PaulHowarth/Blog/2013-02-06

Wednesday 6th February 2013

Fedora Project

  • Updated perl-Path-Class to 0.31 in Rawhide:

    • Optimization: stringify variables passed to canonpath

    • Optimization: use internal guts when constructing Dirs from Dirs, instead of concatenating and splitting them again with File::Spec

    • Fix grammar error in docs
    • Implement a 'split' parameter for the slurp() method

  • I haven't done a local build of this yet due to compatibility issues with File::Spec 3.25 and earlier, which break builds on anything older than Fedora 10 (CPAN RT#83143)

Local Packages

  • Updated bluefish to 2.2.4 (no release notes from upstream yet)

  • Updated curl to 7.29.0:

    • Fix POP3/IMAP/SMTP SASL buffer overflow vulnerability (CVE-2013-0249)

    • test: offer "automake" output and check for perl better

    • always-multi: always use non-blocking internals
    • imap: added support for sasl digest-md5 authentication
    • imap: added support for sasl cram-md5 authentication
    • imap: added support for sasl ntlm authentication
    • imap: added support for sasl login authentication
    • imap: added support for sasl plain text authentication
    • imap: added support for login disabled server capability
    • mk-ca-bundle: add -f, support passing to stdout and more

    • writeout: -w now supports remote_ip/port and local_ip/port

    • nss: prevent NSS from crashing on client auth hook failure
    • darwinssl: fixed inability to disable peer verification on Snow Leopard and Lion
    • curl_multi_remove_handle: fix memory leak triggered with CURLOPT_RESOLVE

    • SCP: relative path didn't work as documented
    • setup_once.h: HP-UX <sys/socket.h> issue workaround

    • configure: fix cross pkg-config detection

    • runtests: do not add undefined values to @INC

    • build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag

    • multi: fix re-sending request on early connection close
    • HTTP: remove stray CRLF in chunk-encoded content-free request bodies
    • build: fix AIX compilation and usage of events/revents

    • VC Makefiles: add missing hostcheck

    • nss: clear session cache if a client certificate from file is used
    • nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE

    • fix HTTP CONNECT tunnel establishment upon delayed response

    • --libcurl: fix for non-zero default options

    • FTP: reject illegal port numbers in EPSV 229 responses

    • build: use per-target '_CPPFLAGS' for those currently using default

    • configure: fix automake 1.13 compatibility

    • curl: ignore SIGPIPE

    • pop3: added support for non-blocking SSL upgrade
    • pop3: fixed default authentication detection
    • imap: fixed usernames and passwords that contain escape characters
    • packages/DOS/common.dj: remove COFF debug info generation

    • imap/pop3/smtp: fixed failure detection during TLS upgrade
    • pop3: fixed no known authentication mechanism when fallback is required
    • formadd: reject trying to read a directory where a file is expected

    • formpost: support quotes, commas and semicolon in file names

    • docs: update the comments about loading CA certs with NSS
    • docs: fix typos in man pages
    • darwinssl: fix bug where packets were sometimes transmitted twice
    • winbuild: include version info for .dll .exe

    • schannel: Removed extended error connection setup flag
    • VMS: fix and generate the VMS build config


Recent