| Message ID | 20260504174059.3648098-1-adolf.belka@ipfire.org |
|---|---|
| State | Staged |
| Commit | 67604dfee7798d0df8b98c8871e52cbd9141a1fb |
| Headers |
Return-Path: <development+bounces-2104-patchwork=ipfire.org@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1 raw public key) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R12" (not verified)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4g8TTJ3pz3z3wkB for <patchwork@web04.haj.ipfire.org>; Mon, 04 May 2026 17:41:08 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [IPv6:2001:678:b28::201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail02.haj.ipfire.org", Issuer "E8" (not verified)) by mail01.ipfire.org (Postfix) with ESMTPS id 4g8TTH2Ghzz76X for <patchwork@ipfire.org>; Mon, 04 May 2026 17:41:07 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4g8TTG6bKdz32c1 for <patchwork@ipfire.org>; Mon, 04 May 2026 17:41:06 +0000 (UTC) X-Original-To: development@lists.ipfire.org Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1 raw public key) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R12" (not verified)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4g8TTD1mjyz2xMF for <development@lists.ipfire.org>; Mon, 04 May 2026 17:41:04 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4g8TTC0Phjz3Lp; Mon, 04 May 2026 17:41:02 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1777916463; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=1focHAzpIslxRbJqbC8W9GyMSjlMa1Q77xjIemlYP1s=; b=cFebzN5kpC4Ah1ElEALCuQCyhEfAcSMnnuVLJGYjvo5gOOWQbdmQK9q9OUq4cYzCJUSc9R Oi3qoT/2teCZd3BA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1777916463; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=1focHAzpIslxRbJqbC8W9GyMSjlMa1Q77xjIemlYP1s=; b=MY34T5kIZyKOQq5vuBdNb1A8Hh7w/0hFAgbV8J06Icg5Lz5UzrL80Ieq7WDuU9PRi1+GNC IqwSEVnbB9JuC8GssjOPh6vTcfaJbWq0DvhCgd5DRRdZN4+Hanzxa0h/Lp4E1xXJqV1SR6 yWevOBpaJRQAhRgVDAzmono7ZS9Dz8IAbjgQpFfGMrW3coOZdhx+Vjkmm4421IakK0aSTp jJuw+QLLblh07WywTDZ2VrTf8nR6bKUKAfohrCYf9as/m6XIuz0YS+KEwN7esaF5jFSIBB Zz8elNiU3dbjHGeJi5sW7zo7HPcHIIuKtqmxB9zvWCafj77ni4NVL4WBqA2Iyw== From: Adolf Belka <adolf.belka@ipfire.org> To: development@lists.ipfire.org Cc: Adolf Belka <adolf.belka@ipfire.org> Subject: [PATCH] curl: Update to version 8.20.0 Date: Mon, 4 May 2026 19:40:56 +0200 Message-ID: <20260504174059.3648098-1-adolf.belka@ipfire.org> Precedence: list List-Id: <development.lists.ipfire.org> List-Subscribe: <https://lists.ipfire.org/>, <mailto:development+subscribe@lists.ipfire.org?subject=subscribe> List-Unsubscribe: <https://lists.ipfire.org/>, <mailto:development+unsubscribe@lists.ipfire.org?subject=unsubscribe> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development+help@lists.ipfire.org?subject=help> Sender: <development@lists.ipfire.org> Mail-Followup-To: <development@lists.ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit |
| Series |
curl: Update to version 8.20.0
|
|
Commit Message
Adolf Belka
4 May 2026, 5:40 p.m. UTC
- Update from version 8.19.0 to 8.20.0
- Update of rootfile
- Changelog
8.20.0
Changes:
async-thrdd: use thread queue for resolving
build: make NTLM disabled by default
cmake: drop support for CMake 3.17 and older
lib: add thread pool and queue
lib: drop support for < c-ares 1.16.0
lib: make SMB support opt-in
multi.h: add CURLMNWC_CLEAR_ALL
rtmp: drop support
Bugfixes:
altsvc: cap the list at 5,000 entries
altsvc: drop the prio field from the struct
altsvc: skip expired entries read from file
asyn-ares: connect async
asyn-ares: drop orphaned variable references
asyn-ares: fix HTTPS-lookup when not on port 443
asyn-thrdd: drop redundant `result` check
asyn-thrdd: fix clang-tidy unused value warning
async-ares: fix query counter handling
autotools: limit checksrc target to ignore non-repo test sources
badwords-all: exit with correct code on errors
badwords: combine the whitelisting into a single regex
badwords: detect the the and with with
badwords: only check comments and strings in source code
badwords: rework exceptions, fix many of them
boringssl: fix more coexist cases with Schannel/WinCrypt
build: adjust/add casts to fix `-Wformat-signedness`
build: assume `snprintf()` in `mprintf`, drop feature check
build: compiler warning silencing tidy-ups
build: drop `openssl` module dependency for BoringSSL from `libcurl.pc`
build: drop duplicate `pthread.h` includes
build: drop redundant `USE_QUICHE` guards
build: enable `-Wimplicit-int-enum-cast` compiler warning, fix issues
build: fix `-Wformat-signedness` by adjusting printf masks
build: link `bcrypt.lib` via vcxproj files
build: skip detecting `pipe2()` for Apple targets
cf-https-connect: silence `-Wimplicit-int-enum-cast` with HTTPS-RR
cf-https-connect: silence `-Wimplicit-int-enum-cast` with HTTPS-RR
cf-ip-happy: limit concurrent attempts
cf-socket: avoid low risk integer overflow on ancient Solaris
cfilters: fix Curl_pollset_poll() return code mixup
clang-tidy: avoid assignments in `if` expressions
clang-tidy: enable more checks, fix fallouts
cmake: add CMake Config-based dependency detection
cmake: add CMake Config-based dependency detection for c-ares, wolfSSL
cmake: document functions used from Windows system DLLs
cmake: enable pthreads for BoringSSL/AWS-LC
cmake: resolve targets recursively when generating `libcurl.pc`
cmake: rework binutils ld hack to not read `LOCATION` property
cmake: silence bad library `Threads::Threads` warning
cmake: use `AIX` built-in variable (with CMake 4.0+)
config2setopts: make --capath work in proxy disabled builds
configure: fix `--with-ngtcp2=<path>` option for crypto libs
configure: fix LibreSSL ngtcp2 1.15.0+ crypto lib selection logic
configure: prefer dependency-specific variables over `$withval`
configure: remove superfluous experimental warning for HTTP/3
configure: silence useless clang warnings in C89 builds
configure: tidy up comments
connect: fix typo on error message
cookie: fix rejection when tabs in value
curl-wolfssl.m4: fix to use the correct value for pkg-config directory
curl.h: replace macros with C++-friendly method to enforce 3 args
curl_ctype.h: fix spelling in a couple of locally used macros
curl_get_line: error out on read errors
curl_get_line: fix potential infinite loop when filename is a directory
curl_ngtcp2: extend and update callbacks for 1.22.0+
curl_ntlm_core: drop redundant PP condition
curl_ntlm_core: use wolfCrypt DES API with wolfSSL
curl_setup.h: drop stray/unused `USE_OPENSSL_QUIC` guard
curl_sha512_256: support delegating to wolfSSL API
curl_version_info.md: clarify age details
CURLOPT_HAPROXY_CLIENT_IP.md: mention assumption on data format
CURLOPT_RTSP_SESSION_ID.md: clarify reuse "dangers"
CURLOPT_RTSP_SESSION_ID.md: expand the comment
CURLOPT_RTSP_SESSION_ID.md: minor language fix
CURLOPT_SOCKS5_AUTH.md: an access property
CURLOPT_SSL_CTX_FUNCTION.md: expand on effects connection reuse
CURLOPT_UPLOAD_FLAGS.md: expand
curlx_now(), prevent zero timestamp
DEPRECATE: fix minor release number typo
digest: pass in the username quoted (as well)
dns: https-eyeballing async
dnscache: own source file, improvements
docs/cmdline-opts: tidy up retry-connrefused
docs/lib: fix typos
docs/libcurl: improve easy setopt examples
docs: clarify retry-max-time timing
docs: CURLOPT_LOGIN_OPTIONS is a login property
docs: enable more compiler warnings for C snippets, fix 3 finds
docs: list more dependencies for running Python HTTP tests
docs: mention more zip bomb precautions
docs: minor wording tweaks
docs: noproxy wants the punycoded hostname version
docs: SSH host verification is done at connect time
docs: use the correct CURLOPT_WRITEFUNCTION signature
doh: fix memory-leak when doing a second DoH resolve
doh: remove superfluous doh_req check
examples/websocket: fix to sleep more on Windows
examples: drop warning silencers no longer hit
examples: fix typo in comment
file: init fd to -1 to prevent close fd 0 on early failure
fopen: for temp files, inherit permissions only for owner
ftp: do not strdup DATA hostname
ftp: make the MDTM date parser stricter (again)
ftp: reject PWD responses containing control characters
gcc: guard `#pragma diagnostic` in core code for <4.6
generate.bat: remove extra % from VC11 and VC12 runs
genserv.pl: make external calls safe
getinfo: initialize `PureInfo` field `used_proxy`
getinfo: repair CURLINFO_TLS_SESSION
gnutls: fix clang-tidy warning with !verbose
gtls: fail for large files in `load_file()`
h3: HTTPS-RR use in HTTP/3
Happy Eyeballs: add resolution time delay
haproxy: use correct ip version on client supplied address
hostip: clear the sockaddr_in6 structure before use
hostip: init the curl_jmpenv_lock appropriately
hostip: resolve user supplied ip addresses
HSTS: cap the list
hsts: make the HSTS read callback handle name dupes
hsts: skip expired HSTS entries read from file
hsts: when a dupe host adds subdomains, use that
http2: clear the h2 session at delete
http2: prevent secure schemes pushed over insecure connections
http2: return error on OOM in push headers
HTTP3.md: drop outdated mentions of OpenSSL-QUIC
http: clear credentials better on redirect
http: clear digest nonce on cross-origin redirect
http: clear the proxy credentials as well on port or scheme change
http: fix auth_used and auth_avail
http: fix Curl_compareheader for multi value headers
http: make Curl_compareheader handle multiple commas in header
http: on 303, switch to GET
http: use header_has_value() instead of duplicate code
imap: reset the UIDVALIDITY state between transfers
include: drop badword from public headers
INSTALL.md: update Cygwin instructions
keylog.h: replace literal number with macro in declaration
keylog: drop unused/redundant includes and guards
ldap: drop duplicate `ldap_set_option()` on Windows
ldap: fix to initialize cleartext connection on Windows
lib1560: fix comment typo
lib1960: fix test failure
lib: accept larger input to md5/hmac/sha256/sha512 functions
lib: always use Curl_1st_fatal instead of Curl_1st_err
lib: fix typos in comments
lib: make resolving HTTPS DNS records reliable:
lib: minor comment typos
lib: move request specific allocations to the request struct
lib: replace `PRI*32` printf masks with C89 ones
libssh2: allocate libssh2-friendly memory in kbd_callback
libssh2: fix error handling on quote errors
libssh: fix 64-bit printf mask for mingw-w64 <=6.0.0
libssh: fix `-Wsign-compare` in 32-bit builds
libssh: path length precaution
libssh: propagate error back in SFTP function
libtest: drop duplicate include
location/follow: mention netrc
man: fix argument type for `CURLSHOPT_[UN]SHARE` options
mbedtls: cleanup more without care for 'initialized'
mbedtls: fix ECJPAKE matching
mbedtls: remove failf() call with first argument as NULL
md4, md5: switch to wolfCrypt API in wolfSSL builds
mime: only allow 40 levels of calls
misc: fix code quality findings
mk-ca-bundle.pl: make `ca-bundle.crt` timestamp match `certdata.txt`'s
multi: enhance pending handles fairness
multi: fix connection retry for non-http
multi: improve wakeup and wait code
netrc: find login-less password when user is given in URL
netrc: remove unused parsenetrc() macro for netrc-disabled
netrc: skip malformed macdef lines
openssl channel_binding: lookup digest algorithm without NID
openssl: drop obsolete SSLv2 logic
openssl: fix build with 4.0.0-beta1 no-deprecated
openssl: fix memory leaks in ECH code (OpenSSL 3)
openssl: fix unused variable warnings in !verbose builds
openssl: trace count of found / imported Windows native CA roots
OS400: add new definitions to the ILE/RPG binding.
os400sys: fix typo in comment (symmetry)
parsedate: bsearch the time zones
parsedate: fix wrong treatment of "military time zones"
parsedate: refactor
perl: harden external command invocations
progress: count amount of data "delivered" to application
protocol.h: fix the CURLPROTO_MASK
protocol: disable connection reuse for SMB(S)
protocol: use scheme names lowercase
proxy: chunked response, error code
pytest: add additional quiche check for flaky test_05_01
pytest: check 429 handling
rand: use `BCryptGenRandom()` in UWP builds
ratelimit: reset on start
request: reset resp_trailer in new requests
runtests: skip setting ed25519 SSH key format
rustls: fix memory leak on repeated SSLKEYLOGFILE fails
rustls: handle EOF during initial handshake
schannel: increase renegotiation timeout to 60 seconds
scripts: drop redundant double-quotes: `"$var"` -> `$var` (Perl)
scripts: harden / tidy up more Perl `system()` calls
sendf: fix CR detection if no LF is in the chunk
setopt: fix typos in comments
setopt: move CURLOPT_CURLU
setup connection filter: mark as setup
sha256, sha512_256: switch to wolfCrypt API
sha256: support delegating to wolfSSL API
share: concurrency handling, easy updates
share: do bitshifts after the type is checked to be valid
socks: reject zero-length GSSAPI/SSPI tokens from proxy
socks: use dns filter for resolving
spelling: fix typos
src: use ftruncate() unconditionally
sshserver.pl: harden more `system()` calls
sshserver.pl: pass command-line to `system()` safely
strerr: correct the strerror_s() return code condition
sws: fix potential OOB write
synctime: fix off-by-one read and write to a read-only buffer (Windows)
test 766: flag as timing-dependent
test1675: unit tests for URL API helper functions
test459: switch to mode="warn" for stderr check
testcurl.pl: replace shell commands with Perl `rmtree()`
tests/unit/README: describe how to unit test static functions
tests: avoid infinite recursion for `make check`
tests: use %b64[] instead of "raw" base64
tool: check for curlinfo->age when determining if ssh backend
tool: fix memory mixups
tool: fix retries in parallel mode
tool: fix two more allocator mismatches
tool_cb_hdr: only truncate etags output when regular file
tool_cb_rea: make waitfd() return void
tool_cb_wrt: fix no-clobber error handling
tool_cfgable: free the SSL signature algorithms
tool_formparse: propagate my_get_line errors when reading headers
tool_getparam: use correct free function for libcurl memory
tool_ipfs: accept IPFS gateway URL without set port number
tool_msgs: avoid null pointer deref for early errors
tool_operate: actually apply the --parallel-max-host limit
tool_operate: drop the scheme-guessing in the -G handling
tool_operate: fix condition for loading `curl-ca-bundle.crt` (Windows)
tool_operate: fix memory-leak on failed uploads
tool_operate: fix minor memory-leak on early error
tool_operate: reset the upload glob counter for next URL
tool_operhlp: fix `add_file_name_to_url()` result on OOM
tool_operhlp: iterate through all slashes to find name
tool_operhlp: propagate low-level OOM in `add_file_name_to_url()`
tool_setopt: return error on OOM correctly
tool_urlglob: fix memory-leak on glob range overflow
top-complexity: prevent filename-based shell injection risk
transfer: clear the old autoreferer
transfer: clear the URL pointer in OOM to avoid UAF
transfer: enable custom methods again on next transfer
transfer: enhance secure check
unit1675: fix `-Wformat-signedness`
url: do not reuse a non-tls starttls connection if new requires TLS
url: improve connection reuse on negotiate
url: init req.no_body in DO so that it works for h2 push
url: set default upload flags to CURLULFLAG_SEEN
url: use the socks type for socks proxy
url: use URL for lowercase URL even in comments
urlapi: fix handling of "file:///"
urlapi: make dedotdotify handle leading dots correctly
urlapi: same origin tests
urlapi: stop extracting hostname from file:// URLs on Windows
urlapi: verify the last letter of a scheme when set explicitly
urldata.h: fix typo and lingering backtick
urldata: connection bit ipv6_ip is wrong
urldata: import port types and conn destination format
urldata: make hstslist only present in HSTS builds
urldata: make speeder_c uint32
urldata: move cookiehost to struct SingleRequest
urldata: remove trailers_state
vquic: fix variable name in fallback code
vtls: fix comment typos and tidy up a type
vtls: log when key logging is enabled.
vtls_scache: check reentrancy
vtls_scache: include cert_blob independently of verifypeer
wolfssl: document v5.0.0 (2021-11-01) as minimum required
wolfssl: fix `-Wmissing-prototypes`
wolfssl: fix handling of abrupt connection close
ws: fix a blocking curl_ws_send() to report written length correctly
x509asn1: fix to return error in an error case from `encodeOID()`
x509asn1: fixed and adapted for ASN1tostr unit testing
x509asn1: improve encodeOID
8.19.0
Changes:
BUG-BOUNTY.md: we stop the bug-bounty end of Jan 2026
cmake: add `CURL_BUILD_EVERYTHING` option
mqtt: initial support for MQTTS
tool: support fractions for --limit-rate and --max-filesize
tool_cb_hdr: with -J, use the redirect name as a backup
vquic: drop support for OpenSSL-QUIC
windows: add build option to use the native CA store
windows: bump minimum to Vista (from XP)
Bugfixes:
altsvc: only accept 17 byte dates from files
asyn-ares: abort with OOM error when Curl_dnscache_mk_entry fails
async-ares: blocking resolve timeout handling, better
badwords: move into ./scripts, speed up
build: add missing `GENERATEDCERTS` files
build: adjust minimum version for some clang picky warnings
build: check `MSG_NOSIGNAL` directly, drop detection and interim macro
build: constify `memchr()`/`strchr()`/etc result variables (cont.)
build: detect and include `inttypes.h` again
build: do not include wolfSSL header in `curl_setup.h`
build: drop duplicate C includes
build: drop global suppression of `-Wformat-nonliteral`, fix fallouts
build: drop unused `snprintf()` feature check on Windows
build: fix `-Wunused-macros` warnings, and related tidy-ups
build: fix building rare combinations
build: fully omit verbose strings and code when disabled
build: globally suppress DJGPP warnings in `FD_SET()`
build: merge TrackMemory (`CURLDEBUG`) into debug-enabled option
build: move curl stat struct type to the curlx namespace
build: opt-in MSVC to C99-style verbose logging logic
build: require POSIX `strdup()`
build: tidy up and dedupe `strdup` functions
cf-socket: ignore SOCK_CLOEXEC etc for socktype equality checks
cf-socket: use SOCK_CLOEXEC in socket_open when available
checksrc-all.pl: skip non-repository files
checksrc: do not apply `BANNEDFUNC` to struct member functions
checksrc: warn for leading spaces before the preprocessor hash
clang-tidy: add missing and delete redundant parentheses
clang-tidy: add more missing parentheses in macro values
clang-tidy: avoid/silence `bugprone-not-null-terminated-result`
clang-tidy: check `bugprone-macro-parentheses`, fix fallouts
clang-tidy: drop redundant conditions reported by `misc-redundant-expression`
clang-tidy: enable `bugprone-signed-char-misuse`, fix fallouts
clang-tidy: enable more checks
clang-tidy: enable scanning headers
clang-tidy: fix issues found with build-fuzzing
clang-tidy: silence more minor issues found by v22
cmake/FindMbedTLS: add workaround for missing static MSVC `mbedcrypto.lib` 4.0.0
cmake: add `CURL_DROP_UNUSED` option to reduce binary sizes
cmake: add native clang-tidy support for tests, with concatenated sources
cmake: always build curlu and curltool test libs in unity mode
cmake: always define `CURL::win32_winsock` on Windows in `curl-config.cmake`
cmake: convert `curl_add_clang_tidy_test_target()` macro to function
cmake: enable binutils ld workaround for all toolchains at build-time
cmake: fix `LOCATION` property access condition (debug)
cmake: fix `LOCATION` property read errors in target debug function
cmake: fix building with `CMAKE_FIND_PACKAGE_PREFER_CONFIG=ON`
cmake: fix confusing error when a dependency is undetected in `curl-config.cmake`
cmake: fix logic for openssl/zlib binutils ld workaround
cmake: fix passing system header directories to clang-tidy for tests
cmake: fix system include directory position for clang-tidy in tests
cmake: improve clang-tidy test command-line reproduction
cmake: minor fixes to test targets after prev
cmake: normalize uppercase hex winver (for display)
cmake: omit `curl.rc` from curltool lib
cmake: reference OpenSSL and ZLIB imported targets only when enabled
cmake: replace internal option with a new `tt` (test tools) target
cmake: silence potential unused var warnings in C++ test snippet
cmake: silence silly Apple clang warnings in C89 mode, test in CI
cmake: silence useless compiler warnings triggered by the FASTBuild generator
cmake: skip binutils ld hack if zlib/openssl target is not `IMPORTED`
cmake: warn for invalid `CURL_TARGET_WINDOWS_VERSION` values
cmke: add `*_USE_STATIC_LIBS` options for 9 dependencies
config-plan9: set `HAVE_STDINT_H` again
config2setopts: acknowledge OOM error from CURLOPT_MIMEPOST
config2setopts: fix for --disable-aws build configuration
configure: drop always true `if` check (Windows)
content_encoding: return 'identity' if none other exists
curl: add -I and -i to -h important
curl: limit Windows-specific code to Windows builds, other tidy-ups
curl_easy_nextheader.md: a new transfer invalidates 'prev'
curl_get_line: drop single-use macro
curl_multi_perform.md: resolve inconsistency
curl_ntlm_core: merge two `#if` blocks
curl_setup.h: drop extra header guard for internal include
curl_setup.h: merge back single-use internal header `curl_setup_once.h`
curl_setup.h: simplify curl memory macro mappings
curl_setup_once: allow CURL_DEBUGASSERT for customization
CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md: fix available protocols
curlx: drop unused `curlx_saferealloc()`
digest: escape double quotes and backslashes in realm and nonce
digest: fix memory leak in auth_create_digest_http_message()
digest: handle quotes in the path
docs/INSTALL: update configure details
docs/libcurl: unify WARNING use
docs: add LibreELEC to DISTROS.md
docs: add reproducible example for generating man page
docs: avoid starting sentences with However,
docs: avoid using the word 'magic'
docs: clarify --ipv4 and --ipv6
docs: document the need for a 64-bit type and stdint.h
docs: drop basically
docs: explicitly call out Slowloris as not a security flaw
docs: fix grammar nitpicks
docs: handle error in `curl_global_init*` examples
docs: replace instances of the vague qualifier 'quite'
docs: reword explanation of --variable option
docs: some nitpicks
docs: use dot instead of comma at end of sentences
easy: reset errorbuf on eyeballing success
easy: reset pausing when resetting request
examples/usercertinmem: use modern OpenSSL API, drop mentions of RSA
examples: improve OpenSSL certificate examples
examples: omit forward declarations, apply misc fixes
FAQ: syntax improvements
fopen.h: simplify curl memory macro mappings
ftp: replace a `curlx_free()` with `curlx_dyn_free()`
ftp: split ftp_state_use_port into sub functions
GOVERNANCE.md: Post-Daniel BDFL
gss: exclude verbose error logic from non-verbose builds
h2+h3: align stream close handling
hostip.c: fix leak of addrinfo
hostip6: remove debug-only code
hostip: fix unreachable code in rare build configuration
http/3: add description for known server error codes
http1: fix potential NULL dereference in `Curl_h1_req_parse_read()`
http: only send bearer if auth is allowed
http_aws_sigv4: fix query normalization of %2b
imap: add a check for Curl_meta_get()
imap: check `imap_sendf()` printf masks at compile-time
imap: skip literals inside quoted strings
include: avoid recursive macros
include: mask computed auth/proto bitmasks to 32 bits
INSTALL-CMAKE.md: document Apple framework options
INSTALL.md: fix typo
INSTALL.md: suggest `-Wl,-dead_strip` for Apple targets
KNOWN_BUGS.md: absolute Unix domain filename for SOCKS on Windows
ldap: silence clang-tidy v22 warning
ldap: silence potential unused variable warning (OS400)
lib: delete unused local includes
lib: disable websockets early if no http
lib: make sigpipe handling more lazy
lib: reorder protocol functions to avoid forward declarations (email)
lib: reorder protocol functions to avoid forward declarations (ftp)
lib: reorder protocol functions to avoid forward declarations (misc cont.)
lib: reorder protocol functions to avoid forward declarations (misc)
lib: reorder protocol functions to avoid forward declarations (ssh)
lib: separate scheme info from protocol implementation
lib: skip compiling code with features disabled
lib: use (u)int64_t instead of long long
libcurl docs: reduce 'since ...' in descriptions
libcurl-security.md: fix typos and add a point about URLs
libtests: drop two redundant `memset()`s
Makefile.am: delete RPM targets referencing non-existent files
Makefile.am: drop stray VC project files from dist
managen: silence Perl warnings
mbedtls: guard TLS 1.3 + session tickets usage inside ifdef
mbedtls: no pinnedpubkey wo MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
mbedtls: remove newline from failf() call
mbedtls: split mbed_connect_step1 into sub functions
md4, md5: drop redundant forward declarations
md4, md5: replace custom types with `uint32_t`
memdebug: include `backtrace.h` as system header
mime: drop fallback for unused `R_OK` macro
mimepost: allocate main struct on-demand
mk-ca-bundle.pl: drop support for obsolete/insecure fingerprint algos
mod_curltest: silence unused argument compiler warning
mprintf: drop old sprintf fallback
mprintf: rename internal enum to avoid collision with AmigaOS symbol
mprintf: silence clang-tidy `readability-suspicious-call-argument`
mprintf: use `_snprintf()` when compiled with VS2013 and older
mqtt: better too-big-message-check
mqtt: fix EOF handling
mqtt: verify Remaining Length for CONNACK and PUBACK
msvc: drop exception, make `BIT()` a bitfield with Visual Studio
msvc: VS2026: unlock picky warning in cmake, test in CI
multi: avoid a theoretical 32-bit wrap
multi: fix unreachable code compiler warning
multi: probe for IPv6 functionality in multi_init()
multi: split multi_runsingle into sub functions
multi: update timer unconditionally in multi_remove_handle
ngtcp2: stabilize recv
noproxy: simplify, don't mix const non-const in strchr()
openldap: avoid forward declarations in ldaps code
openssl+ech: workaround for insecure handshakes
openssl: adapt to OpenSSL master adding const to more APIs
OpenSSL: check reuse of sessions for verify status
openssl: disable local keylog feature if built-in upstream
openssl: fix compiler warning with OpenSSL master
openssl: fix potential NULL dereference when loading certs (Windows)
openssl: fix potential OOB read in debug/verbose logging
plan9: drop special build and orphaned references
proxy-auth: additional tests
pytest: remove 03_02
quiche: use PRIu64 for outputting the stream id
rand: drop impossible preprocessor branches (wincrypt)
rand: drop scan-build silencer
ratelimit: download finetune
request.h: rename parameter 'buf' to 'req' in Curl_req_send
REUSE: drop broken reference to `MAIL-ETIQUETTE`
rtsp: fix assertion failure on zero-length RTP payload
rtspd: fix to check `realloc()` result
runtests: pass config filename to stunnel in native format (Windows)
schannel: refactor: reduce variable scopes, fix comment, fix indent
send: drop `CURL_UNCONST()` from buffer argument on most platforms
setopt: fix checking range for CURLOPT_MAXCONNECTS
setopt: refuse blobs with zero length
setup-os400.h: drop no longer used custom type `u_int32_t`
sigpipe: unset SA_SIGINFO since it is using sa_handler
silent.md: also mention it shuts off warning messages
smb: free the path in the request struct properly
smb: include arpa/inet.h for NonStop
socket: check result of SO_NOSIGPIPE
socketpair: clear 'err' when retrying due to EINTR
socketpair: set SO_NOSIGPIPE where possible
socks: ensure DNS is freed in failure cases.
src: simplify declaring `curl_ca_embed`
ssh: dedupe state change function
stop using the word 'just'
sws: prevent "connection monitor" to say disconnect twice
synctime: fix use of uninitialized buffer on non-Windows
system_win32: replace manual init code with `curlx_now_init()` call
tests/server/sockfilt: avoid possible endless loop on Windows
tests/server: drop unused `curlx/version_win32.c`
tests/server: fix to clear the complete `srvr_sockaddr_union_t` variable
tests/server: tidy-up error messages (Windows)
tests: avoid assignment in `if` conditions in `first.h`
tests: convert base64 data to %b64[]
tftp: correct the filename length check
timeout handling: auto-detect effective timeout
tls: add new SSLSUPP flags for several options
tls: remove checks for DEFAULT
tool: enable header separation for HTTPS proxies
tool: improve config error messaging
tool: improve error/warning messages when output filename sanitization fails
tool: rename curl handle and result variable in `--libcurl`-generated code
tool: return code variable consistency
tool_cb_hdr: suppress header output when --out-null
tool_cb_prg: drop duplicate preprocessor logic
tool_dirhie: drop superfluous `F_OK` fallback (Windows)
tool_doswin: avoid memory-leak with CURL_FN_SANITIZE_*
tool_doswin: avoid Windowsisms in socket code (cont.)
tool_doswin: avoid Windowsisms in socket code
tool_doswin: document `ENABLE_VIRTUAL_TERMINAL_PROCESSING` toolchain support
tool_getparam: avoid `-Wcomma` with Apple clang in C89 mode
tool_operate: remove 'else' for VMS
tool_operate: reset the URL --url-query between --next
typos: silence false positives found in C code
unit3205: suppress two clang-tidy false positives
URL-SYNTAX.md: fix port number mistakes for IMAP and LDAP
url.c: code/comment cleanup around conn creation
url.h: fix `-Wdocumentation`
url: fix reuse of connections using HTTP Negotiate
urlapi: use U_CURLU_URLDECODE when toggling it off unsigned
urldata.h: remove two forward-declared structs not used
urldata: byebye `conn->hostname_resolve`
urldata: change 'keep_post' into three distinct bitfields
urldata: convert 'long' fields to fixed variable types
urldata: switch to uint* types
usercertinmem: use the correct cert BIO
verbose.md: explain the { and } prefixes
vquic: fix unused variable warning reported by clang-tidy
vquic: handle SOCKEMSGSIZE correctly
vtls: dedupe common on-session-reuse logic
vtls: use ALPN http/1.0 & http/1.1 for HTTP/1.0 requests
VULN-DISCLOSURE-POLICY.md: push reports to the web form
VULN-DISCLOSURE-POLICY.md: use hackerone
winapi: use FormatMessageA instead of FormatMessageW
windows: `USE_WINSOCK` to guard winsock2 code (where missing)
windows: determine `RtlVerifyVersionInfo` address on global init
windows: tidy up `wincrypt.h` / BoringSSL/AWS-LC coexist workaround
wolfssl: fix build without USE_BIO_CHAIN
ws/tftp: include header file even when protocol disabled
x509asn1: make encodeOID stop on too long input
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/rootfiles/common/curl | 3 +++
lfs/curl | 4 ++--
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl index 9eb01f389..96daee9e6 100644 --- a/config/rootfiles/common/curl +++ b/config/rootfiles/common/curl @@ -82,6 +82,7 @@ usr/lib/libcurl.so.4.8.0 #usr/share/man/man3/CURLINFO_RTSP_SERVER_CSEQ.3 #usr/share/man/man3/CURLINFO_RTSP_SESSION_ID.3 #usr/share/man/man3/CURLINFO_SCHEME.3 +#usr/share/man/man3/CURLINFO_SIZE_DELIVERED.3 #usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD.3 #usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD_T.3 #usr/share/man/man3/CURLINFO_SIZE_UPLOAD.3 @@ -120,6 +121,8 @@ usr/lib/libcurl.so.4.8.0 #usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3 #usr/share/man/man3/CURLMOPT_PUSHDATA.3 #usr/share/man/man3/CURLMOPT_PUSHFUNCTION.3 +#usr/share/man/man3/CURLMOPT_QUICK_EXIT.3 +#usr/share/man/man3/CURLMOPT_RESOLVE_THREADS_MAX.3 #usr/share/man/man3/CURLMOPT_SOCKETDATA.3 #usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3 #usr/share/man/man3/CURLMOPT_TIMERDATA.3 diff --git a/lfs/curl b/lfs/curl index 3498e12fd..3e5b78ecc 100644 --- a/lfs/curl +++ b/lfs/curl @@ -24,7 +24,7 @@ include Config -VER = 8.19.0 +VER = 8.20.0 THISAPP = curl-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = d4a943af9a109893112876784dbe106276317e6cd5a2663f4de143c93abb4e266945fa65b4a5fa842f99240c961b027a1b2492e3e32f5247a91c394895e2b8b0 +$(DL_FILE)_BLAKE2 = 5b61a1099212af9b3c18629fd0b6c93881014e7b02ed5171021a2a074a87786ff8f8e94a47c53c3ca83354cfbe74f7d917cae819c97011c0ff9e4ace014e01c2 install : $(TARGET)