PaulHowarth/Blog/2016-12-21

Wednesday 21st December 2016

Local Packages

  • Updated curl to 7.52.0:

    • nss: Map CURL_SSLVERSION_DEFAULT to NSS default

    • vtls: Support TLS 1.3 via CURL_SSLVERSION_TLSv1_3

    • curl: Introduce the --tlsv1.3 option to force TLS 1.3

    • curl: Add --retry-connrefused

    • proxy: Support HTTPS proxy and SOCKS+HTTP(s)
    • Add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}

    • curl: Add --fail-early

    • CVE-2016-9586: printf floating point buffer overflow

    • CVE-2016-9952: Win CE schannel cert wildcard matches too much

    • CVE-2016-9953: Win CE schannel cert name out of buffer read

    • msvc: Removed a straggling reference to strequal.c

    • winbuild: Remove strcase.obj from curl build

    • examples: Bugfixed multi-uv.c

    • configure: Verify that compiler groks -Werror=partial-availability

    • mbedtls: Fix build with mbedtls versions < 2.4.0

    • dist: Add unit test CMakeLists.txt to the tarball

    • curl -w: Added more decimal digits to timing counters

    • easy: Initialize info variables on easy init and duphandle

    • cmake: Disable poll for macOS
    • http2: Don't send header fields prohibited by HTTP/2 spec
    • ssh: Check md5 fingerprints case insensitively (regression)
    • openssl: Initial TLS 1.3 adaptions
    • curl_formadd.3: *_FILECONTENT and *_FILE need the file to be kept

    • printf: Fix ".*f" handling

    • examples/fileupload.c: fclose the file as well

    • SPNEGO: Fix memory leak when authentication fails
    • realloc: Use Curl_saferealloc to avoid common mistakes

    • openssl: Make sure to fail in the unlikely event that PRNG seeding fails
    • URL-parser: For file://[host]/ URLs, the [host] must be localhost

    • timeval: Prefer time_t to hold seconds instead of long

    • Curl_rand: Fixed and moved to rand.c

    • glob: Fix [a-c] globbing regression

    • darwinssl: Fix SSL client certificate not found on MacOS Sierra
    • curl.1: Clarify --dump-header only writes received headers

    • http2: Fix address sanitizer memcpy warning

    • http2: Use huge HTTP/2 windows
    • connects: Don't mix unix domain sockets with regular ones
    • url: Fix conn reuse for local ports and interfaces
    • x509: Limit ASN.1 structure sizes to 256K
    • checksrc: Add more checks

    • winbuild: Add config option ENABLE_NGHTTP2

    • http2: Check nghttp2_session_set_local_window_size exists

    • http2: Fix crashes when parent stream gets aborted
    • CURLOPT_CONNECT_TO: Skip non-matching "connect-to" entries

    • URL parser: Reject non-numerical port numbers
    • CONNECT: Reject TE or CL in 2xx responses

    • CONNECT: Read responses one byte at a time

    • curl: Support zero-length argument strings in config files

    • openssl: Don't use OpenSSL's ERR_PACK

    • curl.1: Generated with the new man page system

    • curl_easy_recv: Improve documentation and example program

    • Curl_getconnectinfo: Avoid checking if the connection is closed

    • CIPHERS.md: Attempt to document TLS cipher names

  • Updated nmap to 7.40 (see CHANGELOG for details)

  • Updated perl-Module-CoreList to 5.20161220:

    • Updated for v5.25.8
  • Updated perl-Term-Table to 0.004:

    • Add Term::Table::CellStack to represent a vertically merged cell in a table


Recent