#acl PaulHowarth:read,write,admin,revert,delete All:read === Saturday 22nd June 2013 === ==== Fedora Project ==== * Updated `perl-Dist-CheckConflicts` to 0.06 in Rawhide: * Add optional runtime conflict warnings * Require 5.8.1, clean up a few things and add a few more tests * Use `Exporter` instead of `Sub::Exporter` ==== Local Packages ==== * Updated `curl` to 7.31.0: * '''Security Vulnerability''': `curl_easy_unescape()` may parse data beyond the end of the input buffer ([[CVE:2013-2174|CVE-2013-2174]]) * `darwinssl`: add TLS session resumption * `darwinssl`: add TLS crypto authentication * `imap`/`pop3`/`smtp`: added support for `;auth=` in the URL * `imap`/`pop3`/`smtp`: added support for `;auth=` to `CURLOPT_USERPWD` * `usercertinmem.c`: add example showing user cert in memory * `url`: added `smtp` and `pop3` hostnames to the protocol detection list * `imap`/`pop3`/`smtp`: added support for enabling the SASL initial response * `curl -E`: allow to use '`:`' in certificate nicknames * FTP: access files in root dir correctly * `configure`: try `pthread_create` without `-lpthread` * FTP: handle a `230` welcome response * `curl-config`: don't output static libs when they are disabled * `CURL_CHECK_CA_BUNDLE`: don't check for paths when cross-compiling * Various documentation updates * `getinfo.c`: reset `timecond` when clearing session-info variables * `FILE`: prevent an artificial timeout event due to stale speed-check data * `ftp_state_pasv_resp`: connect through proxy also when set by env * `sshserver`: disable `StrictHostKeyChecking` * `ftpserver`: fixed `imap` logout confirmation data * `curl_easy_init`: use less `malloc`s * `smtp`: fixed unknown percentage complete in progress bar * `smtp`: fixed sending of double `CRLF` caused by first in `EOB` * `bindlocal`: move brace out of `#ifdef` * `winssl`: fixed invalid memory access during SSL shutdown * OS X framework: fix invalid symbolic link * OpenSSL: allow empty server certificate subject * `axtls`: prevent memleaks on SSL handshake failures * cookies: only consider full path matches * Revert win32 `MemoryTracking`: `wcsdup()` `_wcsdup()` and `_tcsdup()` * `Curl_cookie_add`: handle IPv6 hosts * `ossl_send`: `SSL_write()` returning `0` is an error too * `ossl_recv`: `SSL_read()` returning `0` is an error too * `digest` auth: escape user names with `\` or `"` in them * `curl_formadd.3`: fixed wrong "end-marker" syntax * `libcurl-tutorial.3`: fix incorrect backslash * `curl_multi_wait`: reduce timeout if the `multi` handle wants to * `tests/Makefile`: typo in the `perlcheck` target * `axtls`: honour disabled `VERIFYHOST` * OpenSSL: avoid double `free` in the PKCS12 certificate code * `multi_socket`: reduce timeout inaccuracy margin * `digest`: support `auth-int` for empty entity body * `axtls`: now done non-blocking * `lib1900`: use `tutil_tvnow` instead of `gettimeofday` * `curl_easy_perform`: avoid busy-looping * `CURLOPT_COOKIELIST`: take cookie share lock * `multi_socket`: react on socket close immediately * Updated `perl-Dist-CheckConflicts` to 0.06 as per the Fedora version ----