[ANNOUNCEMENT] Updated: curl/libcurl4/-devel/-doc, mingw64-x86_64-curl 8.0.1

Cygwin curl Maintainer via Cygwin-announce cygwin-announce@cygwin.com
Tue Mar 21 12:38:54 GMT 2023

The following packages have been upgraded in the Cygwin distribution:

* curl			8.0.1
* libcurl4		8.0.1
* libcurl-devel		8.0.1
* libcurl-doc		8.0.1
* mingw64-x86_64-curl	8.0.1

Command line tool and Library supporting transferring files with
FILE, SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form
based upload, proxies, cookies, user+password authentication (Basic,
Digest, NTLM, Negotiate...), file transfer resume, proxy tunneling and a
busload of other useful tricks.

To celebrate curl's *25th* anniversary, the version has been
bumped to 8!
Congratulations and thanks are due to the curl developers and
contributors for their achievements, efforts, and support for
all those years.

For more information see the project home page:


As there are multiple components and many changes each release please
see below or read /usr/share/doc/curl/RELEASE-NOTES after installation;
for complete details of changes since the previous Cygwin release see:


curl and libcurl 8.0.1		2023-03-20

Public curl releases:		 216
Command line options:		 250
curl_easy_setopt() options:	 302
Public functions in libcurl:	  91
Contributors:			2841

Planned upcoming removals include:

- gskit
- support for space-separated NOPROXY patterns
- support for the original legacy mingw version 1

See https://curl.se/dev/deprecate.html for details

This release includes the following known bugs:

* see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)

This release includes the following changes:

* build: remove support for curl_off_t < 8 bytes

This release includes the following bugfixes:

* Revert "multi: remove PENDING + MSGSENT handles"
* .cirrus.yml: Bump to FreeBSD 13.2
* aws_sigv4: fall back to UNSIGNED-PAYLOAD for sign_as_s3
* BINDINGS: add Fortran binding
* build: drop the use of XC_AMEND_DISTCLEAN
* build: fix stdint/inttypes detection with non-autotools
* cf-socket: fix handling of remote addr for accepted tcp sockets
* cf-socket: if socket is already connected, return CURLE_OK
* cf-socket: use port 80 when resolving name for local bind
* CI: don't run CI jobs if only another CI was changed
* CI: update ngtcp2 and nghttp2 for pytest
* cmake: delete unused HAVE__STRTOI64
* cmake: fix enabling LDAPS on Windows
* cmake: skip CA-path/bundle auto-detection in cross-builds
* connect: fix time_connect and time_appconnect timer statistics
* cookie: don't load cookies again when flushing
* cookie: parse without sscanf()
* curl.h: require gcc 12.1 for the deprecation magic
* curl: make -w's %{stderr} use the file set with --stderr
* curl_path: create the new path with dynbuf
* CURLOPT_PIPEWAIT: allow waited reuse also for subsequent connections
* CURLOPT_PROXY.3: curl+NSS does not handle HTTPS over unix domain socket
* CURLSHOPT_SHARE.3: HSTS sharing is not thread-safe
* DEPRECATE: the original legacy mingw version 1
* doc: fix compiler warning in libcurl.m4
* docs/cmdline-opts: mark all global options
* docs/SECURITY-PROCESS.md: updates
* docs: extend the URL API descriptions
* docs: note '--data-urlencode' option
* DYNBUF.md: note Curl_dyn_add* calls Curl_dyn_free on failure
* easy: remove infof() debug leftover from curl_easy_recv
* examples/http3.c: use CURL_HTTP_VERSION_3
* ftp: active mode with SSL, add the filter
* ftp: add more conditions for connection reuse
* ftp: allocate the wildcard struct on demand
* ftp: make the EPSV response parser not use sscanf
* ftp: replace sscanf for MDTM 213 response parsing
* ftp: replace sscanf for PASV parsing
* gssapi: align `gss_OID_desc` to silence ld warnings on macOS ventura
* headers: make curl_easy_header and nextheader return different buffers
* hostip: avoid sscanf and extra buffer copies
* http2: fix error handling during parallel operations
* http2: fix for http2-prior-knowledge when reusing connections
* http2: fix handling of RST and GOAWAY to recognize partial transfers
* http2: fix upload busy loop
* http: don't send 100-continue for short PUT requests
* http: fix unix domain socket use in https connects
* http: rewrite the status line parser without sscanf
* http_proxy: parse the status line without sscanf
* idn: return error if the conversion ends up with a blank host
* krb5: avoid sscanf for parsing
* lib1560: test parsing URLs with ridiculously large fields
* lib2305: deal with CURLE_AGAIN
* lib517: verify time stamps without leading zeroes plus some more
* lib: silence clang/gcc -Wvla warnings in brotli headers
* lib: skip Curl_llist_destroy calls
* libcurl-errors.3: add the CURLHcode errors from curl_easy_header.3
* libssh2: only set the memory callbacks when debugging
* libssh2: remove unused variable from libssh2's struct
* libssh: use dynbuf instead of realloc
* Makefile.mk: delete redundant `HAVE_LDAP_SSL` macro
* Makefile.mk: fix -g option in debug mode
* mqtt: on send error, return error
* multi: make multi_perform ignore/unignore signals less often
* ngtcp2-gnutls.yml: bump to gnutls 3.8.0
* ngtcp2: fix unwanted close of file descriptor 0
* page-footer: add explanation for three missing exit codes
* parsedate: parse strings without using sscanf()
* parsedate: replace sscanf( for time stamp parsing
* quic/schannel: fix compiler warnings
* rand: use arc4random as fallback when available
* rate.d: single URLs make no sense in --rate example
* RELEASE-PROCEDURE.md: update coming release dates
* rtsp: avoid sscanf for parsing
* runtests: use a hash table for server port numbers
* sectransp: fix compiler warning c89 mixed code/declaration
* sectransp: make read_cert() use a dynbuf when loading
* secure-transport: fix recv return code handling
* select: stop treating POLLRDBAND as an error
* setopt: move the CURLOPT_CHUNK_DATA pointer to the set struct
* socket: detect "dead" connections better, e.g. not fit for reuse
* src: silence wmain() warning for all build methods
* telnet: only accept option arguments in ascii
* telnet: parse NEW_ENVIRON without sscanf
* telnet: parse telnet options without sscanf
* telnet: parse the WS= argument without sscanf
* test1470: test socks proxy using unix sockets and connect to https
* test2600: detect when ALARM_TIMEOUT is in use and adjust
* test422: verify --next used without a prior URL
* tests/http: add pytest to GHA and improve tests
* tests: add `cookies` features
* tests: add timeout, SLOWDOWN and DELAY keywords to tests
* tests: fix gnutls-serv check
* tests: fix MSVC unreachable code warnings in unit tests
* tests: hack to build most unit tests under cmake
* tests: HTTP server fixups
* tests: keep cmake unit tests names in sync
* tests: make CPPFLAGS common to all unit tests
* tests: make first.c the same for both lib tests and unit tests
* tests: support for imaps/pop3s/smtps protocols
* tests: sync option lists in runtests.pl & its man page
* tests: test secure mail protocols with explicit SSL requests
* tests: use AM_CPPFILES to modify flags in unit tests
* tests: use dynamic ports numbers in pytest suite
* tool: dump headers even if file is write-only
* tool: improve --stderr handling
* tool_getparam: don't add a new node for just --no-remote-name
* tool_getparam: error if --next is used without a prior URL
* tool_operate: avoid fclose(NULL) on bad header dump file
* tool_operate: propagate error codes for missing URL after --next
* tool_progress: shut off progress meter for --silent in parallel
* tool_writeout_json. fix the output for duplicate header names
* transfer: limit Windows SO_SNDBUF updates to once a second
* url: fix cookielist memleak when curl_easy_reset
* url: fix logic in connection reuse to deny reuse on "unclean" connections
* url: fix the SSH connection reuse check
* url: only reuse connections with same GSS delegation
* url: remove dummy protocol handler
* urlapi: '%' is illegal in host names
* urlapi: avoid mutating internals in getter routine
* urlapi: parse IPv6 literals without ENABLE_IPV6
* urlapi: take const args in _dup and _get functions
* wildcard: remove files and move functions into ftplistparser.c
* winbuild: fix makefile clean
* wolfssl: add quic/ngtcp2 detection in cmake, and fix builds
* wolfSSL: ressurect the BIO `io_result`
* ws: keep the socket non-blocking
* x509asn1.c: use correct format specifier for infof() call
* x509asn1: use plain %x, not %lx, when the arg is an int

More information about the Cygwin mailing list