Wednesday 2nd November 2016
Fedora Project
Updated perl-MCE to 1.807 in Rawhide:
- Enhanced relay capabilities
Added Mandelbrot example to MCE::Example
Added extra demonstrations to MCE::Relay
- Added test script
- Tweaked manager-loop delay for special cases - applies to MSWin32 only
- Enhanced relay capabilities
Updated perl-MCE-Shared to 1.806 in Rawhide:
Added a new section titled LOCKING to the MCE::Shared documentation
- Tweaked shared-manager-loop delay - applies to MSWin32 only
Updated perl-Test-TrailingSpace to 0.0301 in Rawhide:
Skip "sample-data" in t/dogfood.t, which caused problems with parallel testing
Local Packages
Updated curl to 7.51.0, and to use libidn2 rather than libidn from Fedora 25 onwards:
nss: Additional cipher suites are now accepted by CURLOPT_SSL_CIPHER_LIST
New option: CURLOPT_KEEP_SENDING_ON_ERROR
CVE-2016-8615: Cookie injection for other servers
CVE-2016-8616: Case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: Double-free in curl_maprintf
CVE-2016-8619: Double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: Invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
openssl: Fix per-thread memory leak using 1.0.1 or 1.0.2
http: Accept "Transfer-Encoding: chunked" for HTTP/2 as well
LICENSE-MIXING.md: Update with mbedTLS dual licensing
examples/imap-append: Set size of data to be uploaded
test2048: Fix url
darwinssl: Disable RC4 cipher-suite support
CURLOPT_PINNEDPUBLICKEY.3: Fix the AVAILABILITY formatting
openssl: Don’t call CRYTPO_cleanup_all_ex_data
libressl: Fix version output
easy: Reset all statistical session info in curl_easy_reset
curl_global_cleanup.3: Don't unload the lib with sub threads running
dist: Add CurlSymbolHiding.cmake to the tarball
docs: Remove that --proto is just used for initial retrieval
configure: Fixed builds with libssh2 in a custom location
curl.1: --trace supports % for sending to stderr!
- cookies: Same domain handling changed to match browser behaviour
formpost: Trying to attach a directory no longer crashes
CURLOPT_DEBUGFUNCTION.3: Fixed unused argument warning
formpost: Avoid silent snprintf() truncation
ftp: Fix Curl_ftpsendf
mprintf: Return error on too many arguments
smb: Properly check incoming packet boundaries
GIT-INFO: Remove the Mac 10.1-specific details
resolve: Add error message when resolving using SIGALRM
cmake: Add nghttp2 support
dist: Remove PDF and HTML converted docs from the releases
configure: Disable poll() in macOS builds
vtls: Only re-use session-ids using the same scheme
- pipelining: Skip to-be-closed connections when pipelining
- Win: Fix Universal Windows Platform build
curl: Do not set CURLOPT_SSLENGINE to DEFAULT automatically
maketgz: Make it support "only" generating version info
Curl_socket_check: Add extra check to avoid integer overflow
gopher: Properly return error for poll failures
curl: Set INTERLEAVEDATA too
polarssl: Clear thread array at init
polarssl: Fix unaligned SSL session-id lock
polarssl: Reduce #ifdef madness with a macro
curl_multi_add_handle: Set timeouts in closure handles
configure: Set min version flags for builds on mac
INSTALL: Converted to markdown ⇒ INSTALL.md
curl_multi_remove_handle: Fix a double-free
multi: Fix infinite loop in curl_multi_cleanup()
nss: Fix tight loop in non-blocking TLS handshake over proxy
mk-ca-bundle: Change URL retrieval to HTTPS-only by default
mbedtls: Stop using deprecated include file
docs: Fix req->data in multi-uv example
configure: Fix test syntax for monotonic clock_gettime
CURLMOPT_MAX_PIPELINE_LENGTH.3: Clarify it's not for HTTP/2
Updated perl-Archive-Tar to 2.16:
Make roundtrip tar exe finding robust for crappy tars
Updated perl-MCE to 1.807 as per the Fedora version
Updated perl-MCE-Shared to 1.806 as per the Fedora version
Updated perl-Role-Tiny to 2.000005:
Revert change to MRO::Compat usage
Updated perl-Test-TrailingSpace to 0.0301 as per the Fedora version