- Update to 7.85.0:
* Security fixes: [bsc#1202593, CVE-2022-35252]
- control code in cookie denial of service
* Changes:
- quic: add support via wolfSSL
- schannel: Add TLS 1.3 support
- setopt: add CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR
* Bugfixes:
- asyn-thread: fix socket leak on OOM
- asyn-thread: make getaddrinfo_complete return CURLcode
- base64: base64url encoding has no padding
- configure: fix broken m4 syntax in TLS options
- configure: if asked to use TLS, fail if no TLS lib was detected
- connect: add quic connection information
- connect: set socktype/protocol correctly
- cookie: reject cookies with "control bytes"
- cookie: treat a blank domain in Set-Cookie: as non-existing
- curl: output warning when a cookie is dropped due to size
- Curl_close: call Curl_resolver_cancel to avoid memory-leak
- digest: fix memory leak, fix not quoted 'opaque'
- digest: fix missing increment of 'nc' value for auth-int
- digest: pass over leading spaces in qop values
- digest: reject broken header with session protocol but without qop
- doh: use https protocol by default
- easy_lock.h: include sched.h if available to fix build
- easy_lock.h: use __asm__ instead of asm to fix build
- easy_lock: switch to using atomic_int instead of bool
- ftp: use a correct expire ID for timer expiry
- h2h3: fix overriding the 'TE: Trailers' header
- hostip: resolve *.localhost to 127.0.0.1/::1
OBS-URL: https://build.opensuse.org/request/show/1000420
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=317
Pedro Monreal Gonzalez
c9f82120ba