From f899e914315d220ecdc5fa976c0a569d0c25269f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 6 Dec 2023 23:23:06 +0100
Subject: [PATCH] RELEASE-NOTES: synced

Bumped to 8.5.1
---
 RELEASE-NOTES          | 405 ++---------------------------------------
 include/curl/curlver.h |   6 +-
 2 files changed, 18 insertions(+), 393 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 3f7dc99f6824..a673f1106e67 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,206 +1,21 @@
-curl and libcurl 8.5.0
+curl and libcurl 8.5.1
 
  Public curl releases:         253
  Command line options:         258
  curl_easy_setopt() options:   303
  Public functions in libcurl:  93
- Contributors:                 3039
+ Contributors:                 3042
 
 This release includes the following changes:
 
- o gnutls: support CURLSSLOPT_NATIVE_CA [31]
- o HTTP3: ngtcp2 builds are no longer experimental [77]
 
 This release includes the following bugfixes:
 
- o appveyor: make VS2008-built curl tool runnable [93]
- o asyn-thread: use pipe instead of socketpair for IPC when available [4]
- o autotools: accept linker flags via `CURL_LDFLAGS_{LIB,BIN}` [128]
- o autotools: avoid passing `LDFLAGS` twice to libcurl [127]
- o autotools: delete LCC compiler support bits [137]
- o autotools: fix/improve gcc and Apple clang version detection [136]
- o autotools: stop setting `-std=gnu89` with `--enable-warnings` [135]
- o autotools: update references to deleted `crypt-auth` option [46]
- o BINDINGS: add V binding [54]
- o build: add `src/.checksrc` to source tarball [1]
- o build: add more picky warnings and fix them [172]
- o build: always revert `#pragma GCC diagnostic` after use [143]
- o build: delete `HAVE_STDINT_H` and `HAVE_INTTYPES_H` [107]
- o build: delete support bits for obsolete Windows compilers [106]
- o build: fix 'threadsafe' feature detection for older gcc [19]
- o build: fix builds that disable protocols but not digest auth [174]
- o build: fix compiler warning with auths disabled [85]
- o build: fix libssh2 + `CURL_DISABLE_DIGEST_AUTH` + `CURL_DISABLE_AWS` [120]
- o build: picky warning updates [125]
- o build: require Windows XP or newer [86]
- o cfilter: provide call to tell connection to forget a socket [65]
- o checksrc.pl: support #line instructions
- o CI: add autotools, out-of-tree, debug build to distro check job [14]
- o CI: ignore test 286 on Appveyor gcc 9 build [6]
- o cmake: add `CURL_DISABLE_BINDLOCAL` option [146]
- o cmake: add test for `DISABLE` options, add `CURL_DISABLE_HEADERS_API` [138]
- o cmake: dedupe Windows system libs [114]
- o cmake: fix `HAVE_H_ERRNO_ASSIGNABLE` detection [2]
- o cmake: fix CURL_DISABLE_GETOPTIONS [12]
- o cmake: fix multiple include of CURL package [96]
- o cmake: fix OpenSSL quic detection in quiche builds [56]
- o cmake: option to disable install & drop `curlu` target when unused [72]
- o cmake: pre-fill rest of detection values for Windows [50]
- o cmake: replace `check_library_exists_concat()` [23]
- o cmake: speed up threads setup for Windows [68]
- o cmake: speed up zstd detection [69]
- o config-win32: set `HAVE_SNPRINTF` for mingw-w64 [123]
- o configure: better --disable-http [80]
- o configure: check for the fseeko declaration too [55]
- o conncache: use the closure handle when disconnecting surplus connections [173]
- o content_encoding: make Curl_all_content_encodings allocless [101]
- o cookie: lowercase the domain names before PSL checks [160]
- o curl.h: delete Symbian OS references [162]
- o curl.h: on FreeBSD include sys/param.h instead of osreldate.h [21]
- o curl.rc: switch out the copyright symbol for plain ASCII [167]
- o curl: improved IPFS and IPNS URL support [87]
- o curl_easy_duphandle.3: clarify how HSTS and alt-svc are duped [99]
- o Curl_http_body: cleanup properly when Curl_getformdata errors [152]
- o curl_setup: disallow Windows IPv6 builds missing getaddrinfo [57]
- o curl_sspi: support more revocation error names in error messages [95]
- o CURLINFO_PRETRANSFER_TIME_T.3: fix time explanation [181]
- o CURLMOPT_MAX_CONCURRENT_STREAMS: make sure the set value is within range [165]
- o CURLOPT_CAINFO_BLOB.3: explain what CURL_BLOB_COPY does [113]
- o CURLOPT_WRITEFUNCTION.3: clarify libcurl returns for CURL_WRITEFUNC_ERROR [45]
- o CURPOST_POSTFIELDS.3: add CURLOPT_COPYPOSTFIELDS in SEE ALSO
- o docs/example/keepalive.c: show TCP keep-alive options [73]
- o docs/example/localport.c: show off CURLOPT_LOCALPORT [83]
- o docs/examples/interface.c: show CURLOPT_INTERFACE use [84]
- o docs/libcurl: fix three minor man page format mistakes [26]
- o docs/libcurl: SYNSOPSIS cleanup [150]
- o docs: add supported version for the json write-out [92]
- o docs: clarify that curl passes on input unfiltered [47]
- o docs: fix function typo in curl_easy_option_next.3 [36]
- o docs: KNOWN_BUGS cleanup
- o docs: make all examples in all libcurl man pages compile [175]
- o docs: preserve the modification date when copying the prebuilt man page [89]
- o docs: remove bold from some man page SYNOPSIS sections [90]
- o docs: use SOURCE_DATE_EPOCH for generated manpages [16]
- o doh: provide better return code for responses w/o addresses [133]
- o doh: use PIPEWAIT when HTTP/2 is attempted [63]
- o duphandle: also free 'outcurl->cookies' in error path [122]
- o duphandle: make dupset() not return with pointers to old alloced data [109]
- o duphandle: use strdup to clone *COPYPOSTFIELDS if size is not set [132]
- o easy: in duphandle, init the cookies for the new handle [131]
- o easy: remove duplicate wolfSSH init call [37]
- o easy_lock: add a pthread_mutex_t fallback [13]
- o examples/rtsp-options.c: add [157]
- o fopen: create new file using old file's mode [153]
- o fopen: create short(er) temporary file name [155]
- o getenv: PlayStation doesn't have getenv() [41]
- o GHA: move mod_h2 version in CI to v2.0.25 [43]
- o hostip: show the list of IPs when resolving is done [35]
- o hostip: silence compiler warning `-Wparentheses-equality` [62]
- o hsts: skip single-dot hostname [67]
- o HTTP/2, HTTP/3: handle detach of onoing transfers [134]
- o http2: header conversion tightening [33]
- o http2: provide an error callback and failf the message [53]
- o http2: safer invocation of populate_binsettings [8]
- o http: allow longer HTTP/2 request method names [112]
- o http: avoid Expect: 100-continue if Upgrade: is used [15]
- o http: consider resume with CURLOPT_FAILONERRROR and 416 to be fine [81]
- o http: fix `-Wunused-parameter` with no auth and no proxy [149]
- o http: fix `-Wunused-variable` compiler warning [115]
- o http: fix empty-body warning [76]
- o http_aws_sigv4: canonicalise valueless query params [88]
- o hyper: temporarily remove HTTP/2 support [139]
- o INSTALL: update list of ports and CPU archs
- o IPFS: fix IPFS_PATH and file parsing [119]
- o keylog: disable if unused [145]
- o lib: add and use Curl_strndup() [97]
- o lib: apache style infof and trace macros/functions [71]
- o lib: fix gcc warning in printf call [7]
- o libcurl-errors.3: sync with current public headers [156]
- o libcurl-thread.3: simplify the TLS section [79]
- o Makefile.am: drop vc10, vc11 and vc12 projects from dist [103]
- o Makefile.mk: fix `-rtmp` option for non-Windows
- o mime: store "form escape" as a single bit [170]
- o misc: fix -Walloc-size warnings [118]
- o msh3: error when built with CURL_DISABLE_SOCKETPAIR set [61]
- o multi: during ratelimit multi_getsock should return no sockets [182]
- o multi: use pipe instead of socketpair to *wakeup() [18]
- o ngtcp2: fix races in stream handling [178]
- o ngtcp2: ignore errors on unknown streams [158]
- o ntlm_wb: use pipe instead of socketpair when possible [44]
- o openldap: move the alloc of ldapconninfo to *connect() [29]
- o openldap: set the callback argument in oldap_do [30]
- o openssl: avoid BN_num_bits() NULL pointer derefs [9]
- o openssl: fix building with v3 `no-deprecated` + add CI test [161]
- o openssl: fix infof() to avoid compiler warning for %s with null [70]
- o openssl: identify the "quictls" backend correctly [82]
- o openssl: include SIG and KEM algorithms in verbose [52]
- o openssl: make CURLSSLOPT_NATIVE_CA import Windows intermediate CAs [58]
- o openssl: two multi pointer checks should probably rather be asserts [91]
- o openssl: when a session-ID is reused, skip OCSP stapling [142]
- o page-footer: clarify exit code 25 [51]
- o projects: add VC14.20 project files [104]
- o pytest: use lower count in repeat tests [98]
- o quic: make eyeballers connect retries stop at weird replies [140]
- o quic: manage connection idle timeouts [5]
- o quiche: use quiche_conn_peer_transport_params() [116]
- o rand: fix build error with autotools + LibreSSL [111]
- o resolve.d: drop a multi use-sentence [100]
- o RTSP: improved RTP parser [32]
- o rustls: implement connect_blocking [154]
- o sasl: fix `-Wunused-function` compiler warning [124]
- o schannel: add CA cache support for files and memory blobs [121]
- o setopt: check CURLOPT_TFTP_BLKSIZE range on set [171]
- o setopt: remove outdated cookie comment [64]
- o setopt: remove superfluous use of ternary expressions [169]
- o socks: better buffer size checks for socks4a user and hostname [20]
- o socks: make SOCKS5 use the CURLOPT_IPRESOLVE choice [38]
- o symbols-in-versions: the CLOSEPOLICY options are deprecated
- o test1683: remove commented-out check alternatives
- o test3103: add missing quotes around a test tag attribute
- o test613: stop showing an error on missing output file
- o tests/README: SOCKS tests are not using OpenSSH, it has its own server [48]
- o tests/server: add more SOCKS5 handshake error checking [27]
- o tests: Fix Windows test helper tool search & use it for handle64 [17]
- o tidy-up: casing typos, delete unused Windows version aliases [144]
- o tool: fix --capath when proxy support is disabled [28]
- o tool: support bold headers in Windows [117]
- o tool_cb_hdr: add an additional parsing check [129]
- o tool_cb_prg: make the carriage return fit for wide progress bars [159]
- o tool_cb_wrt: fix write output for very old Windows versions [24]
- o tool_getparam: limit --rate to be smaller than number of ms [3]
- o tool_operate: do not mix memory models [108]
- o tool_operate: fix links in ipfs errors [22]
- o tool_parsecfg: make warning output propose double-quoting [164]
- o tool_urlglob: fix build for old gcc versions [25]
- o tool_urlglob: make multiply() bail out on negative values [11]
- o tool_writeout_json: fix JSON encoding of non-ascii bytes [179]
- o transfer: abort pause send when connection is marked for closing [183]
- o transfer: avoid calling the read callback again after EOF [130]
- o transfer: only reset the FTP wildcard engine in CLEAR state [42]
- o url: don't touch the multi handle when closing internal handles [40]
- o url: find scheme with a "perfect hash" [141]
- o url: fix `-Wzero-length-array` with no protocols [147]
- o url: fix builds with `CURL_DISABLE_HTTP` [148]
- o url: protocol handler lookup tidy-up [66]
- o url: proxy ssl connection reuse fix [94]
- o urlapi: avoid null deref if setting blank host to url encode [75]
- o urlapi: skip appending NULL pointer query [74]
- o urlapi: when URL encoding the fragment, pass in the right length [59]
- o urldata: make maxconnects a 32 bit value [166]
- o urldata: move async resolver state from easy handle to connectdata [34]
- o urldata: move cookielist from UserDefined to UrlState [126]
- o urldata: move hstslist from 'set' to 'state' [105]
- o urldata: move the 'internal' boolean to the state struct [39]
- o vssh: remove the #ifdef for Curl_ssh_init, use empty macro
- o vtls: cleanup SSL config management [78]
- o vtls: consistently use typedef names for OpenSSL structs [176]
- o vtls: late clone of connection ssl config [60]
- o vtls: use ALPN "http/1.1" for HTTP/1.x, including HTTP/1.0 [102]
- o VULN-DISCLOSURE-POLICY: escape sequences are not a security flaw [110]
- o windows: use built-in `_WIN32` macro to detect Windows [163]
- o wolfssh: remove redundant static prototypes [168]
- o wolfssl: add default case for wolfssl_connect_step1 switch [49]
- o wolfssl: require WOLFSSL_SYS_CA_CERTS for loading system CA [10]
+ o cmake: fix typo [5]
+ o dist: add tests/errorcodes.pl to the tarball [6]
+ o lib: fix variable undeclared error caused by `infof` changes [2]
+ o sectransp_ make TLSCipherNameForNumber() available in non-verbose config [1]
+ o url: for disabled protocols, mention if found in redirect [7]
 
 This release includes the following known bugs:
 
@@ -215,204 +30,14 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  12932 on github, Alex Bozarth, Alexey Larikov, Alex Klyubin, Ammar Faizi,
-  Andrew Kurushin, Anubhav Rai, boilingoden, calvin2021y on github,
-  Carlos Henrique Lima Melara, Casey Bodley, Charlie C, Dan Fandrich,
-  Daniel Jeliński, Daniel Stenberg, David Benjamin, David Suter, Dmitry Karpov,
-  eeverettrbx on github, Emanuele Torre, Enno Boland, enWILLYado on github,
-  Faraz Fallahi, Gisle Vanem, Goro FUJI, Graham Campbell, Harry Mallon,
-  Harry Sintonen, iconoclasthero, icy17 on github, Jacob Hoffman-Andrews,
-  Jan Alexander Steffens, Jeroen Ooms, Jiehong on github, Jiri Hruska,
-  Junho Choi, Kai Pastor, Kareem, Kartatz on Github, kirbyn17 on hackerone,
-  Lau, lkordos on github, Loïc Yhuel, LoRd_MuldeR, lRoccoon on github,
-  Maksymilian Arciemowicz, Manfred Schwarb, Marcel Raad, Marcin Rataj,
-  Mark Gaiser, Martin Schmatz, Michael Kaufmann, Michał Antoniak, Nico Rieck,
-  Niracler Li, ohyeaah on github, Ophir Lojkine, Paweł Wegner, Philip Heiduck,
-  Ray Satiro, rilysh, Robert Southee, Romain Geissler, Sam James,
-  Samuel Henrique, sd0 on hackerone, Smackd0wn, Sohom Datta, Stefan Eissing,
-  Steven Allen, Tim Hill, Torben Dury, Turiiya, Viktor Szakats,
-  yushicheng7788 on github, z2_, zhengqwe on github, 積丹尼 Dan Jacobson
-  (78 contributors)
+  Cajus Pollmeier, Chris Sauer, Dan Fandrich, Daniel Stenberg,
+  Mauricio Scheffer, Stefan Eissing, Viktor Szakats, Xi Ruoyao, YX Hao
+  (9 contributors)
 
 References to bug reports and discussions on issues:
 
- [1] = https://curl.se/bug/?i=12084
- [2] = https://curl.se/bug/?i=12093
- [3] = https://curl.se/bug/?i=12116
- [4] = https://curl.se/bug/?i=12146
- [5] = https://curl.se/bug/?i=12064
- [6] = https://curl.se/bug/?i=12040
- [7] = https://curl.se/bug/?i=12082
- [8] = https://curl.se/bug/?i=12101
- [9] = https://curl.se/bug/?i=12099
- [10] = https://curl.se/bug/?i=12108
- [11] = https://curl.se/bug/?i=12102
- [12] = https://curl.se/bug/?i=12091
- [13] = https://curl.se/bug/?i=12090
- [14] = https://curl.se/bug/?i=12088
- [15] = https://curl.se/bug/?i=12022
- [16] = https://curl.se/bug/?i=12092
- [17] = https://curl.se/bug/?i=12115
- [18] = https://curl.se/bug/?i=12142
- [19] = https://curl.se/bug/?i=12125
- [20] = https://curl.se/bug/?i=12139
- [21] = https://curl.se/bug/?i=12107
- [22] = https://curl.se/bug/?i=12133
- [23] = https://curl.se/bug/?i=11285
- [24] = https://curl.se/bug/?i=12131
- [25] = https://curl.se/bug/?i=12124
- [26] = https://curl.se/bug/?i=12126
- [27] = https://curl.se/bug/?i=12117
- [28] = https://curl.se/bug/?i=12089
- [29] = https://curl.se/bug/?i=12166
- [30] = https://curl.se/bug/?i=12166
- [31] = https://curl.se/bug/?i=12137
- [32] = https://curl.se/bug/?i=12052
- [33] = https://curl.se/bug/?i=12097
- [34] = https://curl.se/bug/?i=12198
- [35] = https://curl.se/bug/?i=12145
- [36] = https://curl.se/bug/?i=12170
- [37] = https://curl.se/bug/?i=12168
- [38] = https://curl.se/bug/?i=11949
- [39] = https://curl.se/bug/?i=12165
- [40] = https://curl.se/bug/?i=12165
- [41] = https://curl.se/bug/?i=12140
- [42] = https://curl.se/bug/?i=11775
- [43] = https://curl.se/bug/?i=12157
- [44] = https://curl.se/bug/?i=12149
- [45] = https://curl.se/bug/?i=12201
- [46] = https://curl.se/bug/?i=12194
- [47] = https://curl.se/bug/?i=12249
- [48] = https://curl.se/bug/?i=12195
- [49] = https://curl.se/bug/?i=12218
- [50] = https://curl.se/bug/?i=12044
- [51] = https://curl.se/bug/?i=12189
- [52] = https://curl.se/bug/?i=12030
- [53] = https://curl.se/bug/?i=12179
- [54] = https://curl.se/bug/?i=12182
- [55] = https://curl.se/bug/?i=12086
- [56] = https://curl.se/bug/?i=12160
- [57] = https://curl.se/bug/?i=12221
- [58] = https://curl.se/bug/?i=12155
- [59] = https://curl.se/bug/?i=12250
- [60] = https://curl.se/bug/?i=12237
- [61] = https://curl.se/bug/?i=12213
- [62] = https://curl.se/bug/?i=12215
- [63] = https://curl.se/bug/?i=12214
- [64] = https://curl.se/bug/?i=12206
- [65] = https://curl.se/bug/?i=12207
- [66] = https://curl.se/bug/?i=12216
- [67] = https://curl.se/bug/?i=12247
- [68] = https://curl.se/bug/?i=12202
- [69] = https://curl.se/bug/?i=12200
- [70] = https://curl.se/bug/?i=12196
- [71] = https://curl.se/bug/?i=12083
- [72] = https://curl.se/bug/?i=12287
- [73] = https://curl.se/bug/?i=12242
- [74] = https://curl.se/bug/?i=12240
- [75] = https://curl.se/bug/?i=12240
- [76] = https://curl.se/bug/?i=12262
- [77] = https://curl.se/bug/?i=12235
- [78] = https://curl.se/bug/?i=12204
- [79] = https://curl.se/bug/?i=12233
- [80] = https://curl.se/bug/?i=12223
- [81] = https://curl.se/bug/?i=10521
- [82] = https://curl.se/bug/?i=12270
- [83] = https://curl.se/bug/?i=12230
- [84] = https://curl.se/bug/?i=12229
- [85] = https://curl.se/bug/?i=12227
- [86] = https://curl.se/bug/?i=12225
- [87] = https://curl.se/bug/?i=12148
- [88] = https://curl.se/bug/?i=8107
- [89] = https://curl.se/bug/?i=12199
- [90] = https://curl.se/bug/?i=12267
- [91] = https://curl.se/bug/?i=12264
- [92] = https://curl.se/bug/?i=12266
- [93] = https://curl.se/bug/?i=12263
- [94] = https://curl.se/bug/?i=12255
- [95] = https://curl.se/bug/?i=12239
- [96] = https://curl.se/bug/?i=11913
- [97] = https://curl.se/bug/?i=12251
- [98] = https://curl.se/bug/?i=12248
- [99] = https://curl.se/bug/?i=12315
- [100] = https://curl.se/bug/?i=12294
- [101] = https://curl.se/bug/?i=12289
- [102] = https://curl.se/bug/?i=12259
- [103] = https://curl.se/bug/?i=12288
- [104] = https://curl.se/bug/?i=12282
- [105] = https://curl.se/bug/?i=12315
- [106] = https://curl.se/bug/?i=12222
- [107] = https://curl.se/bug/?i=12275
- [108] = https://curl.se/bug/?i=12280
- [109] = https://curl.se/bug/?i=12337
- [110] = https://curl.se/bug/?i=12278
- [111] = https://curl.se/bug/?i=12257
- [112] = https://curl.se/bug/?i=12311
- [113] = https://curl.se/bug/?i=12277
- [114] = https://curl.se/bug/?i=12307
- [115] = https://curl.se/bug/?i=12228
- [116] = https://curl.se/bug/?i=12180
- [117] = https://curl.se/bug/?i=12321
- [118] = https://curl.se/bug/?i=12292
- [119] = https://curl.se/bug/?i=12152
- [120] = https://curl.se/bug/?i=12273
- [121] = https://curl.se/bug/?i=12261
- [122] = https://curl.se/bug/?i=12329
- [123] = https://curl.se/bug/?i=12325
- [124] = https://curl.se/bug/?i=12326
- [125] = https://curl.se/bug/?i=12324
- [126] = https://curl.se/bug/?i=12323
- [127] = https://curl.se/bug/?i=12310
- [128] = https://curl.se/bug/?i=12312
- [129] = https://curl.se/bug/?i=12320
- [130] = https://curl.se/mail/lib-2023-11/0017.html
- [131] = https://curl.se/bug/?i=12318
- [132] = https://curl.se/bug/?i=12317
- [133] = https://curl.se/bug/?i=12365
- [134] = https://curl.se/bug/?i=12356
- [135] = https://curl.se/bug/?i=12346
- [136] = https://curl.se/bug/?i=12362
- [137] = https://curl.se/bug/?i=12357
- [138] = https://curl.se/bug/?i=12353
- [139] = https://curl.se/bug/?i=12191
- [140] = https://curl.se/bug/?i=12400
- [141] = https://curl.se/bug/?i=12347
- [142] = https://curl.se/bug/?i=12399
- [143] = https://curl.se/bug/?i=12352
- [144] = https://curl.se/bug/?i=12351
- [145] = https://curl.se/bug/?i=12350
- [146] = https://curl.se/bug/?i=12345
- [147] = https://curl.se/bug/?i=12344
- [148] = https://curl.se/bug/?i=12343
- [149] = https://curl.se/bug/?i=12338
- [150] = https://curl.se/bug/?i=12402
- [152] = https://curl.se/bug/?i=12410
- [153] = https://curl.se/bug/?i=12299
- [154] = https://curl.se/bug/?i=11647
- [155] = https://curl.se/bug/?i=12388
- [156] = https://curl.se/bug/?i=12424
- [157] = https://curl.se/bug/?i=12452
- [158] = https://curl.se/bug/?i=12449
- [159] = https://curl.se/bug/?i=12407
- [160] = https://curl.se/bug/?i=12387
- [161] = https://curl.se/bug/?i=12384
- [162] = https://curl.se/bug/?i=12378
- [163] = https://curl.se/bug/?i=12376
- [164] = https://curl.se/bug/?i=12409
- [165] = https://curl.se/bug/?i=12382
- [166] = https://curl.se/bug/?i=12375
- [167] = https://curl.se/bug/?i=12403
- [168] = https://curl.se/bug/?i=12381
- [169] = https://curl.se/bug/?i=12374
- [170] = https://curl.se/bug/?i=12374
- [171] = https://curl.se/bug/?i=12374
- [172] = https://curl.se/bug/?i=12331
- [173] = https://curl.se/bug/?i=12367
- [174] = https://curl.se/bug/?i=12440
- [175] = https://curl.se/bug/?i=12448
- [176] = https://curl.se/bug/?i=12439
- [178] = https://curl.se/bug/?i=12435
- [179] = https://curl.se/bug/?i=12434
- [181] = https://curl.se/bug/?i=12431
- [182] = https://curl.se/bug/?i=12430
- [183] = https://curl.se/bug/?i=12428
+ [1] = https://curl.se/bug/?i=12474
+ [2] = https://curl.se/bug/?i=12470
+ [5] = https://curl.se/bug/?i=12464
+ [6] = https://curl.se/bug/?i=12462
+ [7] = https://curl.se/bug/?i=12466
diff --git a/include/curl/curlver.h b/include/curl/curlver.h
index 1ff5de6147ef..3d0c72798141 100644
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -32,13 +32,13 @@
 
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "8.5.0-DEV"
+#define LIBCURL_VERSION "8.5.1-DEV"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 8
 #define LIBCURL_VERSION_MINOR 5
-#define LIBCURL_VERSION_PATCH 0
+#define LIBCURL_VERSION_PATCH 1
 
 /* This is the numeric version of the libcurl version number, meant for easier
    parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will
@@ -59,7 +59,7 @@
    CURL_VERSION_BITS() macro since curl's own configure script greps for it
    and needs it to contain the full number.
 */
-#define LIBCURL_VERSION_NUM 0x080500
+#define LIBCURL_VERSION_NUM 0x080501
 
 /*
  * This is the date and time when the full source package was created. The