RELEASE-NOTES: synced

bumped to 8.1.1

RELEASE-NOTES

@@ -1,6 +1,6 @@
-curl and libcurl 8.1.0
+curl and libcurl 8.1.1
 
- Public curl releases:         217
+ Public curl releases:         218
  Command line options:         251
  curl_easy_setopt() options:   302
  Public functions in libcurl:  91
@@ -8,198 +8,11 @@ curl and libcurl 8.1.0
 
 This release includes the following changes:
 
- o curl: add --proxy-http2 [62]
- o CURLPROXY_HTTPS2: for HTTPS proxy that may speak HTTP/2 [57]
- o hostip: refuse to resolve the .onion TLD [19]
- o tool_writeout: add URL component variables [41]
+ o
 
 This release includes the following bugfixes:
 
- o amiga: Fix CA certificate paths for AmiSSL and MorphOS [150]
- o autotools: sync up clang picky warnings with cmake [114]
- o aws-sigv4.d: fix region identifier in example [168]
- o bufq: simplify since expression is always true [72]
- o cf-h1-proxy: skip an extra NULL assign [80]
- o cf-h2-proxy: fix processing ingress to stop too early [76]
- o cf-socket: add socket recv buffering for most tcp cases [90]
- o cf-socket: Disable socket receive buffer by default [75]
- o cf-socket: remove dead code discovered by PVS [82]
- o cf-socket: turn off IPV6_V6ONLY on Windows if it is supported [123]
- o checksrc: check for spaces before the colon of switch labels [160]
- o checksrc: find bad indentation in conditions without open brace [152]
- o checksrc: fix SPACEBEFOREPAREN for conditions starting with "*" [115]
- o ci: `-Wno-vla` no longer necessary [158]
- o CI: fix brew retries on GHA
- o CI: Set minimal permissions on workflow ngtcp2-quictls.yml [153]
- o CI: skip Azure for commits which change only GHA
- o CI: use another glob syntax for matching files on Appveyor
- o cmake: bring in the network library on Haiku [9]
- o cmake: do not add zlib headers for openssl [49]
- o CMake: make config version 8 compatible with 7 [28]
- o cmake: picky-linker fixes for openssl, ZLIB, H3 and more [31]
- o cmake: set SONAME for SunOS too [3]
- o cmake: speed up and extend picky clang/gcc options [116]
- o CMakeLists.txt: fix typo for Haiku detection [95]
- o compressed.d: clarify the words on "not notifying headers" [163]
- o config-dos.h: fix SIZEOF_CURL_OFF_T for MS-DOS/DJGPP [52]
- o configure: don't set HAVE_WRITABLE_ARGV on Windows [64]
- o configure: fix detection of apxs (for httpd) [157]
- o configure: make quiche require quiche_conn_send_ack_eliciting [46]
- o connect: fix https connection setup to treat ssl_mode correctly [94]
- o content_encoding: only do transfer-encoding compression if asked to [61]
- o cookie: address PVS nits [74]
- o cookie: clarify that init with data set to NULL reads no file [99]
- o curl: do NOT append file name to path for upload when there's a query [58]
- o curl_easy_getinfo.3: typo fix (duplicated "from the") [43]
- o curl_easy_unescape.3: rename the argument [113]
- o curl_path: bring back support for SFTP path ending in /~ [130]
- o curl_url_set.3: mention that users can set content rather freely [105]
- o CURLOPT_IPRESOLVE.3: this for host names, not IP addresses [165]
- o data.d: emphasize no conversion [5]
- o digest: clear target buffer [8]
- o doc: curl_mime_init() strong easy binding was relaxed in 7.87.0 [26]
- o docs/cmdline-opts: document the dotless config path [1]
- o docs/examples/protofeats.c: outputs all protocols and features [110]
- o docs/libcurl/curl_*escape.3: rename "url" argument to "input"/"string" [131]
- o docs/SECURITY-ADVISORY.md: how to write a curl security advisory [128]
- o docs: bump the minimum perl version to 5.6
- o docs: clarify that more backends have HTTPS proxy support [127]
- o dynbuf: never allocate larger than "toobig" [17]
- o easy_cleanup: require a "good" handle to act [149]
- o ftp: fix 'portsock' variable was assigned the same value [78]
- o ftp: remove dead code [79]
- o ftplistparser: move out private data from public struct [20]
- o ftplistparser: replace realloc with dynbuf [18]
- o gen.pl: error on duplicated See-Also fields [102]
- o getpart: better handle case of file not found
- o GHA-linux: add an address-sanitizer build [15]
- o GHA: add a memory-sanitizer job [2]
- o GHA: run all linux test jobs with valgrind [14]
- o GHA: suppress git clone output [89]
- o GIT-INFO: add --with-openssl [171]
- o gskit: various compile errors in OS400 [12]
- o h2/h3: replace `state.drain` counter with `state.dselect_bits` [141]
- o hash: fix assigning same value [73]
- o headers: clear (possibly) lingering pointer in init [167]
- o hostcheck: fix host name wildcard checking [134]
- o hostip: add locks around use of global buffer for alarm() [129]
- o hostip: enforce a maximum DNS cache size independent of timeout value [166]
- o HTTP-COOKIES.md: mention the #HttpOnly_ prefix [16]
- o http2: always EXPIRE_RUN_NOW unpaused http/2 transfers [139]
- o http2: do flow window accounting for cancelled streams [155]
- o http2: enlarge the connection window [101]
- o http2: flow control and buffer improvements [54]
- o http2: move HTTP/2 stream vars into local context [67]
- o http2: pass `stream` to http2_handle_stream_close to avoid NULL checks [140]
- o http2: remove unused Curl_http2_strerror function declaration [108]
- o HTTP3/quiche: terminate h1 response header when no body is sent [112]
- o http3: check stream_ctx more thoroughly in all backends [77]
- o HTTP3: document the ngtcp2/nghttp3 versions to use for building curl [143]
- o http3: expire unpaused transfers in all HTTP/3 backends [138]
- o http3: improvements across backends [51]
- o http: free the url before storing a new copy [162]
- o http: skip a double NULL assign [83]
- o ipv4.d/ipv6.d: they are "mutex", not "boolean" [122]
- o KNOWN_BUGS: remove fixed or outdated issues, move non-bugs [65]
- o lib/cmake: add HAVE_WRITABLE_ARGV check [63]
- o lib/sha256.c: typo fix in comment (duplicated "is available") [40]
- o lib1560: verify that more bad host names are rejected [104]
- o lib: add `bufq` and `dynhds` [34]
- o lib: remove CURLX_NO_MEMORY_CALLBACKS [55]
- o lib: unify the upload/method handling [144]
- o lib: use correct printf flags for sockets and timediffs [36]
- o libssh2: fix crash in keyboard callback [126]
- o libssh2: free fingerprint better [164]
- o libssh: tell it to use SFTP non-blocking [59]
- o man pages: simplify the .TH sections [133]
- o MANUAL.md: add dict example for looking up a single definition [132]
- o md(4|5): don't use deprecated iOS functions [21]
- o md4: only build when used [68]
- o mime: skip NULL assigns after Curl_safefree() [84]
- o multi: add handle asserts in DEBUG builds [11]
- o multi: add multi-ignore logic to multi_socket_action [154]
- o multi: free up more data earleier in DONE [118]
- o multi: remove a few superfluous assigns [97]
- o multi: remove PENDING + MSGSENT handles from the main linked list [23]
- o ngtcp2: adapted to 0.15.0 [151]
- o ngtcp2: adjust config and code checks for ngtcp2 without nghttp3 [4]
- o noproxy: pointer to local array 'hostip' is stored outside scope [93]
- o ntlm: clear lm and nt response buffers before use [7]
- o openssl: interop with AWS-LC [30]
- o OS400: fix and complete ILE/RPG binding [96]
- o OS400: implement EBCDIC support for recent features [100]
- o OS400: improve vararg emulation [92]
- o OS400: provide ILE/RPG usage examples [81]
- o pingpong: fix compiler warning "assigning an enum to unsigned char" [156]
- o pytest: improvements for suitable curl and error output [35]
- o quiche: disable pacing while pacing is not actually performed [148]
- o quiche: Enable IDLE egress handling [109]
- o RELEASE-PROCEDURE: update to new schedule [25]
- o rtsp: convert mallocs to dynbuf for RTP buffering [37]
- o rtsp: skip malformed RTSP interleaved frame data [33]
- o rtsp: skip NULL assigns after Curl_safefree() [85]
- o runtests: die if curl version can be found [10]
- o runtests: don't start servers if -l is given
- o runtests: fix -c option when run with valgrind [145]
- o runtests: fix quoting in Appveyor and Azure test integration [117]
- o runtests: lots of refactoring
- o runtests: refactor into more packages [60]
- o runtests: show error message if file can't be written
- o runtests: spawn a new process for the test runner [146]
- o rustls: fix error in recv handling [50]
- o schannel: add clarifying comment [98]
- o server/getpart: clear target buffer before load [6]
- o smb: remove double assign [86]
- o smbserver: remove temporary files before exit [135]
- o socketpair: verify with a random value [142]
- o ssh: Add support for libssh2 read timeout [170]
- o telnet: simplify the implementation of str_is_nonascii() [42]
- o test1169: fix so it works properly everywhere [106]
- o test1592: add flaky keyword [39]
- o test1960: point to the correct path for the precheck tool
- o test303: kill server after test
- o tests/http: add timeout to running curl in test cases [24]
- o tests/http: fix log formatting on wrong exit code [27]
- o tests/http: fix out-of-tree builds [121]
- o tests/http: improved httpd detection [45]
- o tests/http: more tests with specific clients [125]
- o tests/http: relax connection check in test_07_02 [53]
- o tests/keywords.pl: remove [111]
- o tests/libtest/lib1900.c: remove
- o tests/sshserver.pl: Define AddressFamily earlier [103]
- o tests: 1078 1288 1297 use valid IPv4 addresses
- o tests: document that the unittest keyword is special
- o tests: increase sws timeout for more robust testing [66]
- o tests: log a too-long Unix socket path in sws and socksd
- o tests: make test_12_01 a bit more forgiving on connection counts
- o tests: move pidfiles and portfiles under the log directory [48]
- o tests: move server config files under the pid dir [47]
- o tests: silence some Perl::Critic warnings in test suite [56]
- o tests: stop using strndup(), which isn't portable
- o tests: switch to 3-argument open in test suite
- o tests: turn perl modules into full packages
- o tests: use %LOGDIR to refer to the log directory
- o tool_cb_hdr: Fix 'Location:' formatting for early VTE terminals [147]
- o tool_operate: pass a long as CURLOPT_HEADEROPT argument [13]
- o tool_operate: refuse (--data or --form) and --continue-at combo [119]
- o transfer: refuse POSTFIELDS + RESUME_FROM combo [120]
- o transfer: skip extra assign [87]
- o url: fix null dispname for --connect-to option [161]
- o url: fix PVS nits [71]
- o url: remove call to Curl_llist_destroy in Curl_close [22]
- o urlapi: cleanups and improvements [91]
- o urlapi: detect and error on illegal IPv4 addresses [70]
- o urlapi: prevent setting invalid schemes with *url_set() [107]
- o urlapi: skip a pointless assign [88]
- o urlapi: URL encoding for the URL missed the fragment [29]
- o urldata: copy CURLOPT_AWS_SIGV4 value on handle duplication [137]
- o urldata: shrink *select_bits int => unsigned char [124]
- o vlts: use full buffer size when receiving data if possible [32]
- o vtls and h2 improvements [69]
- o Websocket: enhanced en-/decoding [136]
- o wolfssl.yml: bump to version 5.6.0 [44]
- o write-out.d: Use response_code in example [159]
- o ws: handle reads before EAGAIN better [38]
+ o os400: update chkstrings.c [2]
 
 This release includes the following known bugs:
 
@@ -217,191 +30,9 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Ali Khodkar, Andreas Falkenhahn, Andreas Huebner, Andy Alt, Arne Soete,
-  Ben Fritz, Biswapriyo Nath, Boris Kuschel, Brian Lund, Chloe Kudryavtsev,
-  Colman Mbuya, Dan Fandrich, Dan Frandrich, Daniel Silverstone,
-  Daniel Stenberg, dengjfzh on github, Diogo Teles Sant'Anna, Dirk Rosenkranz,
-  Douglas R. Reno, Dylan Anthony, eaglegai on github, Emanuele Torre,
-  Emil Engler, François Michel, Frank Gevaerts, Gisle Vanem, Harry Sintonen,
-  Hiroki Kurosawa, Jakub Zakrzewski, Janne Blomqvist, Jim King, Jon Rumsey,
-  Josh McCullough, Kai Pastor, Kamil Dudka, Kvarec Lezki, kwind on github,
-  Marc Deslauriers, Marcel Raad, Matt Jolly, Micah Snyder), nobedee on github,
-  Oliver Chang, Osaila on github, Osama Albahrani, Patrick Monnerat,
-  Paul Howarth, Pavel Mayorov, Paweł Wegner, Philip Heiduck, Ray Satiro,
-  Ronan Pigott, Sevan Janiyan, Shohei Maeda, simplerobot on github,
-  Smackd0wn on github, Stefan Eissing, Steve Herrell, SuperIlu on github,
-  Thomas Taylor, Viktor Szakats, Vítor Galvão, Wei Chong Tan, YX Hao
-  (64 contributors)
+  Daniel Stenberg, James Fuller, Jon Rumsey
+  (3 contributors)
 
 References to bug reports and discussions on issues:
 
- [1] = https://curl.se/bug/?i=10849
- [2] = https://curl.se/bug/?i=10815
- [3] = https://curl.se/bug/?i=10816
- [4] = https://curl.se/bug/?i=10793
- [5] = https://curl.se/bug/?i=10823
- [6] = https://curl.se/bug/?i=10822
- [7] = https://curl.se/bug/?i=10814
- [8] = https://curl.se/bug/?i=10814
- [9] = https://curl.se/bug/?i=10296
- [10] = https://curl.se/bug/?i=10813
- [11] = https://curl.se/bug/?i=10812
- [12] = https://curl.se/bug/?i=10799
- [13] = https://curl.se/bug/?i=10798
- [14] = https://curl.se/bug/?i=10798
- [15] = https://curl.se/bug/?i=10810
- [16] = https://curl.se/bug/?i=10847
- [17] = https://curl.se/bug/?i=10845
- [18] = https://curl.se/bug/?i=10844
- [19] = https://curl.se/bug/?i=543
- [20] = https://curl.se/bug/?i=10844
- [21] = https://curl.se/bug/?i=11098
- [22] = https://curl.se/bug/?i=10846
- [23] = https://curl.se/bug/?i=10801
- [24] = https://curl.se/bug/?i=10783
- [25] = https://curl.se/bug/?i=10827
- [26] = https://curl.se/bug/?i=10834
- [27] = https://curl.se/bug/?i=10868
- [28] = https://curl.se/bug/?i=10819
- [29] = https://curl.se/bug/?i=10887
- [30] = https://curl.se/bug/?i=10320
- [31] = https://curl.se/bug/?i=10857
- [32] = https://curl.se/bug/?i=10736
- [33] = https://curl.se/bug/?i=10808
- [34] = https://curl.se/bug/?i=10720
- [35] = https://curl.se/bug/?i=10829
- [36] = https://curl.se/bug/?i=10737
- [37] = https://curl.se/bug/?i=10786
- [38] = https://curl.se/bug/?i=10831
- [39] = https://curl.se/bug/?i=10860
- [40] = https://curl.se/bug/?i=10851
- [41] = https://curl.se/bug/?i=10853
- [42] = https://curl.se/bug/?i=10852
- [43] = https://curl.se/bug/?i=10850
- [44] = https://curl.se/bug/?i=10843
- [45] = https://curl.se/bug/?i=10879
- [46] = https://curl.se/bug/?i=10886
- [47] = https://curl.se/bug/?i=10875
- [48] = https://curl.se/bug/?i=10874
- [49] = https://curl.se/bug/?i=10878
- [50] = https://curl.se/bug/?i=10876
- [51] = https://curl.se/bug/?i=10772
- [52] = https://curl.se/bug/?i=10905
- [53] = https://curl.se/bug/?i=10865
- [54] = https://curl.se/bug/?i=10771
- [55] = https://curl.se/bug/?i=10908
- [56] = https://curl.se/bug/?i=10861
- [57] = https://curl.se/bug/?i=10900
- [58] = https://curl.se/mail/archive-2023-04/0008.html
- [59] = https://curl.se/bug/?i=11020
- [60] = https://curl.se/bug/?i=10995
- [61] = https://curl.se/bug/?i=10899
- [62] = https://curl.se/bug/?i=10926
- [63] = https://curl.se/bug/?i=10896
- [64] = https://curl.se/bug/?i=10896
- [65] = https://curl.se/bug/?i=10963
- [66] = https://curl.se/bug/?i=10898
- [67] = https://curl.se/bug/?i=10877
- [68] = https://curl.se/bug/?i=11102
- [69] = https://curl.se/bug/?i=10891
- [70] = https://curl.se/bug/?i=10894
- [71] = https://curl.se/bug/?i=10959
- [72] = https://curl.se/bug/?i=10958
- [73] = https://curl.se/bug/?i=10956
- [74] = https://curl.se/bug/?i=10954
- [75] = https://curl.se/bug/?i=10961
- [76] = https://curl.se/bug/?i=10952
- [77] = https://curl.se/bug/?i=10951
- [78] = https://curl.se/bug/?i=10955
- [79] = https://curl.se/bug/?i=10957
- [80] = https://curl.se/bug/?i=10953
- [81] = https://curl.se/bug/?i=10994
- [82] = https://curl.se/bug/?i=10960
- [83] = https://curl.se/bug/?i=10950
- [84] = https://curl.se/bug/?i=10947
- [85] = https://curl.se/bug/?i=10946
- [86] = https://curl.se/bug/?i=10945
- [87] = https://curl.se/bug/?i=10944
- [88] = https://curl.se/bug/?i=10943
- [89] = https://curl.se/bug/?i=10939
- [90] = https://curl.se/bug/?i=10787
- [91] = https://curl.se/bug/?i=10935
- [92] = https://curl.se/bug/?i=10994
- [93] = https://curl.se/bug/?i=10933
- [94] = https://curl.se/bug/?i=10934
- [95] = https://curl.se/bug/?i=10937
- [96] = https://curl.se/bug/?i=10994
- [97] = https://curl.se/bug/?i=10932
- [98] = https://curl.se/bug/?i=10931
- [99] = https://curl.se/bug/?i=10930
- [100] = https://curl.se/bug/?i=10994
- [101] = https://curl.se/bug/?i=10988
- [102] = https://curl.se/bug/?i=10925
- [103] = https://curl.se/bug/?i=10983
- [104] = https://curl.se/bug/?i=10922
- [105] = https://curl.se/bug/?i=10921
- [106] = https://curl.se/bug/?i=10889
- [107] = https://curl.se/bug/?i=10911
- [108] = https://curl.se/bug/?i=10912
- [109] = https://curl.se/bug/?i=11000
- [110] = https://curl.se/bug/?i=10991
- [111] = https://curl.se/bug/?i=10895
- [112] = https://curl.se/bug/?i=11003
- [113] = https://curl.se/bug/?i=10979
- [114] = https://curl.se/bug/?i=10974
- [115] = https://curl.se/bug/?i=11044
- [116] = https://curl.se/bug/?i=10973
- [117] = https://curl.se/bug/?i=11010
- [118] = https://curl.se/bug/?i=10971
- [119] = https://curl.se/bug/?i=11081
- [120] = https://curl.se/bug/?i=11081
- [121] = https://curl.se/bug/?i=11036
- [122] = https://curl.se/bug/?i=11085
- [123] = https://curl.se/bug/?i=10975
- [124] = https://curl.se/bug/?i=11025
- [125] = https://curl.se/bug/?i=11006
- [126] = https://curl.se/bug/?i=11024
- [127] = https://curl.se/bug/?i=11033
- [128] = https://curl.se/bug/?i=11080
- [129] = https://curl.se/bug/?i=11030
- [130] = https://curl.se/bug/?i=11001
- [131] = https://curl.se/bug/?i=11027
- [132] = https://curl.se/bug/?i=11077
- [133] = https://curl.se/bug/?i=11029
- [134] = https://curl.se/bug/?i=11018
- [135] = https://curl.se/bug/?i=10990
- [136] = https://curl.se/bug/?i=10962
- [137] = https://curl.se/bug/?i=11021
- [138] = https://curl.se/bug/?i=11005
- [139] = https://curl.se/bug/?i=11005
- [140] = https://curl.se/bug/?i=11005
- [141] = https://curl.se/bug/?i=11005
- [142] = https://curl.se/bug/?i=10993
- [143] = https://curl.se/bug/?i=11019
- [144] = https://curl.se/bug/?i=11017
- [145] = https://curl.se/bug/?i=11074
- [146] = https://curl.se/bug/?i=11064
- [147] = https://curl.se/bug/?i=10428
- [148] = https://curl.se/bug/?i=11068
- [149] = https://curl.se/bug/?i=11061
- [150] = https://curl.se/bug/?i=11059
- [151] = https://curl.se/bug/?i=11031
- [152] = https://curl.se/bug/?i=11054
- [153] = https://curl.se/bug/?i=11055
- [154] = https://curl.se/bug/?i=11045
- [155] = https://curl.se/bug/?i=11052
- [156] = https://curl.se/bug/?i=11050
- [157] = https://curl.se/bug/?i=11051
- [158] = https://curl.se/bug/?i=11048
- [159] = https://curl.se/bug/?i=11107
- [160] = https://curl.se/bug/?i=11047
- [161] = https://curl.se/bug/?i=11106
- [162] = https://curl.se/bug/?i=11093
- [163] = https://curl.se/bug/?i=11091
- [164] = https://curl.se/bug/?i=11088
- [165] = https://curl.se/bug/?i=11087
- [166] = https://curl.se/bug/?i=11084
- [167] = https://curl.se/bug/?i=11101
- [168] = https://curl.se/bug/?i=11117
- [170] = https://curl.se/bug/?i=10965
- [171] = https://curl.se/bug/?i=11110
+ [2] = https://curl.se/bug/?i=11132

include/curl/curlver.h

@@ -32,13 +32,13 @@
 
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "8.1.0-DEV"
+#define LIBCURL_VERSION "8.1.1-DEV"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 8
 #define LIBCURL_VERSION_MINOR 1
-#define LIBCURL_VERSION_PATCH 0
+#define LIBCURL_VERSION_PATCH 1
 
 /* This is the numeric version of the libcurl version number, meant for easier
    parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will
@@ -59,7 +59,7 @@
    CURL_VERSION_BITS() macro since curl's own configure script greps for it
    and needs it to contain the full number.
 */
-#define LIBCURL_VERSION_NUM 0x080100
+#define LIBCURL_VERSION_NUM 0x080101
 
 /*
  * This is the date and time when the full source package was created. The