Wednesday 17th June 2015
Fedora Project
Updated perl-DBM-Deep to 2.0012 in Rawhide:
Improved transaction validation and warnings (GH#12)
Updated perl-Text-CSV_XS to 1.19 in Rawhide:
Guard tests against $PERL_UNICODE
- Numeric options were sometimes interpreted as boolean
Safer meta_info use
Local Packages
Updated curl to 7.43.0:
CVE-2015-3236: Lingering HTTP credentials in connection re-use
CVE-2015-3237: SMB send off unrelated memory contents
Added CURLOPT_PROXY_SERVICE_NAME
Added CURLOPT_SERVICE_NAME
New curl option: --proxy-service-name
New curl option: --service-name
New curl option: --data-raw
Added CURLOPT_PIPEWAIT
Added support for multiplexing transfers using HTTP/2, and enable this with the new CURLPIPE_MULTIPLEX bit for CURLMOPT_PIPELINING
HTTP/2: Requires nghttp2 1.0.0 or later
scripts: Add zsh.pl for generating zsh completion
curl.h: Add CURL_HTTP_VERSION_2
nss: Fix compilation failure with old versions of NSS
curl_easy_getinfo.3: Document 'internals' in CURLINFO_TLS_SESSION
schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error
Curl_ossl_init: Load built-in modules
configure: Follow-up fix for krb5-config
sasl_sspi: Populate domain from the realm in the challenge
netrc: Support 'default' token
README: Convert to UTF-8
cyassl: Implement public key pinning
nss: Implement public key pinning for NSS backend
MinGW build: Add arch -m32/-m64 to LDFLAGS
schannel: Fix out of bounds array
configure: Remove autogenerated files by autoconf
configure: Remove --automake from libtoolize call
acinclude.m4: Fix shell test for default CA cert bundle/path
schannel: Fix regression in schannel_recv
openssl: Skip trace outputs for ssl_ver == 0
gnutls: Properly retrieve certificate status
netrc: Read in text mode when cygwin
winbuild: Document the option used to statically link the CRT
FTP: Make EPSV use the control IP address rather than the original host
FTP: fIx dangling conn->ip_addr dereference on verbose EPSV
conncache: Keep bundles on host+port bases, not only host names
runtests.pl: Use 'h2c' now, no -14 any more
curlver: Introducing new version number (checking) macros
openssl: boringssl build breakage, use SSL_CTX_set_msg_callback
CURLOPT_POSTFIELDS.3: Correct variable names
curl_easy_unescape.3: Update RFC reference
gnutls: Don't fail on non-fatal alerts during handshake
testcurl.pl: Allow source to be in an arbitrary directory
CURLOPT_HTTPPROXYTUNNEL.3: Only works with a HTTP proxy
SSPI-error: Change SEC_E_ILLEGAL_MESSAGE description
parse_proxy: Switch off tunnelling if non-HTTP proxy
share_init: Fix OOM crash
perl: Remove subdir, not touched in 9 years
CURLOPT_COOKIELIST.3: Add example
CURLOPT_COOKIE.3: Explain that the cookies won't be modified
CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain
FAQ: How do I port libcurl to my OS?
openssl: Use TLS_client_method for OpenSSL 1.1.0+
- HTTP-NTLM: Fail auth on connection close instead of looping
curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT
curl_getdate.3: Update RFC reference
curl_multi_info_read.3: Added example
curl_multi_perform.3: Added example
curl_multi_timeout.3: Added example
cookie: Stop exporting any-domain cookies
openssl: Remove dummy callback use from SSL_CTX_set_verify()
openssl: Remove SSL_get_session()-using code
openssl: Removed USERDATA_IN_PWD_CALLBACK kludge
openssl: Removed error string #ifdef
openssl: Fix verification of server-sent legacy intermediates
- docs: man page indentation and syntax fixes
- docs: Spelling fixes
fopen.c: Fix a few compiler warnings
CURLOPT_OPENSOCKETFUNCTION: Return error at once
schannel: Add support for optional client certificates
build: Properly detect OpenSSL 1.0.2 when using configure
urldata: Store POST size in state.infilesize too
security: choose_mech: Remove dead code
rtsp_do: Remove dead code
- docs: Many HTTP URIs changed to HTTPS
schannel: schannel_recv overhaul
Updated perl-DBM-Deep to 2.0012 as per the Fedora version
Updated perl-Module-CoreList to 5.20150520:
- Updated for v5.22.0
Updated perl-Text-CSV_XS to 1.19 as per the Fedora version
Rebuilt bluefish, GeoIP, GeoIP-GeoLite-data, geoipupdate, gtkwave and Judy for the Fedora_23_Mass_Rebuild