Version 1.2.14 (SECURITY RELATED)

SECURITY UPDATE

Oniguruma (the regex library used by libevhtp) was packaged with the source; this was dumb. There were several CVE's recently published that made libevhtp insecure when regex was enabled.

NOTE TO USERS

Libevhtp will no longer ship Oniguruma with the source. Instead, the build process will attempt and find a system-installed version. There is a big red warning if it is not found.

A big thanks must go to @flokli (GitHub) for pointing this out!