Upload page content

You can upload content for the page named below. If you change the page name, you can also upload content for another page. If the page name is empty, we derive the page name from the file name.

File to load page content from
Page name
Comment

    PaulHowarth/Blog/2012-01-24

Tuesday 24th January 2012

Fedora Project

  • Updated perl-List-MoreUtils to 0.33 in Rawhide:

    • Updated can_xs to fix a bug in it

Local Packages

  • Updated curl to 7.24.0:

    • curl was vulnerable to a data injection attack for certain protocols (CVE-2012-0036, http://curl.haxx.se/docs/adv_20120124.html)

    • curl was vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL (CVE-2011-3389, http://curl.haxx.se/docs/adv_20120124B.html)

    • CURLOPT_QUOTE: SFTP supports the '*'-prefix now

    • CURLOPT_DNS_SERVERS: set name servers if possible

    • Add support for using nettle instead of gcrypt as gnutls backend

    • CURLOPT_INTERFACE: avoid resolving interfaces names with magic prefixes

    • Added CURLOPT_ACCEPTTIMEOUT_MS

    • configure: add symbols versioning option --enable-versioned-symbols

    • SSL session share: move the age counter to the share object

    • -J -O: use -O name if no Content-Disposition header comes!

    • protocol_connect: show verbose connect and set connect time

    • query-part: ignore the URI part for given protocols

    • gnutls: only translate winsock errors for old versions

    • POP3: fix end of body detection

    • POP3: detect when LIST returns no mails

    • TELNET: improved treatment of options

    • configure: add support for pkg-config detection of libidn

    • CyaSSL 2.0+ library initialization adjustment

    • multi interface: only use non-NULL socker function pointer

    • Call opensocket callback properly for active FTP

    • Don't call close socket callback for sockets created with accept()

    • Differentiate better between host/proxy errors

    • SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5

    • multi: handle timeouts on DNS servers by checking for new sockets

    • CURLOPT_DNS_SERVERS: fix return code

    • POP3: fixed escaped dot not being stripped out

    • OpenSSL: check for the SSLv2 function in configure

    • MakefileBuild: fix the static build

    • create_conn: don't switch to HTTP protocol if tunneling is enabled

    • multi interface: fix block when CONNECT_ONLY option is used

    • Fix connection reuse for TLS upgraded connections

    • Multiple file upload with -F and custom type

    • multi interface: active FTP connections are no longer blocking

    • Android build fix

    • timer: restore PRETRANSFER timing

    • libcurl.m4: fix quoting arguments of AC_LANG_PROGRAM

    • appconnect time fixed for non-blocking connect ssl backends

    • Do not include SSL handshake into time spent waiting for 100-continue

    • Handle dns cache case insensitive
    • Use new host name casing for subsequent HTTP requests

    • CURLOPT_RESOLVE: avoid adding already present host names

    • SFTP mkdir: use correct permission

    • resolve: don't leak pre-populated dns entries

    • --retry: retry transfers on timeout and DNS errors

    • Negotiate with SSPI backend: use the correct buffer for input

    • SFTP dir: increase buffer size counter to avoid cut off file names

    • TFTP: fix resending (again)

    • c-ares: don't include getaddrinfo-using code

    • FTP: CURLE_PARTIAL_FILE will not close the control channel

    • win32-threaded-resolver: stop using a dummy socket
    • OpenSSL: remove reference to openssl internal struct

    • OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option no longer enabled

    • OpenSSL: fix PKCS#12 certificate parsing related memory leak
    • OpenLDAP: fix LDAP connection phase memory leak

    • Telnet: use correct file descriptor for telnet upload

    • Telnet: Remove bogus optimisation of telnet upload

    • URL parse: user name with ipv6 numerical address
    • polarssl: show cipher suite name correctly with 1.1.0

    • polarssl: havege_rand is not present in version 1.1.0 (warning: we still use the old API which is said to be insecure - see: http://polarssl.org/trac/wiki/SecurityAdvisory201102)

    • gnutls: enforced use of SSLv3

  • Updated libcurl7112 to include backported fix for SSL CBC IV vulnerability (CVE-2011-3389); note that libcurl7112 is not vulnerable to CVE-2012-0036 (http://curl.haxx.se/docs/adv_20120124.html)

  • Updated libcurl7155 to include backported fix for SSL CBC IV vulnerability (CVE-2011-3389); note that libcurl7155 is not vulnerable to CVE-2012-0036 (http://curl.haxx.se/docs/adv_20120124.html)

  • Cleaned up and rebuilt perl-Devel-Symdump, perl-File-Find-Rule-Perl, perl-List-MoreUtils, perl-Moose and perl-Test-Synopsis

Recent