0.5.28

• Fix potential memory leaks

• Fix string truncation compile warning

0.5.27

• Folded header field can be parsed as separate if there are no data available to peek into [#159]

• libhtp crash at deal multiple decompression [#158]

• Fix configure flag handling

• Fix auth/digist header parsing out of bounds read [#169]

0.5.26

• allow missing requests [#128, #163]

• fix memory leak when response line is body [#161]

• fix build on MinGW [#162]

• fix gcc7 compiler warnings [#157]

0.5.25

• underscore in htp_validate_hostname [#149]

• fix SONAME issue [#151]

• remove unrelated docbook code from tree [#153]

0.5.24

• fix HTTP connect handling issue [#150]

0.5.20

• compression: support multiple layers of compressed content [#133]
• compression: opportunistic decompression [#137]
• compression: implement rfc1950 deflate [#136]
• chunked: handle mismatch between header and body [#135]
• chunked: handle malformed chunked lengths [#134]

0.5.19

This is minor bug-fix release:

• configure: improve strlcpy/strlcat checks [Victor Julien]
• Fix uninitialized htp_tx_t::is_last value in htp_decompressors.c [Fedor Sakharov]
• headers: fix memory leak on malformed headers [Victor Julien]
• connect: handle response headers with 200 response [Victor Julien]

0.5.18

This is a minor bug-fix release:

• Fixed [#120] Trigger request line parsing on
  incomplete request [Victor Julien]
• Fixed [#119] Fix uninitialized htp_tx_t::is_last value
  in in htp_tx_res_process_body_data_ex() [Fedor Sakharov]
• Fixed [#118] Coverity-identified missing break in switch [Sam Baskinger]
• Fixed [#117] Coverity-identified issue of not checking
  malloc() return value [Sam Baskinger]
• Fixed [#116] Fix coverity-identified leaked file descriptors
  in unit test [Sam Baskinger]
• Fixed [#113] fix pkgconfig include dir [Eric Leblond]
• Fixed [#111] Connect plain http [Victor Julien]
• Fixed [#105] Do not invoke callbacks in htp_req_run_hook_body_data()
  when there is no tx running. [Sam Baskinger]
• Fixed [#104] Modifiying HTTP methods to be rfc3253 compliant [Andreas Moe]
• Fixed [#103] Fixes [Victor Julien]
• Fixed [#101] Make including the autoconf config header safer [Brian Rectanus]

0.5.17

This is a minor bug-fix release:

• Fix URI parsing for non-std 'space' chars
  [Fixed by Victor Julien / Reported by Darien Huss from Emerging Threats]
• Fixing buffer overrun that was failing clang
  -fsanitize=address checks [Sam Baskinger]
• Replace strcat/sprintf by strlcat/snprintf [Giuseppe Longo]
• Fix autogen on CentOS 5.11 [Victor Julien]
• Fix dereferencing type-punned pointer on CentOS 5.11 [Giuseppe Longo]
• Fix warning on OpenBSD [Giuseppe Longo]

0.5.16

This release brings some improvements:

• Request line leading space handling [https://github.com//pull/81] [Victor Julien]
• Harden decompress code against memory stress [https://github.com//pull/84] [Victor Julien]