An anonymous submitter filed bug #1299181

Daniel (27 September 2005)

- An anonymous submitter filed bug #1299181

  (http://curl.haxx.se/bug/view.cgi?id=1299181) that identified a silly

  problem with Content-Range: headers with the 'bytes' keyword written in a

  different case than all lowercase! It would cause a segfault!

- TJ Saunders of the proftpd project identified and pointed out problems with

  the modified FTPS negotiation change of August 19 2005. Thus, we revert the

  change back to pre-7.14.1 status.

This release includes the following bugfixes:

 o HTTP Content-Range header parser crash

 o FTPS negotiation timeouts/errors

 o SSPI works even for Windows 9x

 o crash in --dump-header on FTP

Other curl-related news since the previous public release:

 o All curl relatd mailing list information and subscribers on cool.haxx.se

   were lost due to a malicious user exploiting a security hole on the

   server. Attempts have been made to put back susbcribers on the lists, but

   many have been lost.

 o New S-Lang binding: http://curl.haxx.se/libcurl/slang/

 o TclCurl 0.14.1: http://personal1.iddeo.es/andresgarci/tclcurl/english/

 o pycurl 7.14.1: http://pycurl.sf.net/

              /* Content-Range: bytes [num]-

                 Content-Range: bytes: [num]-

                 The second format was added August 1st 2000 by Igor

                 Khristophorov since Sun's webserver JavaWebServer/1.1.1

                 obviously sends the header this way! :-( */

                 The second format was added since Sun's webserver

                 JavaWebServer/1.1.1 obviously sends the header this way!

              */

              char *ptr = strstr(k->p, "bytes");

              char *ptr = Curl_strcasestr(k->p, "bytes");

              ptr+=5;

              if(*ptr == ':')