Wednesday 11th July 2018
Local Packages
Updated curl (7.60.0) to disable flaky test 1455 and to enable support for brotli compression in libcurl-full from F-29 onwards
Updated curl to 7.61.0:
CVE-2018-0500: smtp: Fix SMTP send buffer overflow
getinfo: Add microsecond precise timers for seven intervals
curl: Show headers in bold, switch off with --no-styled-output
httpauth: Add support for Bearer tokens
Add CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS
curl: --tls13-ciphers and --proxy-tls13-ciphers
Add CURLOPT_DISALLOW_USERNAME_IN_URL
curl: --disallow-username-in-url
schannel: Disable client cert option if APIs not available
schannel: Disable manual verify if APIs not available
tests/libtest/Makefile: Do not unconditionally add gcc-specific flags
openssl: Acknowledge --tls-max for default version too
stub_gssapi: Fix 'unused parameter' warnings
examples/progressfunc: Make it build on both new and old libcurls
- docs: Mention it is HA Proxy protocol "version 1"
curl_fnmatch: Only allow two asterisks for matching
docs: Clarify CURLOPT_HTTPGET
configure: Replace a AC_TRY_RUN with CURL_RUN_IFELSE
configure: Do compile-time SIZEOF checks instead of run-time
checksrc: Make sure sizeof() is used with parentheses
CURLOPT_ACCEPT_ENCODING.3: Add brotli and clarify a bit
schannel: Make CAinfo parsing resilient to CR/LF
tftp: Make sure error is zero terminated before printfing it
http resume: Skip body if http code 416 (range error) is ignored
configure: Add basic test of --with-ssl prefix
cmake: Set -d postfix for debug builds
multi: Provide a socket to wait for in Curl_protocol_getsock
content_encoding: Handle zlib versions too old for Z_BLOCK
winbuild: Only delete OUTFILE if it exists
winbuild: In MakefileBuild.vc fix typo DISTDIR⇒DIRDIST
schannel: Add failf calls for client certificate failures
cmake: Fix the test for fsetxattr and strerror_r
curl.1: Fix cmdline-opts reference errors
cmdline-opts/gen.pl: Warn if mutexes: or see-also: list non-existing options
cmake: Check for getpwuid_r
configure: Fix ssh2 linking when built with a static mbedtls
psl: Use latest psl and refresh it periodically
fnmatch: Insist on escaped bracket to match
KNOWN_BUGS: Restore text regarding #2101
INSTALL: LDFLAGS=-Wl,-R/usr/local/ssl/lib
configure: Override AR_FLAGS to silence warning
os400: Implement mime api EBCDIC wrappers
curl.rc: Embed manifest for correct Windows version detection
strictness: Correct {infof, failf} format specifiers
tests: Update .gitignore for libtests
configure: Check for declaration of getpwuid_r
fnmatch: Use the system one if available
CURLOPT_RESOLVE: Always purge old entry first
multi: Remove a potentially bad DEBUGF()
curl_addrinfo: Use same #ifdef conditions in source as header
- build: Remove the Borland specific makefiles
axTLS: Not considered fit for use
cmdline-opts/cert-type.d: Mention "p12" as a recognized type
system.h: Add support for IBM xlc C compiler
tests/libtest: Add lib1521 to nodist_SOURCES
mk-ca-bundle.pl: Leave certificate name untouched
boringssl + schannel: undef X509_NAME in lib/schannel.h
openssl: Assume engine support in 1.0.1 or later
cppcheck: Fix warnings
- test 46: Make test pass after year 2025
schannel: Support selecting ciphers
Curl_debug: Remove dead printhost code
- test 1455: Unflakified
Curl_init_do: Handle NULL connection pointer passed in
progress: Remove a set of unused defines
mk-ca-bundle.pl: Make -u delete certdata.txt if found not changed
GOVERNANCE.md: Explains how this project is run
configure: Use pkg-config for c-ares detection
configure: Enhance ability to build with static openssl
maketgz: Fix sed issues on OSX
multi: Fix memory leak when stopped during name resolve
CURLOPT_INTERFACE.3: Interface names not supported on Windows
url: Fix dangling conn->data pointer
cmake: Allow multiple SSL backends
system.h: Fix for gcc on 32 bit OpenServer
ConnectionExists: Make sure conn->data is set when "taking" a connection
multi: Fix crash due to dangling entry in connect-pending list
CURLOPT_SSL_VERIFYPEER.3: Add performance note
netrc: Use a larger buffer to support longer passwords
url: Check Curl_conncache_add_conn return code
configure: Add dependent libraries after crypto
easy_perform: Faster local name resolves by using *multi_timeout()
getnameinfo: Not used, removed all configure checks
travis: Add a build using the synchronous name resolver
CURLINFO_TLS_SSL_PTR.3: Improve the example
- openssl: Allow TLS 1.3 by default
openssl: Make the requested TLS version the minimum wanted
- openssl: Remove some dead code
telnet: Fix clang warnings
DEPRECATE: New doc describing planned item removals
example/crawler.c: Simple crawler based on libxml2
libssh: Goto DISCONNECT state on error, not SESSION_FREE
CMake: Remove unused functions
darwinssl: Allow High Sierra users to build the code using gcc
scripts: Include _curl as part of CLEANFILES
examples: Fix -Wformat warnings
curl_setup: Include <winerror.h> before <windows.h>
schannel: Make more cipher options conditional
CMake: Remove redundant and old end-of-block syntax
post303.d: Clarify that this is an RFC violation
I had to add a patch to fix building with OpenSSL < 1.0.1
Updated dovecot to 2.3.2.1:
- SSL/TLS servers may have crashed during client disconnection
lmtp: With lmtp_rcpt_check_quota=yes mail deliveries may sometimes have assert-crashed
- v2.3.2: "make check" may have crashed with 32-bit systems
Rebuilt libxml2 (2.9.8) for Python 3.7 in Rawhide
Re-rebuilt bootstrapped perl-Mouse (2.5.4) after Perl 5.28 rebuild
Rebuilt py-bcrypt (0.4) for Python 3.7 in Rawhide