- May 30, 2016
-
-
Gisle Vanem authored
Fixes #828
-
Jonathan authored
Closes #834
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Steve Holme authored
Inspiration provided by: Daniel Stenberg and Ray Satiro Bug: https://curl.haxx.se/docs/adv_20160530.html Ref: Windows DLL hijacking with curl, CVE-2016-4802
-
Daniel Stenberg authored
-
- May 29, 2016
-
-
Jay Satiro authored
Bug: https://github.com/curl/curl/issues/826 Reported-by: Michael Wallner
-
- May 28, 2016
-
-
Daniel Stenberg authored
The statvfs functionality was added to libssh2 in that version, so we switch off that functionality when built with older libraries. Fixes #831
-
- May 24, 2016
-
-
Daniel Stenberg authored
Regression from the previous *printf() rearrangements, this file missed to include the correct header to make sure snprintf() works universally. Reported-by: Moti Avrahami Bug: https://curl.haxx.se/mail/lib-2016-05/0196.html
-
- May 23, 2016
-
-
Steve Holme authored
Added support for checking the tchar, unicode and mbcs variants of strcat() and strncat() in the banned function list.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Now giving credit properly to github user names, fixed some UTF-8 issues and added names discovered when contrithanks was improved.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
from 1577bfa3
-
Jay Satiro authored
Prior to this change if a GitHub contributor's real name was unknown they would be omitted from the list. Bug: https://github.com/curl/curl/issues/824
-
- May 21, 2016
-
-
Daniel Stenberg authored
-
- May 20, 2016
-
-
Jay Satiro authored
- Free compression methods if OpenSSL 1.0.2 to avoid a memory leak. Bug: https://github.com/curl/curl/issues/817 Reported-by: <jveazey@users.noreply.github.com>
-
Gisle Vanem authored
While compiling lib/curl_multibyte.c with '-DUSE_WIN32_IDN' etc. I was getting: f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2054: expected '(' to follow 'CURL_EXTERN' f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2085: 'curl_domalloc': not in formal parameter list
-
Daniel Stenberg authored
-
Jan Ehrhardt authored
Closes #818
-
Alexander Traud authored
Closes #821
-
Michael Kaufmann authored
The connect-to list isn't copied so as long as the handle may be used for a transfer the list must be valid. Bug: https://github.com/curl/curl/pull/819 Reported-by: Michael Kaufmann
-
- May 19, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
See OpenSSL commit 21e001747d4a
-
Daniel Stenberg authored
... when generating them, not "2.0" as the protocol is called just HTTP/2 and nothing else.
-
Jay Satiro authored
Closes https://github.com/curl/curl/pull/816
-
- May 18, 2016
-
-
Steve Holme authored
-
Daniel Stenberg authored
The preprocessor check that sets up the 32bit defines for non-configure builds didn't work properly for MIPS systems as __mips__ is defined for both 32bit and 64bit. Now __LP64__ is also checked and indicates 64bit. Reported-by: Tomas Jakobsson Fixes #813
-
Marcel Raad authored
For the Windows XP toolset of Visual C++ 2013/2015, the old Windows SDK 7.1 is used. In this case, _USING_V110_SDK71_ is defined. Closes #812
-
Daniel Stenberg authored
Reported-by: Paul Howarth Bug: https://curl.haxx.se/mail/lib-2016-05/0116.html
-
Daniel Stenberg authored
Reported-by: Ray Satiro Bug: https://curl.haxx.se/mail/lib-2016-05/0113.html
-
- May 17, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
...as otherwise the TLS libs will skip the CN/SAN check and just allow connection to any server. curl previously skipped this function when SNI wasn't used or when connecting to an IP address specified host. CVE-2016-3739 Bug: https://curl.haxx.se/docs/adv_20160518A.html Reported-by: Moti Avrahami
-
Frank Gevaerts authored
Closes #811
-
Daniel Stenberg authored
-