Fixed in 7.19.6 - August 12 2009
Release contains security-related bug fix
Changes:
* CURLOPT_FTPPORT (and curl's -P/--ftpport) support port ranges
* Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA
* CURLOPT_QUOTE, CURLOPT_POSTQUOTE and CURLOPT_PREQUOTE can be told to ignore error responses when used with FTP
Bugfixes:
* crash on bad socket close with FTP
* leaking cookie memory when duplicate domains or paths were used
* build fix for Symbian
* CURLOPT_USERPWD set to NULL clears auth credentials
* libcurl-NSS build fixes
* configure script fixed for VMS
* set Content-Length: with POST and PUT failed with NTLM auth
* allow building libcurl for VxWorks
* curl tool exit codes fixed for VMS
* --no-buffer treated correctly
* djgpp build fix
* configure detection of GnuTLS now based on pkg-config as well
* libcurl-NSS client cert handling segfaults
* curl uploading from stdin/pipes now works in non-blocking way so that it continues the downloading even when the read stalls
* ftp credentials are added to the url if needed for http proxies
* curl -o - sends data to stdout using binary mode on windows
* fixed the separators for "array" style string that CURLINFO_CERTINFO returns
* auth problem over several hosts with re-used connection
* improved the support for client certificates in libcurl+NSS
* fix leak in gtls code
* missing algorithms in libcurl+OpenSSL
* with noproxy set you could still get a proxy if a proxy env was set
* rand seeding on libcurl on windows built with OpenSSL was not thread-safe
* fixed the zero byte inserted in cert name flaw in libcurl+OpenSSL
* don't try SNI with SSLv2 or SSLv3 (OpenSSL and GnuTLS builds)
* libcurl+OpenSSL would wrongly acknowledge a cert if CN matched but subjectAltName didn't
* TFTP upload sent illegal TSIZE packets
Binary package hint: curl
curl 7.19.6 has been released
Fixed in 7.19.6 - August 12 2009
Release contains security-related bug fix
Changes:
* CURLOPT_FTPPORT (and curl's -P/--ftpport) support port ranges SSH_KNOWNHOSTS, CURLOPT_ SSH_KEYFUNCTION , CURLOPT_SSH_KEYDATA
* Added CURLOPT_
* CURLOPT_QUOTE, CURLOPT_POSTQUOTE and CURLOPT_PREQUOTE can be told to ignore error responses when used with FTP
Bugfixes:
* crash on bad socket close with FTP
* leaking cookie memory when duplicate domains or paths were used
* build fix for Symbian
* CURLOPT_USERPWD set to NULL clears auth credentials
* libcurl-NSS build fixes
* configure script fixed for VMS
* set Content-Length: with POST and PUT failed with NTLM auth
* allow building libcurl for VxWorks
* curl tool exit codes fixed for VMS
* --no-buffer treated correctly
* djgpp build fix
* configure detection of GnuTLS now based on pkg-config as well
* libcurl-NSS client cert handling segfaults
* curl uploading from stdin/pipes now works in non-blocking way so that it continues the downloading even when the read stalls
* ftp credentials are added to the url if needed for http proxies
* curl -o - sends data to stdout using binary mode on windows
* fixed the separators for "array" style string that CURLINFO_CERTINFO returns
* auth problem over several hosts with re-used connection
* improved the support for client certificates in libcurl+NSS
* fix leak in gtls code
* missing algorithms in libcurl+OpenSSL
* with noproxy set you could still get a proxy if a proxy env was set
* rand seeding on libcurl on windows built with OpenSSL was not thread-safe
* fixed the zero byte inserted in cert name flaw in libcurl+OpenSSL
* don't try SNI with SSLv2 or SSLv3 (OpenSSL and GnuTLS builds)
* libcurl+OpenSSL would wrongly acknowledge a cert if CN matched but subjectAltName didn't
* TFTP upload sent illegal TSIZE packets