Wednesday 26th March 2014
Fedora Project
Updated perl-CPAN-Meta to 2.140640 in Rawhide:
- Improved bad version handling during META conversion
When downgrading multiple licenses to version 1.x META formats, if all the licenses are open source, the downgraded license will be "open_source", not "unknown"
Added a 'load_string' method that guesses whether the string is YAML or JSON
Updated perl-IO-Socket-SSL to 1.973 in Rawhide:
With SSL_ca, certificate handles can now be used in addition to SSL_ca_file and SSL_ca_path
No longer complain if SSL_ca_file and SSL_ca_path are both given; instead, add both as options to the CA store
Shortcut 'issuer' to give both issuer_cert and issuer_key in CERT_create
Updated perl-Scalar-List-Utils to 1.38 in Rawhide:
Skip pairmap()'s MULTICALL implementation 5.8.9/5.10.0 as it doesn't work (CPAN RT#87857)
Comment on the fact that package "0" is defined but false (CPAN RT#88201)
TODO test in t/readonly.t now passes since 5.19.3 (CPAN RT#88223)
Added any, all, none, notall list reduction functions (inspired by List::MoreUtils)
Added List::Util::product()
Added Scalar::Util::unweaken()
- Avoid C99/C++-style comments in XS code
Fix dualvar tests for perl 5.6; fix skip() test counts in dualvar.t
Neater documentation examples of other functions that can be built using reduce
Implement reduce() and first() even in the absence of MULTICALL
- Various documentation changes/updates
Correct uses of overload operators in unit tests (CPAN RT#91969)
Updated perl-Test-Modern to 0.005 in Rawhide:
- Support Perl 5.6.1+
Local Packages
Updated curl to 7.36.0:
- This release includes the following security advisories:
Wrong re-use of connections (CVE-2014-0138)
IP address wildcard certificate validation (CVE-2014-0139)
Not verifying certs for TLS to IP address / Darwinssl (CVE-2014-1263)
Not verifying certs for TLS to IP address / Winssl (CVE-2014-2522)
- This release includes the following changes:
- ntlm: added support for NTLMv2
- Tool: added support for URL specific options
- openssl: add ALPN support
- gtls: add ALPN support
- nss: add ALPN and NPN support
Added CURLOPT_EXPECT_100_TIMEOUT_MS
Tool: add --no-alpn and --no-npn
Added CURLOPT_SSL_ENABLE_NPN and CURLOPT_SSL_ENABLE_ALPN
- winssl: enable TLSv1.1 and TLSv1.2 by default
- winssl: TLSv1.2 disables certificate signatures using MD5 hash
- winssl: enable hostname verification of IP address using SAN or CN
- darwinssl: don't omit CN verification when an IP address is used
http2: build with current nghttp2 version
polarssl: dropped support for PolarSSL < 1.3.0
- openssl: info message with SSL version used
- This release includes the following bugfixes:
- nss: allow to use ECC ciphers if NSS implements them
- netrc: fixed a memory leak in an OOM condition
- ftp: fixed a memory leak on wildcard error path
pipeline: fixed a NULL pointer dereference on OOM
- nss: prefer highest available TLS version
100-continue: fix timeout condition
ssh: fixed a NULL pointer dereference on OOM condition
- formpost: use semicolon in multipart/mixed
--help: add missing --tlsv1.x options
- formdata: fixed memory leak on OOM condition
ConnectionExists: reusing possible HTTP+NTLM connections better
- mingw32: fix compilation
- Chunked decoder: track overflows correctly
curl_easy_setopt.3: add CURL_HTTP_VERSION_2_0
- dict: fix memory leak in OOM exit path
valgrind: added suppression on optimized code
curl: output protocol headers using binary mode
- Tool: added URL index to password prompt for multiple operations
ConnectionExists: re-use non-NTLM connections better
axtls: call ssl_read repeatedly
multi: make MAXCONNECTS default 4 x number of easy handles function
configure: fix the --disable-crypto-auth option
multi: ignore SIGPIPE internally
curl.1: update the description of --tlsv1
SFTP: skip reading the dir when NOBODY=1
easy: fixed a memory leak on OOM condition
- Tool: fixed incorrect return code when setting HTTP request fails
configure: tiny fix to honour POSIX
Tool: do not output libcurl source for the information-only parameters
Rework Open Watcom make files to use standard Wmake features
x509asn: moved out Curl_verifyhost from NSS builds
configure: call it GSS-API
hostcheck: Curl_cert_hostcheck is not used by NSS builds
multi_runsingle: move timestamp into INIT
remote_port: allow connect to port 0
parse_remote_port: error out on illegal port numbers better
ssh: pass errors from libssh2_sftp_read up the stack
- docs: remove documentation on setting up krb4 support
- polarssl: build fixes to work with PolarSSL 1.3.x
polarssl: fix possible handshake timeout issue in multi
- nss: allow to enable/disable cipher-suites better
- ssh: prevent a logic error that could result in an infinite loop
- http2: free resources on disconnect
- polarssl: avoid extra newlines in debug messages
rtsp: parse "Session:" header properly
trynextip: don't store 'ai' on failed connects
Curl_cert_hostcheck: strip trailing dots in host name and wildcard
Updated perl-IO-Socket-SSL to 1.973 as per the Fedora version
Updated perl-Test-Modern to 0.005 as per the Fedora version