Upload page content

You can upload content for the page named below. If you change the page name, you can also upload content for another page. If the page name is empty, we derive the page name from the file name.

File to load page content from
Page name
Comment

    PaulHowarth/Blog/2017-10-31

Tuesday 31st October 2017

Fedora Project

  • Updated geoipupdate to 2.5.0 in Rawhide:

    • Replace use of strnlen() due to lack of universal availability (GH#71)

    • Document the 'LockFile' option in the 'GeoIP.conf' man page (GH#64)

    • Remove unused base64 library (GH#68)

    • Add the new configuration option 'PreserveFileTimes'; if set, the downloaded files will get the same modification times as their original on the server (default is '0') (GH#63)

    • Use the correct types when calling 'curl_easy_setopt()'; this fixes warnings generated by libcurl's 'typecheck-gcc.h' (GH#61)

    • In 'GeoIP.conf', the 'UserId' option was renamed to 'AccountID' and the 'ProductIds' option was renamed to 'EditionIDs'; the old options will continue to work, but upgrading to the new names is recommended for forward compatibility

  • Updated perl-Net-SSLeay to 1.82 in Rawhide:

    • Added support for building under Linuxbrew (a linuxbrew version of MacOS Homebrew)

    • Implement SSL_CTX_set_psk_client_callback() and SSL_set_psk_client_callback()

    • Skip the NPN test if the SSL library is LibreSSL

    • Fixed a problem with a variable declaration in ssleay_session_secret_cb_invoke

    • Bugfix: tlsext_status_cb_invoke(...): free ocsp_response only when allocated; the same callback is used on a server side for OCSP stapling and in that case ocsp_response is NULL and not used

    • New feature: Added a binding SSL_set_session_ticket_ext_cb(ssl, callback, data); a callback used by EAP-FAST/EAP-TEAT to parse and process TLS session ticket

    • New feature: Added a binding SSL_set_session_ticket_ext(ssl, ticket); used by EAP-FAST/EAP-TEAP to define TLS session ticket value

    • Bugfix: tlsext_ticket_key_cb_invoke(...): allow SHA256 HMAC key to be 32 bytes instead of 16 bytes (which OpenSSL will pad with zeros up to 32 bytes)

    • New feature: Added following bindings:

      • X509_get_ex_data(cert, idx)

      • X509_get_ex_new_index(argl, argp, new_func, dup_func, free_func)

      • X509_get_app_data(cert)

      • X509_set_ex_data(cert, idx, data)

      • X509_set_app_data(cert, arg)

      • X509_STORE_CTX_get_ex_new_index(argl, argp, new_func, dup_func, free_func)

      • X509_STORE_CTX_get_app_data(x509_store_ctx)

      • X509_STORE_CTX_set_app_data(x509_store_ctx, arg)

    • New feature: Added an implementation for SSL_get_finished(ssl, buf, count=2*EVP_MAX_MD_SIZE)

    • New feature: Added an implementation for SSL_get_peer_finished(ssl, buf, count=2*EVP_MAX_MD_SIZE)

    • Bugfix: SSL_get_keyblock_size(s): Calculate key block size correctly also with AEAD ciphers, which don’t use digest functions

    • New feature: Added a binding SSL_set_tlsext_status_ocsp_resp(ssl, staple); used by a server side to include OCSP staple in ServerHello

    • Bugfix: SSL_OCSP_response_verify(ssl, rsp, svreq, flags): check that chain and last are not NULL before trying to use them

    • Bugfix: inc/Module/Install/PRIVATE/Net/SSLeay.pm: Don’t quote include and lib paths

  • Updated perl-YAML to 1.24 in Rawhide:

Local Packages

  • Updated geoipupdate to 2.5.0 as per the Fedora version

  • Updated perl-Net-SSLeay to 1.82 as per the Fedora version

  • Updated perl-PPIx-Regexp to 0.053:

    • Recognize \px as Unicode char class; at least, when the x is C, L, M, N, P, S or Z

    • The 'parse' argument to new() is now deprecated

  • Updated perl-YAML to 1.24 as per the Fedora version

Recent