#acl PaulHowarth:read,write,admin,revert,delete All:read === Wednesday 17th June 2015 === ==== Fedora Project ==== * Updated `perl-DBM-Deep` to 2.0012 in Rawhide: * Improved transaction validation and warnings ([[https://github.com/robkinyon/dbm-deep/issues/12|GH#12]]) * Updated `perl-Text-CSV_XS` to 1.19 in Rawhide: * Guard tests against `$PERL_UNICODE` * Numeric options were sometimes interpreted as boolean * Safer `meta_info` use ==== Local Packages ==== * Updated `curl` to 7.43.0: * [[CVE:2015-3236|CVE-2015-3236]]: Lingering HTTP credentials in connection re-use * [[CVE:2015-3237|CVE-2015-3237]]: SMB send off unrelated memory contents * Added `CURLOPT_PROXY_SERVICE_NAME` * Added `CURLOPT_SERVICE_NAME` * New curl option: `--proxy-service-name` * New curl option: `--service-name` * New curl option: `--data-raw` * Added `CURLOPT_PIPEWAIT` * Added support for multiplexing transfers using HTTP/2, and enable this with the new `CURLPIPE_MULTIPLEX` bit for `CURLMOPT_PIPELINING` * HTTP/2: Requires `nghttp2` 1.0.0 or later * `scripts`: Add `zsh.pl` for generating `zsh` completion * `curl.h`: Add `CURL_HTTP_VERSION_2` * `nss`: Fix compilation failure with old versions of NSS * `curl_easy_getinfo.3`: Document 'internals' in `CURLINFO_TLS_SESSION` * `schannel.c`: Fix possible `SEC_E_BUFFER_TOO_SMALL` error * `Curl_ossl_init`: Load built-in modules * `configure`: Follow-up fix for `krb5-config` * `sasl_sspi`: Populate domain from the realm in the challenge * `netrc`: Support 'default' token * `README`: Convert to UTF-8 * `cyassl`: Implement public key pinning * `nss`: Implement public key pinning for NSS backend * MinGW build: Add arch `-m32`/`-m64` to `LDFLAGS` * `schannel`: Fix out of bounds array * `configure`: Remove autogenerated files by `autoconf` * `configure`: Remove `--automake` from `libtoolize` call * `acinclude.m4`: Fix shell test for default CA cert bundle/path * `schannel`: Fix regression in `schannel_recv` * `openssl`: Skip trace outputs for `ssl_ver == 0` * `gnutls`: Properly retrieve certificate status * `netrc`: Read in text mode when cygwin * `winbuild`: Document the option used to statically link the CRT * FTP: Make `EPSV` use the control IP address rather than the original host * FTP: fIx dangling `conn->ip_addr` dereference on verbose `EPSV` * `conncache`: Keep bundles on host+port bases, not only host names * `runtests.pl`: Use '`h2c`' now, no `-14` any more * `curlver`: Introducing new version number (checking) macros * `openssl`: `boringssl` build breakage, use `SSL_CTX_set_msg_callback` * `CURLOPT_POSTFIELDS.3`: Correct variable names * `curl_easy_unescape.3`: Update RFC reference * `gnutls`: Don't fail on non-fatal alerts during handshake * `testcurl.pl`: Allow source to be in an arbitrary directory * `CURLOPT_HTTPPROXYTUNNEL.3`: Only works with a HTTP proxy * `SSPI-error`: Change `SEC_E_ILLEGAL_MESSAGE` description * `parse_proxy`: Switch off tunnelling if non-HTTP proxy * `share_init`: Fix OOM crash * `perl`: Remove subdir, not touched in 9 years * `CURLOPT_COOKIELIST.3`: Add example * `CURLOPT_COOKIE.3`: Explain that the cookies won't be modified * `CURLOPT_COOKIELIST.3`: Explain `Set-Cookie` without a domain * FAQ: How do I port `libcurl` to my OS? * `openssl`: Use `TLS_client_method` for OpenSSL 1.1.0+ * HTTP-NTLM: Fail auth on connection close instead of looping * `curl_setup`: Add macros for `FOPEN_READTEXT`, `FOPEN_WRITETEXT` * `curl_getdate.3`: Update RFC reference * `curl_multi_info_read.3`: Added example * `curl_multi_perform.3`: Added example * `curl_multi_timeout.3`: Added example * `cookie`: Stop exporting any-domain cookies * `openssl`: Remove dummy callback use from `SSL_CTX_set_verify()` * `openssl`: Remove `SSL_get_session()`-using code * `openssl`: Removed `USERDATA_IN_PWD_CALLBACK` kludge * `openssl`: Removed error string `#ifdef` * `openssl`: Fix verification of server-sent legacy intermediates * docs: man page indentation and syntax fixes * docs: Spelling fixes * `fopen.c`: Fix a few compiler warnings * `CURLOPT_OPENSOCKETFUNCTION`: Return error at once * `schannel`: Add support for optional client certificates * build: Properly detect OpenSSL 1.0.2 when using `configure` * `urldata`: Store `POST` size in `state.infilesize` too * security: `choose_mech`: Remove dead code * `rtsp_do`: Remove dead code * docs: Many HTTP URIs changed to HTTPS * `schannel`: `schannel_recv` overhaul * Updated `perl-DBM-Deep` to 2.0012 as per the Fedora version * Updated `perl-Module-CoreList` to 5.20150520: * Updated for v5.22.0 * Updated `perl-Text-CSV_XS` to 1.19 as per the Fedora version * Rebuilt `bluefish`, `GeoIP`, `GeoIP-GeoLite-data`, `geoipupdate`, `gtkwave` and `Judy` for the FedoraProject:Fedora_23_Mass_Rebuild ----