Overview
Request 882316 accepted
- Update to 7.76.0
* Security fixes:
- [bsc#1183933, CVE-2021-22876]: strip credentials from the
auto-referer header field
- [bsc#1183934, CVE-2021-22890]: add 'isproxy' argument to
Curl_ssl_get/addsessionid()
* Changes:
- cookies: Support multiple -b parameters
- curl: add --fail-with-body
- doh: add options to disable ssl verification
- http: add support to read and store the referrer header
- sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl
- vtls: initial implementation of rustls backend
* Bugfixes:
- CVE-2021-22876: strip credentials from the auto-referer header field
- CVE-2021-22890: add 'isproxy' argument to Curl_ssl_get/addsessionid()
- c-hyper: support automatic content-encoding
- configure: only add OpenSSL paths if they are defined
- configure: provide Largefile feature for curl-config
- curl: set CURLOPT_NEW_FILE_PERMS if requested
- doh: Fix sharing user's resolve list with DOH handles
- doh: Inherit CURLOPT_STDERR from user's easy handle
- dynbuf: bump the max HTTP request to 1MB
- ftp: add 'list_only' to the transfer state struct
- ftp: add 'prefer_ascii' to the transfer state struct
- ftp: allow SIZE to fail when doing (resumed) upload
- ftp: avoid SIZE when asking for a TYPE A file
- ftp: fix memory leak in ftp_done
- ftp: never set data->set.ftp_append outside setopt
- gnutls: assume nettle crypto support
- Created by pmonrealgonzalez
- In state accepted
-
Package maintainers:
david.anes,
pmonrealgonzalez, and
vitezslav_cizek
Request History
pmonrealgonzalez created request
- Update to 7.76.0
* Security fixes:
- [bsc#1183933, CVE-2021-22876]: strip credentials from the
auto-referer header field
- [bsc#1183934, CVE-2021-22890]: add 'isproxy' argument to
Curl_ssl_get/addsessionid()
* Changes:
- cookies: Support multiple -b parameters
- curl: add --fail-with-body
- doh: add options to disable ssl verification
- http: add support to read and store the referrer header
- sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl
- vtls: initial implementation of rustls backend
* Bugfixes:
- CVE-2021-22876: strip credentials from the auto-referer header field
- CVE-2021-22890: add 'isproxy' argument to Curl_ssl_get/addsessionid()
- c-hyper: support automatic content-encoding
- configure: only add OpenSSL paths if they are defined
- configure: provide Largefile feature for curl-config
- curl: set CURLOPT_NEW_FILE_PERMS if requested
- doh: Fix sharing user's resolve list with DOH handles
- doh: Inherit CURLOPT_STDERR from user's easy handle
- dynbuf: bump the max HTTP request to 1MB
- ftp: add 'list_only' to the transfer state struct
- ftp: add 'prefer_ascii' to the transfer state struct
- ftp: allow SIZE to fail when doing (resumed) upload
- ftp: avoid SIZE when asking for a TYPE A file
- ftp: fix memory leak in ftp_done
- ftp: never set data->set.ftp_append outside setopt
- gnutls: assume nettle crypto support
msmeissn accepted request
ok
@elvigia, @pmonrealgonzalez, @vitezslav_cizek: review reminder