Tuesday 8th May 2012
Fedora Project
Updated perl-Compress-Raw-Zlib to 2.054 in Rawhide:
Fix build issue on Win32 (CPAN RT#77030)
Updated perl-IO-Socket-SSL to 1.70 in Rawhide:
Changes for CPAN RT#76929:
If no explicit cipher list is given, default to ALL:!LOW instead of the openssl default, which usually includes weak ciphers like DES
New config key SSL_honor_cipher_order and document how to use it to fight BEAST attack
- Fix behaviour for empty cipher list (use default)
Re-added workaround in t/dhe.t
Make it possible to disable protocols using SSL_version, and make SSL_version default to 'SSLv23:!SSLv2'
Local Packages
Updated dovecot to 2.1.6:
Session ID is now included by default in auth and login process log lines; it can be added to mail processes also by adding %{session} to mail_log_prefix
Added ssl_require_crl setting, which specifies if CRL check must be successful when verifying client certificates
Added mail_shared_explicit_inbox setting to specify if a shared INBOX should be accessible as "shared/$user" or "shared/$user/INBOX"
v2.1.5: using "~/" as mail_location or elsewhere failed to actually expand it to home directory
dbox: fixed potential assert-crash when reading dbox files
trash plugin: fixed behaviour when quota is already over limit
mail_log plugin: logging "copy" event didn't work
- Proxying to backend server with SSL: verifying server certificate name always failed, because it was compared to an IP address
Updated perl-Compress-Raw-Zlib to 2.054 as per the Fedora version
Updated perl-Error to 0.17018:
Add a $VERSION variable for Error::Simple
Add scripts/bump-version-number.pl, which can be used to bump the version numbers globally
Updated perl-IO-Socket-SSL to 1.70 as per the Fedora version
Updated perl-Moose to 2.0602:
Ensure that the Moose::Exporter-generated init_meta returns the same value that it did previously; this isn't really a bug, since the return value has never been tested or documented, but since the generated init_meta is nothing more than a compatibility shim at this point, there's no reason to not make it as compatible as possible