#acl PaulHowarth:read,write,admin,revert,delete All:read

=== Wednesday 9th August 2017 ===

==== Fedora Project ====

 * Updated `GeoIP-GeoLite-data` to August 2017 databases in Rawhide

==== Local Packages ====

 * Updated `curl` to 7.55.0:
 . '''New Features'''
  * `curl`: Allow `--header` and `--proxy-header` read from file
  * `getinfo`: Provide sizes as `curl_off_t`
  * `curl`: Prevent binary output spewed to terminal
  * `curl`: Added `--request-target`
  * `libcurl`: Added `CURLOPT_REQUEST_TARGET`
  * `curl`: Added `--socks5-{basic,gssapi}`: control socks5 auth
  * `libcurl`: Added `CURLOPT_SOCKS5_AUTH`
 . ''' Bug Fixes'''
  * `glob`: Do not parse after a `strtoul()` overflow range ([[CVE:2017-1000101|CVE-2017-1000101]])
  * `tftp`: Reject file name lengths that don't fit ([[CVE:2017-1000100|CVE-2017-1000100]])
  * `file`: Output the correct buffer to the user ([[CVE:2017-1000099|CVE-2017-1000099]])
  * includes: Remove `curl/curlbuild.h` and `curl/curlrules.h`
  * dist: Make the `hugehelp.c` not get regenerated unnecessarily
  * timers: Store internal time stamps as `time_t` instead of `double`s
  * progress: Let "current speed" be UL + DL speeds combined
  * http-proxy: Do the `HTTP CONNECT` process entirely non-blocking
  * `lib/curl_setup.h`: Remove `CURL_WANTS_CA_BUNDLE_ENV`
  * fuzz: Bring oss-fuzz initial code converted to C89
  * `configure`: Disable `nghttp2` too if HTTP has been disabled
  * `mk-ca-bundle.pl`: Check `curl`'s exit code after certdata download
  * `test1148`: Verify the `-#` progressbar
  * tests: Stabilize test 2032 and 2033
  * HTTPS-Proxy: Don't offer `h2` for https proxy connections
  * http-proxy: Only attempt FTP over HTTP proxy
  * `curl-compilers.m4`: Enable vla warning for clang
  * `curl-compilers.m4`: Enable double-promotion warning
  * `curl-compilers.m4`: Enable missing-variable-declarations clang warning
  * `curl-compilers.m4`: Enable comma clang warning
  * `Makefile.m32`: Enable `-W` for MinGW32 build
  * `CURLOPT_PREQUOTE`: Not supported for SFTP
  * http2: Fix OOM crash
  * `PIPELINING_SERVER_BL`: Clean up the internal list use
  * `mkhelp.pl`: Fix script name in usage text
  * `lib1521`: Add `curl_easy_getinfo` calls to the test set
  * travis: Do the `distcheck` test build out-of-tree as well
  * `if2ip`: Fix compiler warning in ISO C90 mode
  * lib: Fix the djgpp build
  * `typecheck-gcc`: Add support for `CURLINFO_OFF_T`
  * travis: Enable `typecheck-gcc` warnings
  * `maketgz`: Switch to `xz` instead of `lzma`
  * `CURLINFO_REDIRECT_URL.3`: Mention the `CURLOPT_MAXREDIRS` case
  * `curl-compilers.m4`: Fix unknown-warning-option on Apple clang
  * winbuild: Fix boringssl build
  * `curl/system.h`: Add check for `XTENSA` for 32bit gcc
  * `test1537`: Fixed memory leak on OOM
  * `test1521`: Fix compiler warnings
  * `curl`: Fix memory leak on test 1147 OOM
  * `libtest/make`: Generate `lib1521.c` dynamically at build-time
  * `curl_strequal.3`: Fix typo in `SYNOPSIS`
  * progress: Prevent resetting `t_starttransfer`
  * openssl: Improve fallback seed of PRNG with a time based hash
  * http2: Improved `PING` frame handling
  * `test1450`: Add simple testing for `DICT`
  * `make`: Build the docs subdir only from within `src`
  * `cmake`: Added compatibility options for older Windows versions
  * gtls: Fix build when `sizeof(long)` < `sizeof(void *)`
  * `url`: Make the original string get used on subsequent transfers
  * `timeval.c`: Use `long long` constant type for `timeval` assignment
  * `tool_sleep`: Typecast to avoid macos compiler warning
  * `travis.yml`: Use `--enable-werror` on debug builds
  * `test1451`: Add SMB support to the testbed
  * `configure`: Remove checks for 5 functions never used
  * `configure`: Try `ldap`/`lber` in reversed order first
  * smb: Fix build for djgpp/MSDOS
  * travis: Install `nghttp2` on linux builds
  * smb: Add support for `CURLOPT_FILETIME`
  * `cmake`: Fix `send`/`recv` argument scanner for windows
  * `inet_pton`: Fix include on windows to get prototype
  * `select.h`: Avoid macro redefinition harder
  * `cmake`: If `inet_pton` is used, bump `_WIN32_WINNT`
  * `asyn-thread.c`: Fix unused variable warnings on macOS
  * `runtests`: Support "`threaded-resolver`" as a feature
  * `test506`: Skip if `threaded-resolver`
  * `cmake`: Remove spurious "`-l`" from linker flags
  * `cmake`: Add `CURL_WERROR` for enabling "warning as errors"
  * `memdebug`: Don't `setbuf()` if the file open failed
  * `curl_easy_escape.3`: Mention the (lack of) encoding
  * `test1452`: Add telnet negotiation
  * `CURLOPT_POSTFIELDS.3`: Explain the `100-continue` magic better
  * `cmake`: Offer `CMAKE_DEBUG_POSTFIX` when building with MSVC
  * `tests/valgrind.supp`: Suppress OpenSSL false positive seen on travis
  * `curl_setup_once`: Remove `ERRNO`/`SET_ERRNO` macros
  * `curl-compilers.m4`: Disable warning spam with Cygwin's clang
  * `ldap`: Fix MinGW compiler warning
  * `make`: Fix docs build on OpenBSD
  * `curl_setup`: Always define `WIN32_LEAN_AND_MEAN` on Windows
  * `system.h`: include `winsock2.h` before `windows.h`
  * `winbuild`: Build with warning level 4
  * `rtspd`: Fix MSVC level 4 warning
  * `sockfilt`: Suppress conversion warning with explicit cast
  * `libtest`: Fix MSVC warning C4706
  * darwinssl: Fix `pinnedpubkey` build error
  * `tests/server/resolve.c`: Fix deprecation warning
  * `nss`: Fix a possible use-after-`free` in `SelectClientCert()`
  * `checksrc`: Escape open brace in regex
  * `multi`: Mention integer overflow risk if using > 500 million sockets
  * darwinssl: Fix `--tlsv1.2` regression
  * `timeval`: `struct curltime` is a `struct timeval` replacement
  * `curl_rtmp`: Fix a compiler warning
  * `include.d`: Clarify that it concerns the response headers
  * `cmake`: Support `make uninstall`
  * `include.d`: Clarify `--include` is only for response headers
  * `libcurl`: Stop using error codes defined under `CURL_NO_OLDIES`
  * `http`: Fix response code parser to avoid integer overflow
  * `configure`: Fix the check for `IdnToUnicode`
  * `multi`: Fix request timer management
  * `curl_threads`: Fix MSVC compiler warning
  * travis: Build on osx with openssl
  * travis: Build on osx with libressl
  * `CURLOPT_NETRC.3`: Mention the file name on Windows
  * `cmake`: Set MSVC warning level to 4
  * `netrc`: Skip lines starting with '`#`'
  * darwinssl: Fix `curlssl_sha256sum()` compiler warnings on first argument
  * `BUILD.WINDOWS`: Mention `buildconf.bat` for builds off git
  * darwinssl: Silence compiler warnings
  * travis: Build on osx with darwinssl
  * FTP: Skip unnecessary `CWD` when in `nocwd` mode
  * gssapi: Fix memory leak of output token in multi round context
  * `getparameter`: Avoid returning uninitialized '`usedarg`'
  * `curl` (debug build) `easy_events`: Make event data static
  * `curl`: Detect and bail out early on parameter integer overflows
  * `configure`: Fix `recv`/`send`/`select` detection on Android
 * Updated `GeoIP-GeoLite-data` to August 2017 databases as per the Fedora version
 * Updated `perl-Class-Inspector` to 1.32:
  * The `installed` method now supports `@INC` hooks of any type (coderef was supported as of 1.29, now arrayrefs and objects are also supported)
  * Detect probably broken Perl on Cygwin in `Makefile.PL` (see [[https://github.com/plicease/Class-Inspector/issues/5|GH#5]])
 * Rebuilt `mod_fastcgi` (2.4.6) and `symlinks` (1.4) for the FedoraProject:Fedora_27_Binutils_Mass_Rebuild

----