#acl PaulHowarth:read,write,admin,revert,delete All:read

=== Wednesday 11th May 2022 ===

==== Local Packages ====

 * Updated `curl` to 7.83.1
  * `altsvc`: Fix host name matching for trailing dots
  * cirrus: Update to FreeBSD 12.3
  * cirrus: Use `pip` for Python packages on FreeBSD
  * `conn`: Fix typo 'connnection' → 'connection' in two function names
  * cookies: Make `bad_domain()` not consider a trailing dot fine ([[CVE:2022-27779|CVE-2022-27779]])
  * `curl`: Free resource in error path
  * `curl`: Guard against `size_t` wraparound in no-clobber code
  * `CURLOPT_DOH_URL.3`: Mention the known bug
  * `CURLOPT_HSTS*FUNCTION.3`: Document the involved structs as well
  * `CURLOPT_SSH_AUTH_TYPES.3`: Fix the default
  * `data/test376`: Set a proper name
  * GHA/mbedtls: Enabled nghttp2 in the build
  * gha: Build msh3
  * gskit: Fixed bogus `setsockopt` calls
  * gskit: Remove unused function `set_callback`
  * hsts: Ignore trailing dots when comparing hosts' names ([[CVE:2022-30115|CVE-2022-30115]])
  * `HTTP-COOKIES`: Add missing `CURLOPT_COOKIESESSION`
  * http: Move `Curl_allow_auth_to_host()`
  * http_proxy/hyper: Handle closed connections
  * hyper: Fix test 357
  * `Makefile`: Fix "`make ca-firefox`"
  * mbedtls: Bail out if rng init fails
  * mbedtls: Fix compile when h2-enabled
  * mbedtls: Fix some error messages
  * misc: Use "`autoreconf -fi`" instead of `buildconf`
  * msh3: Get msh3 version from MsH3Version
  * msh3: Print boolean value as text representation
  * msh3: Pass `remote_port` to `MsH3ConnectionOpen`
  * ngtcp2: Add ca-fallback support for OpenSSL backend
  * nss: Return error if seemingly stuck in a cert loop ([[CVE:2022-27781|CVE-2022-27781]])
  * openssl: Define `HAVE_SSL_CTX_SET_EC_CURVES` for libressl
  * post_per_transfer: Remove the updated file name ([[CVE:2022-27778|CVE-2022-27778]])
  * `sectransp`: Bail out if `SSLSetPeerDomainName` fails
  * tests/server: Declare variable '`reqlogfile`' static
  * tests: Fix markdown formatting in `README`
  * `test{898,974,976}`: Add '`HTTP proxy`' keywords
  * tls: Check more TLS details for connection reuse ([[CVE:2022-27782|CVE-2022-27782]])
  * url: Check SSH config match on connection reuse ([[CVE:2022-27782|CVE-2022-27782]])
  * urlapi: Address (harmless) `UndefinedBehavior` sanitizer warning
  * urlapi: Reject percent-decoding host name into separator bytes ([[CVE:2022-27780|CVE-2022-27780]])
  * `x509asn1`: Make `do_pubkey` handle EC public keys
 * I skipped failing `test977` on EL-7 for now ([[https://github.com/curl/curl/issues/8834|GH#8834]])
 * Updated `nmap` (7.92) to revert the previous close-on-EOF change as it would do more harm than good

----