RELEASE-NOTES: syncedcurl-7_78_0

curl 7.78.0 release

1 files changed, 29 insertions, 7 deletions

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 83bbbee09..1dc81810f 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,7 +4,7 @@ curl and libcurl 7.78.0
  Command line options:         242
  curl_easy_setopt() options:   290
  Public functions in libcurl:  85
- Contributors:                 2454
+ Contributors:                 2459
 
 This release includes the following changes:
 
@@ -34,11 +34,13 @@ This release includes the following bugfixes:
  o c-hyper: support CURLINFO_STARTTRANSFER_TIME [29]
  o c-hyper: support CURLOPT_HEADER [32]
  o ccsidcurl: fix the compile errors [27]
+ o CI/cirrus: install impacket from PyPI instead of FreeBSD packages [166]
  o CI: add bearssl build [1]
  o CI: add Circle CI [92]
  o CI: add jobs using Zuul [86]
  o CI: delete --enable-hsts option (it is the default now) [2]
  o CI: remove travis details [144]
+ o cleanup: spell DoH with a lowercase o [172]
  o cmake: add CURL_DISABLE_NTLM option [44]
  o cmake: avoid leaking absolute paths into exported config [3]
  o cmake: fix IoctlSocket FIONBIO check [156]
@@ -73,9 +75,11 @@ This release includes the following bugfixes:
  o docs: fix inconsistencies in EGDSOCKET documentation [159]
  o docs: fix incorrect argument name reference [161]
  o docs: Fix typos [146]
+ o docs: make docs for --etag-save match the program behaviour [169]
  o docs: use --max-redirs instead of --max-redir [28]
  o doh: (void)-prefix call to curl_easy_setopt
  o doh: fix wrong DEBUGASSERT for doh private_data [62]
+ o easy: during upkeep, attach Curl_easy to connections in the cache [171]
  o examples/multi-single: fix scan-build warning [150]
  o examples: length-limit two sscanf() uses of %s [96]
  o examples: safer and more proper read callback logic [127]
@@ -104,12 +108,14 @@ This release includes the following bugfixes:
  o idn: fix libidn2 with windows unicode builds [117]
  o infof: remove newline from format strings, always append it [149]
  o lib: don't compare fd to FD_SETSIZE when using poll [61]
+ o lib: fix compiler warnings with CURL_DISABLE_NETRC [168]
  o lib: fix type of len passed to *printf's %*s [133]
  o lib: more %u for port and int for %*s fixes [132]
  o lib: use %u instead of %ld for port number printf [134]
  o libcurl-security.3: mention file descriptors and forks [108]
  o libssh2: limit time a disconnect can take to 1 second [111]
  o mbedtls: make mbedtls_strerror always work [6]
+ o mbedtls: Remove unnecessary include [175]
  o mqtt: detect illegal and too large file size [43]
  o mqtt: extend the error message for no topic [136]
  o msnprintf: return number of printed characters excluding null byte [148]
@@ -134,11 +140,13 @@ This release includes the following bugfixes:
  o rustls: remove native_roots fallback [65]
  o schannel: set ALPN length correctly for HTTP/2 [24]
  o SChannel: Use '_tcsncmp()' instead [164]
+ o sectransp: check for client certs by name first, then file [167]
  o setopt: fix incorrect comments [10]
  o socketpair: fix potential hangs [37]
  o socks4: scan for the IPv4 address in resolve results [124]
  o ssl: read pending close notify alert before closing the connection [9]
  o sws: malloc request struct instead of using stack [60]
+ o telnet: fix option parser to not send uninitialized contents [170]
  o test1116: hyper doesn't pass through "surprise-trailers" [123]
  o test1147: hyper doesn't allow "crazy" request headers like built-in [114]
  o test1151: added missing CRLF to work with hyper [120]
@@ -175,11 +183,13 @@ This release includes the following bugfixes:
  o url: bad CURLOPT_CONNECT_TO syntax now returns error [31]
  o version: turn version number functions into returning void [135]
  o vtls: exit addsessionid if no cache is inited [7]
+ o vtls: fix connection reuse checks for issuer cert and case sensitivity [165]
  o vtls: only store TIMER_APPCONNECT for non-proxy connect [93]
  o vtls: use free() not curl_free() [140]
  o warnless: simplify type size handling [30]
  o Win32: fix build with Watt-32
  o winbuild/README: VC should be set to 6 'or larger' [64]
+ o winbuild: support alternate nghttp2 static lib name [174]
  o wolfssl: failing to set a session id is not reason to error out [151]
  o write-out.d: clarify urlnum is not unique for de-globbed URLs [145]
  o zuul: use the new rustls directory name [141]
@@ -199,16 +209,18 @@ advice from friends like these:
   Fawad Mirza, Francisco Munoz, Gabriel Simmer, Gealber Morales, Gergely Nagy,
   Gerrit Renker, Gisle Vanem, Gregor Jasny, Gregory Muchka, Harry Sintonen,
   Hugh Macdonald, Jacob Hoffman-Andrews, Jishan Shaikh, Joel Depooter,
-  Jonathan Wernberg, Jon Rumsey, Jun-ya Kato, Kevin Burke, Laurent Dufresne,
-  Li Xinwei, Marcel Raad, Marc Hörsken, Mark Swaanenburg, Martin Howarth,
+  Jonathan Wernberg, Jon Rumsey, Josh Soref, Josie Huddleston, Jun-ya Kato,
+  Kevin Burke, Laurent Dufresne, Li Xinwei, MAntoniak on github, Marcel Raad,
+  Marc Hörsken, Mark Swaanenburg, Martin Howarth, Max Zettlmeißl,
   Michael Forney, Michael Kaufmann, Mohammed Naser, nian6324 on github,
-  Nikos Mavrogiannopoulos, Paul Groke, Peter Körner, Phil E. Taylor, Randolf J,
-  Ray Satiro, Red Hat Product Security, Richard Marion, Richard Whitehouse,
-  Sergey Markelov, Shikha Sharma, shithappens2016 on github, sylgal on github,
+  Nikos Mavrogiannopoulos, Paul Groke, Peter Körner, Phil E. Taylor,
+  Pierre Yager, Randolf J, Ray Satiro, Red Hat Product Security,
+  Richard Marion, Richard Whitehouse, Sergey Markelov, Shikha Sharma,
+  shithappens2016 on github, sylgal on github, Timur Artikov, Tobias Nyholm,
   Tommy Chiang, User Sg, Vadim Grinshpun, Valentín Gutiérrez, Viktor Szakats,
   William Desportes, Wyatt OʼDay, Xiang Xiao, Yongkang Huang, Younes El-karama,
   Zhang Xiuhua, Борис Верховский, Коваленко Анатолий Викторович,
-  (76 contributors)
+  (83 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -375,3 +387,13 @@ References to bug reports and discussions on issues:
  [162] = https://curl.se/bug/?i=7378
  [163] = https://curl.se/bug/?i=7397
  [164] = https://curl.se/bug/?i=7398
+ [165] = https://curl.se/docs/CVE-2021-22924.html
+ [166] = https://curl.se/bug/?i=7418
+ [167] = https://curl.se/docs/CVE-2021-22926.html
+ [168] = https://curl.se/bug/?i=7423
+ [169] = https://curl.se/bug/?i=7429
+ [170] = https://curl.se/docs/CVE-2021-22925.html
+ [171] = https://curl.se/bug/?i=7386
+ [172] = https://curl.se/bug/?i=7413
+ [174] = https://curl.se/bug/?i=7446
+ [175] = https://curl.se/bug/?i=7419