Thursday 24th May 2012
Fedora Project
Updated python-crypto to 2.6 in Rawhide:
Fix insecure ElGamal key generation (launchpad bug #985164, CVE-2012-2417)
- Huge documentation clean-up
- Added more tests, including test vectors from NIST 800-38A
Remove broken MODE_PGP, which never actually worked properly
A new mode, MODE_OPENPGP, has been added for people wishing to write OpenPGP implementations (see also launchpad bug #996814)
Fix: getPrime with invalid input causes Python to abort with fatal error (launchpad bug #988431)
Fix: Segfaults within error-handling paths (launchpad bug #934294)
Fix: Block ciphers allow empty string as IV (launchpad bug #997464)
Fix DevURandomRNG to work with Python3's new I/O stack
Remove automagic dependencies on libgmp and libmpir; let the caller disable them using args
- Many other minor bug fixes and improvements
Local Packages
Updated curl to 7.26.0:
nss: the minimal supported version of NSS bumped to 3.12.x
nss: human-readable names are now provided for NSS errors if available
Add a manual page for mk-ca-bundle
Added --post303 and the CURL_REDIR_POST_303 option for CURLOPT_POSTREDIR
smtp: add support for DIGEST-MD5 authentication
pop3: added support for additional pop3 commands
nss: libcurl now uses NSS_InitContext() to prevent collisions if available
- URL parse: reject numerical IPv6 addresses outside brackets
MD5: fix OOM memory leak
OpenSSL cert: provide more details when cert check fails
HTTP: empty chunked POST ended up in two zero size chunks
Fixed a regression when curl resolved to multiple addresses and the first isn't supported
-# progress meter: avoid superfluous updates and duplicate lines
Headers: surround GCC attribute names with double underscores
PolarSSL: correct return code for CRL matches
PolarSSL: include version number in version string
PolarSSL: add support for asynchronous connect
mk-ca-bundle: revert the LWP usage
- IPv6 cookie domain: get rid of the first bracket before the second
connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket fails
OpenSSL: made cert hostname check conform to RFC 6125
HTTP: reset expected DL/UL sizes on redirects
CMake: fix Windows LDAP/LDAPS option handling
CMake: fix MS Visual Studio x64 unsigned long long literal suffix
configure: update detection logic of getaddrinfo() thread-safeness
configure: check for gethostbyname in the watt lib
curl-config.1: fix curl-config usage in example
smtp: Fixed non-escaping of dot character at beginning of line
MakefileBuild.vc: use the correct IDN variable
autoconf: improve handling of versioned symbols
curl.1: clarify -x usage
curl: shorten user-agent
smtp: issue with the multi-interface always sending postdata
compile error with GnuTLS+Nettle fixed
winbuild: fix IPv6 enabled build
Updated libidn to 1.25:
Fix build with MSVC related to _GL_ATTRIBUTE_CONST and _GL_ATTRIBUTE_PURE
Fix compiler warning about ignoring return value from fgets in examples
Ship with a valgrind suppressions file for the strlen issue in the tests
Update gnulib files and translations
Updated libxml2 to 2.8.0
Add lzma compression support
- Various documentation updates
- Lots of portability fixes, particularly for Windows targets
- Lots of bug fixes and other improvements
- I also updated the package to run its test suite during the build
Updated perl-Archive-Tar to 1.86:
Don't use tell on IO::Zlib handles (CPAN RT#64339)
Rebuilt perl-XML-LibXML for libxml2 2.8.0
Updated python-crypto to 2.6 as per the Fedora version