Include all attachments?

    PaulHowarth/Blog/2015-04

Paul's Blog Entries for April 2015

Wednesday 1st April 2015

Fedora Project

  • Updated perl-IO-Multiplex to 1.15 in F-22 and Rawhide:

    • Move untie patch to the right place

Local Packages

  • Updated GeoIP-GeoLite-data to create the GeoIP.dat symlink in %posttrans rather than including it as a %config(noreplace) file; had to be careful to handle upgrades properly:

  • %posttrans
    # Create the default GeoIP.dat as a symlink to GeoLiteCountry.dat
    #
    # This has to be done in %posttrans rather than %post because an old
    # package's GeoIP.dat may still be present during %post in an upgrade
    #
    # Don't do this if there is any existing GeoIP.dat, as we don't want to
    # override what the user has put there
    #
    # Also, if there's an existing GeoIP.dat.rpmsave, we're probably doing
    # an upgrade from an old version of GeoIP that packaged GeoIP.dat as
    # %config(noreplace), so rename GeoIP.dat.rpmsave back to GeoIP.dat
    # instead of creating a new symlink
    if [ ! -e %{_datadir}/GeoIP/GeoIP.dat ]; then
            if [ -e %{_datadir}/GeoIP/GeoIP.dat.rpmsave ]; then
                    mv %{_datadir}/GeoIP/GeoIP.dat.rpmsave \
                            %{_datadir}/GeoIP/GeoIP.dat
            else
                    ln -sf GeoLiteCountry.dat %{_datadir}/GeoIP/GeoIP.dat
            fi
    fi
    exit 0
  • Updated perl-IO-Multiplex to 1.15 as per the Fedora version

Thursday 2nd April 2015

Fedora Project

  • Updated perl-MouseX-Getopt to 0.36 in F-22 and Rawhide:

    • Fix tests that follow GLD changes (GH#6)

Friday 3rd April 2015

Fedora Project

  • Updated perl-indirect to 0.34 in F-22 and Rawhide:

    • The new environment variable to enable thread tests on older perls is PERL_FORCE_TEST_THREADS; note that this variable should only be turned on by authors

    • Add link in documentation to historical tchrist post (CPAN RT#100068)

    • Fix segfaults when the module is loaded by several threads (or Windows emulated processes) ran in parallel
    • Update the Windows ActivePerl + gcc 3.4 workaround for ExtUtils::MakeMaker version 7.04

    • Be really compatible with the optional OP_PARENT feature

    • Test: $ENV{$Config{ldlibpthname}} is now preserved on all platforms, which will address failures of t/41-threads-teardown.t and t/50-external.t with unusual compilers (like icc) that link all their compiled objects to their own libraries

Local Packages

  • Updated perl-PPIx-Regexp to 0.039:

    • Recognize nested subscripts in interpolation
    • Add \b{g} (= \b{gcb})

Sunday 5th April 2015

Fedora Project

Local Packages

  • Updated grepmail as per the Fedora version

  • Updated libgcrypt (1.6.3) to de-initialize the RNG after the self-test is run

  • Updated perl-FileHandle-Unget to 0.1625 as per the Fedora version

Monday 6th April 2015

Local Packages

  • Updated perl-File-Find-Rule-Perl to 1.15:

    • Fix tests for ExtUtils::MakeMaker 7.05_*

    • Use warnings in module and tests

    • Switch off of Module::Install again

  • Updated perl-MCE to 1.605:

    • Improved fix for the die handler in MCE::Signal and MCE::Core::Worker

    • Improved support for threads in MCE::Signal's stop_and_exit function

Wednesday 8th April 2015

Fedora Project

  • Updated perl-indirect to 0.35 in F-22 and Rawhide:

    • The module could end being disabled in one thread if it was first loaded in another thread and that thread was immediately terminated; this is now fixed and should address test failures of t/09-load-threads.t and t/42-threads-global.t

  • Updated perl-Mixin-Linewise to 0.107 in F-22 and Rawhide:

    • Add leading hashref arg for passing binmode to read_string, write_string

    • Do not modify references of args passed to read_file, write_file

  • Updated perl-Module-Signature to 0.77 in F-20, F-21, F-22, Rawhide, EPEL-5 and EPEL-6:

    • Fix GPG signature parsing logic (Bug #1209911)

    • MANIFEST.SKIP is no longer consulted unless --skip is given (Bug #1209915)

    • Properly use open() modes to avoid injection attacks (Bug #1209917)

    • More protection of @INC from relative paths (Bug #1209918)

    • Fix signature tests by defaulting to verify(skip=>1) when $ENV{TEST_SIGNATURE} is true

    • Include the latest public keys of PAUSE, ANDK and AUDREYT

    • Clarify scripts/cpansign copyright to CC0 (Bug #965126, CPAN RT#85466)

  • Updated perl-Test-Signature to 1.11 in F-20, F-21, F-22, Rawhide, EPEL-5 and EPEL-6:

    • Compatibility with Module::Signature ≥ 0.75

Local Packages

  • Updated perl-File-Find-Object to 0.2.13:

    • Clarified the documentation regarding the use/return of array references
  • Updated perl-HTML-Lint to 2.22:

    • Previously, html_ok() would not check the entire structure of a web page to check for <html>, <head>, <title> and <body> tags; now it will

    • If you want to check fragments of HTML for validity but know that they are not valid HTML documents on their own, use the new html_fragment_ok()

    • Added new error, elem-input-alt-missing, that warns of <input type="image"> tags that are missing an alt="" attribute; this helps for accessibility to make sure that any images have alternate text for screen readers

    • Added ability to modify HTML::Lint's table of known tags and attributes, so you could add proprietary/new tags if you wanted

    • Test::HTML::Lint::html_ok() would not call the HTML::Lint eof() method, which meant it wouldn't do document-wide tests

  • Updated perl-Mixin-Linewise to 0.107 as per the Fedora version

  • Updated perl-Module-Signature to 0.77 as per the Fedora version

  • Updated perl-Test-Signature to 1.11 as per the Fedora version

Thursday 9th April 2015

Fedora Project

  • Rebuilt perl-GD in Rawhide for libvpx soname bump

  • Updated perl-MetaCPAN-Client to 1.012000 in F-22 and Rawhide:

    • Added Mirror type and support for mirrors search in 'all' queries (GH#33)

    • Support 'ratings' search in 'all' queries (GH#33)

    • More example scripts: facets, top favorites, all authors' blogs
    • Clean-up and documentation updates
  • Updated perl-Mixin-Linewise to 0.108 in F-22 and Rawhide:

    • First argument can be options only if there are two arguments
  • Updated perl-Module-Signature to 0.78 in F-20, F-21, F-22, Rawhide, EPEL-5 and EPEL-6:

Local Packages

  • Updated perl-Child to 0.011:

    • Clean up child processes once they are have been waited on; do not store them forever
  • Updated perl-MCE to 1.606:

  • Bug Fixes

    • Added -d and -w tests to ensure $ENV{TEMP} exists and is writeable in MCE::Signal; otherwise, /tmp is used as usual

  • Enhancements

    • Determine running state in MCE->exit; call stop_and_exit if not already running to not hang the script

  • Updated perl-MetaCPAN-Client to 1.012000 as per the Fedora version

  • Updated perl-Mixin-Linewise to 0.108 as per the Fedora version

  • Updated perl-Module-Signature to 0.78 as per the Fedora version

Friday 10th April 2015

Fedora Project

  • Updated perl-IO-Multiplex to 1.16 in F-22 and Rawhide:

    • Fix descriptor memory leak: Make $mux->close actually untie *$fh

Local Packages

  • Updated libspf2 (1.2.10) not to use libreplace on recent Linux versions from F-10, RHEL-6 onwards where it's not needed

  • Updated perl-IO-Multiplex to 1.16 as per the Fedora version

  • Updated perl-MCE to 1.608:

  • Bug Fixes

    • Updated t/01_load_signal_arg.t to address false-positive from bug fix in 1.606

  • Enhancements

    • Replaced (-e) with (perl) for the $prog_name value in MCE::Signal; e.g. from running perl -e 'command'

Saturday 11th April 2015

Fedora Project

  • Updated perl-Module-Metadata to 1.000027 in F-22 and Rawhide:

    • Work around issues with an unconfigured Log::Contextual

    • Allow tests to pass in a perl with no taint support

Local Packages

  • Updated perl-Module-Metadata to 1.000027 as per the Fedora version

Sunday 12th April 2015

Fedora Project

  • Updated perl-Tree-DAG_Node to 1.26 in Rawhide:

    • Fix bug in string2hashref(), which failed on some strings, such as {a => 'b, c'}

    • Add t/string2hash.t to test new code

Local Packages

  • Updated GeoIP-GeoLite-data to April 2015 databases, and added a %preun script to remove the GeoIP.dat symlink if the package is uninstalled:

  • %preun
    # If the package is being uninstalled (rather than upgraded), we remove
    # the GeoIP.dat symlink, provided that it points to GeoLiteCountry.dat;
    # rpm will then be able to remove the %%{_datadir}/GeoIP directory
    if [ $1 = 0 ]; then
            if [ -h %{_datadir}/GeoIP/GeoIP.dat ]; then
                    geoipdat=`readlink %{_datadir}/GeoIP/GeoIP.dat`
                    if [ "$geoipdat" = "GeoLiteCountry.dat" ]; then
                            rm -f %{_datadir}/GeoIP/GeoIP.dat
                    fi
            fi
    fi
    exit 0
  • Updated perl-Mouse to 2.4.2:

    • Fixed #40: 'use strict' not enabled when 'use 5.010' follows 'use Mouse'

    • Fixed #39: New warnings in Perl 5.21.x: redundant arguments for sprintf

    • Fixed #38: Avoid warnings introduced in Perl 5.21.x

    • Fixed #36: Excess dependency on Test::Exception::LessClever

  • Updated perl-Tree-DAG_Node to 1.26 as per the Fedora version

Monday 13th April 2015

Fedora Project

  • Philip Prindeville kindly reviewed and approved my GeoIP-GeoLite-data package submission

  • Imported and built GeoIP-GeoLite-data (2015.04) for F-20, F-21, F-22, Rawhide, EPEL-5, EPEL-6 and EPEL-7

  • I subsequently realized that RHEL-7 ships GeoIP 1.5.0 in the base OS, and this bundles the geoipupdate and GeoLite databases, so I'm not going to be able to push GeoIP-related updates for EPEL-7 as they would conflict with the base OS

  • Updated geoipupdate to 2.2.1 in F-20, F-21, F-22, Rawhide, EPEL-5 and EPEL-6:

    • geoipupdate now verifies the MD5 of the new database before deploying it; if the database MD5 does not match the expected MD5, geoipupdate will exit with an error

    • The copy of 'base64.c' and 'base64.h' was switched to a version under GPLv2+ to prevent a license conflict

    • The 'LICENSE' file was added to the distribution

    • Several issues in the documentation were fixed
  • Updated GeoIP to 1.6.5 in F-20, F-21, F-22, Rawhide, EPEL-5 and EPEL-6, unbundling the geoipdate and GeoLite databases and adding dependencies on the new packages instead

    • Fixed a segmentation fault in geoiplookup when the utility was passed an invalid database (Bug #1180874)

    • Additional validation was added for the size used in the creation of the index cache (Bug #832913)

    • Changed the code to only look up country codes by using functions that ensure that we do not try to look past the end of an array (GitHub #53)

  • Updated grepmail to 5.3102 in Rawhide:

  • Updated perl-FileHandle-Unget to 0.1626 in Rawhide:

    • Enable verbose testing for CPAN-testers
    • Consolidate issue tracking at rt.cpan.org

    • Use File::Temp for temporary files in the test suite

  • Updated perl-Mail-Mbox-MessageParser to 1.5102 in Rawhide:

    • Fix xz and lzip test skip for when tools are not installed

    • Enable verbose testing for CPAN-testers
    • Use proper temporary directory instead of t/temp

    • Consolidate issue tracking at rt.cpan.org

Local Packages

  • Updated grepmail to 5.3102 as per the Fedora version

  • Updated perl-FileHandle-Unget to 0.1626 as per the Fedora version

  • Updated perl-Mail-Mbox-MessageParser to 1.5102 as per the Fedora version

Tuesday 14th April 2015

Fedora Project

  • Updated perl-Class-C3 to 0.28 in F-22 and Rawhide:

Local Packages

  • Updated geoipupdate (2.2.1) to split the patch for upstream issue #26 into separate patches for upstream changes and effect of running autotools

  • Updated libgpg-error to 1.19:

    • New translations for Hungarian, Portuguese, Russian, and Traditional Chinese
    • Updated other translations
    • New error codes: GPG_ERR_FORBIDDEN, GPG_ERR_OBJ_TERM_STATE, GPG_ERR_REQUEST_TOO_SHORT, GPG_ERR_REQUEST_TOO_LONG, GPG_ERR_LEGACY_KEY

    • New set of error codes for use with LDAP: GPG_ERR_LDAP_*

    • New options --help and --defines for gpg-error

    • Allow building with gcc 5

  • Updated java-1.7.0-oracle to Java SE 7 Update 80 (cumulative bugfix and security update; see release notes at http://www.oracle.com/technetwork/java/javase/7u80-relnotes-2494162.html)

  • Updated java-1.8.0-oracle to Java SE 8 Update 45 (cumulative bugfix and security update; see release notes at http://www.oracle.com/technetwork/java/javase/8u45-relnotes-2494160.html)

  • Updated perl-Class-C3 to 0.28 as per the Fedora version

  • Updated perl-File-ShareDir-ProjectDistDir to 1.000005:

    • Dropped minimum perl version to 5.6

    • Erroneous synopsis fixed (GH #15)

  • Rebuilt perl-HTML-Lint (2.22) to sync with Rawhide

  • Updated python-twisted to 15.1.0 (see NEWS for details)

Wednesday 15th April 2015

Local Packages

  • Updated java-1.8.0-oracle to update the jre and java provides so that the package can replace java-1.8.0-openjdk if desired (thanks to Roderick Johnstone)

Thursday 16th April 2015

Fedora Project

  • Updated proftpd (1.3.4e) in F-20 with fix for CVE-2015-3306 (unauthenticated copying of files via SITE CPFR/CPTO was allowed by mod_copy, Upstream Bug#4169)

Friday 17th April 2015

Local Packages

  • Updated perl-Moose to 2.1404:

  • Bug Fixes

  • Documentation

    • Added section to Moose::Manual::Resources to list external links related to Moose (CPAN RT#101993)

Saturday 18th April 2015

Local Packages

  • Updated perl-Variable-Magic to 0.57:

    • The new environment variable to enable thread tests on older perls is PERL_FORCE_TEST_THREADS; note that this variable should only be turned on by authors

    • Fix: Segfaults when the module is loaded by several threads (or Windows emulated processes) ran in parallel
    • Fix: Segfaults when the module is loaded in a thread, which spawns itself a new thread, and that child thread outlives its parent
    • Fix: Small memory leaks of structures required for thread safety
    • Fix: Update the Windows ActivePerl + gcc 3.4 workaround for ExtUtils::MakeMaker 7.04

    • Test: The global destruction test will now be exercised on any perl that has DEBUGGING set

    • Test: Optional capturing tests in t/17-ctl.t that were only run when Capture::Tiny was present were converted to an IPC::Open3 based helper and will now be run everywhere

Tuesday 21st April 2015

Fedora Project

Local Packages

  • Updated perl-DateTime-TimeZonee to 1.87:

    • This release is based on version 2015c of the Olson database
    • Contemporary changes for Egypt, though it looks like those will change again soon
  • Updated perl-FileHandle-Unget to 0.1627 as per the Fedora version

  • Updated perl-Module-CoreList to 5.20150420:

    • Updated for v5.21.11
  • Updated perl-Net-IDN-Encode to 2.202:

    • Use updated IdnaTest.txt from Unicode 7.0.0 database (CPAN RT#96749)

    • Documentation updates, point to perl Unicode tutorials
  • Updated perl-Package-DeprecationManager to 0.14 as per the Fedora version

  • Updated perl-YAML to 1.15 as per the Fedora version

Wednesday 22nd April 2015

Local Packages

  • Updated curl to 7.42.0:

    • openssl: Show the cipher selection to use in verbose text

    • gtls: Implement CURLOPT_CERTINFO

    • Add CURLOPT_SSL_FALSESTART option (darwinssl and NSS)

    • curl: Add --false-start option

    • Add CURLOPT_PATH_AS_IS

    • curl: Add --path-as-is option

    • curl: Create output file on successful download of an empty file

    • ConnectionExists: For NTLM re-use, require credentials to match (CVE-2015-3143)

    • Cookie: Cookie parser out of boundary memory access (CVE-2015-3145)

    • fix_hostname: Zero length host name caused -1 index offset (CVE-2015-3144)

    • http_done: Close Negotiate connections when done (CVE-2015-3148)

    • sws: Timeout idle CONNECT connections

    • nss: Improve error handling in Curl_nss_random()

    • nss: Do not skip Curl_nss_seed() if data is NULL

    • curl-config.in: Eliminate double quotes around CURL_CA_BUNDLE

    • http2: Move lots of verbose output to be debug-only

    • dist: Add extern-scan.pl to the tarball

    • http2: Return recv error on unexpected EOF

    • Build: Use default RandomizedBaseAddress directive in VC9+ project files

    • Build: Removed DataExecutionPrevention directive from VC9+ project files

    • Tool: Updated the warnf() function to use the GlobalConfig structure

    • http2: Return error if stream was closed with other than NO_ERROR

    • mprintf.h: Remove #ifdef CURLDEBUG

    • libtest: Fixed linker errors on msvc

    • Tool: Use ENABLE_CURLX_PRINTF instead of _MPRINTF_REPLACE

    • curl.1: Fix "The the" typo

    • cmake: Handle build definitions CURLDEBUG/DEBUGBUILD

    • openssl: Remove all uses of USE_SSLEAY

    • multi: Fix memory-leak on timeout (regression)

    • curl_easy_setopt.3: Added CURLOPT_SSL_VERIFYSTATUS

    • metalink: Add some error checks

    • TLS: Make it possible to enable ALPN/NPN without HTTP/2

    • http2: Use CURL_HTTP_VERSION_* symbols instead of NPN_*

    • conncontrol: Only log changes to the connection bit

    • multi: Fix *getsock() with CONNECT

    • symbols.pl: Handle '-' in the deprecated field

    • MacOSX-Framework: Use @rpath instead of @executable_path

    • GnuTLS: Add support for CURLOPT_CAPATH

    • GnuTLS: Print negotiated TLS version and full cipher suite name
    • GnuTLS: Don't print double newline after certificate dates
    • memanalyze.pl: Handle free(NULL)

    • proxy: Re-use proxy connections (regression)
    • mk-ca-bundle: Don't report SHA1 numbers with "-q"

    • http: Always send Host: header as first header

    • openssl: Sort ciphers to use based on strength

    • openssl: Use colons properly in the ciphers list

    • http2: Detect premature close without data transferred

    • hostip: Fix signal race in Curl_resolv_timeout

    • closesocket: Call multi socket callback on close even with custom close

    • mksymbolsmanpage.pl: Use std header and generate better nroff header

    • connect: Fix happy eyeballs logic for IPv4-only builds

    • curl_easy_perform.3: Remove superfluous close brace from example

    • HTTP: Don't use Expect: headers when on HTTP/2

    • Curl_sh_entry: Remove unused 'timestamp'

    • docs/libcurl: Makefile portability fix

    • mkhelp: Remove trailing carriage return from every line of input

    • nss: Explicitly tell NSS to disable NPN/ALPN when libcurl disables it

    • curl_easy_setopt.3: Added a few missing options

    • metalink: Fix resource leak in OOM

    • axtls: Version 1.5.2 now requires that config.h be manually included

    • HTTP: Don't switch to HTTP/2 from 1.1 until we get the 101

    • cyassl: Detect the library as renamed wolfssl

    • CURLOPT_HTTPHEADER.3: Add a "SECURITY CONCERNS" section

    • CURLOPT_URL.3: Added "SECURITY CONCERNS"

    • openssl: Try to avoid accessing OCSP structs when possible

    • test938: Added missing closing tags

    • testcurl: Allow '=' in values given on command line

    • tests/certs: Added make target to rebuild certificates

    • tests/certs: Rebuild certificates with modified key usage bits

    • gtls: Avoid uninitialized variable

    • gtls: Dereferencing NULL pointer

    • gtls: Add check of return code

    • test1513: Eliminated race condition in test run

    • dict: Rename byte to avoid compiler shadowed declaration warning

    • curl_easy_recv/send: Make them work with the multi interface

    • vtls: Fix compile with --disable-crypto-auth but with SSL

    • openssl: Adapt to ASN1/X509 things gone opaque in 1.1

    • openssl: verifystatus: Only use the OCSP work-around ≤ 1.0.2a

    • curl_memory: Make curl_memory.h the second-last header file loaded

    • testcurl.pl: Add the --notes option to supply more info about a build

    • cyassl: If wolfSSL then identify as such in version string

    • cyassl: Check for invalid length parameter in Curl_cyassl_random

    • cyassl: Default to highest possible TLS version

    • Curl_ssl_md5sum: Return CURLcode (fixes OOM)

    • polarssl: Remove dead code

    • polarssl: Called mbedTLS in 1.3.10 and later

    • Globbing: Fix step parsing for character globbing ranges
    • Globbing: Fix URL number calculation when using range with step
    • multi: On a request completion, check all CONNECT_PEND transfers

    • Build: Link curl to openssl libraries when openssl support is enabled

    • url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined

    • vtls: Don't accept unknown CURLOPT_SSLVERSION values

    • Build: Fix libcurl.sln erroneous mixed configurations

    • cyassl: Remove undefined reference to CyaSSL_no_filesystem_verify

    • cyassl: Add SSL context callback support for CyaSSL

    • Tool: Only set SSL options if SSL is enabled
    • multi: Remove_handle: move pending connections

    • configure: Use KRB5CONFIG for krb5-config

    • axtls: Add timeout within Curl_axtls_connect

    • CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"

    • cyassl: Fix library initialization return value

    • Cookie: Handle spaces after the name in Set-Cookie

    • http2: Fix missing nghttp2_session_send call in Curl_http2_switched

    • cyassl: Fix certificate load check

    • build-openssl.bat: Fix mixed line endings

    • checksrc.bat: Check lib\vtls source

    • DNS: Fix refreshing of obsolete dns cache entries
    • CURLOPT_RESOLVE: Actually implement removals

    • checksrc.bat: Quotes to support a SRC_DIR with spaces

    • cyassl: Remove 'Connecting to' message from cyassl_connect_step2

    • cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size

    • lib/transfer.c: Remove factor of 8 from sleep time calculation

    • lib/makefile.m32: Add missing libs to build libcurl.dll

    • Build: Generate source prerequisites for Visual Studio in generate.bat

    • cyassl: Include the CyaSSL build config

    • firefox-db2pem: Fix wildcard to find Firefox default profile

    • BUGS: Refer to the github issue tracker now as primary

    • vtls_openssl: Improve several certificate error messages

    • cyassl: Add support for TLS extension SNI

    • parsecfg: Do not continue past a zero termination

    • configure --with-nss=PATH: Query pkg-config if available

    • configure --with-nss: Drop redundant if statement

    • cyassl: Fix include order

    • HTTP: Fix PUT regression with Negotiate

    • curl_version_info.3: Fixed the 'protocols' variable type

  • Updated perl-File-ShareDir-ProjectDistDir to 1.000007:

    • Add a deterrent notice

Thursday 23rd April 2015

Fedora Project

  • Updated gtkwave to 3.3.65 in F-22 and Rawhide:

    • Added --, -I-, etc. option to port filtering in SST; using -- for example filters all non-ports from search results

    • Updated LZ4 for version r126

    • Minor warnings fixes
    • Moved TCL_LDADD/TK_LDADD before FSDB_LDADD to avoid stale Tcl library version conflicts

    • Removed appending [31:0] to vcd loaded integer names

    • Reduced recursion depth in GHW signal loader to prevent stack overflow crashes
    • Added support for synthetic clocks in FST file
    • Update timetrace marking so it runs quicker for large traces
  • Updated perl-IO-stringy to 2.111 in F-22 and Rawhide:

    • Update maintainer's name, which is now Dianne Skoll
  • Updated perl-MIME-tools to 5.506 in F-22 and Rawhide:

    • Update maintainer's name to "Dianne Skoll"
  • Updated proftpd (1.3.4e) in F-20 to fix the backported patch for CVE-2015-3306

Local Packages

  • Updated curl (7.42.0) to implement public key pinning for NSS backend (Bug #1195771) and not to run flaky test-cases in %check

  • Updated gtkwave to 3.3.65 as per the Fedora version

  • Updated perl-IO-stringy to 2.111 as per the Fedora version

  • Updated perl-MIME-tools to 5.506 as per the Fedora version

  • Updated perl-XML-LibXML to 2.0119:

    • Preserve unset options after a _clone() call (e.g: in load_xml())

Friday 24th April 2015

Fedora Project

  • Updated perl-Module-Build-XSUtil to 0.15 in Rawhide:

    • Update XSHelper to fix STATIC_INLINE for gcc -std=c89

  • Updated perl-Sub-Name to 0.14 in Rawhide:

    • Remove mandatory dependencies for optional test
    • Mark the test with B::C as TODO, as it seems to fail frequently and should not block normal installations

Local Packages

  • Updated perl-Module-Build-XSUtil to 0.15 as per the Fedora version

  • Updated perl-Sub-Name to 0.14 as per the Fedora version

Sunday 26th April 2015

Fedora Project

  • Updated perl-MetaCPAN-Client to 1.013000 in F-22 and Rawhide:

    • Use Travis for CI (GH#34)

    • Improve Kwalitee + test improvements (GH#35)

  • Updated perl-PadWalker to 2.1 in Rawhide:

  • Updated perl-Text-CSV_XS to 1.17 in F-22 and Rawhide:

    • Enable overruling $csv in csv()

    • Allow encoding to be shortened to enc in csv()

    • Allow filter to alter content
    • Add say (print with default eol => $\)

    • Allow MS sep=; on first line (CPAN RT#100304)

Local Packages

  • Updated perl-DateTime-TimeZone to 1.88:

    • This release is based on version 2015d of the Olson database
    • Contemporary changes for Egypt
  • Updated perl-MetaCPAN-Client to 1.013000 as per the Fedora version

  • Updated perl-PadWalker to 2.1 as per the Fedora version

  • Updated `perl-Role-Tiny: update to 2.000001:
    • Fix generating invalid package names with single colons when abbreviating long package names (CPAN RT#103310)

    • Don't run module interaction tests for user installs
  • Updated perl-Text-CSV_XS to 1.17 as per the Fedora version

Monday 27th April 2015

Fedora Project

Local Packages

  • Updated GeoIP as per the Fedora version

  • Updated GeoIP-GeoLite-data as per the Fedora version

  • Updated perl-B-Utils to 0.26:

  • Updated perl-Mail-Mbox-MessageParser to 1.5104 as per the Fedora version, adding a patch to work around a test issue on old Red Hat/Fedora perls (CPAN RT#103835)

Tuesday 28th April 2015

Fedora Project

  • Updated proftpd (1.3.5) in F-21, F-22, Rawhide and EPEL-7 to address CVE-2015-3306 (unauthenticated copying of files via SITE CPFR/CPTO was allowed by mod_copy, ProFTPD Bug#4169)

Local Packages

  • Updated proftpd as per the Fedora version

Wednesday 29th April 2015

Local Packages

  • Updated curl to 7.42.1:

    • CURLOPT_HEADEROPT: default to separate (CVE-2015-3153)

    • dist: include {src,lib}/checksrc.whitelist

    • connectionexists: fix build without NTLM

    • docs: distribute the CURLOPT_PINNEDPUBLICKEY(3) man page, too

    • curl -z: do not write empty file on unmet condition

    • openssl: fix serial number output

    • curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION

    • sws: init http2 state properly

    • curl.1: fix typo

Thursday 30th April 2015

Fedora Project

  • Updated perl-Devel-CheckBin to 0.03 in Rawhide:

    • Re-packaging with EU::MM

Local Packages

  • Updated dovecot (2.1.6) to fix CVE-2015-3420: SSL/TLS handshake failures leading to a crash of the login process

  • Updated perl-Devel-CheckBin to 0.03 as per the Fedora version

Previous Month: March 2015
Next Month: May 2015

Recent