[SpinRite]

Many have their favorite tools for HDD/SSD maintenance. If you have a license for Steve Gibson's SpinRite 6.0, you have a free entitlement to version 6.1 coming.

Quote

Take a moment to consider this: Whether data is stored magnetically on spinning magnetic discs, or electrostatic charges in SSDs and other flash media, mass storage devices have no way of determining how well data that was once written can still be read today unless they are asked to do so. It is only when a mass storage device is asked to read its data that it's able to discover whether or not that data is readable – and how quickly & easily. Until then, it must be taken on faith.

More…

 

[uBlock Origin (uBO)]

uBlock Origin (uBO)  v1.60.0 was released on 25-September-2024.

Download: Autoupdate or install from the browser's Add-ons source.

Homepage | Announcement, Release Notes & Downloads | Wiki | 

Quote

---

• Add advanced setting dnsResolveEnabled
• Fix contextual menu quirks
• Fix exception thrown in spoof-css in Firefox
• Throttle down repeated scriptlet logging information
• Improve scriptlet helper proxy-apply
• Add an entry in Report page for badware/phishing category
• New static network filter option urlskip=
• Rewrite cname uncloaking code to account for new ipaddress= option
• Avoid using dns.resolve() for proxied DNS resolution
• Add support for lan/loopback values to ipaddress= option
• New static network filter option ipaddress=
• Add ability to quote static network option values
• Improve prevent-fetch scriptlet
• Apply CSP/PP injections to object resources
• Improve xml-prune scriptlet
• Add support for application/dash+xml in replace= option
• Add ability to directly evaluate static network filtering engine
• Fix prevent-window-open for when logger is open
• Improve prevent-window-open scriptlet
• Improve validate-constant scriptlet helper
• Improve trusted-replace-outbound-text scriptlet
• Improve prevent-xhr scriptlet
• Add noop resources for redirect purpose
• Use helper function to lookup safe cookie values
• Add checked/unchecked to set-cookie (by @ryanbr)
• Add allowed/denied to set-local-storage-item (by @ryanbr)
• Fix plain exceptions not overriding block filters using header= option
• Improve various scriptlets
• Improve href-sanitizer scriptlet
• Improve remove-attr.js scriptlet
• Improve trusted-replace-node-text scriptlet

 

 

[LibreOffice]

LibreOffice | Homepage | Fresh & Still Branch Downloads | Global Mirrors | Multilingual Help | Release Notes |

Fresh & Still Branch Release Notes | FAQ | Forum (English Only) | Multilingual Wiki | Blog | Pre-releases Downloads |

The latest stable Branch 24.8.2.1 was released. (21-September-2024)

Quote

List of fixed bugs

Bugs fixed compared to 24.8.1 RC2:

1. cid#1607212 check of thread-shared field evades lock acquisition [Caolán McNamara]
2. cid#1607350 data race condition [Caolán McNamara]
3. cid#1607370 check of thread-shared field evades lock acquisition [Caolán McNamara]
4. cid#1607469 data race condition [Caolán McNamara]
5. cid#1608206 double lock [Caolán McNamara]
6. cid#1608497 double lock [Caolán McNamara]
7. cid#1608532 data race condition [Caolán McNamara]
8. cid#1619147 dereference before null check [Caolán McNamara]
9. cid#1619294 dereference null return value [Caolán McNamara]
10. i#109051 Support exit property [Mike Kaganski]
11. tdf#61313 CONDITIONAL FORMATTING: Icon set should have a color reverse switch [Xisco Fauli]
12. tdf#92064 LO unusable with Tibetan super long paragraphs [Jonathan Clark]
13. tdf#100037 FILEOPEN DOCX Image arrangement (in Z dimension) not respected [Justin Luth]
14. tdf#119785 RTL: DOC: closing parenthesis is displayed as LTR in embedded document [Jonathan Clark]
15. tdf#127610 NB Tabbed View Not Centered (macOS) [Patrick Luby]
16. tdf#129061 FILEOPEN PPTX: equation not displayed because Impress doesn't support inline formulas [Mike Kaganski]
17. tdf#130857 Qt5 implement theming using native widgets (weld) [Michael Weghorn]
18. tdf#133041 Sidebar: List style is not added back to hierarchy after undoing and redoing it (see comment 7) [Jim Raykowski]
19. tdf#135335 UNO API: SwXNumberingRules::getByIndex returns font style name in BulletFontName [Ashok]
20. tdf#143603 Opening a simple presentation has UNDO active [Mike Kaganski]
21. tdf#149865 FILEOPEN PPTX: table lacks border (outer right edge) [Balazs Varga]
22. tdf#151748 Bad Horizontal lines (kashida) in Arabic/Persian text inside a text box [Jonathan Clark]
23. tdf#152142 RTL Text sometimes falls out of the text box [Jonathan Clark]
24. tdf#152298 FILEOPEN DOCX Copying and pasting between table cells is slow (steps in comment 7) [Mike Kaganski]
25. tdf#155488 Calc 7.5.x.y – Chart export as svg without title of the y-Axis [Caolán McNamara]
26. tdf#155751 dBase: BETWEEN won't include first and last value in queries [Julien Nabet]
27. tdf#159032 crash with smart justify [Xisco Fauli]
28. tdf#160675 UI: Sidebar doesn't show width and height (nor X/Y coordinates) of object depending on timing [Caolán McNamara]
29. tdf#161007 Report Builder Wizard fails [Julien Nabet]
30. tdf#161256 Libreoffice crashes using gtk4 VCL on kde plasma wayland [Michael Weghorn]
31. tdf#161444 When switching sheets, newly-focused sheet should fire object:state-changed:focused prior to object:active-descendant-changed [Michael Weghorn]
32. tdf#161599 Extension is not handling formulas from MS Excel created files for all versions besides 7.3.7 [Eike Rathke]
33. tdf#161705 LO crashes with undo/redo of page numbering wizard's created bookmarks [Justin Luth]
34. tdf#161741 LO crashes with undo/redo of new header + some other change [Justin Luth]
35. tdf#161805 Chart line properties: icon and gallery drop down do not open by mouse hovering (first time) (Windows, kf5/kf6, gen) [Michael Weghorn]
36. tdf#161810 [DOCX] Justified text does not wrap correctly [László Németh]
37. tdf#161876 Readonly attribute of target file is ignored on "save as" in an other format. [Miklos Vajna]
38. tdf#162003 "System theme" uses Adwaita Light colour for page in KDE Plasma, instead of system colour scheme. (>= KF6 & Qt 6.7.2) [Michael Weghorn]
39. tdf#162109 Unexpected, wrong hanging punctuation/letter with JustifyLinesWithShrinking (no space shrinking in the last paragraph line, if needed) [László Németh]
40. tdf#162113 Font selection dialog messes up font variant selection when passing fonts without desired one [Caolán McNamara]
41. tdf#162220 LibreOffice 24 justifies a wide range of paragraphs incorrectly (in the case of paragraph lines without portions, i.e. without text spans) [László Németh]
42. tdf#162359 FILESAVE PDF/UA Comment exported as PDF annotation generates "Annotation is not nested inside an "Annot" structure element" error [Tibor Nagy]
43. tdf#162431 Executing method insertControlCharacter in Basic without parameter nControlCharacter does not throw error [Andreas Heinisch]
44. tdf#162455 EDITING Converting svg file to curves causes text in objects to disappear [Caolán McNamara]
45. tdf#162507 Page layout reflow after pressing delete causes hang (involving tables) [Miklos Vajna]
46. tdf#162524 Libreoffice autocorrects themself to themselves regardless of the context its used in [Ilmari Lauhakangas]
47. tdf#162582 Find toolbar's "Search key not found" error message has incompatible colors in dark mode, especially its icon (Sifr dark theme only) [Heiko Tietze]
48. tdf#162587 Error message "D'oh! You found a bug" in UNIQUE documentation [Olivier Hallot]
49. tdf#162651 Accepting cell input after AutoInput had covered the adjacent cell does not redraw the entire area (Windows, kf5/kf6, gen) [Caolán McNamara]
50. tdf#162656 Alt+X (.uno:UnicodeNotationToggle) deletes all characters like holding down the Backspace key [Mike Kaganski]
51. tdf#162657 Alt+X (.uno:UnicodeNotationToggle) deletes a base character with Variation Selector (VS17 or later) [Mike Kaganski]
52. tdf#162659 Embedded options in Options -> Load/Save -> Microsoft Office are not editable (cannot check/uncheck them) [Caolán McNamara]
53. tdf#162662 FILEOPEN DOCX: layout loop with 2 pages and a complex full-page group shape [Miklos Vajna]
54. tdf#162696 Installing a certain extension by dragging and dropping to Start Center fails and blocks UI (kf5/kf6) [Michael Weghorn]
55. tdf#162707 FILESAVE DOCX lost paragraph style with lots of numberings [Miklos Vajna]
56. tdf#162715 Pasting a text copied in another Writer session changes the theme [Mike Kaganski]
57. tdf#162724 CStr() and Format() should produce localized output for currency values [Mike Kaganski]
58. tdf#162725 DOCX smart justify: missing shrinking in last paragraph line with multiple portions [László Németh]
59. tdf#162732 Vertical alignment = middle [Caolán McNamara, Heiko Tietze]
60. tdf#162781 Table in DOCX may limit its width to an overlapping floating frame, instead of shifting down [Mike Kaganski]
61. tdf#162782 FILESAVE SVG: semi-transparent shape text in a bullet list crashes [Miklos Vajna]
62. tdf#162803 Spurious kashida in text box after font change [Jonathan Clark]
63. tdf#162823 A password-protected Basic library in an ODB created in 24.2 is lost after re-save in 24.8 [Michael Stahl]
64. tdf#162841 Re-saving a password-protected Basic library fails an assertion [Michael Stahl]
65. tdf#162866 LO 24.2.1 "acor_fr-FR.dat" not read by LO 24.2.5 and later versions [Michael Stahl]
66. tdf#162878 Reworked localized Impress templates look ugly in RU [Laurent Balland]
67. tdf#162884 German UI and styles: footnote number position should be superscript [Justin Luth]
68. tdf#162889 A11Y sidebar: warning does not disappear when page header is deleted [Balazs Varga]
69. tdf#162890 A11Y sidebar: warning does not disappear when page header content is deleted [Balazs Varga]
70. tdf#162899 Solver Options dialog should accept parameters of TypeClass BYTE and SHORT (it only accepts LONG) [Rafael Lima]
71. tdf#162911 Inserting multiple Hyperlinks and undoing an insertion (Ctrl-Z) crashes Writer [Xisco Fauli, Michael Stahl]
72. tdf#162926 Value/text in the Microsoft Word form is not visible in LibreOffice 24.8.0 [Justin Luth]
73. tdf#162935 Variable assignment within a BASIC WITH block fails [Mike Kaganski]
74. tdf#162937 Issues with resizing the Comment Sidebar in Writer [Rafael Lima]
75. tdf#162938 Import of Excel spreadsheet with conditional formatting is not presenting the same in Calc [Xisco Fauli]
76. tdf#162955 In the exported PDF comments are annotations with zero area bounding box [Tibor Nagy]
77. tdf#162958 When using formula with Impress Style is lost [Caolán McNamara]
78. tdf#162962 Scriptforge (python) doesn’t work anymore in LO 24.8.1 in Windows 11 [Mike Kaganski]
79. tdf#162987 Executing .uno:DataFilterAutoFilter on a hidden spreadsheet crashes [Mike Kaganski]
80. tdf#162988 A11Y sidebar: false warning about short hyperlink at top of page [Balazs Varga]
81. tdf#162990 Oversized lock-icon with SVG themes [Ilmari Lauhakangas]
82. tdf#163006 Layout loop control fires many times when loading a specific DOCX [Mike Kaganski]
83. tdf#163042 DOCX smart justify: bad cursor and pilcrow positions in last paragraph line with single portion [László Németh]
84. tdf#163064 --convert-to exports a broken OLE in a PPTX [Mike Kaganski]
85. tdf#163086 The "Pin" button is huge after updating [Ilmari Lauhakangas]

 

[Tor Browser]

The Tor Browser 13.5.5 (Windows, macOS, and Linux) has been released. (26-September-2024)
Tor Browser 13.5.5 is now available from the Tor Browser download page and also from our distribution directory.

Blog/Announcement | Full Changelog | 

Quote

Full changelog

The full changelog since Tor Browser 13.5.4 is:

• Windows + macOS
  • Bug tor-browser#43125: Update message for legacy OS (windows ≤8.1, macOS ≤10.14) users.
• Linux
  • Bug mullvad-browser#334: When set as default browser on Linux in standard mode, links don't open correctly.

 

 

[NoScript]

NoScript | Homepage | Changelog | Download | Usage | Community | FAQ | Forum | 

NoScript stable 11.4.40 has been released. (26-September-2024)

Autoupdate or Download

Quote

v 11.4.40
============================================================
x [nscl] Fix patched workers failures caused by Firefox webRequest filters disconnect() breaking on large files (thanks barbaz for reporting)

 

[Kaspersky Lab Closing U.S. Division; Laying Off Workers]

Quote

Kaspersky’s customers in the United States are being notified that their antimalware product subscription will be transferred to Pango’s UltraAV after the Russian company was banned from offering its software in the US.

more…

 

[Bitwarden Password Manager]

 

Bitwarden | Home Page | Download | FAQ | Release Notes | Blog |

The updated Bitwarden Password Manager v2024.9.0 has been released.  (19-September-2024)

Release notes & downloads for all editions

Quote

Bug-fixes and dependency updates

 

[1Password]

Wiki | 1Password | Downloads | Support | Release Notes | Blog | Newsletter | Password Generator | Username Generator |

1Password 8.10.45-2 for Windows has been released. (05-September-2024)

Quote

September 5, 2024

1Password for Windows 8.10.45

• We’ve fixed an issue where 1Password could fail to start due to an issue reported by Windows' Device Guard.

 

 

[Getting rid of silly red dot]

Hello @Hughmoz:

Regarding the red dot, a few MB5 clients have experienced issues with the licensing “onboarding process” and Malwarebytes staff suggests the following:

Please verify at “My Malwarebytes” that the MB5 license is properly registered before continuing. If properly registered:

Quote

1. Open MB5's GUI and select My Subscription from the top-right corner menu.
2. Deactivate this device from your current subscription.
3. Activate it again.

Restart macOS and reply with the status of the red dot issue.

Thank you.

[Getting rid of silly red dot]

Hello @Hughmoz:

Please excuse the response delay for rest. The above updated result is appreciated.

Please download and install Malwarebytes for Mac v5.5.4.1744 over the top of the existing MB5 install.

Integrity check - SHA256: e9ff74477679d4dcc8ac25a2f45e5cf44f9dd28ef9403d8c691097ce51ed242d

Please reply with the results of the update and the red dot issue.

Thank you.

[cURL]

cURL and libcurl 8.10.1 have been released. (18-September-2024)

Website | Download | News | Releaselogs | Changelog | Video Presentations | Documentation | Tutorial | FAQ | Comparison Table | 

Quote

Fixed in 8.10.1 - September 18, 2024

8.10.1 8.10.1 8.10.1 changes only

Bugfixes:

• autotools: fix `--with-ca-embed` build rule
• cmake: ensure `CURL_USE_OPENSSL`/`USE_OPENSSL_QUIC` are set in sync
• cmake: fix MSH3 to appear on the feature list
• connect: store connection info when really done
• CURLMOPT_TIMERFUNCTION.md: emphasize that only a single timer should run
• FTP: partly revert eeb7c1280742f5c8fa48a4340fc1e1a1a2c7075a
• http2: when uploading data from stdin, fix eos forwarding
• http: make max-filesize check not count ignored bodies
• lib: fix AF_INET6 use outside of USE_IPV6
• libcurl-docs: CURLINFO_LOCAL_* work for QUIC as well as TCP
• multi: check that the multi handle is valid in curl_multi_assign
• QUIC: on connect, keep on trying on draining server
• request: correctly reset the eos_sent flag
• runtests: accecpt 'quictls' as OpenSSL compatible
• rustls: fixed minor logic bug in default cipher selection
• rustls: rustls-ffi 0.14.0 update
• rustls: support strong CSRNG data
• setopt: remove superfluous use of ternary expressions
• singleuse: drop `Curl_memrchr()` for no-HTTP builds
• test537: cap the rlimit max this test runs
• tests: tweak lock file handling and timers
• tool_cb_wrt: use "curl_response" if no file name in URL
• transfer: fix sendrecv() without interim poll
• vtls: fix `Curl_ssl_conn_config_match` doc param

 

 

[Getting rid of silly red dot]

Hello @Hughmoz:

Please repeat the procedure from my second post.

Thank you.

[Getting rid of silly red dot]

Hello @Hughmoz:

For the sake of clarity, and before we go after the red dot issue, please copy/paste/run the command line I sent you in my second reply to your topic.

As before, please copy/paste the result into your next reply.

Thank you.

[Notepad++ Updates]

 

Notepad++ | Homepage | Releases | Downloads, Hashes & Bug-Fixes | News | Resources | Wiki | FAQ | User Manual | Forum |

v8.7 has been released. (17-September-2024)

Quote

Notepad++ v8.7 bug-fixes & enhancements:

1. Update to scintilla 5.5.2 & Lexilla 5.4.0. (Implement #15564)
2. Fix monitoring large files with frequent writes freezing the UI issue. (Fix #9661, #15611)
3. Fix regression of multiple selections in comboboxes of Find dialog. (Fix #15583)
4. Fix a single undo reverting many changes issue. (Fix #9426)
5. Improve Styler Configurator performance considerably. (Fix #12436, implement #15565)
6. Fix CVE-2014-9456 (but CVE-2014-9456 is not a “Security Vulnerability”). (Fix #12669)
7. Make find dialog status messages color customizable via Style Configurator. (Fix #5087)
8. Make individual tab color customizable via Style Configurator. (Fix #12156)
9. Add new plugin command NPPM_GETNATIVELANGFILENAME & notification NPPN_NATIVELANGCHANGED for native language being changed. (Fix #15513)
10. Fix Folder as Workspace sorting problem for network storage (Samba, WebDAV, WSL, etc.). (Fix #10557, #15397)
11. Fix closing unsaved clone document causing periodic backup loss issue. (Fix #8227)
12. Fix Style Config’s “User-defined keywords” not being saved properly after emptying it. (Fix #15543, #14303)
13. Add user-defined keyword ability for some supported programming languages (ActionScript, ASP, Bash, C, C++, C#, GDScript, Go, HTML, Java, JS, JSP, Lua, PHP, Python, RC, Swift, TypeScript, & XML). (Fix #15520)
14. Add Fluent Icons for enhancing FunctionList, Folder as Workspace & project panels’ icons in lite mode. (Implement #15541, #15532)
15. Fix Python smart indent issue when a string or comment line ends with a colon. (Fix #15528, #15534)
16. Add file type filters for UDL in Save dialogs. (Fix #8083, #11096)
17. Add TOML language (TOML format) support. (Fix #5631)
18. Add function list for TeX/LaTeX. (Implement #15595)
19. Recognize Cython files as Python. (Fix 3069#, #3767)
20. Fix edit zone not getting focus while clicking the active tab. (Fix #8446)
21. Add the ability to open the copy automatically after the “Save a Copy” command. (Fix #11861)
22. Fix inability to paste after removing read-only via menu. (Fix issue)
23. Add one more option for auto-indent, so C-Like language indent can be disabled. (Fix #15396)
24. Fix Style Configurator regression: “URL hovered”’s “Go to Settings” not working. (Fix #15493)

 

 

[Getting rid of silly red dot]

Hello @Hughmoz:

I apologize for this reply's delay. (sleep) The above attachment is greatly appreciated.

1.) If you are unwilling to upgrade the 2021 iMac21,1 to macOS 15.0 Sequoia, perhaps you would be willing to update to yesterday's macOS 14.7 Sonoma with an eye towards a Sequoia update soon after.

2.) The installed version of Malwarebytes for Mac (MB5) is four (4) releases behind (v5.5.4.1744) which may complicate your original red dot icon issue. Fortunately, the MB5's protection database is up-to-date. (4.0.652)

HTH and thank you.

[Tor Browser]

The Tor Browser 13.5.4 (All Platforms) has been released. (17-September-2024)
Tor Browser 13.5.4 is now available from the Tor Browser download page and also from our distribution directory.

Blog/Announcement | Full Changelog | 

Quote

Full changelog

The full changelog since Tor Browser 13.5.3 is:

• All Platforms
  • Updated NoScript to 11.4.37
  • Updated OpenSSL to 3.0.15
• Windows + macOS + Linux
  • Bug tor-browser#41835: Review default search engine options
• Android
  • Bug tor-browser#43124: Implement a migration procedure for Android
  • Bug tor-browser#43145: Backport Android security fix from 130.0.1
• Build System
  • All Platforms
    • Bug tor-browser-build#41229: Migrate OpenSSL download location to GitHub releases
  • macOS
    • Bug tor-browser-build#41231: Use var/browser_release_date in tools/signing/gatekeeper-bundling.sh

 

 

[Getting rid of silly red dot]

Hello @Hughmoz:

Before going further, please gather data for Malwarebytes staffers/developers by launching the macOS Terminal.app and copy/paste/run the following command:

/usr/sbin/system_profiler SPHardwareDataType && /usr/sbin/system_profiler SPSoftwareDataType | grep System\ Version && grep version /Library/Application\ Support/Malwarebytes/MBAM/LogsEx/product.info && grep license /Library/Application\ Support/Malwarebytes/MBAM/LogsEx/product.info

Then, please copy/paste the command result into your next reply to this topic.

Thank you.

[Getting rid of silly red dot]

Hello @Hughmoz and :

When you select the red dot in the macOS Menu Bar, is the red dot replaced with a black Malwarebytes icon?

Thank you.

[Firefox 130.0.1 release now available]

Version 130.0.1, first offered to Release channel users on September 17, 2024

Quote

Fixed

• Fixed a recent regression causing some UI elements to be rendered as left-to-right instead of right-to-left for users of our Saraiki localization. (Bug 1917175)

• Linux: Fixed black rendering of AVIF images when Firefox is built with GCC. (Bug 1916038)

 

[Suspected H_C_HARDENINGTOOLS AI False Positives]

Received from a MB5 owner in an allied forum. Can these error notifications be corrected? Thank you.

 

AI FP.txt

[Tails]

 

Tails 6.7 (stable) has been released. (10-September-2024)
Home | Downloads | Hashes | Changelog | Documentation | Support | FAQ | Known issues | News | 

Quote

Changes and updates

• Update Tor Browser to 13.5.3.

• Update Thunderbird to 115.15.0.

• Update OnionShare from 2.2 to 2.6, which includes a feature to create an anonymous chat room.

  

  

Fixed problems

• Keep the firewall on even during shutdown. (#20536)

• Stop reporting an error when starting an old Tails USB stick with a system partition of 2.5 GB. (#20519)

For more details, read our changelog.

 

[Bruce Schneier's Crypto-Gram]

Schneier on Security, September 15, 2024

Quote

In this issue:

1. NIST Releases First Post-Quantum Encryption Algorithms
2. New Windows IPv6 Zero-Click Vulnerability
3. The State of Ransomware
4. Hacking Wireless Bicycle Shifters
5. Story of an Undercover CIA Officer who Penetrated Al-Qaeda
6. Surveillance Watch
7. Take a Selfie Using a NY Surveillance Camera
8. US Federal Court Rules Against Geofence Warrants
9. The Present and Future of TV Surveillance
10. Matthew Green on Telegram’s Encryption
11. Adm. Grace Hopper’s 1982 NSA Lecture Has Been Published
12. SQL Injection Attack on Airport Security
13. List of Old NSA Training Videos
14. Security Researcher Sued for Disproving Government Statements
15. Long Analysis of the M-209
16. YubiKey Side-Channel Attack
17. Australia Threatens to Force Companies to Break Encryption
18. New Chrome Zero-Day
19. Evaluating the Effectiveness of Reward Modeling of Generative AI Systems
20. Microsoft Is Adding New Cryptography Algorithms
21. My TedXBillings Talk
22. Upcoming Speaking Engagements

 

[cURL]

cURL and libcurl 8.10.0 have been released. (11-September-2024)

Website | Download | News | Releaselogs | Changelog | Video Presentations | Documentation | Tutorial | FAQ | Comparison Table | 

Quote

Changes:

• autotools: add `--enable-windows-unicode` option
• curl: --help [option] displays documentation for given cmdline option
• curl: add --skip-existing
• curl: for -O, use “default” as filename when the URL has none
• curl: make --rate accept “number of units”
• curl: make --show-headers the same as --include
• curl: support --dump-header % to direct to stderr
• curl: support embedding a CA bundle and --dump-ca-embed
• curl: support repeated use of the verbose option; -vv etc
• curl: use libuv for parallel transfers with --test-event
• getinfo: add CURLINFO_POSTTRANSFER_TIME_T
• mbedtls: add CURLOPT_TLS13_CIPHERS support
• rustls: add support for setting TLS version and ciphers
• vtls: stop offering alpn http/1.1 for http2-prior-knowledge
• wolfssl: add CURLOPT_TLS13_CIPHERS support
• wolfssl: add support for ssl cert blob / ssl key blob options

Bugfixes:

• asyn-thread: stop using GetAddrInfoExW on Windows
• autotools: fix MS-DOS builds
• autotools: fix typo in tests/data target
• aws_sigv4: fix canon order for headers with same prefix
• bearssl: fix setting tls version
• bearssl: improve shutdown handling
• BINDINGS: add zig binding
• build: add `iphlpapi` lib for libssh on Windows
• build: add `poll()` detection for cross-builds
• build: add options to disable SHA-512/256 hash algo
• build: check OS-native IDN first, then libidn2
• build: delete unused `REQUIRE_LIB_DEPS`
• build: drop unused `NROFF` reference
• build: drop unused feature-detection code for Apple `poll()`
• build: generate `buildinfo.txt` for test logs
• build: improve compiler version detection portability
• build: make `CURL_FORMAT_CURL_OFF_T` work with mingw-w64 <=7.0.0

build: silence C4232 MSVC warnings in vcpkg ngtcp2 builds build: use -Wno-format-overflow buildconf.bat: fix tool_hugehelp.c generation cf-socket: fix pollset for listening cf-socket: prevent KEEPALIVE_FACTOR being set to 1000 for Windows cfilters: send flush CHANGES: rename to CHANGES.md, no longer generated CI: enable parallel testing in CI builds ci: Update actions/upload-artifact digest to 89ef406 cmake: `Libs.private` improvements cmake: add `CURL_USE_PKGCONFIG` option cmake: add Linux CI job, fix pytest with cmake cmake: add math library when using wolfssl and ngtcp2 cmake: add missing `pkg-config` hints to Find modules cmake: add missing version detection to Find modules cmake: add rustls cmake: add support for versioned symbols option cmake: add wolfSSH support cmake: allow `pkg-config` in more envs cmake: cleanup header paths cmake: default `CURL_DISABLE_LDAPS` to the value of `CURL_DISABLE_LDAP` cmake: delete MSVC warning suppression for tests/server cmake: detect `nghttp2` via `pkg-config`, enable by default cmake: detect and show VCPKG in platform flags cmake: distcheck for files in CMake subdir cmake: drop custom `CMakeOutput.log`/`CMakeError.log` logs cmake: drop libssh CONFIG-style detection cmake: drop no-op `tests/data/CMakeLists.txt` cmake: drop reference to undefined variable cmake: drop unused `HAVE_IDNA_STRERROR` cmake: drop unused internal variable cmake: exclude tests/http/clients builds by default cmake: fix `GSS_VERSION` for Heimdal found via pkg-config cmake: fix `pkg-config`-based detection in `FindGSS.cmake` cmake: fix and tidy up c-ares builds, enable in more CI jobs cmake: fix find rustls cmake: fixup linking libgsasl when detected via CMake-native cmake: honor custom `CMAKE_UNITY_BUILD_BATCH_SIZE` cmake: limit `pkg-config` to UNIX and MSVC+vcpkg by default cmake: limit libidn2 `pkg-config` detection to `UNIX` cmake: migrate dependency detections to Find modules cmake: more small tidy-ups and fixes cmake: rename wolfSSL and zstd config variables to uppercase cmake: respect cflags/libdirs of native pkg-config detections cmake: show CMake platform/compiler flags cmake: show warning if libpsl is not found cmake: sync code between test/example targets cmake: sync up formatting in Find modules cmake: TLS 1.3 warning only for bearssl and sectranp cmake: update `curl-config.cmake.in` template var list cmake: update list of “advanced” variables cmake: use numeric comparison for `HAVE_WIN32_WINNT` cmdline-opts: language fix for expect100-timeout.md and max-time.md configure: delete unused `CURL_DEFINE_UNQUOTED` function configure: delete unused `HAVE_OPENSSL3` macro configure: delete unused `m4/xc-translit.m4` configure: detect AppleIDN configure: fail if PSL is not disabled but not found configure: fix WinIDN builds targeting old Windows configure: remove USE_EXPLICIT_LIB_DEPS configure: replace nonportable grep -o with awk connect: always prefer ipv6 in IP eyeballing connect: limit update IP info cookie.md: try to articulate the two different uses this option has curl: allow 500MB data URL encode strings curl: find curlrc in XDG_CONFIG_HOME without leading dot curl: fix --proxy-pinnedpubkey curl: fix the -w urle.* variables curl: make the progress bar detect terminal width changes curl: warn on unsupported SSL options Curl_rand_bytes to control env override curl_sha512_256: fix symbol collisions with nettle library CURLMOPT_SOCKETFUNCTION.md: expand on the easy argument CURLOPT_XFERINFOFUNCTION: clarify the callback return codes dist: add missing `docs/examples/CMakeLists.txt` dist: add missing `FindNettle.cmake` dist: add missing `lib/optiontable.pl` dist: add missing `test_*.py` scripts dist: drop buildconf dist: fix reproducible build from release tarball dmaketgz: only run 'make distclean' if Makefile exists docs/SSLCERTS: rewrite docs: add description of effect of --location-trusted on cookie docs: document the (weak) random value situation in rustls builds docs: fix some examples in man pages docs: improve cipher options documentation docs: mention “@-” in more places docs: remove ALTSVC.md, HSTS.md, HTTP2.md and PARALLEL-TRANSFERS.md docs: update CIPHERS.md doh-url.md: point out DOH server IP pinning doh: remove redundant checks easy: fix curl_easy_upkeep for shared connection caches escape: allow curl_easy_escape to generate 3*input length output FEATURES.md: fix typo ftp: always offer line end conversions ftp: flush pingpong before response getinfo: return zero for unsupported options (when disabled) GHA/windows: enable MulitSSL in an MSVC job GHA: scan git repository and detect unvetted binary files gnutls/wolfssl: improve error message when certificate fails gnutls: send all data gtls: fix OCSP stapling management haproxy: send though next filter hash: provide asserts to verify API use http/2: simplify eos/blocked handling http2+h3 filters: fix ctx init http2: fix GOAWAY message sent to server http2: improve rate limiting of downloads http2: improved upload eos handling http3.md: mention how the fallback can be h1 or h2 hyper: call Curl_req_set_upload_done() idn: more strictly check AppleIDN errors idn: support non-UTF-8 input under AppleIDN INSTALL.md: MultiSSL and QUIC are mutually exclusive KNOWN_BUGS: “special characers” in URL works with aws-sigv4 krb5: add Linux/macOS CI tests, fix cmake GSS detection krb5: fix `-Wcast-align` lib: add eos flag to send methods lib: avoid macro collisions between wolfSSL and GnuTLS headers lib: convert some debugf()s into traces lib: delete stray undefs for `vsnprintf`, `vsprintf` lib: fix AIX build issues lib: fix building with wolfSSL without DES support lib: make SSPI global symbols use Curl_ prefix lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name lib: remove the final strncpy() calls lib: remove use of RANDOM_FILE libcurl.def: move from / into lib libcurl.pc: add `Cflags.private` libcurl.pc: add reference to `libgsasl` libcurl/docs: expand on redirect following and secrets to other hosts llist: remove direct struct accesses, use only functions Makefile.dist: fix `ca-firefox` target Makefile.mk: fixup enabling libidn2 Makefile: remove 'scripts' duplicate from DIST_SUBDIRS maketgz: accept option to include latest commit hash maketgz: fix RELEASE-TOOLS.md for daily tarballs maketgz: move from / into scripts managen: fix superfluous leading blank line in quoted sections managen: in man output, remove the leading space from examples managen: wordwrap long example lines in ASCII output manpage: ensure a maximum width for the text version max-filesize.md: mention zero disables the limit mbedtls: add more informative logging mbedtls: fix setting tls version mbedtls: no longer use MBEDTLS_SSL_VERIFY_OPTIONAL mime: avoid inifite loop in client reader mk-ca-bundle.pl: include a link to the caextract webpage multi: make the “general” list of easy handles a Curl_llist multi: on socket callback error, remove socket hash entry nonetheless ngtcp2/osslq: remove NULL pointer dereferences ngtcp2: use NGHTTP3 prefix instead of NGTCP2 for errors in h3 callbacks openssl quic: fix memory leak openssl: certinfo errors now fail correctly openssl: fix the data race when sharing an SSL session between threads openssl: improve shutdown handling pingpong: drain the input buffer when reading responses POP3: fix multi-line responses pop3: use the protocol handler ->write_resp printf: fix mingw-w64 format checks progress: ratelimit/progress tweaks pytests: add tests for HEAD requests in all HTTP versions rand: only provide weak random when needed runtests: if DISABLED cannot be read, error out runtests: log ignored but passed tests runtests: remove “has_textaware” rustls: fix setting tls version rustls: make all tests pass schannel: avoid malloc for CAinfo_blob_digest scorecard: tweak request measurements sectransp: fix setting tls version SECURITY: mention OpenSSF best practices gold badge setopt: allow CURLOPT_INTERFACE to be set to NULL setopt: let CURLOPT_ECH set to NULL reset to default setopt: make CURLOPT_TFTP_BLKSIZE accept bad values sha256: fix symbol collision between nettle (GnuTLS) and OpenSSL share: don't reinitialize conncache sigpipe: init the struct so that first apply ignores smb: convert superflous assign into assert smtp: add tracing feature splay: use access functions, add asserts, use Curl_timediff spnego_gssapi: implement TLS channel bindings for openssl src: delete `curlx_m*printf()` aliases src: fix potential macro confusion in cmake unity builds src: namespace symbols clashing with lib src: replace copy of printf mappings with an include ssh: deduplicate SSH backend includes (and fix libssh cmake unity build) system_win32: fix typo test httpd: tweak cipher list test1521: verify setting options to NULL better test1707: output diff more for debugging differences in CI outputs test556: improve robustness test579: improve robustness test587: improve robustness test649: improve robustness test677: improve robustness tests/runner: only allow [!A-Za-z0-9_-] in %if feature names tests: constrain http pytest to tests/http directory tests: don't mangle output if hostname or type unknown tests: ignore QUIT from FTP protocol comparisons tests: provide docs as curldown, not nroff tidy-up: misc build, tests, `lib/macos.c` tidy-up: OS names tool_operhlp: fix “potentially uninitialized local variable 'pc' used” tool_paramhlp: bump maximum post data size in memory to 16GB transfer: Curl_sendrecv() and event related improvements transfer: remove comments, add asserts transfer: skip EOS read when download done url: dns_entry related improvements url: fix connection reuse for HTTP/2 upgrades urlapi: verify URL *decoded* hostname when set urldata: introduce `data->mid`, a unique identifier inside a multi urldata: remove 'scratch' from the UrlState struct urldata: remove crlf_conversions counter urldata: remove proxy_connect_closed bit verify-release: shell script that verifies a release tarball version: fix shadowing a `libssh.h` symbol vtls: add SSLSUPP_CIPHER_LIST vtls: fix MSVC 'cast truncates constant value' warning vtls: fix static function name collisions between TLS backends vtls: init ssl peer only once websocket: introduce blocking sends wolfssl: avoid taking cached x509 store ref if sslctx already using it wolfssl: fix CURLOPT_SSLVERSION wolfssl: fix setting tls version wolfssl: improve shutdown handling ws: flags to opcodes should ignore CURLWS_CONT flag x509asn1: raise size limit for x509 certification information

 

[NoScript]

 

NoScript | Homepage | Changelog | Download | Usage | Community | FAQ | Forum | 

NoScript stable 11.4.37 has been released. (08-September-2024)

Autoupdate or Download

v 11.4.37
============================================================
x [nscl] Do not patch windows with WebGLHook if webgl is
  globally disabled
x [nscl] Do not patch workers if webgl is globally disabled
x [L10n] Updated uk
x [nscl] Workers-aware WebGL Hook

[Error updating Browser Guard]

I just checked again and all seems well. The version of Chrome in this and previous tests is 128.0.6613.120

Thank you.