From 3fd1d8df3a2497078d580f43c17311e6f58186a1 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 28 Apr 2022 09:51:26 +0200
Subject: RELEASE-NOTES: synced

bumped curlver to 7.83.1-dev
---
 RELEASE-NOTES | 277 ++--------------------------------------------------------
 1 file changed, 7 insertions(+), 270 deletions(-)

(limited to 'RELEASE-NOTES')

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 2a4284676..1b31d75a2 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,6 +1,6 @@
-curl and libcurl 7.83.0
+curl and libcurl 7.83.1
 
- Public curl releases:         207
+ Public curl releases:         208
  Command line options:         247
  curl_easy_setopt() options:   295
  Public functions in libcurl:  88
@@ -8,140 +8,11 @@ curl and libcurl 7.83.0
 
 This release includes the following changes:
 
- o curl: add %header{name} experimental support in -w handling
- o curl: add %{header_json} experimental support in -w handling
- o curl: add --no-clobber [28]
- o curl: add --remove-on-error [11]
- o header api: add curl_easy_header and curl_easy_nextheader [56]
- o msh3: add support for QUIC and HTTP/3 using msh3 [84]
+ o
 
 This release includes the following bugfixes:
 
- o appveyor: add Cygwin build [77]
- o appveyor: only add MSYS2 to PATH where required [78]
- o BearSSL: add CURLOPT_SSL_CIPHER_LIST support [27]
- o BearSSL: add CURLOPT_SSL_CTX_FUNCTION support [26]
- o BINDINGS.md: add Hollywood binding [34]
- o CI: Do not use buildconf. Instead, just use: autoreconf -fi [42]
- o CI: install Python package impacket to run SMB test 1451 [5]
- o configure.ac: move -pthread CFLAGS setting back where it used to be [14]
- o configure: bump the copyright year range int the generated output
- o conncache: include the zone id in the "bundle" hashkey [112]
- o connecache: remove duplicate connc->closure_handle check [90]
- o connect: make Curl_getconnectinfo work with conn cache from share handle [22]
- o connect: use TCP_KEEPALIVE only if TCP_KEEPIDLE is not defined [6]
- o cookie.d: clarify when cookies are sent
- o cookies: improve errorhandling for reading cookiefile [123]
- o curl/system.h: update ifdef condition for MCST-LCC compiler [4]
- o curl: error out if -T and -d are used for the same URL [99]
- o curl: error out when options need features not present in libcurl [18]
- o curl: escape '?' in generated --libcurl code [117]
- o curl: fix segmentation fault for empty output file names. [60]
- o curl_easy_header: fix typos in documentation [74]
- o CURLINFO_PRIMARY_PORT.3: clarify which port this is [126]
- o CURLOPT*TLSAUTH.3: they only work with OpenSSL or GnuTLS [105]
- o CURLOPT_DISALLOW_USERNAME_IN_URL.3: use uppercase URL
- o CURLOPT_PREQUOTE.3: only works for FTP file transfers, not dirs [79]
- o CURLOPT_PROGRESSFUNCTION.3: fix typo in example [63]
- o CURLOPT_UNRESTRICTED_AUTH.3: extended explanation [127]
- o CURLSHOPT_UNLOCKFUNC.3: fix the callback prototype [9]
- o docs/HYPER.md: updated to reflect current hyper build needs
- o docs/opts: Mention Schannel client cert type is P12 [50]
- o docs: Fix missing semicolon in example code [102]
- o docs: lots of minor language polish [51]
- o English: use American spelling consistently [95]
- o fail.d: tweak the description [101]
- o firefox-db2pem.sh: make the shell script safer [47]
- o ftp: fix error message for partial file upload [61]
- o gen.pl: change wording for mutexed options [98]
- o GHA: add openssl3 jobs moved over from zuul [88]
- o GHA: build hyper with nightly rustc [7]
- o GHA: move bearssl jobs over from zuul [85]
- o gha: move the event-based test over from Zuul [59]
- o gtls: fix build for disabled TLS-SRP [48]
- o http2: handle DONE called for the paused stream [69]
- o http2: RST the stream if we stop it on our own will [67]
- o http: avoid auth/cookie on redirects same host diff port [110]
- o http: close the stream (not connection) on time condition abort [68]
- o http: reject header contents with nul bytes [41]
- o http: return error on colon-less HTTP headers [31]
- o http: streamclose "already downloaded" [57]
- o hyper: fix status_line() return code [13]
- o hyper: fix tests 580 and 581 for hyper [107]
- o hyper: no h2c support [33]
- o infof: consistent capitalization of warning messages [103]
- o ipv4/6.d: clarify that they are about using IP addresses [3]
- o json.d: fix typo (overriden -> overridden) [24]
- o keepalive-time.d: It takes many probes to detect brokenness [29]
- o lib/warnless.[ch]: only check for WIN32 and ignore _WIN32 [45]
- o lib670: avoid double check result [71]
- o lib: #ifdef on USE_HTTP2 better [65]
- o lib: fix some misuse of curlx_convert_wchar_to_UTF8 [38]
- o lib: remove exclamation marks [100]
- o libssh2: compare sha256 strings case sensitively [114]
- o libssh2: make the md5 comparison fail if wrong length [111]
- o libssh: fix build with old libssh versions [12]
- o libssh: fix double close [124]
- o libssh: Improve fix for missing SSH_S_ stat macros [10]
- o libssh: unstick SFTP transfers when done event-based [58]
- o macos: set .plist version in autoconf [122]
- o mbedtls: remove 'protocols' array from backend when ALPN is not used [66]
- o mbedtls: remove server_fd from backend [91]
- o mk-ca-bundle.pl: Use stricter logic to process the certificates [39]
- o mk-ca-bundle.vbs: delete this script in favor of mk-ca-bundle.pl [8]
- o mlc_config.json: add file to ignore known troublesome URLs [35]
- o mqtt: better handling of TCP disconnect mid-message [55]
- o ngtcp2: add client certificate authentication for OpenSSL [15]
- o ngtcp2: avoid busy loop in low CWND situation [119]
- o ngtcp2: deal with sub-millisecond timeout [116]
- o ngtcp2: disconnect the QUIC connection proper [19]
- o ngtcp2: enlarge H3_SEND_SIZE [82]
- o ngtcp2: fix HTTP/3 upload stall and avoid busy loop [83]
- o ngtcp2: fix memory leak [80]
- o ngtcp2: fix QUIC_IDLE_TIMEOUT [94]
- o ngtcp2: make curl 1ms faster [93]
- o ngtcp2: remove remote_addr which is not used in a meaningful way [81]
- o ngtcp2: update to work after recent ngtcp2 updates [62]
- o ngtcp2: use token when detecting :status header field [92]
- o nonblock: restore setsockopt method to curlx_nonblock [20]
- o openssl: check SSL_get_peer_cert_chain return value [1]
- o openssl: enable CURLOPT_SSL_EC_CURVES with BoringSSL [23]
- o openssl: fix CN check error code [21]
- o options: remove mistaken space before paren in prototype
- o perl: removed a double semicolon at end of line [64]
- o pop3/smtp: return *WEIRD_SERVER_REPLY when not understood [43]
- o projects/README: converted to markdown [76]
- o projects: Update VC version names for VS2017, VS2022 [52]
- o rtsp: don't let CSeq error override earlier errors [37]
- o runtests: add 'bearssl' as testable feature [87]
- o runtests: make 'oldlibssh' be before 0.9.4 [2]
- o schannel: remove dead code that will never run [89]
- o scripts/copyright.pl: ignore the new mlc_config.json file
- o scripts: move three scripts from lib/ to scripts/ [44]
- o test1135: sync with recent API updates [54]
- o test1459: disable for oldlibssh [53]
- o test375: fix line endings on Windows [40]
- o test386: Fix an incorrect test markup tag
- o test718: edited slightly to return better HTTP [32]
- o tests/server/util.h: align WIN32 condition with util.c [46]
- o tests: refactor server/socksd.c to support --unix-socket [96]
- o timediff.[ch]: add curlx helper functions for timeval conversions [86]
- o tls: make mbedtls and NSS check for h2, not nghttp2 [70]
- o tool and tests: force flush of all buffers at end of program [17]
- o tool_cb_hdr: Turn the Location: into a terminal hyperlink [30]
- o tool_getparam: error out on missing -K file [115]
- o tool_listhelp.c: uppercase URL
- o tool_operate: fix a scan-build warning [16]
- o tool_paramhlp: use feof(3) to identify EOF correctly when using fread(3) [97]
- o transfer: redirects to other protocols or ports clear auth [109]
- o unit1620: call global_init before calling Curl_open [125]
- o url: check sasl additional parameters for connection reuse. [113]
- o vtls: provide a unified APLN-disagree string for all backends [75]
- o vtls: use a backend standard message for "ALPN: offers %s" [73]
- o vtls: use a generic "ALPN, server accepted" message [72]
- o winbuild/README.md: fixup dead link [36]
- o winbuild: Add a Visual Studio example to the README [49]
- o wolfssl: fix compiler error without IPv6 [25]
+ o conn: fix typo 'connnection' -> 'connection' in two function names [1]
 
 This release includes the following known bugs:
 
@@ -150,143 +21,9 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Alejandro R. Sedeño, Andreas Falkenhahn, Andrey Alifanov,
-  anon00000000 on github, Balakrishnan Balasubramanian, Boris Verkhovskiy,
-  Brad Spencer, Christian Schmitz, Christopher Degawa, Colin Leroy,
-  Dan Fandrich, Daniel Gustafsson, Daniel Stenberg, Daniel Valenzuela,
-  Don J Olmstead, Emanuele Torre, Evangelos Foutras, Francisco Olarte,
-  Frank Meier, Gisle Vanem, Harry Sintonen, Ian Blanes, Jan Venekamp,
-  Jay Dommaschk, Jean-Philippe Menil, Jenny Heino, Joseph Chen,
-  jurisuk on github, Kristoffer Gleditsch, Kushal Das, Leandro Coutinho,
-  Liam Warfield, Marcel Raad, Marc Hörsken, Matteo Baccan,
-  Median Median Stride, mehatzri on github, Michael Kaufmann, Michał Antoniak,
-  Nick Banks, Nick Coghlan, Nick Zitzmann, Patrick Monnerat, Paul Howarth,
-  Paweł Kowalski, Peter Korsgaard, pheiduck on github, r-a-sattarov on github,
-  Ray Satiro, Rianov Viacheslav, Robert Brose, Robert Charles Muir,
-  Robin A. Meade, Samuel Henrique, Sascha Zengler, Taras Kushnir,
-  Tatsuhiro Tsujikawa, Timothe Litt, Viktor Szakats, HexTheDragon
-  (60 contributors)
+  Adam Rosenfield, Daniel Stenberg,
+  (2 contributors)
 
 References to bug reports and discussions on issues:
 
- [1] = https://curl.se/bug/?i=8579
- [2] = https://curl.se/bug/?i=8548
- [3] = https://curl.se/bug/?i=8543
- [4] = https://curl.se/bug/?i=8546
- [5] = https://curl.se/bug/?i=8544
- [6] = https://curl.se/bug/?i=8539
- [7] = https://curl.se/bug/?i=8545
- [8] = https://curl.se/bug/?i=8412
- [9] = https://curl.se/bug/?i=8573
- [10] = https://curl.se/bug/?i=8588
- [11] = https://curl.se/bug/?i=8503
- [12] = https://curl.se/bug/?i=8574
- [13] = https://curl.se/bug/?i=8572
- [14] = https://curl.se/bug/?i=8541
- [15] = https://curl.se/bug/?i=8522
- [16] = https://curl.se/bug/?i=8565
- [17] = https://curl.se/bug/?i=8516
- [18] = https://curl.se/bug/?i=8565
- [19] = https://curl.se/bug/?i=8534
- [20] = https://curl.se/bug/?i=8562
- [21] = https://curl.se/bug/?i=8559
- [22] = https://curl.se/bug/?i=8524
- [23] = https://curl.se/bug/?i=8553
- [24] = https://curl.se/bug/?i=8557
- [25] = https://curl.se/bug/?i=8550
- [26] = https://curl.se/bug/?i=8478
- [27] = https://curl.se/bug/?i=8477
- [28] = https://curl.se/bug/?i=7708
- [29] = https://curl.se/bug/?i=8570
- [30] = https://curl.se/bug/?i=7963
- [31] = https://curl.se/bug/?i=8610
- [32] = https://github.com/hyperium/hyper/issues/2783
- [33] = https://curl.se/bug/?i=8605
- [34] = https://curl.se/bug/?i=8609
- [35] = https://curl.se/bug/?i=8597
- [36] = https://curl.se/bug/?i=8597
- [37] = https://curl.se/bug/?i=8525
- [38] = https://curl.se/bug/?i=8521
- [39] = https://curl.se/bug/?i=8411
- [40] = https://curl.se/bug/?i=8599
- [41] = https://curl.se/bug/?i=8601
- [42] = https://curl.se/bug/?i=8596
- [43] = https://curl.se/bug/?i=8506
- [44] = https://curl.se/bug/?i=8625
- [45] = https://curl.se/bug/?i=8594
- [46] = https://curl.se/bug/?i=8594
- [47] = https://curl.se/bug/?i=8616
- [48] = https://curl.se/mail/lib-2022-03/0046.html
- [49] = https://curl.se/bug/?i=8592
- [50] = https://curl.se/bug/?i=8587
- [51] = https://curl.se/bug/?i=8646
- [52] = https://curl.se/bug/?i=8447
- [53] = https://curl.se/bug/?i=8622
- [54] = https://curl.se/bug/?i=8620
- [55] = https://hackerone.com/reports/1521610
- [56] = https://curl.se/bug/?i=8593
- [57] = https://curl.se/bug/?i=8665
- [58] = https://curl.se/bug/?i=8490
- [59] = https://curl.se/bug/?i=8490
- [60] = https://curl.se/bug/?i=8606
- [61] = https://curl.se/bug/?i=8637
- [62] = https://curl.se/bug/?i=8638
- [63] = https://curl.se/bug/?i=8636
- [64] = https://curl.se/bug/?i=8709
- [65] = https://curl.se/bug/?i=8661
- [66] = https://curl.se/bug/?i=8663
- [67] = https://curl.se/bug/?i=8664
- [68] = https://curl.se/bug/?i=8664
- [69] = https://curl.se/bug/?i=8626
- [70] = https://curl.se/bug/?i=8656
- [71] = https://curl.se/bug/?i=8660
- [72] = https://curl.se/bug/?i=8657
- [73] = https://curl.se/bug/?i=8657
- [74] = https://curl.se/bug/?i=8694
- [75] = https://curl.se/bug/?i=8643
- [76] = https://curl.se/bug/?i=8652
- [77] = https://curl.se/bug/?i=8693
- [78] = https://curl.se/bug/?i=8693
- [79] = https://curl.se/bug/?i=8602
- [80] = https://curl.se/bug/?i=8691
- [81] = https://curl.se/bug/?i=8689
- [82] = https://curl.se/bug/?i=8690
- [83] = https://curl.se/bug/?i=8688
- [84] = https://curl.se/bug/?i=8517
- [85] = https://curl.se/bug/?i=8684
- [86] = https://curl.se/bug/?i=8595
- [87] = https://curl.se/bug/?i=8684
- [88] = https://curl.se/bug/?i=8683
- [89] = https://curl.se/bug/?i=8677
- [90] = https://curl.se/bug/?i=8676
- [91] = https://curl.se/bug/?i=8682
- [92] = https://curl.se/bug/?i=8679
- [93] = https://curl.se/bug/?i=8678
- [94] = https://curl.se/bug/?i=8678
- [95] = https://curl.se/bug/?i=8673
- [96] = https://curl.se/bug/?i=8687
- [97] = https://curl.se/bug/?i=8701
- [98] = https://curl.se/bug/?i=8716
- [99] = https://curl.se/bug/?i=8704
- [100] = https://curl.se/bug/?i=8713
- [101] = https://curl.se/bug/?i=8714
- [102] = https://curl.se/bug/?i=8697
- [103] = https://curl.se/bug/?i=8711
- [105] = https://curl.se/bug/?i=8753
- [107] = https://curl.se/bug/?i=8707
- [109] = https://curl.se/docs/CVE-2022-27774.html
- [110] = https://curl.se/docs/CVE-2022-27776.html
- [111] = https://hackerone.com/reports/1549461
- [112] = https://curl.se/docs/CVE-2022-27775.html
- [113] = https://curl.se/docs/CVE-2022-22576.html
- [114] = https://hackerone.com/reports/1549435
- [115] = https://hackerone.com/reports/1542881
- [116] = https://curl.se/bug/?i=8738
- [117] = https://hackerone.com/reports/1548535
- [119] = https://curl.se/bug/?i=8739
- [122] = https://curl.se/bug/?i=8692
- [123] = https://curl.se/bug/?i=8699
- [124] = https://curl.se/bug/?i=8708
- [125] = https://curl.se/bug/?i=8719
- [126] = https://curl.se/bug/?i=8725
- [127] = https://curl.se/bug/?i=8724
+ [1] = https://curl.se/bug/?i=8759
-- 
cgit v1.2.1