軟體下載 cURL 7.74.0

• 1

  版本確認

• 2

  檔案準備中

• 3

  檔案下載

What's new in this version:

Changes:
- hsts: add experimental support for Strict-Transport-Security

Bug-fixes:
- CVE-2020-8286: Inferior OCSP verification
- CVE-2020-8285: FTP wildcard stack overflow
- CVE-2020-8284: trusting FTP PASV responses
- acinclude: detect manually set minimum macos/ipod version
- alt-svc: enable (in the build) by default
- alt-svc: minimize variable scope and avoid "DEAD_STORE"
- asyn: use 'struct thread_data *' instead of 'void *'
- checksrc: warn on empty line before open brace
- CI/appveyor: disable test 571 in two cmake builds
- CI/azure: improve on flakiness by avoiding libtool wrappers
- CI/tests: enable test target on TravisCI for CMake builds
- CI/travis: add brotli and zstd to the libssh2 build
- cirrus: build with FreeBSD 12.2 in CirrusCI
- cmake: call the feature unixsockets without dash
- cmake: check for linux/tcp.h
- cmake: correctly handle linker flags for static libs
- cmake: don't pass -fvisibility=hidden to clang-cl on Windows
- cmake: don't use reserved target name 'test'
- cmake: make BUILD_TESTING dependent option
- cmake: make CURL_ZLIB a tri-state variable
- cmake: set the unicode feature in curl-config on Windows
- cmake: store IDN2 information in curl_config.h
- cmake: use libcurl.rc in all Windows builds
- configure: pass -pthread to Libs.private for pkg-config
- configure: use pkgconfig to find openSSL when cross-compiling
- connect: repair build without ipv6 availability
- curl.1: add an "OUTPUT" section at the top of the manpage
- curl.se: new home
- curl: add compatibility for Amiga and GCC 6.5
- curl: only warn not fail, if not finding the home dir
- curl_easy_escape: limit output string length to 3 * max input
- Curl_pgrsStartNow: init speed limit time stamps at start
- curl_setup: USE_RESOLVE_ON_IPS is for Apple native resolver use
- curl_url_set.3: fix typo in the RETURN VALUE section
- CURLOPT_DNS_USE_GLOBAL_CACHE.3: fix typo
- CURLOPT_HSTS.3: document the file format
- CURLOPT_NOBODY.3: fix typo
- CURLOPT_TCP_NODELAY.3: fix comment in example code
- CURLOPT_URL.3: clarify SCP/SFTP URLs are for uploads as well
- docs: document the 8MB input string limit
- docs: fix typos and markup in ETag manpage sections
- docs: Fix various typos in documentation
- examples/httpput: remove use of CURLOPT_PUT
- FAQ: refreshed
- file: avoid duplicated code sequence
- ftp: retry getpeername for FTP with TCP_FASTOPEN
- gnutls: fix memory leaks (certfields memory wasn't released)
- header.d: mention the "Transfer-Encoding: chunked" handling
- HISTORY: the new domain
- http3: fix two build errors, silence warnings
- http3: use the master branch of GnuTLS for testing
- http: pass correct header size to debug callback for chunked post
- http_proxy: use enum with state names for 'keepon'
- httpput-postfields.c: new example doing PUT with POSTFIELDS
- infof/failf calls: fix format specifiers
- libssh2: fix build with disabled proxy support
- libssh2: fix transport over HTTPS proxy
- libssh2: require version 1.0 or later
- Makefile.m32: add support for HTTP/3 via ngtcp2+nghttp3
- Makefile.m32: add support for UNICODE builds
- mqttd: fclose test file when done
- NEW-PROTOCOL: document what needs to be done to add one
- ngtcp2: adapt to recent nghttp3 updates
- ngtcp2: advertise h3 ALPN unconditionally
- ngtcp2: Fix build error due to symbol name change
- ngtcp2: use the minimal version of QUIC supported by ngtcp2
- ntlm: avoid malloc(0) on zero length user and domain
- openssl: acknowledge SRP disabling in configure properly
- openssl: free mem_buf in error path
- openssl: guard against OOM on context creation
- openssl: use OPENSSL_init_ssl() with >= 1.1.0
- os400: Sync libcurl API options
- packages/OS400: make the source code-style compliant
- quiche: close the connection
- quiche: remove 'static' from local buffer
- range.d: clarify that curl will not parse multipart responses
- range.d: fix typo
- Revert "multi: implement wait using winsock events"
- rtsp: error out on empty Session ID, unified the code
- rtsp: fixed Session ID comparison to refuse prefix
- rtsp: fixed the RTST Session ID mismatch in test 570
- runtests: return error if no tests ran
- runtests: revert the mistaken edit of $CURL
- runtests: show keywords when no tests ran
- scripts/completion.pl: parse all opts
- socks: check for DNS entries with the right port number
- src/tool_filetime: disable -Wformat on mingw for this file
- strerror: use 'const' as the string should never be modified
- test122[12]: remove these two tests
- test506: make it not run in c-ares builds
- tests/*server.py: close log file after each log line
- tests/server/tftpd.c: close upload file right after transfer
- tests/util.py: fix compatibility with Python 2
- tests: add missing global_init/cleanup calls
- tests: fix some http/2 tests for older versions of nghttpx
- tool_debug_cb: do not assume zero-terminated data
- tool_help: make "output" description less confusing
- tool_operate: --retry for HTTP 408 responses too
- tool_operate: bail out proper on errors during parallel transfers
- tool_operate: fix compiler warning when --libcurl is disabled
- tool_writeout: use off_t getinfo-types instead of doubles
- travis: use ninja-build for CMake builds
- travis: use valgrind when running tests for debug builds
- urlapi: don't accept blank port number field without scheme
- urlapi: URL encode a '+' in the query part
- urldata: remove 'void *protop' and create the union 'p'
- vquic/ngtcp2.h: define local_addr as sockaddr_storage