Log message:
curl: updated to 8.12.1

8.12.1

Bugfixes:

all: remove FIXME and TODO comments
asyn-thread: fix build with `CURL_DISABLE_SOCKETPAIR`
asyn-thread: fix HTTPS RR crash
asyn-thread: fix the returned bitmask from Curl_resolver_getsock
asyn-thread: survive a c-ares channel set to NULL
build: add tool_hugehelp.c into IBMi build
checksrc.pl: warn on FIXME/TODO comments
cmake/Find: set `<Modulename>_FOUND` for compatibility when found via \ 
`pkg-config`
cmake: add integration tests, run them in CI
cmake: always reference OpenSSL and ZLIB via imported targets
cmake: avoid unnecessary `-L` for implicit link dirs
cmake: drop `LDAP_DEPRECATED=1` macro, to sync with autotools
cmake: fix `HAVE_GETHOSTBYNAME_R_*` detections with `CURL_WERROR=ON`
cmake: fix to detect `HAVE_OPENSSL_SRP` in MSVC UWP builds
cmake: fix/add missing feature detections for Windows/MS-DOS
cmake: initialize variables where missing
cmake: lib order fixes for picky linkers (e.g. binutils `ld`)
cmake: normalize before matching paths with syspaths
cmake: respect `GNUTLS_CFLAGS` when detected via `pkg-config`
cmake: respect `GNUTLS_LIBRARY_DIRS` in `libcurl.pc` and `curl-config`
cmake: save a line with `CMAKE_C_IMPLICIT_LINK_DIRECTORIES` exclusion
cmake: tidy up string append and list prepend syntax
configure/cmake: check for realpath
configure/cmake: set asyn-rr a feature only if httpsrr is enabled
content_encoding: #error on too old zlib
curl_global_sslset.md: Add SSL backend names
CURLOPT_SSH_KNOWNHOSTS.md: strongly recommend using this
CURLSHOPT_SHARE.md: adjust for the new SSL session cache
docs: better explain multi-part byte range behavior
docs: use valid example domain names
generate.bat: remove curl_get_line.c from the curlx file list
header.md: mention `Authorization:` and `Cookie:` special treatment
imap: TLS upgrade fix
INTERNALS: fix c-ares, as we actually support 1.6.0 or later
ldap: drop support for legacy Novell LDAP SDK
lib: include necessary headers for `inet_ntop`/`inet_pton`
lib: silence LibreSSL collision warning on non-MSVC Windows
libssh2: comparison is always true because rc <= -1
libssh2: raise lowest supported version to 1.2.8
libssh: drop support for libssh older than 0.9.0
libssh: silence `-Wconversion` with a cast (Windows 32-bit)
netrc: return code cleanup, fix missing file error
openssl-quic: ignore ciphers for h3
openssl: fix out of scope variables in goto
pop3: TLS upgrade fix
runtests: fix the disabling of the memory tracking
runtests: quote commands to support paths with spaces
scache: add magic checks
smb: silence `-Warray-bounds` with gcc 13+
smtp: TLS upgrade fix
SPONSORS.md: clarify that we don't promise goods or services
test1516: avoid failure due to spaces in path
test2080: simplify, avoid the null byte
tests: fix test 558, 1330 for MSVC, allow TrackMemory with MSVC in cmake
tidy-up: make per-file `ARRAYSIZE` macros global as `CURL_ARRAYSIZE`
tool_cfgable: sort struct fields by size, use bitfields for booleans
tool_getparam: add "TLS required" flag for each such option
tool_progress: fix percent output of large parallel transfers
tool_ssls: switch to tool-specific get_line function
verbose.md: mention how carriage-return might occur in headers
vquic: make the "disable GSO" use infof, not failf
vtls: fix multissl-init
vtsl: eliminate 'data->state.ssl_scache'
wakeup_write: make sure the eventfd write sends eight bytes
wolfssl: silence compiler warning (MSVC 2019), simplify existing

Log message:
don't add unknown configure option for libiconv in a few packages

Log message:
curl: do not leak build LDFLAGS into curl-config

Just do what the patch originally intended to do -- add the necessary
rpath flag to the --libs output.

Bump PKGREVISION.

Ok leot@

Log message:
curl: update to 8.12.0.

curl and libcurl 8.12.0

 Public curl releases:         264
 Command line options:         267
 curl_easy_setopt() options:   306
 Public functions in libcurl:  96
 Contributors:                 3332

This release includes the following changes:

 o curl: add byte range support to --variable reading from file [56]
 o curl: make --etag-save acknowledge --create-dirs [31]
 o getinfo: fix CURLINFO_QUEUE_TIME_T and add 'time_queue' var [55]
 o getinfo: provide info which auth was used for HTTP and proxy [40]
 o hyper: drop support [57]
 o openssl: add support to use keys and certificates from PKCS#11 provider [77]
 o QUIC: 0RTT for gnutls via CURLSSLOPT_EARLYDATA [61]
 o vtls: feature ssls-export for SSL session im-/export [141]

This release includes the following bugfixes:

 o altsvc: avoid integer overflow in expire calculation [16]
 o altsvc: return error on dot-only name [178]
 o android: add CI jobs, buildinfo, cmake docs, disable `CURL_USE_PKGCONFIG` by \ 
default [185]
 o asyn-ares: acknowledge CURLOPT_DNS_SERVERS set to NULL [190]
 o asyn-ares: fix memory leak [233]
 o asyn-ares: initial HTTPS resolve support [166]
 o asyn-thread: use c-ares to resolve HTTPS RR [205]
 o async-thread: avoid closing eventfd twice [9]
 o autotools: add support for mingw UWP builds [192]
 o autotools: silence gcc warnings in libtool code [96]
 o binmode: convert to macro and use it from tests [44]
 o build: delete `-Wsign-conversion` related FIXMEs [137]
 o build: drop `-Winline` picky warning [53]
 o build: drop `tool_hugehelp.c.cvs`, tidy up macros, drop `buildconf.bat` [200]
 o build: drop macro used to enable `-Wsign-conversion` warnings in CI [224]
 o build: drop unused feature macros, update exception list [51]
 o build: fix `-Wtrampolines` picky warning for gcc 4.x versions [156]
 o build: fix compiling with GCC 4.x versions [214]
 o build: fix the tidy targets for autotools [52]
 o build: fix unsigned `time_t` detection for cmake, MS-DOS, AmigaOS [104]
 o build: replace configure check with PP condition (Android <21) [97]
 o build: stop detecting `sched_yield()` on Windows [176]
 o c-ares: fix/tidy-up macro initializations, avoid a deprecated function [209]
 o cd2nroff: do not insist on quoted <> within backticks [222]
 o cd2nroff: support "none" as a TLS backend [29]
 o cf-https-connect: look into httpsrr alpns when available [152]
 o cf-socket: error if address can't be copied [72]
 o cfilters: kill connection filter events attach+detach [217]
 o checksrc.bat: remove explicit SNPRINTF bypass [174]
 o checksrc: ban use of sscanf() [7]
 o checksrc: check for return with parens around a value/name [130]
 o checksrc: exclude generated bundle files to avoid race condition [235]
 o checksrc: fix the return() checker [35]
 o checksrc: introduce 'banfunc' to ban specific functions [117]
 o cmake/Find: add `iphlpapi` for c-ares, omit syslibs if dep not found [203]
 o cmake/FindLDAP: avoid empty 'Requires' item when omitting `pkg-config` module [90]
 o cmake/FindLDAP: avoid framework locations for libs too (Apple) [122]
 o cmake/FindLibpsl: protect against `pkg-config` "half-detection" [89]
 o cmake/FindLibssh: sync header comment with other modules
 o cmake/FindMbedTLS: drop lib duplicates early [17]
 o cmake: add `librtmp` Find module [86]
 o cmake: add LDAP Find module [46]
 o cmake: add native `pkg-config` detection for remaining Find modules [37]
 o cmake: allow `CURL_LTO` regardless of `CURL_BUILD_TYPE`, enable in CI [88]
 o cmake: clang-cl improvements [42]
 o cmake: delete accidental debug message
 o cmake: deprecate winbuild, add migration guide from legacy build methods [157]
 o cmake: detect mingw-w64 version, pre-fill `HAVE_STRTOK_R` [179]
 o cmake: do not store `MINGW64_VERSION` in cache [175]
 o cmake: drop `CURL_USE_PKGCONFIG` from `curl-config.cmake.in` [208]
 o cmake: drop `fseeko()` pre-fill and check for Windows [201]
 o cmake: drop duplicate Windows cache value [81]
 o cmake: drop redundant FOUND checks (libgsasl, libssh, libuv) [49]
 o cmake: drop redundant opening/closing `.*` from `MATCH` expressions [64]
 o cmake: drop unused `HAVE_SYS_XATTR_H` detection [79]
 o cmake: drop VS2010 "Dialog Hell" workaround added in 2013 [136]
 o cmake: extend zlib's `AUTO` option to brotli, zstd and enable if found [36]
 o cmake: fix `net/in.h` detection for MS-DOS [103]
 o cmake: improve `curl_dumpvars()` and move to `Utilities.cmake` [50]
 o cmake: make libpsl required by default [45]
 o cmake: make system libraries `dl`, `m`, `pthread` customizable [123]
 o cmake: move `pkg-config` names to Find modules [87]
 o cmake: move GSS init before feature detections [93]
 o cmake: move mingw UWP workaround from GHA to `CMakeLists.txt` [194]
 o cmake: namespace functions and macros [41]
 o cmake: optimize out 4 picky warning option detections with gcc [78]
 o cmake: pick a better IPv6 feature flag when assembling the feature list [132]
 o cmake: pre-fill `HAVE_STDATOMIC_H`, `HAVE_ATOMIC` for mingw-w64 [180]
 o cmake: pre-fill `HAVE_STDINT_H` on Windows [149]
 o cmake: prefer dash-style MSVC options [216]
 o cmake: publish/check supported protocols/features via `CURLConfig.cmake` [100]
 o cmake: replace `unset(VAR)` with `set(VAR "")` for init [43]
 o cmake: sync OpenSSL QUIC fork detection with autotools [102]
 o cmake: use `CMAKE_REQUIRED_LINK_DIRECTORIES` [48]
 o cmake: use `STREQUAL` to detect Linux [68]
 o cmake: warn for OpenSSL versions missing TLS 1.3 support [221]
 o cmdline-opts/version.md: describe multissl, mention SSLS-EXPORT [170]
 o completion.pl: add completion for paths after @ for fish [82]
 o config-mac: drop `MACOS_SSL_SUPPORT` macro [63]
 o config: drop unused code and variables [135]
 o configure: do not inline 'dnl' comments
 o configure: drop unused detections and macros [105]
 o configure: streamline Windows large file feature check [138]
 o configure: UWP and Android follow-up fixes [184]
 o conncache: count shutdowns against host and max limits [154]
 o conncache: result_cb comment removed from function docs [1]
 o content_encoding: drop support for zlib before 1.2.0.4 [211]
 o content_encoding: namespace GZIP flag constants [147]
 o content_encoding: put the decomp buffers into the writer structs [210]
 o content_encoding: support use of custom libzstd memory functions [186]
 o cookie: cap expire times to 400 days [111]
 o cookie: fix crash in netscape cookie parsing [84]
 o cookie: parse only the exact expire date [3]
 o curl-functions.m4: fix indentation in `CURL_SIZEOF()` [131]
 o curl: return error if etag options are used with multiple URLs [5]
 o curl_multi_fdset: include the shutdown connections in the set [168]
 o curl_multi_waitfds.md: tidy up the example [162]
 o curl_multibyte: support Windows paths longer than MAX_PATH [76]
 o curl_setup: fix missing `ADDRESS_FAMILY` type in rare build cases [144]
 o curl_sha512_256: rename symbols to the curl namespace [124]
 o curl_url_set.md: adjust the added-in to 7.62.0 [94]
 o curl_ws_recv.md: fix typo
 o CURLOPT_CONNECT_ONLY.md: an easy handle with this option set cannot be reused \ 
[164]
 o CURLOPT_PROXY.md: clarify the crendential support in proxy URLs [66]
 o CURLOPT_RESOLVE.md: fix wording [30]
 o CURLOPT_SEEKFUNCTION.md: used for FTP, HTTP and SFTP (only) [109]
 o docs/BUGS.md: remove leading space from a link
 o docs/cmdline-opts/_ENVIRONMENT.md: minor language fix [119]
 o docs/cmdline-opts/location.md: fix typos for location flag [226]
 o docs/HTTP-COOKIES.md: link to more information [125]
 o docs/HTTPSRR.md: initial HTTPS RR documentation [204]
 o docs/libcurl/opts: clarify the return values [114]
 o docs/libcurl: return value overhall [120]
 o docs/TLS-SESSIONS: fix typo, the->they [189]
 o docs: document the behavior of -- in the curl command line [198]
 o docs: use lowercase curl and libcurl [113]
 o doh: cleanups and extended HTTPS RR code [161]
 o doh: send HTTPS RR requests for all HTTP(S) transfers [160]
 o easy: allow connect-only handle reuse with easy_perform [232]
 o easy: make curl_easy_perform() return error if connection still there [163]
 o easy_lock: use Sleep(1) for thread yield on old Windows [191]
 o ECH: update APIs to those agreed with OpenSSL maintainers [101]
 o examples/block-ip: drop redundant `memory.h` include
 o examples/block-ip: show how to block IP addresses [74]
 o examples/complicated: fix warnings, bump deprecated callback, tidy up [59]
 o examples/synctime.c: remove references to dead URLs and functionality [62]
 o examples: make them compile with compatibility functions disabled (Windows) [58]
 o examples: use return according to code style
 o file: drop `OPEN_NEEDS_ARG3` option [91]
 o file: fix Android compiler warning [85]
 o gitignore: add generated unity sources for lib and src
 o GnuTLS: fix 'time_appconnect' for early data [127]
 o hash: add asserts in hash_element_dtor() [126]
 o HTTP/2: strip TE request header [140]
 o http2: fix data_pending check [241]
 o http2: fix value stored to 'result' is never read [71]
 o http: fix build with `CURL_DISABLE_COOKIES` [95]
 o http: ignore invalid Retry-After times [107]
 o http_aws_sigv4: Fix invalid compare function handling zero-length pairs [24]
 o https-connect: start next immediately on failure [223]
 o INFRASTRUCTURE.md: project infra [99]
 o INSTALL-CMAKE.md: fix punctuation
 o INSTALL.md: add CMake examples for macOS and iOS [242]
 o INSTALL.md: document VS2008 and mingw-w64 [165]
 o INTERNALS.md: sync wolfSSL version requirement with source code
 o lib517: extend the getdate test with quotes and leading "junk" [4]
 o lib: clarify 'conn->httpversion' [213]
 o lib: redirect handling by protocol handler [212]
 o lib: remove `__EMX__` guards [83]
 o lib: replace `inline` redefine with `CURL_INLINE` macro [47]
 o lib: supress deprecation warnings in apple builds [32]
 o lib: TLS session ticket caching reworked [60]
 o libcurl/opts: do not save files in dirs where attackers have access [199]
 o Makefile.dist: delete [237]
 o Makefile.mk: drop in favour of autotools and cmake (MS-DOS, AmigaOS3) [38]
 o mbedtls: fix handling of blocked sends [116]
 o mbedtls: PSA can be used independently of TLS 1.3 (avoid runtime errors) [219]
 o mime: explicitly rewind subparts at attachment time. [80]
 o mprintf: fix integer handling in float precision [173]
 o mprintf: terminate snprintf output on windows [172]
 o msvc: add missing push/pop for warning pragmas [236]
 o msvc: assume `_INTEGRAL_MAX_BITS >= 64` [158]
 o msvc: drop checks for ancient versions [133]
 o msvc: fix building with `HAVE_INET_NTOP` and MSVC <=1900 [151]
 o msvc: require VS2005 for large file support [143]
 o msvc: tidy up `_CRT_*_NO_DEPRECATE` definitions [148]
 o multi: fix curl_multi_waitfds reporting of fd_count [73]
 o multi: fix return code for an already-removed easy handle [106]
 o multihandle: add an ssl_scache here [129]
 o multissl: auto-enable `OPENSSL_COEXIST` for wolfSSL + OpenSSL [92]
 o multissl: make openssl + wolfssl builds work [34]
 o netrc: 'default' with no credentials is not a match [108]
 o netrc: fix password-only entries [28]
 o netrc: restore _netrc fallback logic [6]
 o ngtcp2: fix memory leak on connect failure [225]
 o ngtcp2: fix two cases of value stored never read [65]
 o openssl: define `HAVE_KEYLOG_CALLBACK` before use [227]
 o openssl: drop unused `HAVE_SSL_GET_SHUTDOWN` macro [228]
 o openssl: fix ECH logic [67]
 o osslq: use SSL_poll to determine writeability of QUIC streams [139]
 o projects/Windows: remove wolfSSL from legacy projects [75]
 o projects: fix `INSTALL-CMAKE.md` references
 o pytest: remove 'repeat' parameter [182]
 o pytest: use httpd/apache2 directly, no apachectl [169]
 o RELEASE-PROCEDURE.md: mention how to publish security advisories [2]
 o runtests.pl: fix precedence issue [207]
 o scripts/mdlinkcheck: markdown link checker [19]
 o sectransp: free certificate on error [12]
 o select: avoid a NULL deref in cwfds_add_sock [128]
 o smb: fix compiler warning [112]
 o src: add `CURL_STRICMP()` macro, use `_stricmp()` on Windows [54]
 o src: drop support for `CURL_TESTDIR` debug env [121]
 o src: omit hugehelp and ca-embed from libcurltool [215]
 o ssl session cache: change cache dimensions [159]
 o strparse: string parsing helper functions [8]
 o symbols-in-versions: update version for LIBCURL_VERSION and \ 
LIBCURL_VERSION_NUM [193]
 o system.h: add 64-bit curl_off_t definitions for NonStop [11]
 o system.h: drop compilers lacking 64-bit integer type (Windows/MS-DOS) [155]
 o system.h: drop duplicate and no-op code [153]
 o system.h: fix indentation [142]
 o telnet: handle single-byte input option [177]
 o test1960: don't close the socket too early [220]
 o test483: require cookie support [98]
 o tests/http/clients: use proper sleep() call on NonStop [10]
 o tests: change the behavior of swsbounce [202]
 o tests: stop promoting perl warnings to fatal errors
 o TheArtOfHttpScripting.md: rewrite double 'that' [115]
 o tidy-up: `curl_setup.h`, `curl_setup_once.h`, `config-win32ce.h` [146]
 o tidy-up: drop parenthesis around `return` expression [167]
 o tidy-up: drop parenthesis around `return` values [134]
 o tidy-up: extend `CURL_O_BINARY` to lib and tests [195]
 o TLS: check connection for SSL use, not handler [181]
 o tool_formparse.c: make curlx_uztoso a static in here [39]
 o tool_formparse: accept digits in --form type= strings [33]
 o tool_getparam: ECH param parsing refix [150]
 o tool_getparam: fail --hostpubsha256 if libssh2 is not used [229]
 o tool_getparam: fix "Ignored Return Value" [21]
 o tool_getparam: fix memory leak on error in parse_ech [14]
 o tool_getparam: fix the ECH parser [20]
 o tool_operate: make --etag-compare always accept a non-existing file [22]
 o transfer: fix CURLOPT_CURLU override logic [171]
 o urlapi: fix redirect to a new fragment or query (only) [118]
 o urldata: tweak the UserDefined struct [240]
 o variable.md: mention --expand-variable for variables to variables [13]
 o variable.md: show function use with examples [18]
 o version: fix the IDN feature for winidn and appleidn [187]
 o vquic: fix 4th function call argument is an uninitialized value [70]
 o vquic: make vquic_send_packets not return without setting psent [69]
 o vtls: fix default SSL backend as a fallback [231]
 o vtls: only remember the expiry timestamp in session cache [110]
 o vtls: remove 'detach/attach' functions from TLS handler struct [25]
 o vtls: remove unusued 'check_cxn' from TLS handler struct [26]
 o vtls: replace "none"-functions with NULL pointers [27]
 o VULN-DISCLOSURE-POLICY.md: mention the not setting CVSS [23]
 o VULN-DISCLOSURE-POLICY: on legacy dependencies [239]
 o websocket: fix message send corruption [188]
 o windows: drop dupe macros, detect `CURL_OS` for WinCE ARM, indentation [183]
 o windows: drop redundant `USE_WIN32_SMALL_FILES` macro [145]
 o windows: drop two missed `buildconf.bat` references
 o windows: merge `config-win32ce.h` into `config-win32.h` [196]
 o ws-docs: extend WebSocket documentation [206]
 o ws-docs: remove the outdated texts saying ws support is experimental [15]
 o ws: reject frames with unknown reserved bits set [230]
 o x509asn1: add parse recursion limit [197]

Log message:
www/curl: Bump PKGREVISON for libcurl.pc change for NetBSD

Log message:
www/curl: Disable gssapi option for NetBSD

With gssapi option, libcurl.pc includes heimdal-gssapi in
Requires.private. And it is not supplied by heimdal in NetBSD base.
Then consumers of www/curl do not build.
Disable gssapi option by default for NetBSD as workaround.

Log message:
curl: remove patch-configure

didn't apply any longer

Log message:
curl: update to 8.11.1.

This release includes the following bugfixes:

 o build: fix ECH to always enable HTTPS RR [35]
 o build: fix MSVC UWP builds [32]
 o build: omit certain deps from `libcurl.pc` unless found via `pkg-config` [27]
 o build: use `_fseeki64()` on Windows, drop detections [41]
 o cmake: do not echo most inherited `LDFLAGS` to config files [55]
 o cmake: drop cmake args list from `buildinfo.txt` [8]
 o cmake: include `wolfssl/options.h` first [53]
 o cmake: remove legacy unused IMMEDIATE keyword [21]
 o cmake: restore cmake args list in `buildinfo.txt` [26]
 o cmake: set `CURL_STATICLIB` for static lib when `SHARE_LIB_OBJECT=OFF` [64]
 o cmake: sync GSS config code with other deps [28]
 o cmake: typo in comment
 o cmake: work around `ios.toolchain.cmake` breaking feature-detections [37]
 o cmakelint: fix to check root `CMakeLists.txt` [36]
 o cmdline/ech.md: formatting cleanups [13]
 o configure: add FIXMEs for disabled pkg-config references
 o configure: do not echo most inherited `LDFLAGS` to config files [31]
 o configure: replace `$#` shell syntax [25]
 o cookie: treat cookie name case sensitively [4]
 o curl-rustls.m4: keep existing `CPPFLAGS`/`LDFLAGS` when detected [40]
 o curl.h: mark two error codes as obsolete [19]
 o curl: --continue-at is mutually exclusive with --no-clobber [51]
 o curl: --continue-at is mutually exclusive with --range [61]
 o curl: --continue-at is mutually exclusive with --remove-on-error [50]
 o curl: --test-duphandle in debug builds runs "duphandled" [6]
 o curl: do more command line parsing in sub functions [71]
 o curl: rename struct var to fix AIX build [24]
 o curl: use realtime in trace timestamps [52]
 o curl_multi_socket_all.md: soften the deprecation warning [56]
 o CURLOPT_PREREQFUNCTION.md: add result code on failure [23]
 o digest: produce a shorter cnonce in Digest headers [70]
 o DISTROS: update Alt Linux links
 o dmaketgz: use --no-cache when building docker image [66]
 o docs: bring back ALTSVC.md and HSTS.md [76]
 o docs: document default `User-Agent` [57]
 o docs: suggest --ssl-reqd instead of --ftp-ssl [62]
 o duphandle: also init netrc [3]
 o ECH: enable support for the AWS-LC backend [5]
 o hostip: don't use the resolver for FQDN localhost [45]
 o http_negotiate: allow for a one byte larger channel binding buffer [63]
 o http_proxy: move dynhds_add_custom here from http.c [18]
 o KNOWN_BUGS: setting a disabled option should return CURLE_NOT_BUILT_IN [74]
 o krb5: fix socket/sockindex confusion, MSVC compiler warnings [22]
 o lib: fixes for wolfSSL OPENSSL_COEXIST [73]
 o libssh: use libssh sftp_aio to upload file [47]
 o libssh: when using IPv6 numerical address, add brackets [43]
 o macos: disable gcc `availability` workaround as needed [7]
 o mbedtls: call psa_crypt_init() in global init [2]
 o mime: fix reader stall on small read lengths [65]
 o mk-ca-bundle: remove CKA_NSS_SERVER_DISTRUST_AFTER conditions [39]
 o mprintf: fix the integer overflow checks [44]
 o multi: add clarifying comment for wakeup_write() [9]
 o multi: fix callback for `CURLMOPT_TIMERFUNCTION` not being called again \ 
when... [48]
 o netrc: address several netrc parser flaws [17]
 o netrc: support large file, longer lines, longer tokens [14]
 o nghttp2: use custom memory functions [1]
 o OpenSSL: improvde error message on expired certificate [59]
 o openssl: remove three "Useless Assignments" [72]
 o openssl: stop using SSL_CTX_ function prefix for our functions [20]
 o os400: Fix IBMi builds [33]
 o os400: Fix IBMi EBCDIC conversion of arguments [34]
 o pytest: add test for use of CURLMOPT_MAX_HOST_CONNECTIONS [60]
 o rtsp: check EOS in the RTSP receive and return an error code [49]
 o schannel: remove TLS 1.3 ciphersuite-list support [54]
 o setopt: fix CURLOPT_HTTP_CONTENT_DECODING [15]
 o setopt: fix missing options for builds without HTTP & MQTT [10]
 o show-headers.md: clarify the headers are saved with the data [58]
 o socket: handle binding to "host!<ip>" [16]
 o socketpair: fix enabling `USE_EVENTFD` [30]
 o strtok: use namespaced `strtok_r` macro instead of redefining it [29]
 o tests: add the ending time stamp in testcurl.pl
 o tests: re-enable 2086, and 472, 1299, 1613 for Windows [38]
 o TODO: consider OCSP stapling by default [11]
 o tool_formparse: remove use of sscanf() [68]
 o tool_getparam: parse --localport without using sscanf [67]
 o tool_getpass: fix UWP `-Wnull-dereference` [46]
 o tool_getpass: replace `getch()` call with `_getch()` on Windows [42]
 o tool_urlglob: parse character globbing range without sscanf [69]
 o vtls: fix compile warning when ALPN is not available [12]