Waterfox 歷史版本列表 Page38

更新時間：2020-03-04
更新細節：

What's new in this version:

Changes:
- Polarssl: removed
- Smtp: add CURLOPT_MAIL_RCPT_ALLLOWFAILS and --mail-rcpt-allowfails
- WolfSSH: new SSH backend

Bugfixes:
- Altsvc: improved header parser
- Altsvc: keep a copy of the file name to survive handle reset
- Altsvc: make saving the cache an atomic operation
- Altsvc: use h3-27
- Azure: disable brotli on the macos debug-builds
- Build: remove all HAVE_OPENSSL_ENGINE_H defines
- Checksrc.bat: Fix not being able to run script from the main curl dir
- Cleanup: fix several comment typos
- Cleanup: fix typos and wording in docs and comments
- Cmake: add support for CMAKE_LTO option
- Cmake: clean up and improve build procedures
- Cmake: enable SMB for Windows builds
- Cmake: improve libssh2 check on Windows
- Cmake: Show HTTPS-proxy in the features output
- Cmake: support specifying the target Windows version
- Cmake: use check_symbol_exists also for inet_pton
- Configure.ac: fix comments about --with-quiche
- Configure: disable metalink if mbedTLS is specified
- Configure: disable metalink support for incompatible SSL/TLS
- Conn: do not reuse connection if SOCKS proxy credentials differ
- Conncache: removed unused Curl_conncache_bundle_size()
- Connect: remove some spurious infof() calls
- Connection reuse: respect the max_concurrent_streams limits
- Contributors: also include people who contributed to curl-www
- Contrithanks: use the most recent tag by default
- Cookie: check __Secure- and __Host- case sensitively
- Cookies: make saving atomic with a rename
- Create-dirs.d: mention the mode
- Curl: avoid using strlen for testing if a string is empty
- Curl: error on --alt-svc use w/o support
- Curl: let -D merge headers in one file again
- Curl: make #0 not output the full URL
- Curl: make the -# spaceship bar not wrap the line
- Curl: remove 'config' field from OutStruct
- Curl:progressbarinit: ignore column width from terminals < 20
- Curl_escape.3: add a link to curl_free
- Curl_getenv.3: fix the memory handling description
- Curl_global_init: assume the EINTR bit by default
- Curl_global_init: move the IPv6 works status bool to multi handle
- CURLINFO_COOKIELIST.3: Fix example
- CURLOPT_ALTSVC_CTRL.3: fix the DEFAULT wording
- CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3
- CURLOPT_REDIR_PROTOCOLS.3: update the DEFAULT section
- Data.d: remove "Multiple files can also be specified"
- Digest: do not quote algorithm in HTTP authorisation
- Docs/HTTP3: add --enable-alt-svc to curl's configure
- Docs/HTTP3: update the OpenSSL branch to use for ngtcp2
- Docs: fix typo on CURLINFO_RETRY_AFTER
- Easy: remove dead code
- Form.d: fix two minor typos
- Ftp: convert 'sock_accepted' to a plain boolean
- Ftp: remove superfluous checking for crlf in user or pwd
- Ftp: shrink temp buffers used for PORT
- Github action: add CIFuzz
- Github: Instructions to post "uname -a" on Unix systems in issues
- GnuTLS: always send client cert
- Gtls: fixed compilation when using GnuTLS < 3.5.0
- Hostip: move code to resolve IP address literals to `Curl_resolv`
- HTTP-COOKIES: describe the cookie file format
- HTTP-COOKIES: mention that a trailing newline is required
- Http2: make pausing/unpausing set/clear local stream window
- Http2: now requires nghttp2 >= 1.12.0
- Http: added 417 response treatment
- Http: increase EXPECT_100_THRESHOLD to 1Mb
- Http: mark POSTs with no body as "upload done" from the start
- Http: move "oauth_bearer" from connectdata to Curl_easy
- Include: remove non-curl prefixed defines
- KNOWN_BUGS: Multiple methods in a single WWW-Authenticate: header
- Libssh2: add support for forcing a hostkey type
- Libssh2: fix variable type
- Libssh: improve known hosts handling
- Llist: removed unused Curl_llist_move()
- Location.d: the method change is from POST to GET only
- Md4: fixed compilation issues when using GNU TLS gcrypt
- Md4: use init/update/final functions in Secure Transport
- Md5: added implementation for mbedTLS
- Mk-ca-bundle: add support for CKA_NSS_SERVER_DISTRUST_AFTER
- Multi: change curl_multi_wait/poll to error on negative timeout
- Multi: fix outdated comment
- Multi: if Curl_readwrite sets 'comeback' use expire, not loop
- Multi_done: if multiplexed, make conn->data point to another transfer
- Multi_wait: stop loop when sread() returns zero
- Ngtcp2: add error code for QUIC connection errors
- Ngtcp2: fixed to only use AF_INET6 when ENABLE_IPV6
- Ngtcp2: update to git master and its draft-25 support
- Ntlm: move the winbind data into the NTLM data structure
- Ntlm: pass the Curl_easy structure to the private winbind functions
- Ntlm: removed the dependency on the TLS libaries when using MD5
- Ntlm_wb: use Curl_socketpair() for greater portability
- Oauth2-bearer.d: works for HTTP too
- Openssl: make CURLINFO_CERTINFO not truncate x509v3 fields
- Openssl: remove redundant assignment
- Os400: fixed the build
- Pause: force-drain the transfer on unpause
- Quiche: update to draft-25
- README: mention that the docs is in docs/
- RELEASE-PROCEDURE: feature win is closed post-release a few days
- Runtests: make random seed fixed for a month
- Runtests: restore the command log
- Schannel: make CURLOPT_CAINFO work better on Windows 7
- Schannel_verify: Fix alt names manual verify for UNICODE builds
- Sha256: use crypto implementations when available
- Singleuse.pl: support new API functions, fix curl_dbg_ handling
- Smtp: support the SMTPUTF8 extension
- Smtp: support UTF-8 based host names in MAIL FROM
- SOCKS: make the connect phase non-blocking
- Strcase: turn Curl_raw_tolower into static
- Strerror: increase STRERROR_LEN 128 -> 256
- Test1323: added missing 'unit test' feature requirement
- Tests: add a unit test for MD4 digest generation
- Tests: add a unit test for SHA256 digest generation
- Tests: add a unit test for the HMAC hash generation
- Tests: deduce the tool name from the test case for unit tests
- Tests: fix Python 3 compatibility of smbserver.py
- Tool_dirhie: allow directory traversal during creationtool_homedir: change GetEnv() to use libcurl's curl_getenv()
- Tool_util: improve Windows version of tvnow()
- Travis: update non-OpenSSL Linux jobs to Bionic
- Url: include the failure reason when curl_win32_idn_to_ascii() fails
- Urlapi: guess scheme properly with credentials given
- Urldata: do string enums without #ifdefs for build scripts
- Vtls: refactor Curl_multissl_version to make the code clearer
- Win32: USE_WIN32_CRYPTO to enable Win32 based MD4, MD5 and SHA256

更新時間：2020-03-02
更新細節：

What's new in this version:

- Added the option "Text encoding in ID3v2 tags for MP3 files"
- Added new languages for the Microsoft Translator service
- Fixed the using of the Baidu Translate service
- Fixed the text extracting for EPUB files
- Fixed the applying of regular expressions to German documents
- Resources for Hungarian language were updated

更新時間：2020-02-24
更新細節：

更新時間：2020-02-24
更新細節：

What's new in this version:

New:
- Added “Loading…” placeholder image to web browser source

Updated:
- Restored default 1280×720 resolution in custom stream preset dialog
- “Loading…” placeholder image updated

Fixed:
- Fixed bug with forced h264_nvenc codec when starting stream
- Fixed incorrect resolution in some built-in presets

更新時間：2020-02-23
更新細節：

What's new in this version:

- Fixed the using of BXT/BXZ files
- Fixed the text selecting in the editor
- Fixed small bugs
- The LAME encoder was updated
- Resources for Chinese (Simplified) and French languages were updated (thanks to Anan and Michel Such)

更新時間：2020-02-19
更新細節：

更新時間：2020-02-15
更新細節：

What's new in this version:

- Added Windows 10 20H1 Build 19041 support. Enabled operation of [ACPI Eval], etc.
- Updated to use new COMODO RSA Extended Validation Code Signing CA certificate
- Added Intel Ice Lake-U support. Adjusted the S3 Trio3D/2X Core Clock speed reporting
- Added [ISA Bus] which lists PnP ISA Devices and on EISA systems any Slots that are used
- Added XGI Volari + SiS 325 GPU clock speed reporting and improved DM&P Vortex 86 DX + MX CPU support
- Added GeForce 6000 series direct clock + fan PWM % and NVCPL temperature reporting for ForceWare drivers
- Added Aqua Computer Octo + Quadro controller and Corsair H100i + H115i RGB Pro XT cooler reporting support
- Resolved issue with NVMe support for the IaNVMe and insider build stornvme services
- Resolved issue with Menu->Help->View Menus on systems that have such as nView Options added to the SIV menus
- Enhance [Lock Handle] to support there being more than 10,000,000 open handles
- Improved VIA VT82C691 chipset and ASUS Prime X570-Pro + Micronics EISA 486/33/25 System Board + Supermicro H11SSL motherboard support

更新時間：2020-02-12
更新細節：

What's new in this version:

New:
- Latest security advisories from Mozilla

更新時間：2020-02-12
更新細節：

更新時間：2020-02-12
更新細節：

What's new in this version:

Catalina:
Update:
- Do not store username and password as session notes during authentication if they are not needed
Update: 63691: Skip all jar and directory scanning when the wildcard pattern "*" or "*.jar" is set or added to tomcat.util.scan.StandardJarScanFilter.jarsToSkip
- Allow more than one parameter when defining RewriteMaps
- Refactor recycle facade system property into a new connector attribute named discardFacades

Fix:
- Avoid useless environment restore when not using GSSCredential in JNDIRealm
- Respect the argument-count when searching for MBean operations to invoke via the JMXProxyServlet
- Correct a regression in the static resource caching changes introduced in 9.0.28. Avoid a NullPointerException when working with the URL provided for the root of a packed WAR
- Provide default configuration source based on the current directory if none has been set, for full compatibility with existing code
- Clarify/expand the Javadoc for the Tomcat#addWebapp() and related methods
- JNDIRealm no longer authenticates to LDAP
- Ensure that container provided SCIs are always loaded before application provided SCIs. Note that where both the container and the application provide the same SCI, it is the application provided SCI that will be used
- SCI definitions from JARs unpacked into WEB-INF/classes are now handled consistently and will always be found irrespective of whether the web application defines a JAR ordering or not
- Skip null-valued session attributes when deserializing sessions
- Do not throw a NullPointerException when an MBean or operation cannot be found by the JMXProxyServlet
- InputStreams for directories obtained from resource URLs now return a directory listing consistent with the behaviour of FileURLConnection. In addition to restoring the behaviour that was lost as a result of the introduction of CachedResourceURLConnection, it expands the feature to include packedWARs and to take account of resource JARs
- Add ${...} property replacement support to XML external entity definitions
- Fix a problem that meant that remote host, address and port information could be missing in the access log for an HTTP/2 request where the connection was closed unexpectely

Code:
- Deprecate MappingData.contextPath as it is unused
- Deprecate the JmxRemoteLifecycleListener as the features it provides are now available in the remote JMX capability included with the JRE. This listener will be removed in Tomcat 10 and may be removed from Tomcat 9.0.x some time after 2020-12-31.

Coyote:
Update:
- Simplify NIO blocking read and write
- Disable (comment out in server.xml) the AJP/1.3 connector by default
- Change the default bind address for the AJP/1.3 connector to be the loopback address

Fix:
- Ensure that Servlet Asynchronous processing timeouts fire when requests are made using HTTP/2
- Fix the corrupton of the TLS configuration when using the deprecated TLS attributes on the Connector if the configuration has already been set via the new SSLHostConfig and SSLHostConfigCertificate elements
- Switch the message shown when using HTTP to connect to an HTTPS port from ISO-8859-1 to UTF-8
- Cancel selection key in poller before wrapper close to avoid possible deadlock
- Correct a regression introduced in 9.0.28 that meant invalid tokens in the Transfer-Encoding header were ignored rather than treated as an error
- Rename the HTTP Connector attribute rejectIllegalHeaderName to rejectIllegalHeader and expand the underlying implementation to include header values as well as names

Add:
- Add support for RFC 5915 formatted, unencrypted EC key files when using a JSSE based TLS connector
- Rename the requiredSecret attribute of the AJP/1.3 Connector to secret and add a new attribute secretRequired that defaults to true. When secretRequired is true the AJP/1.3 Connector will not start unless the secret attribute is configured to a non-null, non-zero length String
- Add a new attribute, allowedRequestAttributesPattern to the AJP/1.3 Connector. Requests with unrecognised attributes will be blocked with a 403

Jasper:
Fix:
- Update the performance optimisation for using expressions in tags that depend on uninitialised tag attributes with implied scope to make the performance optimisation aware of the new public class (java.lang.Record) added in Java 14
- Replace the faulty custom services lookup used for ExpressionFactory implementations with ServiceLoader

Add:
- Add a META-INF/services entry to jasper-el.jar so that the Expression Language implementation can be discovered via the services API

Cluster:
Fix:
- Ensure that session ID changes are replicated during form-authentication

Web applications:
Fix:
- In the examples web application, where a Servlet example includes ii18n support, the Locale used should be based on the request locale and not the server locale

Add: Add additional information on securing AJP/1.3 Connectors

Other:
Fix:
- Ensure statements are closed when a pooled JDBC connection is passivated in Tomcat's fork of Commons DBCP2