Paul's Blog Entries for April 2015
Wednesday 1st April 2015
Fedora Project
Updated perl-IO-Multiplex to 1.15 in F-22 and Rawhide:
Move untie patch to the right place
Local Packages
Updated GeoIP-GeoLite-data to create the GeoIP.dat symlink in %posttrans rather than including it as a %config(noreplace) file; had to be careful to handle upgrades properly:
%posttrans # Create the default GeoIP.dat as a symlink to GeoLiteCountry.dat # # This has to be done in %posttrans rather than %post because an old # package's GeoIP.dat may still be present during %post in an upgrade # # Don't do this if there is any existing GeoIP.dat, as we don't want to # override what the user has put there # # Also, if there's an existing GeoIP.dat.rpmsave, we're probably doing # an upgrade from an old version of GeoIP that packaged GeoIP.dat as # %config(noreplace), so rename GeoIP.dat.rpmsave back to GeoIP.dat # instead of creating a new symlink if [ ! -e %{_datadir}/GeoIP/GeoIP.dat ]; then if [ -e %{_datadir}/GeoIP/GeoIP.dat.rpmsave ]; then mv %{_datadir}/GeoIP/GeoIP.dat.rpmsave \ %{_datadir}/GeoIP/GeoIP.dat else ln -sf GeoLiteCountry.dat %{_datadir}/GeoIP/GeoIP.dat fi fi exit 0
Updated perl-IO-Multiplex to 1.15 as per the Fedora version
Thursday 2nd April 2015
Fedora Project
Updated perl-MouseX-Getopt to 0.36 in F-22 and Rawhide:
Fix tests that follow GLD changes (GH#6)
Friday 3rd April 2015
Fedora Project
Updated perl-indirect to 0.34 in F-22 and Rawhide:
The new environment variable to enable thread tests on older perls is PERL_FORCE_TEST_THREADS; note that this variable should only be turned on by authors
Add link in documentation to historical tchrist post (CPAN RT#100068)
- Fix segfaults when the module is loaded by several threads (or Windows emulated processes) ran in parallel
Update the Windows ActivePerl + gcc 3.4 workaround for ExtUtils::MakeMaker version 7.04
Be really compatible with the optional OP_PARENT feature
Test: $ENV{$Config{ldlibpthname}} is now preserved on all platforms, which will address failures of t/41-threads-teardown.t and t/50-external.t with unusual compilers (like icc) that link all their compiled objects to their own libraries
Local Packages
Updated perl-PPIx-Regexp to 0.039:
- Recognize nested subscripts in interpolation
Add \b{g} (= \b{gcb})
Sunday 5th April 2015
Fedora Project
Updated grepmail to 5.3101 in F-22 and Rawhide:
Add explicit include for Module::AutoInstall (https://code.google.com/p/grepmail/issues/detail?id=1)
Improve the recursive.t test (https://code.google.com/p/grepmail/issues/detail?id=2)
Add explicit "provides" to META.yml
Updated perl-FileHandle-Unget to 0.1625 in F-22 and Rawhide:
Modify the memory leak test to check for ≤ 0 bytes; I'm not sure how this scenario happens, but test failures like this indicate that it can: http://www.cpantesters.org/cpan/report/bdd0e36c-d0dd-11e4-954f-5702e0bfc7aa
Attempt to fix loss of lines when $/ is undef: http://www.cpantesters.org/cpan/report/60452d60-d3cc-11e4-b60b-c2157e3e1735
Local Packages
Updated grepmail as per the Fedora version
Updated libgcrypt (1.6.3) to de-initialize the RNG after the self-test is run
Updated perl-FileHandle-Unget to 0.1625 as per the Fedora version
Monday 6th April 2015
Local Packages
Updated perl-File-Find-Rule-Perl to 1.15:
Fix tests for ExtUtils::MakeMaker 7.05_*
Use warnings in module and tests
Switch off of Module::Install again
Updated perl-MCE to 1.605:
Improved fix for the die handler in MCE::Signal and MCE::Core::Worker
Improved support for threads in MCE::Signal's stop_and_exit function
Wednesday 8th April 2015
Fedora Project
Updated perl-indirect to 0.35 in F-22 and Rawhide:
The module could end being disabled in one thread if it was first loaded in another thread and that thread was immediately terminated; this is now fixed and should address test failures of t/09-load-threads.t and t/42-threads-global.t
Updated perl-Mixin-Linewise to 0.107 in F-22 and Rawhide:
Add leading hashref arg for passing binmode to read_string, write_string
Do not modify references of args passed to read_file, write_file
Updated perl-Module-Signature to 0.77 in F-20, F-21, F-22, Rawhide, EPEL-5 and EPEL-6:
Fix GPG signature parsing logic (Bug #1209911)
MANIFEST.SKIP is no longer consulted unless --skip is given (Bug #1209915)
Properly use open() modes to avoid injection attacks (Bug #1209917)
More protection of @INC from relative paths (Bug #1209918)
Fix signature tests by defaulting to verify(skip=>1) when $ENV{TEST_SIGNATURE} is true
Include the latest public keys of PAUSE, ANDK and AUDREYT
Clarify scripts/cpansign copyright to CC0 (Bug #965126, CPAN RT#85466)
Updated perl-Test-Signature to 1.11 in F-20, F-21, F-22, Rawhide, EPEL-5 and EPEL-6:
Compatibility with Module::Signature ≥ 0.75
Local Packages
Updated perl-File-Find-Object to 0.2.13:
- Clarified the documentation regarding the use/return of array references
Updated perl-HTML-Lint to 2.22:
Previously, html_ok() would not check the entire structure of a web page to check for <html>, <head>, <title> and <body> tags; now it will
If you want to check fragments of HTML for validity but know that they are not valid HTML documents on their own, use the new html_fragment_ok()
Added new error, elem-input-alt-missing, that warns of <input type="image"> tags that are missing an alt="" attribute; this helps for accessibility to make sure that any images have alternate text for screen readers
Added ability to modify HTML::Lint's table of known tags and attributes, so you could add proprietary/new tags if you wanted
Test::HTML::Lint::html_ok() would not call the HTML::Lint eof() method, which meant it wouldn't do document-wide tests
Updated perl-Mixin-Linewise to 0.107 as per the Fedora version
Updated perl-Module-Signature to 0.77 as per the Fedora version
Updated perl-Test-Signature to 1.11 as per the Fedora version
Thursday 9th April 2015
Fedora Project
Rebuilt perl-GD in Rawhide for libvpx soname bump
Updated perl-MetaCPAN-Client to 1.012000 in F-22 and Rawhide:
Updated perl-Mixin-Linewise to 0.108 in F-22 and Rawhide:
- First argument can be options only if there are two arguments
Updated perl-Module-Signature to 0.78 in F-20, F-21, F-22, Rawhide, EPEL-5 and EPEL-6:
Fix verify() use from cpanm and CPAN.pm (CPAN RT#103369)
Local Packages
Updated perl-Child to 0.011:
- Clean up child processes once they are have been waited on; do not store them forever
Updated perl-MCE to 1.606:
Bug Fixes
Added -d and -w tests to ensure $ENV{TEMP} exists and is writeable in MCE::Signal; otherwise, /tmp is used as usual
Enhancements
Determine running state in MCE->exit; call stop_and_exit if not already running to not hang the script
Updated perl-MetaCPAN-Client to 1.012000 as per the Fedora version
Updated perl-Mixin-Linewise to 0.108 as per the Fedora version
Updated perl-Module-Signature to 0.78 as per the Fedora version
Friday 10th April 2015
Fedora Project
Updated perl-IO-Multiplex to 1.16 in F-22 and Rawhide:
Fix descriptor memory leak: Make $mux->close actually untie *$fh
Local Packages
Updated libspf2 (1.2.10) not to use libreplace on recent Linux versions from F-10, RHEL-6 onwards where it's not needed
Updated perl-IO-Multiplex to 1.16 as per the Fedora version
Updated perl-MCE to 1.608:
Bug Fixes
Updated t/01_load_signal_arg.t to address false-positive from bug fix in 1.606
Enhancements
Replaced (-e) with (perl) for the $prog_name value in MCE::Signal; e.g. from running perl -e 'command'
Saturday 11th April 2015
Fedora Project
Updated perl-Module-Metadata to 1.000027 in F-22 and Rawhide:
Work around issues with an unconfigured Log::Contextual
- Allow tests to pass in a perl with no taint support
Local Packages
Updated perl-Module-Metadata to 1.000027 as per the Fedora version
Sunday 12th April 2015
Fedora Project
Updated perl-Tree-DAG_Node to 1.26 in Rawhide:
Fix bug in string2hashref(), which failed on some strings, such as {a => 'b, c'}
Add t/string2hash.t to test new code
Local Packages
Updated GeoIP-GeoLite-data to April 2015 databases, and added a %preun script to remove the GeoIP.dat symlink if the package is uninstalled:
%preun # If the package is being uninstalled (rather than upgraded), we remove # the GeoIP.dat symlink, provided that it points to GeoLiteCountry.dat; # rpm will then be able to remove the %%{_datadir}/GeoIP directory if [ $1 = 0 ]; then if [ -h %{_datadir}/GeoIP/GeoIP.dat ]; then geoipdat=`readlink %{_datadir}/GeoIP/GeoIP.dat` if [ "$geoipdat" = "GeoLiteCountry.dat" ]; then rm -f %{_datadir}/GeoIP/GeoIP.dat fi fi fi exit 0
Updated perl-Mouse to 2.4.2:
Updated perl-Tree-DAG_Node to 1.26 as per the Fedora version
Monday 13th April 2015
Fedora Project
Philip Prindeville kindly reviewed and approved my GeoIP-GeoLite-data package submission
Imported and built GeoIP-GeoLite-data (2015.04) for F-20, F-21, F-22, Rawhide, EPEL-5, EPEL-6 and EPEL-7
I subsequently realized that RHEL-7 ships GeoIP 1.5.0 in the base OS, and this bundles the geoipupdate and GeoLite databases, so I'm not going to be able to push GeoIP-related updates for EPEL-7 as they would conflict with the base OS
Updated geoipupdate to 2.2.1 in F-20, F-21, F-22, Rawhide, EPEL-5 and EPEL-6:
geoipupdate now verifies the MD5 of the new database before deploying it; if the database MD5 does not match the expected MD5, geoipupdate will exit with an error
The copy of 'base64.c' and 'base64.h' was switched to a version under GPLv2+ to prevent a license conflict
The 'LICENSE' file was added to the distribution
- Several issues in the documentation were fixed
Updated GeoIP to 1.6.5 in F-20, F-21, F-22, Rawhide, EPEL-5 and EPEL-6, unbundling the geoipdate and GeoLite databases and adding dependencies on the new packages instead
Fixed a segmentation fault in geoiplookup when the utility was passed an invalid database (Bug #1180874)
Additional validation was added for the size used in the creation of the index cache (Bug #832913)
Changed the code to only look up country codes by using functions that ensure that we do not try to look past the end of an array (GitHub #53)
Updated grepmail to 5.3102 in Rawhide:
Force the user to upgrade their Time::Local, to work around bugs in the stock version that came with old OSes like RHEL 5 (http://www.cpantesters.org/cpan/report/61043eda-dd0e-11e4-abc4-b553e14af301)
- Enable verbose testing for CPAN-testers
Consolidate issue tracking at rt.cpan.org
Use proper temporary directory instead of t/temp
Updated perl-FileHandle-Unget to 0.1626 in Rawhide:
- Enable verbose testing for CPAN-testers
Consolidate issue tracking at rt.cpan.org
Use File::Temp for temporary files in the test suite
Updated perl-Mail-Mbox-MessageParser to 1.5102 in Rawhide:
Fix xz and lzip test skip for when tools are not installed
- Enable verbose testing for CPAN-testers
Use proper temporary directory instead of t/temp
Consolidate issue tracking at rt.cpan.org
Local Packages
Updated grepmail to 5.3102 as per the Fedora version
Updated perl-FileHandle-Unget to 0.1626 as per the Fedora version
Updated perl-Mail-Mbox-MessageParser to 1.5102 as per the Fedora version
Tuesday 14th April 2015
Fedora Project
Updated perl-Class-C3 to 0.28 in F-22 and Rawhide:
Change link to Dylan paper to use archive.org, as the original link has gone offline (CPAN RT#99756)
Local Packages
Updated geoipupdate (2.2.1) to split the patch for upstream issue #26 into separate patches for upstream changes and effect of running autotools
Updated libgpg-error to 1.19:
- New translations for Hungarian, Portuguese, Russian, and Traditional Chinese
- Updated other translations
New error codes: GPG_ERR_FORBIDDEN, GPG_ERR_OBJ_TERM_STATE, GPG_ERR_REQUEST_TOO_SHORT, GPG_ERR_REQUEST_TOO_LONG, GPG_ERR_LEGACY_KEY
New set of error codes for use with LDAP: GPG_ERR_LDAP_*
New options --help and --defines for gpg-error
Allow building with gcc 5
Updated java-1.7.0-oracle to Java SE 7 Update 80 (cumulative bugfix and security update; see release notes at http://www.oracle.com/technetwork/java/javase/7u80-relnotes-2494162.html)
Updated java-1.8.0-oracle to Java SE 8 Update 45 (cumulative bugfix and security update; see release notes at http://www.oracle.com/technetwork/java/javase/8u45-relnotes-2494160.html)
Updated perl-Class-C3 to 0.28 as per the Fedora version
Updated perl-File-ShareDir-ProjectDistDir to 1.000005:
Dropped minimum perl version to 5.6
Erroneous synopsis fixed (GH #15)
Rebuilt perl-HTML-Lint (2.22) to sync with Rawhide
Updated python-twisted to 15.1.0 (see NEWS for details)
Wednesday 15th April 2015
Local Packages
Updated java-1.8.0-oracle to update the jre and java provides so that the package can replace java-1.8.0-openjdk if desired (thanks to Roderick Johnstone)
Thursday 16th April 2015
Fedora Project
Updated proftpd (1.3.4e) in F-20 with fix for CVE-2015-3306 (unauthenticated copying of files via SITE CPFR/CPTO was allowed by mod_copy, Upstream Bug#4169)
Friday 17th April 2015
Local Packages
Updated perl-Moose to 2.1404:
Bug Fixes
Add Sub::Identify to prereqs (CPAN RT#101661)
Bump List::Util prereq to avoid a memory leak (CPAN RT#101124)
Documentation
Added section to Moose::Manual::Resources to list external links related to Moose (CPAN RT#101993)
Saturday 18th April 2015
Local Packages
Updated perl-Variable-Magic to 0.57:
The new environment variable to enable thread tests on older perls is PERL_FORCE_TEST_THREADS; note that this variable should only be turned on by authors
- Fix: Segfaults when the module is loaded by several threads (or Windows emulated processes) ran in parallel
- Fix: Segfaults when the module is loaded in a thread, which spawns itself a new thread, and that child thread outlives its parent
- Fix: Small memory leaks of structures required for thread safety
Fix: Update the Windows ActivePerl + gcc 3.4 workaround for ExtUtils::MakeMaker 7.04
Test: The global destruction test will now be exercised on any perl that has DEBUGGING set
Test: Optional capturing tests in t/17-ctl.t that were only run when Capture::Tiny was present were converted to an IPC::Open3 based helper and will now be run everywhere
Tuesday 21st April 2015
Fedora Project
Updated perl-FileHandle-Unget to 0.1627 in Rawhide:
- Clarify licensing terms
Move verbose testing to a private module, and implement it in a way that doesn't require editing the Makefile after it is generated
Require File::Slurp instead of including it, to avoid potential problems like this: http://www.cpantesters.org/cpan/report/86a0145a-e52b-11e4-a1d1-8536eb4f9f07
Fix tests so that they don't prematurely delete the temp file, e.g.: http://www.cpantesters.org/cpan/report/3adcb600-6bf9-1014-8336-f8616735162a
Fix tests on Windows: http://www.cpantesters.org/cpan/report/482c4765-af8d-1014-8ca5-91062b825c07
Updated perl-Moose to 2.1404 in Rawhide
Updated perl-Package-DeprecationManager to 0.14 in Rawhide:
Use any() from List::Util 1.33+ instead of List::MoreUtils
Updated perl-RRD-Simple (1.44) in Rawhide to tidy up the packaging a bit
Updated perl-Test-Valgrind (1.14) in Rawhide to tidy up the packaging a bit
Updated perl-YAML to 1.15 in F-22 and Rawhide:
Don't require newlines at end of YAML (GH#149)
Local Packages
Updated perl-DateTime-TimeZonee to 1.87:
- This release is based on version 2015c of the Olson database
- Contemporary changes for Egypt, though it looks like those will change again soon
Updated perl-FileHandle-Unget to 0.1627 as per the Fedora version
Updated perl-Module-CoreList to 5.20150420:
- Updated for v5.21.11
Updated perl-Net-IDN-Encode to 2.202:
Use updated IdnaTest.txt from Unicode 7.0.0 database (CPAN RT#96749)
- Documentation updates, point to perl Unicode tutorials
Updated perl-Package-DeprecationManager to 0.14 as per the Fedora version
Updated perl-YAML to 1.15 as per the Fedora version
Wednesday 22nd April 2015
Local Packages
Updated curl to 7.42.0:
openssl: Show the cipher selection to use in verbose text
gtls: Implement CURLOPT_CERTINFO
Add CURLOPT_SSL_FALSESTART option (darwinssl and NSS)
curl: Add --false-start option
Add CURLOPT_PATH_AS_IS
curl: Add --path-as-is option
curl: Create output file on successful download of an empty file
ConnectionExists: For NTLM re-use, require credentials to match (CVE-2015-3143)
Cookie: Cookie parser out of boundary memory access (CVE-2015-3145)
fix_hostname: Zero length host name caused -1 index offset (CVE-2015-3144)
http_done: Close Negotiate connections when done (CVE-2015-3148)
sws: Timeout idle CONNECT connections
nss: Improve error handling in Curl_nss_random()
nss: Do not skip Curl_nss_seed() if data is NULL
curl-config.in: Eliminate double quotes around CURL_CA_BUNDLE
http2: Move lots of verbose output to be debug-only
dist: Add extern-scan.pl to the tarball
http2: Return recv error on unexpected EOF
Build: Use default RandomizedBaseAddress directive in VC9+ project files
Build: Removed DataExecutionPrevention directive from VC9+ project files
Tool: Updated the warnf() function to use the GlobalConfig structure
http2: Return error if stream was closed with other than NO_ERROR
mprintf.h: Remove #ifdef CURLDEBUG
libtest: Fixed linker errors on msvc
Tool: Use ENABLE_CURLX_PRINTF instead of _MPRINTF_REPLACE
curl.1: Fix "The the" typo
cmake: Handle build definitions CURLDEBUG/DEBUGBUILD
openssl: Remove all uses of USE_SSLEAY
multi: Fix memory-leak on timeout (regression)
curl_easy_setopt.3: Added CURLOPT_SSL_VERIFYSTATUS
metalink: Add some error checks
TLS: Make it possible to enable ALPN/NPN without HTTP/2
http2: Use CURL_HTTP_VERSION_* symbols instead of NPN_*
conncontrol: Only log changes to the connection bit
multi: Fix *getsock() with CONNECT
symbols.pl: Handle '-' in the deprecated field
MacOSX-Framework: Use @rpath instead of @executable_path
GnuTLS: Add support for CURLOPT_CAPATH
- GnuTLS: Print negotiated TLS version and full cipher suite name
- GnuTLS: Don't print double newline after certificate dates
memanalyze.pl: Handle free(NULL)
- proxy: Re-use proxy connections (regression)
mk-ca-bundle: Don't report SHA1 numbers with "-q"
http: Always send Host: header as first header
openssl: Sort ciphers to use based on strength
openssl: Use colons properly in the ciphers list
http2: Detect premature close without data transferred
hostip: Fix signal race in Curl_resolv_timeout
closesocket: Call multi socket callback on close even with custom close
mksymbolsmanpage.pl: Use std header and generate better nroff header
connect: Fix happy eyeballs logic for IPv4-only builds
curl_easy_perform.3: Remove superfluous close brace from example
HTTP: Don't use Expect: headers when on HTTP/2
Curl_sh_entry: Remove unused 'timestamp'
docs/libcurl: Makefile portability fix
mkhelp: Remove trailing carriage return from every line of input
nss: Explicitly tell NSS to disable NPN/ALPN when libcurl disables it
curl_easy_setopt.3: Added a few missing options
metalink: Fix resource leak in OOM
axtls: Version 1.5.2 now requires that config.h be manually included
HTTP: Don't switch to HTTP/2 from 1.1 until we get the 101
cyassl: Detect the library as renamed wolfssl
CURLOPT_HTTPHEADER.3: Add a "SECURITY CONCERNS" section
CURLOPT_URL.3: Added "SECURITY CONCERNS"
openssl: Try to avoid accessing OCSP structs when possible
test938: Added missing closing tags
testcurl: Allow '=' in values given on command line
tests/certs: Added make target to rebuild certificates
tests/certs: Rebuild certificates with modified key usage bits
gtls: Avoid uninitialized variable
gtls: Dereferencing NULL pointer
gtls: Add check of return code
test1513: Eliminated race condition in test run
dict: Rename byte to avoid compiler shadowed declaration warning
curl_easy_recv/send: Make them work with the multi interface
vtls: Fix compile with --disable-crypto-auth but with SSL
openssl: Adapt to ASN1/X509 things gone opaque in 1.1
openssl: verifystatus: Only use the OCSP work-around ≤ 1.0.2a
curl_memory: Make curl_memory.h the second-last header file loaded
testcurl.pl: Add the --notes option to supply more info about a build
cyassl: If wolfSSL then identify as such in version string
cyassl: Check for invalid length parameter in Curl_cyassl_random
cyassl: Default to highest possible TLS version
Curl_ssl_md5sum: Return CURLcode (fixes OOM)
polarssl: Remove dead code
polarssl: Called mbedTLS in 1.3.10 and later
- Globbing: Fix step parsing for character globbing ranges
- Globbing: Fix URL number calculation when using range with step
multi: On a request completion, check all CONNECT_PEND transfers
Build: Link curl to openssl libraries when openssl support is enabled
url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined
vtls: Don't accept unknown CURLOPT_SSLVERSION values
Build: Fix libcurl.sln erroneous mixed configurations
cyassl: Remove undefined reference to CyaSSL_no_filesystem_verify
cyassl: Add SSL context callback support for CyaSSL
- Tool: Only set SSL options if SSL is enabled
multi: Remove_handle: move pending connections
configure: Use KRB5CONFIG for krb5-config
axtls: Add timeout within Curl_axtls_connect
CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"
cyassl: Fix library initialization return value
Cookie: Handle spaces after the name in Set-Cookie
http2: Fix missing nghttp2_session_send call in Curl_http2_switched
cyassl: Fix certificate load check
build-openssl.bat: Fix mixed line endings
checksrc.bat: Check lib\vtls source
- DNS: Fix refreshing of obsolete dns cache entries
CURLOPT_RESOLVE: Actually implement removals
checksrc.bat: Quotes to support a SRC_DIR with spaces
cyassl: Remove 'Connecting to' message from cyassl_connect_step2
cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size
lib/transfer.c: Remove factor of 8 from sleep time calculation
lib/makefile.m32: Add missing libs to build libcurl.dll
Build: Generate source prerequisites for Visual Studio in generate.bat
cyassl: Include the CyaSSL build config
firefox-db2pem: Fix wildcard to find Firefox default profile
BUGS: Refer to the github issue tracker now as primary
vtls_openssl: Improve several certificate error messages
cyassl: Add support for TLS extension SNI
parsecfg: Do not continue past a zero termination
configure --with-nss=PATH: Query pkg-config if available
configure --with-nss: Drop redundant if statement
cyassl: Fix include order
HTTP: Fix PUT regression with Negotiate
curl_version_info.3: Fixed the 'protocols' variable type
Updated perl-File-ShareDir-ProjectDistDir to 1.000007:
- Add a deterrent notice
Thursday 23rd April 2015
Fedora Project
Updated gtkwave to 3.3.65 in F-22 and Rawhide:
Added --, -I-, etc. option to port filtering in SST; using -- for example filters all non-ports from search results
Updated LZ4 for version r126
- Minor warnings fixes
Moved TCL_LDADD/TK_LDADD before FSDB_LDADD to avoid stale Tcl library version conflicts
Removed appending [31:0] to vcd loaded integer names
- Reduced recursion depth in GHW signal loader to prevent stack overflow crashes
- Added support for synthetic clocks in FST file
- Update timetrace marking so it runs quicker for large traces
Updated perl-IO-stringy to 2.111 in F-22 and Rawhide:
- Update maintainer's name, which is now Dianne Skoll
Updated perl-MIME-tools to 5.506 in F-22 and Rawhide:
- Update maintainer's name to "Dianne Skoll"
Updated proftpd (1.3.4e) in F-20 to fix the backported patch for CVE-2015-3306
Local Packages
Updated curl (7.42.0) to implement public key pinning for NSS backend (Bug #1195771) and not to run flaky test-cases in %check
Updated gtkwave to 3.3.65 as per the Fedora version
Updated perl-IO-stringy to 2.111 as per the Fedora version
Updated perl-MIME-tools to 5.506 as per the Fedora version
Updated perl-XML-LibXML to 2.0119:
Preserve unset options after a _clone() call (e.g: in load_xml())
Friday 24th April 2015
Fedora Project
Updated perl-Module-Build-XSUtil to 0.15 in Rawhide:
Update XSHelper to fix STATIC_INLINE for gcc -std=c89
Updated perl-Sub-Name to 0.14 in Rawhide:
- Remove mandatory dependencies for optional test
Mark the test with B::C as TODO, as it seems to fail frequently and should not block normal installations
Local Packages
Updated perl-Module-Build-XSUtil to 0.15 as per the Fedora version
Updated perl-Sub-Name to 0.14 as per the Fedora version
Sunday 26th April 2015
Fedora Project
Updated perl-MetaCPAN-Client to 1.013000 in F-22 and Rawhide:
Updated perl-PadWalker to 2.1 in Rawhide:
Another bleadperl fix (CPAN RT#101037)
Updated perl-Text-CSV_XS to 1.17 in F-22 and Rawhide:
Enable overruling $csv in csv()
Allow encoding to be shortened to enc in csv()
- Allow filter to alter content
Add say (print with default eol => $\)
Allow MS sep=; on first line (CPAN RT#100304)
Local Packages
Updated perl-DateTime-TimeZone to 1.88:
- This release is based on version 2015d of the Olson database
- Contemporary changes for Egypt
Updated perl-MetaCPAN-Client to 1.013000 as per the Fedora version
Updated perl-PadWalker to 2.1 as per the Fedora version
- Updated `perl-Role-Tiny: update to 2.000001:
Fix generating invalid package names with single colons when abbreviating long package names (CPAN RT#103310)
- Don't run module interaction tests for user installs
Updated perl-Text-CSV_XS to 1.17 as per the Fedora version
Monday 27th April 2015
Fedora Project
Updated GeoIP (1.6.5) in Rawhide and EPEL-5 such that builds targeting EL-5 (and only EL-5) have a dependency on the package GeoIP-GeoLite-data rather than the virtual GeoIP-data, to work around the presence of the GeoIP-data-20090201-1.el5.centos package in the CentOS 5 Extras repository, which EL-5's yum prefers to any GeoIP-GeoLite-data package, even if arch-specific and with a epoch in the virtual provide for GeoIP-data (CentOS Bug#8488)
Updated GeoIP-GeoLite-data (2015.04) in Rawhide, EPEL-5 and EPEL-6 to add symlinks for the "City" databases to be where upstream expects them (thanks to nucleo for the suggestion in Bug#1194798)
Updated perl-Mail-Mbox-MessageParser to 1.5104 in Rawhide:
Add File::Path dependency for testing (CPAN RT#103482)
Don't install private Module::Install extension (CPAN RT#103482)
- Clarify licensing terms
Move verbose testing to a private module, and implement it in a way that doesn't require editing the Makefile after it is generated
Require File::Slurp instead of including it, to avoid potential problems like this:
http://www.cpantesters.org/cpan/report/86a0145a-e52b-11e4-a1d1-8536eb4f9f07
- Improve the ability of the test suite to be run in parallel
- Fix Windows test incompatibilities, such as:
http://www.cpantesters.org/cpan/report/12187014-af8d-1014-92d8-fdf72a825c07
http://www.cpantesters.org/cpan/report/12187014-af8d-1014-92d8-fdf72a825c07
Local Packages
Updated GeoIP as per the Fedora version
Updated GeoIP-GeoLite-data as per the Fedora version
Updated perl-B-Utils to 0.26:
Fix tests for perl 5.21.7 (change to nulled COPs) (CPAN RT#100508)
Updated perl-Mail-Mbox-MessageParser to 1.5104 as per the Fedora version, adding a patch to work around a test issue on old Red Hat/Fedora perls (CPAN RT#103835)
Tuesday 28th April 2015
Fedora Project
Updated proftpd (1.3.5) in F-21, F-22, Rawhide and EPEL-7 to address CVE-2015-3306 (unauthenticated copying of files via SITE CPFR/CPTO was allowed by mod_copy, ProFTPD Bug#4169)
Local Packages
Updated proftpd as per the Fedora version
Wednesday 29th April 2015
Local Packages
Updated curl to 7.42.1:
CURLOPT_HEADEROPT: default to separate (CVE-2015-3153)
dist: include {src,lib}/checksrc.whitelist
connectionexists: fix build without NTLM
docs: distribute the CURLOPT_PINNEDPUBLICKEY(3) man page, too
curl -z: do not write empty file on unmet condition
openssl: fix serial number output
curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
sws: init http2 state properly
curl.1: fix typo
Thursday 30th April 2015
Fedora Project
Updated perl-Devel-CheckBin to 0.03 in Rawhide:
- Re-packaging with EU::MM
Local Packages
Updated dovecot (2.1.6) to fix CVE-2015-3420: SSL/TLS handshake failures leading to a crash of the login process
Updated perl-Devel-CheckBin to 0.03 as per the Fedora version
Previous Month: March 2015
Next Month: May 2015