Paul's Blog Entries for September 2018

Sunday 2nd September 2018

Out on the Bike

Monday 3rd September 2018

Fedora Project

  • Updated perl-Modern-Perl to 1.20180901 in F-29 and Rawhide:

    • Skip tests when PERL5OPT is set (GH#9)

  • Updated perl-YAML-LibYAML to 0.74 in F-29 and Rawhide:

    • Fix tests on older perls
    • Support back to perl 5.8.1

Local Packages

  • Updated perl-Test-MockModule to 0.170.0:

    • Fixes an issue where warnings were thrown for mismatched prototypes, when mocking a prototyped function
    • Add CI pipeline for releasing to CPAN
    • Pod: Provide a code snippet for original usage
    • Add missing pod entries
    • Fix versioning for semver conversion + PAUSE
  • Updated perl-YAML-LibYAML to 0.74 as per the Fedora version

  • Updated sendmail (8.15.2) to add support for sendmail service reload (Bug #1618552)

Tuesday 4th September 2018

Fedora Project

  • Updated perl-MooseX-Getopt to 0.73 in F-29 and Rawhide:

    • Properly wrap usage text that contains newlines (GH#10)

    • Move the exit() to a higher scope, to allow for 'after' method modifiers on 'print_usage_text' (GH#9)

Local Packages

  • Updated curl (7.61.0) to make the --tls13-ciphers option work

  • Updated unrar to 5.61 beta 1

Wednesday 5th September 2018

Local Packages

  • Updated curl to 7.61.1:

    • Fix NTLM password overflow via integer overflow (CVE-2018-14618)

    • CURLINFO_SIZE_UPLOAD: Fix missing counter update

    • CURLOPT_ACCEPT_ENCODING.3: List them comma-separated

    • CURLOPT_SSL_CTX_FUNCTION.3: Might cause accidental connection reuse

    • Curl_getoff_all_pipelines: Improved for multiplexed

    • DEPRECATE: Remove release date from 7.62.0

    • HTTP: Don't attempt to needlessly decompress redirect body
    • INTERNALS: Require GnuTLS ≥ 2.11.3

    • Add code quality grade for C/C++

    • SSLCERTS: Improve the openssl command line

    • Silence GCC 8 cast-function-type warnings

    • ares: Check for NULL in completed-callback

    • asyn-thread: Remove unused macro
    • auth: Only pick CURLAUTH_BEARER if we have a Bearer token

    • auth: Pick Bearer authentication whenever a token is available
    • cmake: CMake config files are defining CURL_STATICLIB for static builds

    • cmake: Respect BUILD_SHARED_LIBS

    • cmake: Update scripts to use consistent style
    • cmake: Bumped minimum version to 3.4
    • cmake: Link curl to the OpenSSL targets instead of library absolute paths

    • configure: Conditionally enable pedantic-errors

    • configure: Fix for -lpthread detection with OpenSSL and pkg-config

    • conn: Remove the boolean 'inuse' field

    • content_encoding: Accept up to 4 unknown trailer bytes after raw deflate data

    • cookie tests: Treat files as text
    • cookies: Support creation-time attribute for cookies
    • curl: Fix segfault when -H @headerfile is empty

    • curl: Add http code 408 to transient list for --retry

    • curl: Fix time-of-check, time-of-use race in directory creation
    • curl: Use Content-Disposition before the "URL end" for -OJ

    • curl: Warn the user if a given file name looks like an option
    • curl_threads: Silence bad-function-cast warning

    • darwinssl: Add support for ALPN negotiation
    • docs/CURLOPT_URL: Fix indentation

    • docs/CURLOPT_WRITEFUNCTION: Size is always 1

    • docs/SECURITY-PROCESS: Mention bounty, drop pre-notify

    • docs/examples: Add hiperfifo example using linux epoll/timerfd

    • docs: Add disallow-username-in-url.d and haproxy-protocol.d to dist

    • docs: Clarify NO_PROXY environment variable functionality

    • docs: Improved the manual pages of some callbacks
    • docs: Mention NULL is fine input to several functions

    • formdata: Remove unused macro HTTPPOST_CONTENTTYPE_DEFAULT

    • gopher: Do not translate '?' to '%09'

    • header output: Switch off all styles, not just unbold
    • hostip: Fix unused variable warning
    • http2: Use correct format identifier for stream_id

    • http2: Abort the send_callback if not set up yet

    • http2: Avoid set_stream_user_data() before stream is assigned

    • http2: Check nghttp2_session_set_stream_user_data return code

    • http2: Clear the drain counter in Curl_http2_done

    • http2: Make sure to send after RST_STREAM

    • http2: Separate easy handle from connections better
    • http: Fix for tiny "HTTP/0.9" response

    • http_proxy: Remove unused macro SELECT_TIMEOUT

    • lib/Makefile: Only do symbol hiding if told to

    • lib1502: Fix memory leak in torture test

    • lib1522: Fix curl_easy_setopt argument type

    • libcurl-thread.3: Expand somewhat on the NO_SIGNAL motivation

    • mime: Check Curl_rand_hex's return code

    • multi: Always do the COMPLETED procedure/state

    • openssl: Assume engine support in 1.0.0 or later
    • openssl: Fix debug messages
    • projects: Improve Windows perl detection in batch scripts
    • retry: Return error if rewind was necessary but didn't happen
    • reuse_conn(): Memory leak - free old_conn->options

    • schannel: Client certificate store opening fix
    • schannel: Enable CALG_TLS1PRF for w32api ≥ 5.1

    • schannel: Fix MinGW compile break
    • sftp: Don't send post-quote sequence when retrying a connection
    • smb: Fix memory leak on early failure
    • smb: Fix memory-leak in URL parse error path
    • smb_getsock: Always wait for write socket too
    • ssh-libssh: Fix infinite connect loop on invalid private key
    • ssh-libssh: Reduce excessive verbose output about pubkey auth
    • ssh-libssh: Use FALLTHROUGH to silence gcc8

    • ssl: Set engine implicitly when a PKCS#11 URI is provided
    • sws: Handle EINTR when calling select()

    • system_win32: Fix version checking

    • telnet: Remove unused macros TELOPTS and TELCMDS

    • test1143: Disable MSYS2's POSIX path conversion

    • test1148: Disable if decimal separator is not point

    • test1307: (fnmatch testing) disabled

    • test1422: Add required file feature

    • test1531: Add timeout

    • test1540: Remove unused macro TEST_HANG_TIMEOUT

    • test214: Disable MSYS2's POSIX path conversion for URL

    • test320: Treat curl320.out file as binary

    • tests/ Use /usr/bin/env to find python

    • tests: Don't use Windows path %PWD for SSH tests

    • tests: Fixes for Windows line endings
    • tool_operate: Fix setting proxy TLS 1.3 ciphers

    • travis: Build darwinssl on macos 10.12 to fix linker errors
    • travis: Execute "set -eo pipefail" for coverage build

    • travis: Run a 'make checksrc' too

    • travis: Update to GCC-8
    • travis: Verify that man pages can be regenerated
    • upload: Allocate upload buffer on-demand

    • upload: Change default UPLOAD_BUFSIZE to 64KB

    • urldata: Remove unused pipe_broke struct field

    • vtls: Re-instantiate engine on duplicated handles
    • windows: Implement send buffer tuning
    • wolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random

Thursday 6th September 2018

Fedora Project

  • Updated proftpd (1.3.6) in Rawhide to switch from postgresql-devel to libpq-devel from Fedora 30 onwards

Local Packages

  • Updated proftpd (1.3.6) as per the Fedora version

Friday 7th September 2018

Fedora Project

  • Updated gtkwave to 3.3.94 in F-29 and Rawhide:

    • Applied ghwlib.c patch for dealing with null ranges

    • Added second chance algorithm for find_dumpfile() in case it fails

Local Packages

  • Updated gtkwave to 3.3.94 as per the Fedora version

Monday 10th September 2018

Local Packages

  • Rebuilt c-ares (1.14.0) to stay in sync with the Rawhide version

Tuesday 11th September 2018

Fedora Project

  • Updated geoipupdate to 3.1.1 in F-29 and Rawhide:

    • Allow parsing of license keys longer than 12 characters

Local Packages

  • Updated geoipupdate to 3.1.1 as per the Fedora version

Thursday 13th September 2018

Local Packages

  • Updated nmap (7.70) to obsolete the (Python2-based) frontend and ndiff packages from Fedora 29 onwards (Bug #1626804)

  • Updated perl-Archive-Tar to 2.32:

    • Fix absolute path handling on VMS
  • Updated perl-Archive-Zip to 1.64:

    • Fix for year 2030

Friday 14th September 2018

Fedora Project

  • Updated libglade (0.17) in F-29 and Rawhide not to package libglade-xgettext as it requires the long-deprecated xmllib

Local Packages

  • Updated libglade (0.17) as per the Fedora version

Monday 17th September 2018

Fedora Project

  • Updated perl-IO-Socket-SSL to 2.060 in F-29 and Rawhide:

    • Support for TLS 1.3 with OpenSSL 1.1.1 (needs support in Net::SSLeay too); see also CPAN RT#126899

    • TLS 1.3 support is not complete yet for session resume
  • Updated perl-Math-Pari to 2.030507 in F-29 and Rawhide

Local Packages

  • Updated perl-IO-Socket-SSL to 2.060 as per the Fedora version

Wednesday 19th September 2018

Fedora Project

  • Updated perl-Net-SSLeay (1.85) in F-29 and Rawhide to expose SSL_CTX_set_post_handshake_auth (Bug #1630391, GH#68)

Local Packages

  • Updated perl-Net-SSLeay (1.85) to expose SSL_CTX_set_post_handshake_auth as per the Fedora version

  • Rebuilt xv (3.10a) for the Fedora_29_Mass_Rebuild

Friday 21st September 2018

Local Packages

  • Updated perl-Module-CoreList to 5.20180920:

    • Updated for v5.29.3
  • Updated perl-Net-IDN-Encode to 2.401:

Tuesday 25th September 2018

Fedora Project

  • Updated perl-MooseX-Getopt to 0.74 in F-29 and Rawhide:

    • Fix init_arg when used in combination with an underscored attribute read from the config file (GH#11)

Local Packages

  • Updated perl-IO-Socket-SSL (2.060) to prevent tests from dying on SIGPIPE (CPAN RT#126899)

  • Updated perl-Net-DNS to 1.18:

    • DNS resolution was broken when options ndots used in /etc/resolv.conf (CPAN RT#127012)

    • Net::DNS::ZoneFile->parse() failed if include directory specified (CPAN RT#127018)

    • Documentation revised to remove ambiguous use of "answer", which had been used to refer to both the answer section of a packet and the entire reply packet received from a nameserver

Thursday 27th September 2018

Fedora Project

  • Updated milter-regex to 2.2 in F-29 and Rawhide:

    • Add -U, -G, and -P options to set pipe user, group, and permissions

  • Updated perl-Text-CSV_XS to 1.37 in F-29 and Rawhide:

    • Moved pod-tests from t to xt

    • Add munge as alias for munge_column_names

    • Update to Devel::PPPort-3.43

    • Simplified ref-check defines in XS (GH#12)

    • Tested against perl-5.29.3

Local Packages

  • Updated perl-Text-CSV_XS to 1.37 as per the Fedora version

Friday 28th September 2018

Fedora Project

  • Updated perl-Modern-Perl to 1.20180928 in F-29 and Rawhide:

    • Skip tests for Perls without arraybase (GH#10)

Local Packages

  • Updated perl-Test-Script to 1.25:

    • Add interpreter_options to script_runs options

Saturday 29th September 2018

Fedora Project

  • Updated perl-Net-SSLeay (1.85) in Rawhide to stop testing that Net::SSLeay::CTX_v3_new() can be run (explicit check added for Bug #1222521), because OpenSSL 1.1.1 in Fedora disables the SSL3 API altogether

Local Packages

  • Updated perl-Net-SSLeay (1.85) as per the Fedora version

Previous Month: August 2018
Next Month: October 2018