Thursday 6th November 2014
Fedora Project
Updated perl-Cpanel-JSON-XS to 3.0105 in Rawhide:
Minor doc improvements (GH#25)
Fix d_Gconvert test in t/11_pc_expo.t for 5.6
Updated perl-IO-All to 0.81 in F-21 and Rawhide:
- Make the Role Call list link to their doc sections
- Fixed a doc formatting bug
Built perl-Net-CIDR-Lite (0.21) for EPEL (Bug #1160801)
Updated perl-Path-Tiny to 0.060 in F-21, Rawhide and EPEL-7:
Added 'truncate' option to append for in-place replacement of file contents
Local Packages
Updated curl to 7.39.0; I had to disable test 2034 (https with certificate pinning) on EL-5/6 until such time as we can figure out why it breaks (http://curl.haxx.se/mail/lib-2014-11/0040.html):
- SSLv3 is disabled by default
CURLOPT_COOKIELIST: added "RELOAD" command
Build: added WinIDN build configuration options to Visual Studio projects
ssh: improve key file search
SSL: public key pinning - use CURLOPT_PINNEDPUBLICKEY and --pinnedpubkey
vtls: remove QsoSSL support, use gskit!
mk-ca-bundle: added SHA-384 signature algorithm
Docs: added many examples for libcurl opts and other doc improvements
Build: added VC ssh2 target to main Makefile
MinGW: added support to build with nghttp2
NetWare: added support to build with nghttp2
Build: added Watcom support to build with WinSSL
- Build: added optional specific version generation of VC project files
curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds
openssl: build fix for versions < 0.9.8e
- Newlines: fix mixed newlines to LF-only
ntlm: fixed HTTP proxy authentication when using Windows SSPI
sasl_sspi: fixed unicode build
file: reject paths using embedded %00
threaded-resolver: revert Curl_expire_latest() switch
configure: allow --with-ca-path with PolarSSL too
HTTP/2: fix busy loop when EOF is encountered
CURLOPT_CAPATH: return failure if set without backend support
nss: do not fail if a CRL is already cached
smtp: fixed intermittent "SSL3_WRITE_PENDING: bad write retry" error
- Fixed 20+ nits/memory leaks identified by Coverity scans
curl_schannel.c: fixed possible memory or handle leak
multi-uv.c: call curl_multi_info_read() better
Cmake: check for OpenSSL before OpenLDAP
Cmake: fix library list provided to cURL tests
Cmake: avoid cycle directory dependencies
Cmake: build with GSS-API libraries (MIT or Heimdal)
vtls: provide backend defines for internal source code
nss: fix a connection failure when FTPS handle is reused
tests/http_pipe.py: Python 3 support
Cmake: build tool_hugehelp (ENABLE_MANUAL)
Cmake: enable IPv6 by default if available
Tests: move TESTCASES to Makefile.inc, add show for cmake
ntlm: avoid unnecessary buffer allocation for SSPI based type-2 token
ntlm: fixed empty/bad base-64 decoded buffer return codes
ntlm: fixed empty type-2 decoded message info text
Cmake: add CMake/Macros.cmake to the release tarball
Cmake: add SUPPORT_FEATURES and SUPPORT_PROTOCOLS
Cmake: use LIBCURL_VERSION from curlver.h
Cmake: generate pkg-config and curl-config
Fixed several superfluous variable assignements identified by cppcheck
Cleanup of 'CURLcode result' return code
Pipelining: only output "is not blacklisted" in debug builds
- SSL: remove SSLv3 from SSL default due to POODLE attack
gskit.c: remove SSLv3 from SSL default
darwinssl: detect possible future removal of SSLv3 from the framework
ntlm: only define ntlm data structure when USE_NTLM is defined
ntlm: return CURLcode from Curl_ntlm_core_mk_lm_hash()
ntlm: return all errors from Curl_ntlm_core_mk_nt_hash()
sspi: only call CompleteAuthToken() when complete is needed
http_negotiate: fixed missing check for USE_SPNEGO
HTTP: return larger than 3 digit response codes too
openssl: check for NPN / ALPN via OpenSSL version number
openssl: enable NPN separately from ALPN
sasl_sspi: allow DIGEST-MD5 to use current windows credentials
sspi: return CURLE_LOGIN_DENIED on AcquireCredentialsHandle() failure
resume: consider a resume from [content-length] to be OK
sasl: fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is used
build-openssl.bat: fix x64 release build
Cmake: drop _BSD_SOURCE macro usage
Cmake: fix gethostby{addr,name}_r in CurlTests
Cmake: clean OtherTests, fixing -Werror
Cmake: fix struct sockaddr_storage check
Curl_single_getsock: fix hold/pause sock handling
- SSL: PolarSSL default minimum SSL version TLS 1.0
Cmake: fix ZLIB_INCLUDE_DIRS use
buildconf: stop checking for libtool
Updated perl-Cpanel-JSON-XS to 3.0105 as per the Fedora version
Updated perl-DateTime-TimeZone to 1.78:
Fix warnings from Perl 5.8.8 and before; apparently it doesn't like when $SIG{__DIE__} is set to undef (PR#4)
Updated perl-DBI to 1.632:
Fixed risk of memory corruption with many arguments to methods originally reported by OSCHWALD for Callbacks but may apply to other functionality in DBI method dispatch (CPAN RT#86744)
Fixed DBD::PurePerl to not set $sth->{Active} true by default; drivers are expected to set it true as needed
Fixed DBI::DBD::SqlEngine to complain loudly when prerequisite driver_prefix is not fulfilled (CPAN RT#93204)
Fixed redundant sprintf argument warning (CPAN RT#97062)
Fixed security issue where DBD::File drivers would open files from folders other than specifically passed using the f_dir attribute (CPAN RT#99508)
Changed delete $h->{$key} to work for keys with 'private_' prefix per request in CPAN RT#83156; local $h->{$key} works as before
Added security notice to DBD::Proxy and DBI::ProxyServer because they use Storable, which is insecure (CPAN RT#90475)
Added note to AutoInactiveDestroy docs strongly recommending that it is enabled in all new code
Updated perl-Moose to 2.1402:
Fix a test that was using Test::Exception instead of Test::Fatal
Updated perl-Path-Tiny to 0.060 as per the Fedora version
Updated perl-PerlIO-utf8_strict to 0.005:
Add PPPort to compile on perl < 5.8.9