cURL 7.62.0 releases: File and data transfer command line tools
cURL is a command-line tool for transferring files and data using URL syntax, supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3, RTSP and RTMP protocols. It is widely used in Unix and Linux distributions, and also has a ported version of Windows.
cURL is a project and its primary purpose and focus is to make two products:
- curl, the command-line tool
- libcurl the transfer library with a C API
Both the tool and the library do Internet transfers for resources specified as URLs using Internet protocols.
Everything and anything that is related to Internet protocol transfers can be considered curl’s business. Things that are not related to that should be avoided and be left for other projects and products.
It could be important to also consider that curl and libcurl try to avoid handling the actual data that is ransferred. It has, for example, no knowledge about HTML or anything else of the content that is popular to transfer over HTTP, but it knows all about how to transfer such data over HTTP.
Both products are frequently used not only to drive thousands or millions of scripts and applications for an Internet connected world, but they are also widely used for server testing, protocol fiddling and trying out new things.
The library is used in every imaginable sort of embedded device where Internet transfers are needed: car infotainment, televisions, Blu-Ray players, set-top boxes, printers, routers, game systems, etc.
Changelog v7.62.0
Changes:
- multiplex: enable by default
- url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled
- setopt: add CURLOPT_DOH_URL
- curl: –doh-url added
- setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
- imap: change from “FETCH” to “UID FETCH”
- configure: add option to disable automatic OpenSSL config loading
- upkeep: add a connection upkeep API: curl_easy_upkeep()
- URL-API: added five new functions
- vtls: MesaLink is a new TLS backend
Bugfixes:
- CVE-2018-16839: SASL password overflow via integer overflow
- CVE-2018-16840: use-after-free in handle close
- CVE-2018-16842: warning message out-of-buffer read
- CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated
- Curl_dedotdotify(): always nul terminate returned string
- Curl_follow: Always free the passed new URL
- Curl_http2_done: fix memleak in error path
- Curl_retry_request: fix memory leak
- Curl_saferealloc: Fixed typo in docblock
- More…