#acl PaulHowarth:read,write,admin,revert,delete All:read === Tuesday 31st October 2017 === ==== Fedora Project ==== * Updated `geoipupdate` to 2.5.0 in Rawhide: * Replace use of `strnlen()` due to lack of universal availability ([[https://github.com/maxmind/geoipupdate/issues/71|GH#71]]) * Document the '`LockFile`' option in the '`GeoIP.conf`' man page ([[https://github.com/maxmind/geoipupdate/issues/64|GH#64]]) * Remove unused `base64` library ([[https://github.com/maxmind/geoipupdate/pull/68|GH#68]]) * Add the new configuration option '`PreserveFileTimes`'; if set, the downloaded files will get the same modification times as their original on the server (default is '`0`') ([[https://github.com/maxmind/geoipupdate/pull/63|GH#63]]) * Use the correct types when calling '`curl_easy_setopt()`'; this fixes warnings generated by `libcurl`'s '`typecheck-gcc.h`' ([[https://github.com/maxmind/geoipupdate/pull/61|GH#61]]) * In '`GeoIP.conf`', the '`UserId`' option was renamed to '`AccountID`' and the '`ProductIds`' option was renamed to '`EditionIDs`'; the old options will continue to work, but upgrading to the new names is recommended for forward compatibility * Updated `perl-Net-SSLeay` to 1.82 in Rawhide: * Added support for building under Linuxbrew (a linuxbrew version of MacOS Homebrew) * Implement `SSL_CTX_set_psk_client_callback()` and `SSL_set_psk_client_callback()` * Skip the NPN test if the SSL library is LibreSSL * Fixed a problem with a variable declaration in `ssleay_session_secret_cb_invoke` * Bugfix: `tlsext_status_cb_invoke(...)`: free ocsp_response only when allocated; the same callback is used on a server side for OCSP stapling and in that case `ocsp_response` is `NULL` and not used * New feature: Added a binding `SSL_set_session_ticket_ext_cb(ssl, callback, data)`; a callback used by EAP-FAST/EAP-TEAT to parse and process TLS session ticket * New feature: Added a binding `SSL_set_session_ticket_ext(ssl, ticket)`; used by EAP-FAST/EAP-TEAP to define TLS session ticket value * Bugfix: `tlsext_ticket_key_cb_invoke(...)`: allow SHA256 HMAC key to be 32 bytes instead of 16 bytes (which OpenSSL will pad with zeros up to 32 bytes) * New feature: Added following bindings: * `X509_get_ex_data(cert, idx)` * `X509_get_ex_new_index(argl, argp, new_func, dup_func, free_func)` * `X509_get_app_data(cert)` * `X509_set_ex_data(cert, idx, data)` * `X509_set_app_data(cert, arg)` * `X509_STORE_CTX_get_ex_new_index(argl, argp, new_func, dup_func, free_func)` * `X509_STORE_CTX_get_app_data(x509_store_ctx)` * `X509_STORE_CTX_set_app_data(x509_store_ctx, arg)` * New feature: Added an implementation for `SSL_get_finished(ssl, buf, count=2*EVP_MAX_MD_SIZE)` * New feature: Added an implementation for `SSL_get_peer_finished(ssl, buf, count=2*EVP_MAX_MD_SIZE)` * Bugfix: `SSL_get_keyblock_size(s)`: Calculate key block size correctly also with AEAD ciphers, which don’t use digest functions * New feature: Added a binding `SSL_set_tlsext_status_ocsp_resp(ssl, staple)`; used by a server side to include OCSP staple in `ServerHello` * Bugfix: `SSL_OCSP_response_verify(ssl, rsp, svreq, flags)`: check that `chain` and `last` are not `NULL` before trying to use them * Bugfix: `inc/Module/Install/PRIVATE/Net/SSLeay.pm`: Don’t quote `include` and `lib` paths * Updated `perl-YAML` to 1.24 in Rawhide: * Fix `$LoadCode` ([[https://github.com/ingydotnet/yaml-pm/pull/180|GH#180]], [[https://github.com/ingydotnet/yaml-pm/pull/181|GH#181]], [[https://github.com/ingydotnet/yaml-pm/pull/182|GH#182]]) ==== Local Packages ==== * Updated `geoipupdate` to 2.5.0 as per the Fedora version * Updated `perl-Net-SSLeay` to 1.82 as per the Fedora version * Updated `perl-PPIx-Regexp` to 0.053: * Recognize `\px` as Unicode char class; at least, when the `x` is `C`, `L`, `M`, `N`, `P`, `S` or `Z` * The '`parse`' argument to `new()` is now deprecated * Updated `perl-YAML` to 1.24 as per the Fedora version ----