| Message ID | 20260405120354.137211-19-adolf.belka@ipfire.org |
|---|---|
| State | Staged |
| Commit | 611f113d8725df90cdcf940c282f9c6510117687 |
| Headers |
Return-Path: <development+bounces-1865-patchwork=ipfire.org@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail01.haj.ipfire.org", Issuer "R12" (not verified)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4fpWNb3LKPz3wbG for <patchwork@web04.haj.ipfire.org>; Sun, 05 Apr 2026 12:04:47 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail02.haj.ipfire.org", Issuer "E7" (not verified)) by mail01.ipfire.org (Postfix) with ESMTPS id 4fpWNb1L1Tz5fY for <patchwork@ipfire.org>; Sun, 05 Apr 2026 12:04:47 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4fpWMz6SYTz37S8 for <patchwork@ipfire.org>; Sun, 05 Apr 2026 12:04:15 +0000 (UTC) X-Original-To: development@lists.ipfire.org Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail01.haj.ipfire.org", Issuer "R12" (not verified)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4fpWMp3yNSz34CL for <development@lists.ipfire.org>; Sun, 05 Apr 2026 12:04:06 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4fpWMm4gQZz6V5; Sun, 05 Apr 2026 12:04:04 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1775390644; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Uq08H7QrZyeLYhtvgJ9CO1vZD+UVrOc17U0TZDveYNo=; b=O3r4e8IBOyqXa7MwgG/PcXrRXnoOp7kJuqqgbsY7h4MB4ozh1k8E3hqqoXBW6rii2ux87z pTCVYpHJpTwIs0Cg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1775390644; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Uq08H7QrZyeLYhtvgJ9CO1vZD+UVrOc17U0TZDveYNo=; b=k9wt1PjbFGMc0fRw3AiSUrWTgdrq5VoRlw0kahJ7ehofocNCH30kL+FZhz2doOn0ZH9zew dhJTJsh7hK2BroZkqI18OSXMBfUXXvbkVYY3hoISoM1cVXg/h25zTiJn9u+B2Emyfg7cU0 g5Xk6TXZFBVZpU88Iz85CH1fpUjDq8xn9yCRfn1A8oGlh/d343Ib90brqYsxCsZthMGiTI V3EG9Fz/ogkC8JRwtrU3me45Lqj7V3LmEHi+CiMh1qlj7BJ7ikmnooWB4FP63y8dWHeCVI 5nkmWOmV6YR9nGxuuWvEEqMWeQVfELcDmYMKNfUyIraaQB5Xq+jE/tHX0KrOMg== From: Adolf Belka <adolf.belka@ipfire.org> To: development@lists.ipfire.org Cc: Adolf Belka <adolf.belka@ipfire.org> Subject: [PATCH] curl: Update to version 8.19.0 Date: Sun, 5 Apr 2026 14:03:36 +0200 Message-ID: <20260405120354.137211-19-adolf.belka@ipfire.org> In-Reply-To: <20260405120354.137211-1-adolf.belka@ipfire.org> References: <20260405120354.137211-1-adolf.belka@ipfire.org> Precedence: list List-Id: <development.lists.ipfire.org> List-Subscribe: <https://lists.ipfire.org/>, <mailto:development+subscribe@lists.ipfire.org?subject=subscribe> List-Unsubscribe: <https://lists.ipfire.org/>, <mailto:development+unsubscribe@lists.ipfire.org?subject=unsubscribe> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development+help@lists.ipfire.org?subject=help> Sender: <development@lists.ipfire.org> Mail-Followup-To: <development@lists.ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit |
| Series |
curl: Update to version 8.19.0
|
|
Commit Message
Adolf Belka
5 Apr 2026, 12:03 p.m. UTC
- Update from version 8.18.0 to 8.19.0
- No change to rootfile
- Changelog
8.19.0
Changes:
o we stopped the bug bounty [23]
o cmake: add `CURL_BUILD_EVERYTHING` option [51]
o initial support for MQTTS [81]
o tool: support fractions for --limit-rate and --max-filesize [79]
o tool_cb_hdr: with -J, use the redirect name as a backup [147]
o vquic: drop support for OpenSSL-QUIC [80]
o windows: add build option to use the native CA store [82]
o windows: bump minimum to Vista (from XP) [12]
Bugfixes:
o altsvc: only accept 17 byte dates from files [22]
o asyn-ares: abort with OOM error when Curl_dnscache_mk_entry fails [107]
o async-ares: blocking resolve timeout handling, better [239]
o badwords: move into ./scripts, speed up [187]
o build: add missing `GENERATEDCERTS` files [210]
o build: adjust minimum version for some clang picky warnings [211]
o build: check `MSG_NOSIGNAL` directly, drop detection and interim macro [26]
o build: constify `memchr()`/`strchr()`/etc result variables (cont.) [85]
o build: detect and include `inttypes.h` again [13]
o build: do not include wolfSSL header in `curl_setup.h` [215]
o build: drop duplicate C includes [54]
o build: drop global suppression of `-Wformat-nonliteral`, fix fallouts [19]
o build: drop unused `snprintf()` feature check on Windows [261]
o build: fix `-Wunused-macros` warnings, and related tidy-ups [176]
o build: fix building rare combinations [109]
o build: fully omit verbose strings and code when disabled [113]
o build: globally suppress DJGPP warnings in `FD_SET()` [56]
o build: merge TrackMemory (`CURLDEBUG`) into debug-enabled option [46]
o build: move curl stat struct type to the curlx namespace [156]
o build: opt-in MSVC to C99-style verbose logging logic [108]
o build: require POSIX `strdup()` [159]
o build: tidy up and dedupe `strdup` functions [162]
o cf-socket: ignore SOCK_CLOEXEC etc for socktype equality checks [226]
o cf-socket: use SOCK_CLOEXEC in socket_open when available [130]
o checksrc-all.pl: skip non-repository files [144]
o checksrc: do not apply `BANNEDFUNC` to struct member functions [35]
o checksrc: warn for leading spaces before the preprocessor hash [72]
o clang-tidy: add missing and delete redundant parentheses [155]
o clang-tidy: add more missing parentheses in macro values [224]
o clang-tidy: avoid/silence `bugprone-not-null-terminated-result` [222]
o clang-tidy: check `bugprone-macro-parentheses`, fix fallouts [212]
o clang-tidy: drop redundant conditions reported by
`misc-redundant-expression` [217]
o clang-tidy: enable `bugprone-signed-char-misuse`, fix fallouts [227]
o clang-tidy: enable more checks [225]
o clang-tidy: enable scanning headers [205]
o clang-tidy: fix issues found with build-fuzzing [275]
o clang-tidy: silence more minor issues found by v22 [276]
o cmake/FindMbedTLS: add workaround for missing static MSVC
`mbedcrypto.lib` 4.0.0 [174]
o cmake: add `CURL_DROP_UNUSED` option to reduce binary sizes [105]
o cmake: add native clang-tidy support for tests, with concatenated
sources [223]
o cmake: always build curlu and curltool test libs in unity mode [190]
o cmake: always define `CURL::win32_winsock` on Windows in
`curl-config.cmake` [104]
o cmake: convert `curl_add_clang_tidy_test_target()` macro to function [281]
o cmake: enable binutils ld workaround for all toolchains at build-time [57]
o cmake: fix `LOCATION` property access condition (debug) [241]
o cmake: fix `LOCATION` property read errors in target debug function [243]
o cmake: fix building with `CMAKE_FIND_PACKAGE_PREFER_CONFIG=ON` [254]
o cmake: fix confusing error when a dependency is undetected in
`curl-config.cmake` [169]
o cmake: fix logic for openssl/zlib binutils ld workaround [71]
o cmake: fix passing system header directories to clang-tidy for tests [221]
o cmake: fix system include directory position for clang-tidy in tests [284]
o cmake: improve clang-tidy test command-line reproduction [242]
o cmake: minor fixes to test targets after prev [214]
o cmake: normalize uppercase hex winver (for display) [191]
o cmake: omit `curl.rc` from curltool lib [209]
o cmake: reference OpenSSL and ZLIB imported targets only when enabled [41]
o cmake: replace internal option with a new `tt` (test tools) target [220]
o cmake: silence potential unused var warnings in C++ test snippet [201]
o cmake: silence silly Apple clang warnings in C89 mode, test in CI [14]
o cmake: silence useless compiler warnings triggered by the FASTBuild
generator [43]
o cmake: skip binutils ld hack if zlib/openssl target is not `IMPORTED` [90]
o cmake: warn for invalid `CURL_TARGET_WINDOWS_VERSION` values [192]
o cmke: add `*_USE_STATIC_LIBS` options for 9 dependencies [49]
o config-plan9: set `HAVE_STDINT_H` again [17]
o config2setopts: acknowledge OOM error from CURLOPT_MIMEPOST [120]
o config2setopts: fix for --disable-aws build configuration [34]
o configure: drop always true `if` check (Windows) [250]
o content_encoding: return 'identity' if none other exists [235]
o curl: add -I and -i to -h important [135]
o curl: limit Windows-specific code to Windows builds, other tidy-ups [48]
o curl_easy_nextheader.md: a new transfer invalidates 'prev' [69]
o curl_get_line: drop single-use macro [93]
o curl_multi_perform.md: resolve inconsistency [143]
o curl_ntlm_core: merge two `#if` blocks [177]
o curl_setup.h: drop extra header guard for internal include [91]
o curl_setup.h: merge back single-use internal header `curl_setup_once.h` [78]
o curl_setup.h: simplify curl memory macro mappings [163]
o curl_setup_once: allow CURL_DEBUGASSERT for customization [125]
o CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md: fix available protocols [97]
o curlx: drop unused `curlx_saferealloc()` [161]
o digest: escape double quotes and backslashes in realm and nonce [83]
o digest: fix memory leak in auth_create_digest_http_message() [263]
o digest: handle quotes in the path [50]
o docs/INSTALL: update configure details [45]
o docs/libcurl: unify WARNING use [89]
o docs: add LibreELEC to DISTROS.md
o docs: add reproducible example for generating man page [95]
o docs: avoid starting sentences with However, [175]
o docs: avoid using the word 'magic' [256]
o docs: clarify --ipv4 and --ipv6 [149]
o docs: document the need for a 64-bit type and stdint.h [118]
o docs: drop basically [229]
o docs: explicitly call out Slowloris as not a security flaw [6]
o docs: fix grammar nitpicks [128]
o docs: handle error in `curl_global_init*` examples [204]
o docs: replace instances of the vague qualifier 'quite' [171]
o docs: reword explanation of --variable option [150]
o docs: some nitpicks [277]
o docs: use dot instead of comma at end of sentences [168]
o easy: reset errorbuf on eyeballing success [179]
o easy: reset pausing when resetting request [218]
o examples/usercertinmem: use modern OpenSSL API, drop mentions of RSA [188]
o examples: improve OpenSSL certificate examples [248]
o examples: omit forward declarations, apply misc fixes [60]
o FAQ: syntax improvements [230]
o fopen.h: simplify curl memory macro mappings [160]
o ftp: replace a `curlx_free()` with `curlx_dyn_free()` [86]
o ftp: split ftp_state_use_port into sub functions [172]
o GOVERNANCE.md: Post-Daniel BDFL [31]
o gss: exclude verbose error logic from non-verbose builds [122]
o h2+h3: align stream close handling [131]
o hostip.c: fix leak of addrinfo [11]
o hostip6: remove debug-only code [24]
o hostip: fix unreachable code in rare build configuration [74]
o http/3: add description for known server error codes [15]
o http1: fix potential NULL dereference in `Curl_h1_req_parse_read()` [268]
o http: only send bearer if auth is allowed [228]
o http_aws_sigv4: fix query normalization of %2b [117]
o imap: add a check for Curl_meta_get() [157]
o imap: check `imap_sendf()` printf masks at compile-time [67]
o imap: skip literals inside quoted strings [30]
o include: avoid recursive macros [182]
o include: mask computed auth/proto bitmasks to 32 bits [145]
o INSTALL-CMAKE.md: document Apple framework options [53]
o INSTALL.md: fix typo [278]
o INSTALL.md: suggest `-Wl,-dead_strip` for Apple targets [68]
o KNOWN_BUGS.md: absolute Unix domain filename for SOCKS on Windows [37]
o ldap: silence clang-tidy v22 warning [279]
o ldap: silence potential unused variable warning (OS400) [55]
o lib: delete unused local includes [181]
o lib: disable websockets early if no http [140]
o lib: make sigpipe handling more lazy [52]
o lib: reorder protocol functions to avoid forward declarations (email) [76]
o lib: reorder protocol functions to avoid forward declarations (ftp) [75]
o lib: reorder protocol functions to avoid forward declarations
(misc cont.) [66]
o lib: reorder protocol functions to avoid forward declarations (misc) [77]
o lib: reorder protocol functions to avoid forward declarations (ssh) [65]
o lib: separate scheme info from protocol implementation [42]
o lib: skip compiling code with features disabled [189]
o lib: use (u)int64_t instead of long long [39]
o libcurl docs: reduce 'since ...' in descriptions [28]
o libcurl-security.md: fix typos and add a point about URLs
o libtests: drop two redundant `memset()`s [110]
o Makefile.am: delete RPM targets referencing non-existent files [9]
o Makefile.am: drop stray VC project files from dist [5]
o managen: silence Perl warnings [141]
o mbedtls: guard TLS 1.3 + session tickets usage inside ifdef [260]
o mbedtls: no pinnedpubkey wo MBEDTLS_SSL_KEEP_PEER_CERTIFICATE [29]
o mbedtls: remove newline from failf() call [25]
o mbedtls: split mbed_connect_step1 into sub functions [166]
o md4, md5: drop redundant forward declarations [64]
o md4, md5: replace custom types with `uint32_t` [111]
o memdebug: include `backtrace.h` as system header [148]
o mime: drop fallback for unused `R_OK` macro [58]
o mimepost: allocate main struct on-demand [20]
o mk-ca-bundle.pl: drop support for obsolete/insecure fingerprint algos [138]
o mod_curltest: silence unused argument compiler warning [63]
o mprintf: drop old sprintf fallback [7]
o mprintf: rename internal enum to avoid collision with AmigaOS symbol [183]
o mprintf: silence clang-tidy `readability-suspicious-call-argument` [262]
o mprintf: use `_snprintf()` when compiled with VS2013 and older [280]
o mqtt: better too-big-message-check [73]
o mqtt: fix EOF handling [231]
o mqtt: verify Remaining Length for CONNACK and PUBACK [153]
o msvc: drop exception, make `BIT()` a bitfield with Visual Studio [2]
o msvc: VS2026: unlock picky warning in cmake, test in CI [198]
o multi: avoid a theoretical 32-bit wrap [186]
o multi: fix unreachable code compiler warning [264]
o multi: probe for IPv6 functionality in multi_init() [114]
o multi: split multi_runsingle into sub functions [197]
o multi: update timer unconditionally in multi_remove_handle [158]
o ngtcp2: stabilize recv [18]
o noproxy: simplify, don't mix const non-const in strchr() [88]
o openldap: avoid forward declarations in ldaps code [62]
o openssl+ech: workaround for insecure handshakes [238]
o openssl: adapt to OpenSSL master adding const to more APIs [253]
o OpenSSL: check reuse of sessions for verify status [142]
o openssl: disable local keylog feature if built-in upstream [178]
o openssl: fix compiler warning with OpenSSL master [193]
o openssl: fix potential NULL dereference when loading certs (Windows) [165]
o openssl: fix potential OOB read in debug/verbose logging [216]
o plan9: drop special build and orphaned references [33]
o proxy-auth: additional tests [232]
o pytest: remove 03_02 [127]
o quiche: use PRIu64 for outputting the stream id [184]
o rand: drop impossible preprocessor branches (wincrypt) [246]
o rand: drop scan-build silencer [245]
o ratelimit: download finetune [16]
o request.h: rename parameter 'buf' to 'req' in Curl_req_send [219]
o REUSE: drop broken reference to `MAIL-ETIQUETTE` [59]
o rtsp: fix assertion failure on zero-length RTP payload [180]
o rtspd: fix to check `realloc()` result [173]
o runtests: pass config filename to stunnel in native format (Windows) [94]
o schannel: refactor: reduce variable scopes, fix comment, fix indent [196]
o send: drop `CURL_UNCONST()` from buffer argument on most platforms [116]
o setopt: fix checking range for CURLOPT_MAXCONNECTS [92]
o setopt: refuse blobs with zero length [167]
o setup-os400.h: drop no longer used custom type `u_int32_t` [112]
o sigpipe: unset SA_SIGINFO since it is using sa_handler [40]
o silent.md: also mention it shuts off warning messages [213]
o smb: free the path in the request struct properly [137]
o smb: include arpa/inet.h for NonStop [195]
o socket: check result of SO_NOSIGPIPE [124]
o socketpair: clear 'err' when retrying due to EINTR [233]
o socketpair: set SO_NOSIGPIPE where possible [103]
o socks: ensure DNS is freed in failure cases. [247]
o src: simplify declaring `curl_ca_embed` [185]
o ssh: dedupe state change function [99]
o stop using the word 'just' [257]
o sws: prevent "connection monitor" to say disconnect twice
o synctime: fix use of uninitialized buffer on non-Windows [234]
o system_win32: replace manual init code with `curlx_now_init()` call [170]
o tests/server/sockfilt: avoid possible endless loop on Windows [101]
o tests/server: drop unused `curlx/version_win32.c` [151]
o tests/server: fix to clear the complete `srvr_sockaddr_union_t` variable [207]
o tests/server: tidy-up error messages (Windows) [102]
o tests: avoid assignment in `if` conditions in `first.h` [126]
o tests: convert base64 data to %b64[] [87]
o tftp: correct the filename length check [70]
o timeout handling: auto-detect effective timeout [121]
o tls: add new SSLSUPP flags for several options [32]
o tls: remove checks for DEFAULT [136]
o tool: enable header separation for HTTPS proxies [106]
o tool: improve config error messaging [208]
o tool: improve error/warning messages when output filename sanitization
fails [36]
o tool: rename curl handle and result variable in `--libcurl`-generated
code [146]
o tool: return code variable consistency [84]
o tool_cb_hdr: suppress header output when --out-null [10]
o tool_cb_prg: drop duplicate preprocessor logic [119]
o tool_dirhie: drop superfluous `F_OK` fallback (Windows) [8]
o tool_doswin: avoid memory-leak with CURL_FN_SANITIZE_* [236]
o tool_doswin: avoid Windowsisms in socket code (cont.) [134]
o tool_doswin: avoid Windowsisms in socket code [139]
o tool_doswin: document `ENABLE_VIRTUAL_TERMINAL_PROCESSING` toolchain
support [44]
o tool_getparam: avoid `-Wcomma` with Apple clang in C89 mode [38]
o tool_operate: remove 'else' for VMS [3]
o tool_operate: reset the URL --url-query between --next [237]
o typos: silence false positives found in C code [164]
o unit3205: suppress two clang-tidy false positives [206]
o URL-SYNTAX.md: fix port number mistakes for IMAP and LDAP [200]
o url.c: code/comment cleanup around conn creation [132]
o url.h: fix `-Wdocumentation` [61]
o url: fix reuse of connections using HTTP Negotiate [100]
o urlapi: use U_CURLU_URLDECODE when toggling it off unsigned [255]
o urldata.h: remove two forward-declared structs not used [4]
o urldata: byebye `conn->hostname_resolve` [240]
o urldata: change 'keep_post' into three distinct bitfields [21]
o urldata: convert 'long' fields to fixed variable types [47]
o urldata: switch to uint* types [1]
o usercertinmem: use the correct cert BIO [249]
o verbose.md: explain the { and } prefixes [96]
o vquic: fix unused variable warning reported by clang-tidy [152]
o vquic: handle SOCKEMSGSIZE correctly [129]
o vtls: dedupe common on-session-reuse logic [98]
o vtls: use ALPN http/1.0 & http/1.1 for HTTP/1.0 requests [123]
o VULN-DISCLOSURE-POLICY.md: push reports to the web form [154]
o VULN-DISCLOSURE-POLICY.md: use hackerone [202]
o winapi: use FormatMessageA instead of FormatMessageW [115]
o windows: `USE_WINSOCK` to guard winsock2 code (where missing) [133]
o windows: determine `RtlVerifyVersionInfo` address on global init [258]
o windows: tidy up `wincrypt.h` / BoringSSL/AWS-LC coexist workaround [203]
o wolfssl: fix build without USE_BIO_CHAIN [27]
o ws/tftp: include header file even when protocol disabled [194]
o x509asn1: make encodeOID stop on too long input [199]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
lfs/curl | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lfs/curl b/lfs/curl index eda7cfec1..3498e12fd 100644 --- a/lfs/curl +++ b/lfs/curl @@ -24,7 +24,7 @@ include Config -VER = 8.18.0 +VER = 8.19.0 THISAPP = curl-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 16e1539616c1800dfa08a5bd3e38ff75d2906a4a574b1541509c69200aebe680b0a5efdf1b1e0c89f3cccb6001bfe1c1459b9fd815053c964e1a1434be1e2e0e +$(DL_FILE)_BLAKE2 = d4a943af9a109893112876784dbe106276317e6cd5a2663f4de143c93abb4e266945fa65b4a5fa842f99240c961b027a1b2492e3e32f5247a91c394895e2b8b0 install : $(TARGET)