING dependent option [30] + o cmake: make CURL_ZLIB a tri-state variable [70] + o cmake: set the unicode feature in curl-config on Windows [23] + o cmake: store IDN2 information in curl_config.h [25] + o cmake: use libcurl.rc in all Windows builds [69] + o configure: pass -pthread to Libs.private for pkg-config [50] + o configure: use pkgconfig to find openSSL when cross-compiling [28] + o connect: repair build without ipv6 availability [19] + o curl.1: add an "OUTPUT" section at the top of the manpage [32] + o curl.se: new home [59] + o curl: add compatibility for Amiga and GCC 6.5 [61] + o curl: only warn not fail, if not finding the home dir [15] + o curl_easy_escape: limit output string length to 3 * max input [55] + o Curl_pgrsStartNow: init speed limit time stamps at start [48] + o curl_setup: USE_RESOLVE_ON_IPS is for Apple native resolver use + o curl_url_set.3: fix typo in the RETURN VALUE section [3] + o CURLOPT_DNS_USE_GLOBAL_CACHE.3: fix typo [34] + o CURLOPT_HSTS.3: document the file format [82] + o CURLOPT_NOBODY.3: fix typo [6] + o CURLOPT_TCP_NODELAY.3: fix comment in example code [8] + o CURLOPT_URL.3: clarify SCP/SFTP URLs are for uploads as well + o docs: document the 8MB input string limit [57] + o docs: fix typos and markup in ETag manpage sections [87] + o docs: Fix various typos in documentation [58] + o examples/httpput: remove use of CURLOPT_PUT [39] + o FAQ: refreshed [56] + o file: avoid duplicated code sequence [77] + o ftp: retry getpeername for FTP with TCP_FASTOPEN [100] + o gnutls: fix memory leaks (certfields memory wasn't released) [41] + o header.d: mention the "Transfer-Encoding: chunked" handling [45] + o HISTORY: the new domain + o http3: fix two build errors, silence warnings [10] + o http3: use the master branch of GnuTLS for testing [88] + o http: pass correct header size to debug callback for chunked post [44] + o http_proxy: use enum with state names for 'keepon' [54] + o httpput-postfields.c: new example doing PUT with POSTFIELDS [35] + o infof/failf calls: fix format specifiers [78] + o libssh2: fix build with disabled proxy support [17] + o libssh2: fix transport over HTTPS proxy [31] + o libssh2: require version 1.0 or later [24] + o Makefile.m32: add support for HTTP/3 via ngtcp2+nghttp3 [11] + o Makefile.m32: add support for UNICODE builds [85] + o mqttd: fclose test file when done [60] + o NEW-PROTOCOL: document what needs to be done to add one [92] + o ngtcp2: adapt to recent nghttp3 updates [49] + o ngtcp2: advertise h3 ALPN unconditionally [72] + o ngtcp2: Fix build error due to symbol name change [90] + o ngtcp2: use the minimal version of QUIC supported by ngtcp2 [67] + o ntlm: avoid malloc(0) on zero length user and domain [96] + o openssl: acknowledge SRP disabling in configure properly [9] + o openssl: free mem_buf in error path [94] + o openssl: guard against OOM on context creation [68] + o openssl: use OPENSSL_init_ssl() with >= 1.1.0 [66] + o os400: Sync libcurl API options [5] + o packages/OS400: make the source code-style compliant [4] + o quiche: close the connection [89] + o quiche: remove 'static' from local buffer [71] + o range.d: clarify that curl will not parse multipart responses [36] + o range.d: fix typo + o Revert "multi: implement wait using winsock events" [99] + o rtsp: error out on empty Session ID, unified the code + o rtsp: fixed Session ID comparison to refuse prefix [65] + o rtsp: fixed the RTST Session ID mismatch in test 570 [64] + o runtests: return error if no tests ran [16] + o runtests: revert the mistaken edit of $CURL + o runtests: show keywords when no tests ran [33] + o scripts/completion.pl: parse all opts [101] + o socks: check for DNS entries with the right port number [74] + o src/tool_filetime: disable -Wformat on mingw for this file [2] + o strerror: use 'const' as the string should never be modified [18] + o test122[12]: remove these two tests [1] + o test506: make it not run in c-ares builds [75] + o tests/*server.py: close log file after each log line [81] + o tests/server/tftpd.c: close upload file right after transfer [62] + o tests/util.py: fix compatibility with Python 2 [83] + o tests: add missing global_init/cleanup calls [42] + o tests: fix some http/2 tests for older versions of nghttpx [47] + o tool_debug_cb: do not assume zero-terminated data + o tool_help: make "output" description less confusing [21] + o tool_operate: --retry for HTTP 408 responses too [43] + o tool_operate: bail out proper on errors during parallel transfers [29] + o tool_operate: fix compiler warning when --libcurl is disabled [12] + o tool_writeout: use off_t getinfo-types instead of doubles [76] + o travis: use ninja-build for CMake builds [63] + o travis: use valgrind when running tests for debug builds [40] + o urlapi: don't accept blank port number field without scheme [98] + o urlapi: URL encode a '+' in the query part [14] + o urldata: remove 'void *protop' and create the union 'p' [86] + o vquic/ngtcp2.h: define local_addr as sockaddr_storage [73] This release includes the following known bugs: - o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html) + o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html) This release would not have looked like this without help, code, reports and advice from friends like these: - Alessandro Ghedini, Alex Kiernan, Baruch Siach, Bevan Weiss, Brian Inglis, - BrumBrum on hackerone, Cameron Cawley, Carlo Marcelo Arenas Belón, - causal-agent on github, Cherish98 on github, Dan Fandrich, Daniel Gustafsson, - Daniel Stenberg, Denis Goleshchikhin, divinity76 on github, Ehren Bendler, - Emil Engler, Erik Johansson, Filip Salomonsson, Gilles Vollant, Gisle Vanem, - H3RSKO on github, ihsinme on github, Jeremy Maitin-Shepard, - joey-l-us on github, Jonathan Cardoso Machado, Jonathan Nieder, Kamil Dudka, - Ken Brown, Laramie Leavitt, lilongyan-huawei on github, Marc Aldorasi, - Marcel Raad, Marc Hörsken, Masaya Suzuki, Matthias Naegler, - Nicolas Sterchele, NobodyXu on github, Peter Wu, ramsay-jones on github, - Rasmus Melchior Jacobsen, Ray Satiro, sspiri on github, Stefan Yohansson, - Tadej Vengust, Tatsuhiro Tsujikawa, tbugfinder on github, - Thomas M. DuBuisson, Tobias Stoeckmann, Tomas Berger, Viktor Szakats, - xwxbug on github, - (52 contributors) + Andreas Fischer, asavah on github, b9a1 on github, Baruch Siach, + Basuke Suzuki, bobmitchell1956 on github, BrumBrum on hackerone, + Cristian Morales Vega, d4d on hackerone, Daiki Ueno, Daniel Gustafsson, + Daniel Stenberg, Dietmar Hauser, Dirk Wetter, emanruse on github, + Emil Engler, hamstergene on github, Harry Sintonen, Jacob Hoffman-Andrews, + Jakub Zakrzewski, Jeroen Ooms, Jon Rumsey, José Joaquín Atria, Junho Choi, + Kael1117 on github, Klaus Crusius, Kovalkov Dmitrii, Marcel Raad, + Marc Hörsken, Marc Schlatter, Niranjan Hasabnis, nosajsnikta on github, + Oliver Urbann, Per Nilsson, Philipp Klaus Krause, Ray Satiro, + Rikard Falkeborn, Rui LIU, Sergei Nikulov, Thomas Danielsson, Tobias Hieta, + Tom G. Christensen, Varnavas Papaioannou, Viktor Szakats, Vincent Torri, + xnynx on github, + (46 contributors) Thanks! (and sorry if I forgot to mention someone) References to bug reports and discussions on issues: - [1] = https://curl.haxx.se/bug/?i=5453 - [2] = https://curl.haxx.se/bug/?i=5668 - [3] = https://curl.haxx.se/bug/?i=5655 - [4] = https://curl.haxx.se/bug/?i=5716 - [5] = https://curl.haxx.se/bug/?i=5645 - [6] = https://curl.haxx.se/bug/?i=5656 - [7] = https://curl.haxx.se/bug/?i=5643 - [8] = https://curl.haxx.se/bug/?i=5639 - [9] = https://curl.haxx.se/bug/?i=5642 - [10] = https://bugzilla.redhat.com/1833193 - [11] = https://curl.haxx.se/bug/?i=5641 - [12] = https://curl.haxx.se/bug/?i=5638 - [13] = https://curl.haxx.se/bug/?i=5662 - [14] = https://curl.haxx.se/bug/?i=5675 - [15] = https://curl.haxx.se/bug/?i=5665 - [16] = https://curl.haxx.se/bug/?i=5666 - [17] = https://curl.haxx.se/bug/?i=5714 - [18] = https://curl.haxx.se/bug/?i=5744 - [19] = https://curl.haxx.se/bug/?i=5706 - [20] = https://curl.haxx.se/bug/?i=5704 - [21] = https://curl.haxx.se/bug/?i=5694 - [22] = https://curl.haxx.se/bug/?i=5695 - [23] = https://curl.haxx.se/bug/?i=5695 - [24] = https://curl.haxx.se/bug/?i=5697 - [25] = https://curl.haxx.se/bug/?i=5691 - [26] = https://curl.haxx.se/bug/?i=5689 - [27] = https://curl.haxx.se/bug/?i=5690 - [28] = https://curl.haxx.se/bug/?i=5679 - [29] = https://curl.haxx.se/bug/?i=5688 - [30] = https://curl.haxx.se/bug/?i=5683 - [31] = https://curl.haxx.se/bug/?i=5636 - [32] = https://curl.haxx.se/bug/?i=5667 - [33] = https://curl.haxx.se/bug/?i=5644 - [34] = https://curl.haxx.se/bug/?i=5511 - [35] = https://curl.haxx.se/bug/?i=5491 - [36] = https://curl.haxx.se/bug/?i=5676 - [37] = https://curl.haxx.se/bug/?i=5764 - [38] = https://curl.haxx.se/bug/?i=5659 - [39] = https://curl.haxx.se/bug/?i=5654 - [40] = https://curl.haxx.se/bug/?i=5732 - [41] = https://curl.haxx.se/bug/?i=5734 - [42] = https://github.com/curl/curl/commit/61a08508f6a458fe21bbb18cd2a9bac2f039452b#commitcomment-40941232 - [43] = https://hackerone.com/reports/926638 - [44] = https://curl.haxx.se/bug/?i=5737 - [45] = https://curl.haxx.se/bug/?i=5764 - [46] = https://curl.haxx.se/bug/?i=5729 - [47] = https://curl.haxx.se/bug/?i=5725 - [48] = https://curl.haxx.se/bug/?i=5605 - [49] = https://curl.haxx.se/bug/?i=5720 - [50] = https://curl.haxx.se/bug/?i=5726 - [51] = https://curl.haxx.se/bug/?i=5661 - [52] = https://curl.haxx.se/bug/?i=5658 - [53] = https://curl.haxx.se/bug/?i=5722 - [54] = https://curl.haxx.se/bug/?i=5722 - [55] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24379 - [56] = https://curl.haxx.se/bug/?i=5723 - [57] = https://curl.haxx.se/bug/?i=5754 - [58] = https://curl.haxx.se/bug/?i=5754 - [59] = https://curl.haxx.se/bug/?i=5762 - [60] = https://curl.haxx.se/bug/?i=5759 - [61] = https://curl.haxx.se/bug/?i=5757 - [62] = https://curl.haxx.se/bug/?i=5749 - [63] = https://curl.haxx.se/bug/?i=5715 - [64] = https://curl.haxx.se/bug/?i=5701 - [65] = https://curl.haxx.se/bug/?i=5752 - [66] = https://curl.haxx.se/bug/?i=5708 - [67] = https://curl.haxx.se/bug/?i=5721 - [68] = https://curl.haxx.se/bug/?i=5785 - [69] = https://curl.haxx.se/bug/?i=5786 - [70] = https://curl.haxx.se/bug/?i=5709 - [71] = https://curl.haxx.se/bug/?i=5782 - [72] = https://curl.haxx.se/bug/?i=5779 - [73] = https://curl.haxx.se/bug/?i=5778 - [74] = https://curl.haxx.se/bug/?i=5778 - [75] = https://curl.haxx.se/bug/?i=5761 - [76] = https://curl.haxx.se/bug/?i=5777 - [77] = https://curl.haxx.se/bug/?i=5794 - [78] = https://github.com/curl/curl/commit/7370b4e39f1390e701f5b68d910c619151daf72b#r41334700 - [79] = https://curl.haxx.se/bug/?i=5772 - [80] = https://curl.haxx.se/bug/?i=5773 - [81] = https://curl.haxx.se/bug/?i=5663 - [82] = https://curl.haxx.se/bug/?i=5674 - [83] = https://curl.haxx.se/bug/?i=5767 - [84] = https://curl.haxx.se/bug/?i=5767 - [85] = https://curl.haxx.se/bug/?i=5797 - [86] = https://curl.haxx.se/bug/?i=5822 - [87] = https://curl.haxx.se/bug/?i=5817 - [88] = https://curl.haxx.se/bug/?i=5795 - [89] = https://curl.haxx.se/bug/?i=5792 - [90] = https://curl.haxx.se/bug/?i=5783 - [91] = https://curl.haxx.se/bug/?i=5819 - [92] = https://curl.haxx.se/bug/?i=5788 - [93] = https://curl.haxx.se/bug/?i=5814 - [94] = https://curl.haxx.se/bug/?i=5812 - [95] = https://curl.haxx.se/bug/?i=5811 - [96] = https://curl.haxx.se/bug/?i=5793 - [97] = https://curl.haxx.se/bug/?i=5805 - [98] = https://curl.haxx.se/docs/CVE-2020-8231.html + [1] = https://curl.se/bug/?i=6080 + [2] = https://curl.se/bug/?i=6079 + [3] = https://curl.se/bug/?i=6102 + [4] = https://curl.se/bug/?i=6085 + [5] = https://curl.se/bug/?i=6083 + [6] = https://curl.se/bug/?i=6097 + [7] = https://curl.se/bug/?i=6049 + [8] = https://curl.se/bug/?i=6096 + [9] = https://curl.se/mail/lib-2020-10/0037.html + [10] = https://curl.se/bug/?i=6093 + [11] = https://curl.se/bug/?i=6092 + [12] = https://curl.se/bug/?i=6095 + [13] = https://curl.se/bug/?i=6088 + [14] = https://curl.se/bug/?i=6086 + [15] = https://curl.se/bug/?i=6200 + [16] = https://curl.se/bug/?i=6053 + [17] = https://curl.se/bug/?i=6125 + [18] = https://curl.se/bug/?i=6068 + [19] = https://curl.se/bug/?i=6069 + [20] = https://curl.se/bug/?i=5868 + [21] = https://curl.se/bug/?i=6118 + [22] = https://curl.se/bug/?i=6119 + [23] = https://curl.se/bug/?i=6117 + [24] = https://curl.se/bug/?i=6116 + [25] = https://curl.se/bug/?i=6108 + [26] = https://curl.se/bug/?i=6108 + [27] = https://curl.se/bug/?i=6105 + [28] = https://curl.se/bug/?i=6145 + [29] = https://curl.se/bug/?i=6141 + [30] = https://curl.se/bug/?i=6072 + [31] = https://curl.se/bug/?i=6113 + [32] = https://curl.se/bug/?i=6134 + [33] = https://curl.se/bug/?i=6126 + [34] = https://curl.se/bug/?i=6131 + [35] = https://curl.se/bug/?i=6188 + [36] = https://curl.se/bug/?i=6124 + [37] = https://curl.se/bug/?i=5896 + [38] = https://curl.se/bug/?i=6074 + [39] = https://curl.se/bug/?i=6186 + [40] = https://curl.se/bug/?i=6154 + [41] = https://curl.se/bug/?i=6153 + [42] = https://curl.se/bug/?i=6156 + [43] = https://curl.se/bug/?i=6155 + [44] = https://curl.se/bug/?i=6147 + [45] = https://curl.se/bug/?i=6148 + [46] = https://curl.se/bug/?i=6138 + [47] = https://curl.se/bug/?i=6139 + [48] = https://curl.se/bug/?i=6162 + [49] = https://curl.se/bug/?i=6185 + [50] = https://curl.se/bug/?i=6168 + [51] = https://curl.se/bug/?i=6182 + [52] = https://curl.se/bug/?i=6195 + [53] = https://curl.se/bug/?i=6194 + [54] = https://curl.se/mail/lib-2020-11/0026.html + [55] = https://curl.se/bug/?i=6192 + [56] = https://curl.se/bug/?i=6177 + [57] = https://curl.se/bug/?i=6190 + [58] = https://curl.se/bug/?i=6171 + [59] = https://curl.se/bug/?i=6172 + [60] = https://curl.se/bug/?i=6058 + [61] = https://curl.se/bug/?i=6220 + [62] = https://curl.se/bug/?i=6058 + [63] = https://curl.se/bug/?i=6077 + [64] = https://curl.se/bug/?i=6161 + [65] = https://curl.se/bug/?i=6161 + [66] = https://curl.se/bug/?i=6254 + [67] = https://curl.se/bug/?i=6250 + [68] = https://curl.se/bug/?i=6224 + [69] = https://curl.se/bug/?i=6215 + [70] = https://curl.se/bug/?i=6173 + [71] = https://curl.se/bug/?i=6223 + [72] = https://curl.se/bug/?i=6250 + [73] = https://curl.se/bug/?i=6250 + [74] = https://curl.se/bug/?i=6247 + [75] = https://curl.se/bug/?i=6247 + [76] = https://curl.se/bug/?i=6248 + [77] = https://curl.se/bug/?i=6249 + [78] = https://curl.se/bug/?i=6241 + [79] = https://curl.se/bug/?i=6257 + [80] = https://curl.se/bug/?i=6211 + [81] = https://curl.se/bug/?i=6058 + [82] = https://curl.se/bug/?i=6205 + [83] = https://curl.se/bug/?i=6259 + [84] = https://curl.se/bug/?i=6239 + [85] = https://curl.se/bug/?i=6228 + [86] = https://curl.se/bug/?i=6238 + [87] = https://curl.se/bug/?i=6273 + [88] = https://curl.se/bug/?i=6235 + [89] = https://curl.se/bug/?i=6213 + [90] = https://curl.se/bug/?i=6271 + [91] = https://curl.se/bug/?i=6252 + [92] = https://curl.se/bug/?i=6263 + [93] = https://curl.se/docs/CVE-2020-8286.html + [94] = https://curl.se/bug/?i=6267 + [95] = https://curl.se/docs/CVE-2020-8285.html + [96] = https://curl.se/bug/?i=6264 + [97] = https://curl.se/docs/CVE-2020-8284.html + [98] = https://curl.se/bug/?i=6283 + [99] = https://curl.se/bug/?i=6146 + [100] = https://curl.se/bug/?i=6252 + [101] = https://curl.se/bug/?i=6280 |