[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 207/208: RELEASE-NOTES: curl 7.55.0
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 207/208: RELEASE-NOTES: curl 7.55.0 |
Date: |
Wed, 09 Aug 2017 17:36:44 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.55.0
in repository gnurl.
commit 2679562dc7685674998f2841811d361400ae0d19
Author: Daniel Stenberg <address@hidden>
AuthorDate: Tue Aug 8 09:32:36 2017 +0200
RELEASE-NOTES: curl 7.55.0
---
RELEASE-NOTES | 33 ++++++++++++++++++++++++---------
1 file changed, 24 insertions(+), 9 deletions(-)
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 58219d2ce..cb0634b4e 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -18,6 +18,9 @@ This release includes the following changes:
This release includes the following bugfixes:
+ o glob: do not parse after a strtoul() overflow range (CVE-2017-1000101) [85]
+ o tftp: reject file name lengths that don't fit (CVE-2017-1000100) [84]
+ o file: output the correct buffer to the user (CVE-2017-1000099) [83]
o includes: remove curl/curlbuild.h and curl/curlrules.h [1]
o dist: make the hugehelp.c not get regenerated unnecessarily [2]
o timers: store internal time stamps as time_t instead of doubles [3]
@@ -124,6 +127,11 @@ This release includes the following bugfixes:
o darwinssl: silence compiler warnings [79]
o travis: build on osx with darwinssl
o FTP: skip unnecessary CWD when in nocwd mode [80]
+ o gssapi: fix memory leak of output token in multi round context [81]
+ o getparameter: avoid returning uninitialized 'usedarg' [82]
+ o curl (debug build) easy_events: make event data static
+ o curl: detect and bail out early on parameter integer overflows [86]
+ o configure: fix recv/send/select detection on Android [87]
This release includes the following known bugs:
@@ -133,15 +141,15 @@ This release would not have looked like this without
help, code, reports and
advice from friends like these:
Brad Spencer, Brian Carpenter, Dan Fandrich, Daniel Stenberg,
- David E. Narváez, Dmitry Kostjuchenko, Dwarakanath Yadavalli, Evert Pot,
- Frederik B, Gisle Vanem, Hannes Magnusson, Henrik S. Gaßmann, Jakub Wilk,
- Jeremy Tan, Jeroen Ooms, Jesse Chisholm, Johannes Schindelin, Kamil Dudka,
- Marcel Raad, Martin Kepplinger, Matteo B., Max Dymond, Michael Kaufmann,
- Neil Kolban, Nick Miyake, olesteban at github, ovidiu-benea on github,
- Pascal Terjan, Paul Harris, Pavel Rochnyak, Per Malmberg, Ray Satiro,
- Rob Sanders, Ryan Winograd, Sergei Nikulov, Simon Warta, Timothe Litt,
- Viktor Szakáts,
- (38 contributors)
+ David E. Narváez, destman at github, Dmitry Kostjuchenko,
+ Dwarakanath Yadavalli, Even Rouault, Evert Pot, Frederik B, Gisle Vanem,
+ Hannes Magnusson, Henrik Gaßmann, Isaac Boukris, Jakub Wilk, Jeremy Tan,
+ Jeroen Ooms, Jesse Chisholm, Johannes Schindelin, Kamil Dudka, Marcel Raad,
+ Martin Kepplinger, Matteo B., Max Dymond, Michael Kaufmann, Neil Kolban,
+ Nick Miyake, olesteban at github, ovidiu-benea on github, Pascal Terjan,
+ Paul Harris, Pavel Rochnyak, Per Malmberg, Ray Satiro, Rob Sanders,
+ Ryan Winograd, Sergei Nikulov, Simon Warta, Timothe Litt, Viktor Szakáts,
+ (41 contributors)
Thanks! (and sorry if I forgot to mention someone)
@@ -227,3 +235,10 @@ References to bug reports and discussions on issues:
[78] = https://curl.haxx.se/mail/lib-2017-08/0008.html
[79] = https://curl.haxx.se/bug/?i=1722
[80] = https://curl.haxx.se/bug/?i=1718
+ [81] = https://curl.haxx.se/bug/?i=1733
+ [82] = https://curl.haxx.se/bug/?i=1728
+ [83] = https://curl.haxx.se/docs/adv_20170809C.html
+ [84] = https://curl.haxx.se/docs/adv_20170809B.html
+ [85] = https://curl.haxx.se/docs/adv_20170809A.html
+ [86] = https://curl.haxx.se/bug/?i=1730
+ [87] = https://curl.haxx.se/bug/?i=1738
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 181/208: CMake: set MSVC warning level to 4, (continued)
- [GNUnet-SVN] [gnurl] 181/208: CMake: set MSVC warning level to 4, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 202/208: test1427: verify command line parser integer overflow detection, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 200/208: glob: do not continue parsing after a strtoul() overflow range, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 203/208: ax_code_coverage.m4: update to latest version, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 180/208: CURLOPT_NETRC.3: fix typo in 7e48aa386156f9c2, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 165/208: RELEASE-NOTES: synced with 001701c47, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 179/208: CURLOPT_NETRC.3: mention the file name on windows, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 197/208: easy_events: make event data static, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 177/208: travis: build osx with openssl too, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 185/208: BUILD.WINDOWS: mention buildconf.bat for builds off git, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 207/208: RELEASE-NOTES: curl 7.55.0,
gnunet <=
- [GNUnet-SVN] [gnurl] 208/208: Patchset for gnURL microfork: * Patches to rename libcurl to libgnurl by Christian * Updated for latest curl using git cherry-pick by Jeff, Florian, ng0 * Patches to fix the testsuite (deleted tests/data/test1139, renamed reference from libcurl.* to libgnurl.*) by ng0 * Added guix-gnurl.scm which can be used to build this with guix prior to installing it. (author: ng0) * Further adjustments by ng0 * 7.55.0: Manual addition of a7bbbb7c368c6096802007f61f19a02e9d75285b and f864bd8c880d5a91637 [...], gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 95/208: test: add impacket for SMB testing, gnunet, 2017/08/09