Paul's Blog Entries for December 2015
Tuesday 1st December 2015
Fedora Project
Updated perl-Cpanel-JSON-XS to 3.0206 in Rawhide:
Add support for escape_slash from JSON::PP (GH#47)
Map sort_by to canonical from JSON::PP (GH#47); reverse sort or sort by custom keys not yet possible/silently ignored
Add support for allow_singlequote from JSON::PP (GH#47)
Add support for allow_barekey from JSON::PP (GH#47)
Add support for allow_bignum from JSON::PP (GH#47)
relaxed uses now also allow_singlequote and allow_barekey
Fixed t/20_unknown.t: SKIP when JSON is not available (GH#45)
Fixed t/55_modifiable.t: Broaden the is check of true <5.12 (GH#45)
Add t/zero-mojibake.t from JSON::PP testing all supported decoding options: none, utf8, ascii, latin1, binary
Updated perl-ExtUtils-Depends to 0.405 in Rawhide:
Remove MYMETA.* from MANIFEST file (CPAN RT#108554)
Updated perl-JSON-MaybeXS to 1.003005 in EPEL-7 (Bug #1286831)
- This is mainly for improved boolean interoperability
Updated proftpd (1.3.5a) in F-22, F-23, Rawhide and EPEL-7 to avoid unbounded SFTP extended attribute key/values (Bug #1286977, Upstream Bug #4210)
Local Packages
Updated perl-Cpanel-JSON-XS to 3.0206 as per the Fedora version
Updated perl-ExtUtils-Depends to 0.405 as per the Fedora version
Updated proftpd to fix security issue as per the Fedora version
Wednesday 2nd December 2015
Local Packages
Updated curl to 7.46.0:
configure: build silently by default
cookies: Add support for Public Suffix List with libpsl
vtls: Added support for mbedTLS
Added CURLOPT_STREAM_DEPENDS
Added CURLOPT_STREAM_DEPENDS_E
Added CURLOPT_STREAM_WEIGHT
Added CURLFORM_CONTENTLEN
oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMP
des: Fix header conditional for Curl_des_set_odd_parity
ntlm: Get rid of unconditional use of long long
CURLOPT_CERTINFO.3: Fix reference to CURLINFO_CERTINFO
docs: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
http2: Fix http2_recv to return -1 if recv returned -1
curl_global_init_mem: Set function pointers before doing init
ntlm: Error out without 64bit support as the code needs it
openssl: Fix set up of pkcs12 certificate verification chain
acinclude: Remove PKGCONFIG override
test1531: case the size to fix the test on non-largefile builds
fread_func: Move callback pointer from set to state struct
test1601: Fix compilation with --enable-debug and --disable-crypto-auth
http2: Don't pass uninitialized name+len pairs to nghttp2_submit_request
curlbuild.h: Fix non-configure compiling to mips and sh4 targets
tool: Generate easysrc with last cache linked-list
cmake: Fix for add_subdirectory(curl) use-case
vtls: Fix compiler warning for TLS backends without sha256
- build: Fix for MSDOS/djgpp
checksrc: Add crude // detection
http2: on_frame_recv: Trust the conn/data input
ftp: Allow CURLOPT_IGNORE_CONTENT_LENGTH to ignore size
polarssl/mbedtls: Fix name space pollution
build: Fix mingw ssl gdi32 order
build: Fix support for PKG_CONFIG
- MacOSX-Framework: sdk regex fix for sdk 10.10 and later
socks: Fix incorrect port numbers in failed connect messages
curl.1: -E: s/private certificate/client certificate/
curl.h: s/HTTPPOST_/CURL_HTTPOST_/
curl_formadd: Support >2GB files on Windows
http redirects: %-encode bytes outside of ascii range
rawstr: Speed up Curl_raw_toupper by 40%
curl_ntlm_core: Fix 2 curl_off_t constant overflows
getinfo: CURLINFO_ACTIVESOCKET: Fix bad socket value
tftp tests: Verify sent options too
imap: Don't call imap_atom() when no mailbox specified in LIST command
imap: Fixed double quote in LIST command when mailbox contains spaces
imap: Don't check for continuation when executing a CUSTOMREQUEST
acinclude: Remove check for 16-bit curl_off_t
BoringSSL: Work with stricter BIO_get_mem_data()
cmake: Add missing feature macros in config header
sasl_sspi: Fixed unicode build for digest authentication
sasl_sspi: Fix identity memory leak in digest authentication
unit1602: Fixed failure in torture test
unit1603: Added unit tests for hash functions
vtls/openssl: Remove unused traces of yassl ifdefs
openssl: Remove #ifdefs for < 0.9.7 support
typecheck-gcc.h: Add some missing options
curl: Mark two more options strings for --libcurl output
openssl: Free modules on cleanup
CURLMOPT_PUSHFUNCTION.3: *_byname() returns only the first header
getconnectinfo: Don't call recv(2) if socket == -1
http2: http_done: Don't free already-freed push headers
zsh completion: Preserve single quotes in output
os400: Provide options for libssh2 use in compile scripts
- build: Fix theoretical infinite loops
pop3: Differentiate between success and continuation responses
- examples: Fixed compilation warnings
schannel: Use GetVersionEx() when VerifyVersionInfo() isn't available
CURLOPT_HEADERFUNCTION.3: fix typo
curl: Expanded the -XHEAD warning text
done: Make sure the final progress update is made
build: Install zsh completion
RTSP: Do not add if-modified-since without timecondition
curl: Fixed display of URL index in password prompt for --next
nonblock: Fix setting non-blocking mode for Amiga
http2 push: Add missing inits of new stream
http2: Convert some verbose output into debug-only output
Curl_read_plain: clean up ifdefs that break statements
Thursday 3rd December 2015
Fedora Project
Updated perl-Cpanel-JSON-XS to 3.0210 in Rawhide:
Fix regression decoding big strings (>16384) (GH#50)
Ignore allow_barekey if we detect quotes (GH#51)
- Skip some unicode tests with 5.6
Fix regression for is_bool([]), with unblessed references (GH#53)
Fix nasty regression bug with allow_singlequote or relaxed, hanging with single quotes in normal strings (GH#54)
Improve cpanel_json_xs: more input and output formats
- Improved various spellings and add test
Much faster t/99_binary.t test
Updated perl-IO-Socket-SSL to 2.021 in Rawhide:
- Fixes for documentation and typos
Update PublicSuffix with latest version from publicsuffix.org
Local Packages
Updated cdrtools to 3.02 alpha release 03
Rebuilt libxml2 (2.9.3) to fix obsoletes versions now that F22 has libxml2 2.9.3 (Bug #1287262)
Updated perl-Cpanel-JSON-XS to 3.0210 as per the Fedora version
Updated perl-IO-Socket-SSL to 2.021 as per the Fedora version
Friday 4th December 2015
Fedora Project
Updated libpng10 to 1.0.65 in F-22, F-23, Rawhide and EPEL-6:
Avoid potential pointer overflow in png_handle_iTXt(), png_handle_zTXt(), png_handle_sPLT(), and png_handle_pCAL()
Fixed incorrect implementation of png_set_PLTE() that uses png_ptr, not info_ptr, which left png_set_PLTE() open to the CVE-2015-8126 vulnerability
Discontinued distributing tar.bz2 archives
Discontinued distributing libpng-oldversion-newversion-diff.txt
Updated perl-Math-BigInt-GMP to 1.46 in Rawhide:
Add patch and new test file 't/mbi-from-big-scalar.t' regarding CPAN RT#103517
Fix spelling in GMP.xs ('modifing' → 'modifying')
Whitespace/formatting in t/bigintg.t to make it more readable and more in accordance with the 'perlstyle' manpage
Local Packages
Rebuilt curl for Bug #1288529
Updated libpng10 to 1.0.65 as per the Fedora version
Updated perl-File-Find-Rule to 0.34:
Add canonpath option to normalize file-path separators
Updated perl-XML-Simple to 2.21:
Improved diagnostics - xml_in() will now catch parse exceptions and add caller information via Carp::croak
Switch to use lexical warnings (suppress with either 'no warnings;' or 'no warnings "XML::Simple";', rather than $^W = 0)
- POD fixes
- Regex escaping fixes for Perl 5.22+
Add workaround for test failures on RHEL/CentOS 6.5 (CPAN RT#102115)
Remove some 'eval' calls from test suite that could mask root cause of test failures
Make each test script use unique filenames to allow tests to be run in parallel (CPAN RT#101362)
POD update: mention XML::Twig in 'STATUS' section (CPAN RT#79228)
Monday 7th December 2015
Local Packages
New package perl-Test-MockModule (0.11)
Updated perl-Archive-Zip to 1.55:
Ensure filehandles created by Archive::Zip::tempFile are closed
Fix empty archive issue with OS X gnu tar (CPAN RT#110064)
Updated perl-Test-MinimumVersion to 0.101082:
Add all_minimum_version_from_mymetayml_ok
Add all_minimum_version_from_mymetajson_ok
Updated perl-XML-LibXML to 2.0123:
Get rid of an undef-warning in XML::LibXML::Reader (CPAN RT#106830)
Reword the documentation (CPAN RT#110116)
Updated perl-XML-Simple to 2.22:
POD fix in link to package XML::SAX::ParseFactory
- Allow subclass to override attribute escaping
POD fix adding NAME section to FAQ (CPAN RT#110080)
POD typo fix (CPAN RT#110082)
Fix reference comparison operator used in checking for circular data structures (CPAN RT#89553)
- Add better diagnostics from file handling code in test suite
Tuesday 8th December 2015
Fedora Project
Updated python-rsa (3.1.4) in Rawhide to fix FTBFS with Python 3.5 (Debian Bug #804430)
Local Packages
Updated dovecot to 2.2.20:
Added mailbox { autoexpunge=<time> } setting; see http://wiki2.dovecot.org/MailboxSettings for details
ssl_options: Added support for no_ticket
imap/pop3/managesieve-login: Added postlogin_socket=path passdb extra field; this allows replacing the default service imap/pop3/managesieve {} settings for specific users (e.g. running their imap process via valgrind or strace)
doveadm fetch: Added date.sent/received/saved.unixtime
fs-posix: Added mode=auto parameter to set the created files' and directories' mode based on the parent dir if it has setgid-bit
director: Support backends having hostnames, which makes it possible to verify their SSL certificates
director: Directors' state became desynchronized if doveadm director commands were used to modify the same backend in multiple directors at the same time with conflicting changes; this fix includes some extra checks, which makes sure that if such a conflict still happens it's automatically fixed, though in some situations such an automatic fix may now be unnecessarily triggered and an error logged
director: Backend tags weren't working correctly
ldap: tls_* settings weren't used for ldaps URIs
ldap, mysql: Fixed setting connect timeout
auth: userdb lookups via auth-worker couldn't change username
dsync: Fixed handling deleted directories; make sure we don't go to infinite mailbox renaming loop
imap: Fixed crash in NOTIFY when there were watched namespaces that didn't support NOTIFY
imap: After SETMETADATA was used, various commands (especially FETCH) could have started hanging when their output was large
stats: Idle sessions weren't refreshed often enough, causing stats process to forget them and log errors about unknown sessions when they were updated later
stats: Fixed "Duplicate session ID" errors when LMTP delivered to multiple recipients and fts_autoindex=yes
zlib plugin: Fixed copying causing cache corruption when zlib_save wasn't set, but the source message was compressed
fts-solr: Fixed escaping Solr query parameters
lmtp: quota_full_tempfail=yes was ignored with lmtp_rcpt_check_quota=yes
Wednesday 9th December 2015
Fedora Project
Reviewed and approved Michele Baldessari's google-api-python-client package submission
Updated perl-JSON-MaybeXS to 1.003005 in EPEL-6 (Bug #1289698, enhanced boolean interoperability, improved documentation and new ':legacy' tag to support legacy applications)
Local Packages
Updated perl-ExtUtils-MakeMaker-CPANfile to 0.07:
Supported recommends, suggests, conflicts
Updated perl-Net-DNS to 1.04:
Fix CPAN RT#109183: Semantics of "retry" and "retrans" options has changed with 1.03
Fix CPAN RT#109152: Deprecated method make_query_packet breaks calling code
Fix CPAN RT#109135: Resolver behaves differently with long and short IPv6 address format
Fix CPAN RT#108745: Net::DNS::Resolver bgsend
Updated perl-PPIx-Regexp to 0.044:
Recognize postfix dereference if desired, controlled by the Boolean argument 'postderef' passed to PPIx::Regexp->new(); the default is false, but will become true if postfix dereference becomes mainstream Perl 5
Add explain() and supporting methods main_structure() and in_regex_set(); the explain() method returns a brief explanation of what the element does
Restrict recognition of back references in replacement strings to \number form, since Perl itself does not recognize \g{...} or \k{...} there
Allow nesting of \Q with \U, \L, and \F (the perlop docs say these nest with each other); playing with Perl suggests that \U, \L and \F supersede each other, but that they as a group nest with \Q in either order, so that if you specify \Q and one of the \U, \L, \F group, you need two \Es to turn them all back off
Thursday 10th December 2015
Fedora Project
Updated perl-IO-Socket-SSL to 2.022 in Rawhide:
Fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash (CPAN RT#110253)
Local Packages
Updated nmap to 7.01 (see CHANGELOG for details)
Updated perl-DateTime-Locale to 1.02:
Make the DateTime::Locale->load method accept a locale in any non-canonical casing, such as "en-us" (CPAN RT#110244)
Updated perl-IO-Socket-SSL to 2.022 as per the Fedora version
Friday 11th December 2015
Fedora Project
Updated GeoIP-GeoLite-data to the December 2015 databases in F-22, F-23, Rawhide, EPEL-5, EPEL-6 and EPEL-7
Updated perl-Try-Tiny to 0.24 in Rawhide:
Local Packages
Updated GeoIP-GeoLite-data as per the Fedora version
Updated perl-Try-Tiny to 0.24 as per the Fedora version
Monday 14th December 2015
Fedora Project
Updated perl-CPAN-Meta-Requirements to 2.140 in Rawhide:
- Added method for getting structured requirements
- Skips impossible tests on Perls earlier than 5.8.0 (before v-string magic)
On Perls before 5.8.1, pad 1-part and 2-part literal v-strings to avoid old version.pm bugs with v-strings less than 3 characters
Protect internal _isa_version from non-refs that pass ->isa('version')
- Much better error messages, explaining what conflicted and how
- Repackage with fixed tests
Expanded dist.ini from author bundle to individual plugins
Updated perl-CPAN-Meta-YAML to 0.018 in Rawhide:
Generated from ETHER/YAML-Tiny-1.69.tar.gz
Updated perl-GD (2.56) in Rawhide to fix FTBFS with new freetype 2.6.2 (Bug #1291200); workaround is to make the failing image comparison test a TODO test
Local Packages
Updated dovecot to 2.2.21 and pigeonhole to 0.4.10:
Updated dovecot to 2.2.21:
doveadm mailbox list (and some others) were broken in v2.2.20
director: Fixed making backend changes when running with only a single director server
virtual plugin: Fixed crash when trying to open nonexistent autocreated backend mailbox
- Updated pigeonhole to 0.4.10:
Implemented the Sieve mime and foreverypart extensions (RFC 5703); the interaction with the editheader extension needs some work, but this should not influence most uses, i.e., changes by the editheader extension are not always visible using foreverypart/mime
Sieve body extension: Properly implemented the ':text' body transform; it now extracts text for HTML message parts
Sieve enotify extension: mailto method: Implemented the sieve_notify_mailto_envelope_from setting, which allows configuring the source of the notification sender address for e-mail notifications; this is similar to what already can be configured for redirect
Added a sieve_enabled (defaults to 'yes') setting that allows explicitly disabling Sieve processing for particular users; this used to be possible by setting 'sieve=', but ever since the sieve_before, sieve_after and sieve_default settings were added, this method was no longer reliable
variables extension: Fixed handling of empty string by the ':length' set modifier; an empty string yielded an empty string rather than "0"
- Fixed memory leak in the Sieve script byte code dumping facility; extension contexts were never actually freed
Fixed handling of implicit keep when the last Sieve script is a global one; in that case the implicit keep action was executed in global context, which could mean that trivial (quota) errors ended up in the system log file, rather than the user log file
doveadm sieve plugin: Fixed crashes caused by incorrect context allocation in the sieve command implementations
Updated perl-CPAN-Meta-Requirements to 2.140 as per the Fedora version
Updated perl-CPAN-Meta-YAML to 0.018 as per the Fedora version
Updated perl-Module-CoreList to 5.20151213:
- Updated for v5.22.1
Tuesday 15th December 2015
Fedora Project
Updated perl-Math-BigInt-GMP to 1.47 in Rawhide:
Fix problems with the new() method when Perl is compiled with support for 64-bit integers, but on platforms when the underlying OS is 32-bit (CPAN RT#71548)
Wednesday 16th December 2015
Local Packages
Updated perl-Regexp-Common to 2015121601:
- Force Darwin 10.0 on Perl 5.10.0 to run square tests in 32-bit mode
Thursday 17th December 2015
Local Packages
Updated cdrtools to 3.02 alpha release 04
Friday 18th December 2015
Fedora Project
Updated libpng10 to 1.0.66 in F-22, F-23, Rawhide and EPEL-6:
Fixed an out-of-range read in png_check_keyword() (CVE-2015-8540)
- Corrected copyright dates in source files
Moved png_check_keyword() from pngwutil.c to pngset.c
Local Packages
Updated libpng10 to 1.0.66 as per the Fedora version
Updated perl-Archive-Zip to 1.56:
Fix $Archive::Zip::UNICODE issues
On MSWin32 in methods addFile, addDirectory, addTree: the externalFileName was used in place of newName
Make sure that file names are utf8 in memberNames
Use Encode on all platforms
Monday 21st December 2015
Fedora Project
Updated perl-Test-Warnings to 0.022 in Rawhide:
Propagate all warnings to any previously-declared __WARN__ handlers (unlike with __DIE__, merely calling warn() is not sufficient)
Updated perl-Text-Hunspell to 2.12 in Rawhide:
Replaced ExtUtils::PkgConfig with Alien::Hunspell
Note that since we don't have (or otherwise need) Alien::Hunspell in Fedora, I have reverted to using ExtUtils::PkgConfig, which works fine for our purposes
Local Packages
- Added builds for CentOS 7 i686 alternative architecture
Updated perl-DateTime-Format-Strptime to 1.62:
When on_error was set to something that did not die (including the default error handling), calling ->parse_datetime with some bad inputs could cause the module to error out internally by trying to call methods on an undefined value instead of returning undef (CPAN RT#110247)
Updated perl-EV to 4.22:
(libev) When epoll detects unremovable fds in the fd set, rebuild only the epoll descriptor, not the signal pipe, to avoid SIGPIPE in ev_async_send; this doesn't solve it on fork, so document what needs to be done in ev_loop_fork
(libev) Remove superfluous sys/timeb.h include on win32
Updated libecb
Updated perl-Test-Warnings to 0.022 as per the Fedora version
Updated perl-Text-Hunspell to 2.12 as per the Fedora version
Tuesday 22nd December 2015
Fedora Project
Updated perl-Test-Exception to 0.41 in Rawhide:
Updated for Test2
Updated perl-Test-Warnings to 0.023 in Rawhide:
Properly handle propagating warnings to previously declared handlers that are not coderefs (i.e. a sub name, or the magic DEFAULT and IGNORE)
Local Packages
Updated perl-Module-CoreList to 5.20151220:
- Updated for v5.23.6
Updated perl-Test-Exception to 0.41 as per the Fedora version
Updated perl-Test-Warnings to 0.023 as per the Fedora version
Sunday 27th December 2015
Fedora Project
Updated perl-Test-Warnings to 0.024 in Rawhide:
- Remove diagnostics accidentally left in new test
Local Packages
Updated perl-Test-Warnings to 0.024 as per the Fedora version
Monday 28th December 2015
Fedora Project
Updated perl-GDGraph to 1.51 in Rawhide:
- Run samples as part of test suite to make sure no sample crashes
Properly define test requirements using newer MakeMaker
Fix shadows rendering on cumulative bar charts (https://github.com/ruz/GDGraph/pull/4)
Updated perl-Test-Synopsis to 0.12 in Rawhide:
Add META.json
Local Packages
Updated perl-Test-Synopsis to 0.12 as per the Fedora version
Thursday 31st December 2015
Fedora Project
Updated python-crypto (2.6.1) in Rawhide to add support for python 3.x in EPEL-7 builds, updating the spec to follow current python packaging guidelines at the same time
Previous Month: November 2015
Next Month: January 2016