Sunday 8th June 2025

Fedora Project

• Updated perl-Modern-Perl to 1.20250607 in Rawhide:

  • Update for 2025 year bundle
  • Enhance documentation to discourage this module for v5.38 and newer

Friday 6th June 2025

Fedora Project

• Updated perl-Business-ISBN-Data to 20250605.001 in Rawhide:

  • Data update for 2025-06-05

• Updated perl-File-Find-Rule to 0.35 in EPEL-10.0 and EPEL-10.1:

  • Use 3-argument version of open() to avoid arbitrary code execution vulnerability (GH#4, CVE-2011-10007)

Local Packages

• Updated perl-File-Find-Rule to 0.35 as per the EPEL version

Wednesday 4th June 2025

Fedora Project

• Updated curl to 8.14.1:

  • asyn-thrdd: Fix clean-up when RR fails due to OOM

  • autotools: Recognize more Linux targets when setting '-D_GNU_SOURCE'

  • BUG-BOUNTY.md: Mention the medium bounty amount in 2025

  • cmake: Fix missed version number for multi-pkg-config detections
  • cmdline-docs: Mention HTTP resumed uploads to be shaky

  • curl: make -N handled correctly

  • curl: Upload from '.' fix

  • dllmain: Exclude from Cygwin builds

  • docs/tests: Remove mention of hyper

  • docs: Fix typos

  • ftp: Fix tear-down of DATA connection in done

  • http: Fail early when rewind of input failed when following redirects
  • license: Update some copyright links to curl.se

  • memanalyze.pl: Fix getaddrinfo/freeaddrinfo checks

  • misc: Fix spelling

  • misc: We write an IPv6 address

  • multi: Fix add_handle resizing

  • spelling: 'a' vs. 'an'
  • spelling: Call it null-terminate consistently

  • test1510: Fix expectation

  • tests: Await portfile to be complete

  • tests: Fix checks for https-mtls proto

  • tests: Improve server start reliability

  • tests: Move test docs into /docs

  • tests: Re-enable 1510, document heimdal memleak
  • tests: Test mtls also with clientAuth EKU only

  • tests: Test mtls with --insecure

  • tls BIOs: Handle BIO_CTRL_EOF correctly

  • tool_getparam: Make --no-anyauth not be accepted

  • tool_getparam: Refactored, simplified

  • tool_getparam: Remove two nextarg NULL checks

  • VULN-DISCLOSURE-POLICY.md: The distros list wants ≤ 7 days embargo

  • wolfssl: Fix sending of early data

  • ws: Handle blocked sends better (CVE-2025-5399)

  • ws: Tests and fixes

Tuesday 3rd June 2025

Fedora Project

• Updated perl-IO-Socket-SSL to 2.090 in Rawhide:

  • Fix OCSP live test after Let's Encrypt has disabled OCSP support (GH#169)

  • public_suffix now preserves trailing dot (GH#167)

Local Packages

• Updated perl-IO-Socket-SSL to 2.090 as per the Fedora version

Thursday 29th May 2025

Local Packages

• Updated curl (8.14.0) to fix regression: curl_multi_add_handle() returning OOM when using more than 400 handles (GH#17475)

• Updated perl-Module-CoreList to 5.20250528:

  • Updated for v5.41.13