Paul's Blog Entries for June 2013
Saturday 1st June 2013
Fedora Project
Updated perl-IO-Socket-SSL to 1.94 in Rawhide:
Makefile.PL reported wrong version of openssl if Net::SSLeay was not installed, instead of reporting a missing dependency of Net::SSLeay
Updated perl-Module-Build-Tiny to 0.022 in Rawhide:
Fix dirname code for top-level XS modules
Local Packages
Updated perl-IO-Socket-SSL to 1.94 as per the Fedora version
Updated perl-Module-Build-Tiny to 0.022 as per the Fedora version
Friday 7th June 2013
Fedora Project
Became owner of perl-AnyEvent in F-19 and Rawhide after its current owner orphaned it
Updated perl-Module-Signature to 0.73 in F-17, F-18, F-19, Rawhide, EPEL-5 and EPEL-6:
Constrain the user-specified digest name to /^\w+\d+$/
Only allow loading Digest::* from absolute paths in @INC (CVE-2013-2145)
Local Packages
Updated perl-Module-Signature to 0.73 as per the Fedora version
Saturday 8th June 2013
Fedora Project
Updated perl-Net-SSLeay to 1.55 in Rawhide:
Added support for TLSV1_1 and TLSV1_2 methods with SSL_CTX_tlsv1_1_new(), SSL_CTX_tlsv1_2_new(), TLSv1_1_method() and TLSv1_2_method(), where available in the underlying openssl
Added CRL support functions X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_count()`
Fixed a problem that could cause content with a value of '0' to be incorrectly encoded by do_httpx3 and friends (CPAN RT#85417)
Added support for SSL_get_tlsa_record_byname(), required for DANE support in openssl-1.0.2 and later
Testing with openssl-1.0.2-stable-SNAP-20130521
Added X509_NAME_new and X509_NAME_hash
Local Packages
Updated perl-Net-SSLeay to 1.55 as per the Fedora version
Sunday 9th June 2013
Local Packages
Updated libidn to 1.27:
- Java library can be built using Maven
- Speed improvements
Update gnulib files and translations
Updated perl-DBD-SQLite to 1.39 (see Changes for details)
The bundled copy of sqlite is used in this package unless the system version is 3.7.13 or later, as I seem to get compile errors with anything older
Monday 10th June 2013
Fedora Project
Updated GeoIP in Rawhide to clean up various things after co-maintainer Philip did most of the work in updating to the new upstream release 1.5.0, use upstream's free databases and add a GeoIP-update sub-package to update those databases on a weekly basis
- I also did updates and built the same package for F-17, F-18, F-19 and EPEL-6, but no updates have been submitted yet
A file conflict with the geoip-geolite package has occurred and that will need to be resolved before any further progress is made
Local Packages
Updated GeoIP as per the Fedora version
Updated perl-Text-CSV_XS to 0.99:
- Clarify eol documentation
Move error_input to XS
If no arguments are passed at all, bind_columns will return the list of current bindings or undef if no binds are active
Tuesday 11th June 2013
Fedora Project
Updated perl-BerkeleyDB to 0.52 in Rawhide:
Updates for BDB 6.0 - added Blob support
Added BerkeleyDB::DbStream class to interface to Blobs
Added BlobThreshold and BlobDir options to BerkeleyDB::Env constructor
Added BlobThreshold and BlobDir options to Hash, Btree and Heap constructors
Added get_blob_threshold method to BerkeleyDB::Env
Added get_blob_dir method to BerkeleyDB::Env
Added get_blob_threshold method to Hash, Btree and Heap
Added get_blob_dir method to Hash, Btree and Heap
Added method $cursor->set_partial
Added method $cursor->partial_clear
Fixed $env->lock_detect dies due to incorrect version check (CPAN RT#84179)
Fixed memory leak in db_verify() method with libdb < 4.2 (CPAN RT#84409)
Fixed a few croaks
Updated perl-Data-Section-Simple to 0.05 in Rawhide:
Revert from Module::Build::Tiny flow to ExtUtils::MakeMaker flow
Local Packages
Updated cdrtools to 3.01 alpha release 15
Updated perl-BerkeleyDB to 0.52 as per the Fedora version
Updated perl-CPAN-Meta to 2.131560:
Replaced CPAN::Meta SYNOPSIS with code that actually works
Updated perl-Data-Section-Simple to 0.05 as per the Fedora version
Updated perl-XML-SAX to add perl(Fatal) as a build requirement for its test suite - this module has recently been unbundled from the main perl package
Updated perl-YAML-Tiny to tweak its metadata (it build-requires at least perl 5.6, not 5.4) so as to be able to pass its release tests with a current version of Perl::MinimumVersion
Wednesday 12th June 2013
Fedora Project
Updated gtkwave to 3.3.47 in Rawhide:
Deprecated loader
- Partial VCD loader fix for small files
Added preliminary do-nothing generate support in vermin
Fixed minmax_valid for partial VCD loader: affects scaling on floating-point traces
Updated perl-Module-Build-Tiny to 0.023 in Rawhide:
Implement --pureperl-only
- Skip compilation test when not having a compiler
Local Packages
Updated gtkwave to 3.3.47 as per the Fedora version
Updated perl-IPC-Run3 to 0.046:
Replace a die with a croak
- Typo fixes in documentation
Updated perl-JSON to 2.59:
PUREPERL_ONLY support was not supported... and finally remove all PP options from Makefile.PL
Recommend JSON::XS instead of conditionally requiring it (for example, $ cpanm --with-recommends JSON)
- Hide more packages from PAUSE (and other stuff)
Updated perl-Module-Build-Tiny to 0.023 as per the Fedora version
Updated perl-Params-Validate to 1.08:
The handling of defaults in the XS version of validate_pos was broken: the defaults were simply pushed into the returned array, rather than being explicitly stored in the right index based on the order of the specs passed to validate_pos() (CPAN RT#83780)
Updated unrar to upstream source release 5.0.6 (still 5.00 beta 5)
Thursday 13th June 2013
Fedora Project
Updated perl-Sendmail-PMilter in F-18, F-19 and Rawhide to fix some process control issues:
Reset SIGCHLD handler in milters (CPAN RT#85826, Bug #970138)
Block instead of erroring on max children (CPAN RT#85833, Bug #970197)
Local Packages
Updated GeoIP to 1.5.1
Updated perl-Sendmail-PMilter as per the Fedora version
Updated perl-Text-CSV_XS to 1.00:
Fix automatic UTF-8 in getline/parse for SV's with \0
Friday 14th June 2013
Fedora Project
Updated perl-Test-Version in F-19 and Rawhide to fix a couple of the author tests that fail with current test modules:
Disable Test::Kwalitee's "use_strict" test
Schwern not in dictionary
Local Packages
Updated perl-Test-Version as per the Fedora version
Saturday 15th June 2013
Fedora Project
Updated perl-Sub-Exporter to 0.986 in Rawhide:
- Typo fixes in documentation
Updated proftpd to 1.3.4d in Rawhide:
Fixed broken build when using --disable-ipv6 configure option
Fixed mod_sql "SQLAuthType Backend" MySQL issues
Various other bugs fixed - see NEWS for details
Local Packages
Updated perl-Sub-Exporter to 0.986 as per the Fedora version
Updated proftpd to 1.3.4d as per the Fedora version
Monday 17th June 2013
Fedora Project
Updated proftpd in Rawhide to prevent spurious log messages at session end like these (upstream bug #3945):
Jun 15 13:53:00 goalkeeper proftpd[20063]: goalkeeper.intra.city-fan.org (zion.city-fan.org[2001:470:9279::2]) - ROOT PRIVS: unable to setegid(): Operation not permitted Jun 15 13:53:00 goalkeeper proftpd[20063]: goalkeeper.intra.city-fan.org (zion.city-fan.org[2001:470:9279::2]) - RELINQUISH PRIVS: unable to seteuid(session.uid): Operation not permitted Jun 15 13:53:00 goalkeeper proftpd[20063]: goalkeeper.intra.city-fan.org (zion.city-fan.org[2001:470:9279::2]) - FTP session closed.
Updated proftpd in F-17, F-18 and F-19 to 1.3.4d as per the Rawhide version
Local Packages
Updated dovecot to 2.2.3:
LDA/LMTP: if new mail delivery first fails with "temporary failure", tempfail the whole delivery instead of falling back to delivering the mail to INBOX
doc/solr-schema.xml was updated to Solr v4.x format; also, the default analyzers were changed, hopefully for the better (note that the schema can't be changed for existing Solr indexes without rebuilding everything)
- Solr plugin does only soft commits from now on; you'll need a cronjob to send a hard commit command to it every few minutes
Added %N modifier for variables as %H-like "new hash"
sdbox, mdbox: support POP3 message order field (for migrations)
Added mailbox { driver } to specify a different mail storage format for the mailbox than generally used within the namespace
Added initial lib-sasl library for client side SASL support; it currently supports only PLAIN, LOGIN and plugin, and is used currently by IMAP and POP3 proxying when authenticating to the remote server
IMAP: if subject contained only whitespace, Dovecot returned an ENVELOPE reply with a huge literal value, effectively causing the IMAP client to wait for more data forever
IMAP: various URLAUTH fixes
imapc: various bugfixes and improvements
pop3c: various fixes to make it work in dsync (without imapc)
dsync: fixes to syncing subscriptions and fixes to syncing mailbox renames
Updated perl-SQL-Statement to 1.405:
INSERT now expands incomplete rows
Updated perl-Text-CSV_XS to 1.01:
Cache not re-read on getline_all (CPAN RT#86155)
Updated proftpd to address upstream bug #3945 as per the Fedora version
Tuesday 18th June 2013
Local Packages
Updated perl-Archive-Tar to 1.92:
- Typo fixes
Updated perl-Set-Scalar to 1.26:
Fixed "Set::Scalar::Valued" (CPAN RT#69037)
Add more whitespace in examples to show "picture" of operations (CPAN RT#54172, CPAN RT#54173)
Wednesday 19th June 2013
Local Packages
Updated java-1.7.0-oracle to Java SE 7 Update 25 (see OracleJava7OnFedora):
Multiple security and other fixes; see release notes at http://www.oracle.com/technetwork/java/javase/7u25-relnotes-1955741.html
Updated tzupdater to 1_3_56-2013c
Updated perl-Mixin-Linewise to 0.004:
Repackaged using Dist::Zilla
Thursday 20th June 2013
Fedora Project
Updated perl-Data-Section to 0.101622 in Rawhide:
Add a link to an Advent article about Data-Section
- Update bugtracker, repo, etc.
Updated perl-Perl-Critic in Rawhide to have a build requirement of perl(Fatal), which is needed for the test suite and is no longer pulled in by the main perl package
Local Packages
Updated libgcrypt to silence a false error detected by valgrind (Bug #968288)
Updated perl-Data-Section to 0.101622 as per the Fedora version
Updated perl-Params-Check to 0.38 (typo fixes)
Updated perl-Perl-Critic as per the Fedora version
Updated unrar to 5.00 beta 6
Friday 21st June 2013
Fedora Project
Updated perl-Test-Assert in Rawhide to fix a failure in the perlcritic test (it didn't like there being a sub called unimport)
Updated perl-Test-CheckDeps to 0.006 in Rawhide:
Require CPAN::Meta::Check ≥ 0.004
Explicitly require CPAN::Meta ≥ 2.120920
Switch to Module::Build::Tiny
Local Packages
Updated perl-HTML-Tidy to fix the license tag, as HTML::Tidy::Message uses the perl license (the rest is Artistic 2.0)
Updated perl-Module-CoreList to 2.92:
Make switches case-sensitive (keep -d and -D distinct)
Correct omission of Text::Soundex and File::CheckTree from deprecations
Switch %deprecated to a delta hash
Added Utils module
Updated perl-Test-Assert as per the Fedora version
Updated perl-Test-CheckDeps to 0.006 as per the Fedora version
Saturday 22nd June 2013
Fedora Project
Updated perl-Dist-CheckConflicts to 0.06 in Rawhide:
- Add optional runtime conflict warnings
- Require 5.8.1, clean up a few things and add a few more tests
Use Exporter instead of Sub::Exporter
Local Packages
Updated curl to 7.31.0:
Security Vulnerability: curl_easy_unescape() may parse data beyond the end of the input buffer (CVE-2013-2174)
darwinssl: add TLS session resumption
darwinssl: add TLS crypto authentication
imap/pop3/smtp: added support for ;auth=<mech> in the URL
imap/pop3/smtp: added support for ;auth=<mech> to CURLOPT_USERPWD
usercertinmem.c: add example showing user cert in memory
url: added smtp and pop3 hostnames to the protocol detection list
imap/pop3/smtp: added support for enabling the SASL initial response
curl -E: allow to use ':' in certificate nicknames
- FTP: access files in root dir correctly
configure: try pthread_create without -lpthread
FTP: handle a 230 welcome response
curl-config: don't output static libs when they are disabled
CURL_CHECK_CA_BUNDLE: don't check for paths when cross-compiling
- Various documentation updates
getinfo.c: reset timecond when clearing session-info variables
FILE: prevent an artificial timeout event due to stale speed-check data
ftp_state_pasv_resp: connect through proxy also when set by env
sshserver: disable StrictHostKeyChecking
ftpserver: fixed imap logout confirmation data
curl_easy_init: use less mallocs
smtp: fixed unknown percentage complete in progress bar
smtp: fixed sending of double CRLF caused by first in EOB
bindlocal: move brace out of #ifdef
winssl: fixed invalid memory access during SSL shutdown
- OS X framework: fix invalid symbolic link
- OpenSSL: allow empty server certificate subject
axtls: prevent memleaks on SSL handshake failures
- cookies: only consider full path matches
Revert win32 MemoryTracking: wcsdup() _wcsdup() and _tcsdup()
Curl_cookie_add: handle IPv6 hosts
ossl_send: SSL_write() returning 0 is an error too
ossl_recv: SSL_read() returning 0 is an error too
digest auth: escape user names with \ or " in them
curl_formadd.3: fixed wrong "end-marker" syntax
libcurl-tutorial.3: fix incorrect backslash
curl_multi_wait: reduce timeout if the multi handle wants to
tests/Makefile: typo in the perlcheck target
axtls: honour disabled VERIFYHOST
OpenSSL: avoid double free in the PKCS12 certificate code
multi_socket: reduce timeout inaccuracy margin
digest: support auth-int for empty entity body
axtls: now done non-blocking
lib1900: use tutil_tvnow instead of gettimeofday
curl_easy_perform: avoid busy-looping
CURLOPT_COOKIELIST: take cookie share lock
multi_socket: react on socket close immediately
Updated perl-Dist-CheckConflicts to 0.06 as per the Fedora version
Sunday 23rd June 2013
Fedora Project
Updated perl-IO-Socket-INET6 to 2.71 in Rawhide (typo fixes - CPAN RT#73143, CPAN RT#86344)
Local Packages
Updated libxslt to move lots of API docs from the main package to the devel package
Updated perl-IO-Socket-INET6 to 2.71 (typo fixes - CPAN RT#86344)
Updated perl-Symbol-Util to tweak the perlcritic test, which has discovered something to moan about (a sub called unimport)
Monday 24th June 2013
Local Packages
Updated curl to add an upstream patch for test1230 to avoid using a hard-wired port number
Updated libcurl7112 and libcurl7155 to backport fixes for cookie domain tailmatch vulnerability (CVE-2013-1944) and libcurl URL decode buffer boundary flaw (CVE-2013-2174)
Updated perl-autodie to 2.20:
- SPEED/INTERNAL: Less time is spent computing prototypes
- SPEED/INTERNAL: Leak guards are more efficient
SPEED: Expanding tags (e.g.: qw(:all)) is now faster; this also improves the speed of checking autodying code with Perl::Critic
- INTERNAL: Expanding of tags is faster and preserves order
Tuesday 25th June 2013
Local Packages
Updated dovecot to 2.2.4:
doveadm: added "flags" command to modify message flags
doveadm: added "deduplicate" command to expunge message duplicates
dsync: show the state in process title with verbose_proctitle=yes
imap/pop3 proxy: master user logins were broken in v2.2.3
sdbox/mdbox: a corrupted index header with wrong size was never automatically fixed in v2.2.3
mbox: fixed assert-crashes related to locking
Updated nmap to use an svn snapshot that contains all a bunch of UDP patches
Updated perl-Data-Visitor to 0.30:
- The class callbacks to be run for an object are now chosen once, at the start of visiting that object (needed for consistency in the presence of hash order randomization)
Wednesday 26th June 2013
Local Packages
New package libmetalink (0.1.2)
Updated perl-BSD-Resource to 1.2905:
Typo fixes (CPAN RT#86334)
Disable user/system timing tests if workload accumulates too little time (CPAN RT#62504)
Try harder to burn enough user and system time in getrusage.t, and re-factor the "burn some cpu" utility into t/burn.pl so that it can be used in t/times.t as well
Fix test mis-numbering in NetBSD for t/setrlimit.t
- Silence compilation warnings coming from Perl 5.18.0
- Clarify the license to be Artistic 2.0 or LGPL 2.0
Regenerate ppport.h with Perl 5.18.0
Updated perl-Digest-SHA to 5.85:
Workaround for repeated calls to shaclose (CPAN RT#86295)
Corrected typos in shasum script (CPAN RT#85430)
Thursday 27th June 2013
Local Packages
Updated curl to build with metalink support
Friday 28th June 2013
Fedora Project
Updated perl-Mail-SPF to fix a couple of FTBFS issues in Rawhide:
Fix broken POD (CPAN RT#86060)
Work around test suite failures with Net::DNS ≥ 0.68 (CPAN RT#78214)
Local Packages
Updated perl-Locale-Maketext-Lexicon to 0.96:
Handle Haml blocks too
Updated perl-Mail-SPF as per the Fedora version
Saturday 29th June 2013
Fedora Project
Updated perl-Test-Kwalitee to 1.07 in Rawhide:
Now the indicators are run in the exact order they are returned from Module::CPANTS::Kwalitee::*, as some tests depend on the results of earlier tests
- Synopsis updated to recommend a better way to run this module, ensuring that it is not run by cpantesters or at installation time
- We no longer create a function in our namespace for every metric we are going to test; this should not break anyone, as these subs were never documented as part of the public API
Switch to Module::Build::Tiny flow
Local Packages
New package perl-namespace-autoclean (0.13)
New package perl-Test-CleanNamespaces (0.03)
Updated perl-Test-Kwalitee to 1.07 as per the Fedora version
Sunday 30th June 2013
Fedora Project
Updated perl-Module-Build-Tiny to 0.024 in Rawhide:
- Generate man pages in the correct section
Updated rbldnsd to 0.997 in Rawhide:
- Main feature of this version is ipv6 support
Feature: ip6trie - new dataset supports listing of arbitrary length ip6 CIDRs, along with individual A/TXT values for each prefix
Feature: ip6tset - new dataset supports listing of ip6 /64 subnets and the exclusion of /128 subnets; only supports a single A/TXT value for the entire dataset
Optimization: ip4trie - using new trie implementation (developed for the ip6trie dataset) decreases memory consumption by roughly a factor of three
Feature: acl dataset - ip6 addresses are now supported in ACLs
Feature: added --enable-asserts configure option to enable compilation of debugging assertions; assertion checking is disabled by default
Featurette: zero-length "wildcard" IP4 CIDR prefixes are now allowed in ip4trie and acl datasets
Local Packages
Updated perl-IPC-Cmd to 0.82:
- Typo fixes
Updated perl-Module-Build-Tiny to 0.024 as per the Fedora version
Updated php-Smarty to 3.1.14:
Bugfix: wrong tag type in smarty_internal_templatecompilerbase.php could cause wrong plugin search order (Forum Topic 24028)
Bugfix: nocache blocks could be lost when using CACHING_LIFETIME_SAVED (Issue #133)
- Bugfix: Compile ID gets nulled when compiling child blocks (Issue #134)
- Bugfix: post filter must not run when compiling inheritance child blocks (Forum Topic 24094)
- Bugfix: after the fix for Issue #130, compiler exceptions got double escaped (Forum Topic 24199)
Bugfix: escape and wordrap modifier could be compiled into wrong code when used in {nocache}{/nocache} section but caching is disabled (Forum Topic 24260)
Bugfix: modifier strip_tags:true was compiled into wrong code (Forum Topic 24287)
Bugfix: /n after ?> in Smarty.class.php started output buffering (Issue 138)
Enhancement: an expire_time of -1 in clearCache() and clearAllCache() will delete outdated cache files by their individual cache_lifetime used at creation (forum topic 24310)
Fixed spelling in sources and documentation (from smarty-developers forum)
Enhancement: added constant SMARTY::CLEAR_EXPIRED (Forum topic 24310)
Bugfix: added smarty_security.php to composer.json (Issue 135)
Bugfix: removed PHP 5.5 deprecated preg_replace /e option in modifier capitalize (Forum topic 24389)
Updated rbldnsd to 0.997 as per the Fedora version