Paul's Blog Entries for October 2018
Monday 1st October 2018
Fedora Project
Updated perl-Socket6 to 0.29 in F-29 and Rawhide:
Socket6.xs: Update the tests for handling the correct headers on NetBSD and DragonFly BSD
Local Packages
Updated perl-Socket6 to 0.29 as per the Fedora version
Tuesday 2nd October 2018
Local Packages
Updated dovecot (2.3.x):
- Updated dovecot to 2.3.3:
doveconf hides more secrets now in the default output
ssl_dh setting is no longer enforced at startup; if it's not set and non-ECC DH key exchange happens, an error is logged and the client is disconnected
Added log_debug=<filter> setting
Added log_core_filter=<log filter> setting
quota-clone: Write to dict asynchronously
--enable-hardening attempts to use retpoline Spectre 2 mitigations
lmtp proxy: Support source_ip passdb extra field
doveadm stats dump: Support more fields and output stddev by default
push-notification: Add SSL support for OX backend
- NUL bytes in mail headers can cause truncated replies when fetched
director: Conflicting host up/down state changes may in some rare situations ended up in a loop of two directors constantly overwriting each others' changes
director: Fix hang/crash when multiple doveadm commands are being handled concurrently
director: Fix assert-crash if doveadm disconnects too early
virtual plugin: Some searches used 100% CPU for many seconds
dsync assert-crashed with acl plugin in some situations
mail_attachment_detection_options=add-flags-on-save assert-crashed with some specific Sieve scripts
Mail snippet generation crashed with mails containing invalid Content-Type:multipart header
- Log prefix ordering was different for some log lines
quota: With noenforcing option current quota usage wasn't updated
- auth: Kerberos authentication against Samba assert-crashed
- stats clients were unnecessarily chatty with the stats server
imapc: Fixed various assert-crashes when reconnecting to server
- lmtp, submission: Fix potential crash if client disconnects while handling a command
quota: Fixed compiling with glibc-2.26 / support libtirpc
fts-solr: Empty search values resulted in 400 Bad Request errors
fts-solr: default_ns parameter couldn't be used
submission server crashed if relay server returned over 7 lines in a reply (e.g. to EHLO)
Updated pigeonhole to 0.5.3:
Fix assertion panic occurring when managesieve service fails to open INBOX while saving a Sieve script; this was caused by a lack of clean-up after failure
Fix specific messages causing an assert panic with actions that compose a reply (e.g. vacation); with some rather weird input from the original message, the header folding algorithm (as used for composing the References header for the reply) got confused, causing the panic
IMAP FILTER=SIEVE capability: Fix FILTER SIEVE SCRIPT command parsing; after finishing reading the Sieve script, the command parsing sometimes didn't continue with the search arguments - this is a time-critical bug that likely only occurs when the Sieve script is sent in the next TCP frame
- Updated dovecot to 2.3.3:
Thursday 4th October 2018
Local Packages
Updated perl-File-Remove to 0.58:
Added [MetaJSON] to dist.ini, so releases include a META.json
Updated unrar to 5.61
Sunday 7th October 2018
Local Packages
Updated curl (7.61.1) to include various fixes:
Enforce versioned libpsl dependency for libcurl (Bug #1631804)
test320: Update expected output for gnutls-3.6.4
Drop 0105-curl-7.61.0-tests-ssh-keygen.patch, no longer needed (Bug #1622594)
test1456: Seems to be flaky so disable it
Updated perl-Net-IDN-Encode to 2.500:
- Update to Unicode 10.0.0
Net::IDN::UTS46: Remove workarounds for pre-9.0.0 test vectors; the module now more closely follows the written spec
Net::IDN::UTS46: Fix validation for some non-valid characters
Net::IDN::UTS46: For perl 5.8.x/5.10.x, include workaround for bidi validation where some labels would incorrectly be marked as invalid [B1] because of a bug in perl's Unicode implementation
Net::IDN::Punycode: Fix for warnings under perl ≤ 5.8.7 (experimental)
Tuesday 9th October 2018
Fedora Project
Updated python-paramiko to 2.4.2 in F-28, F-29 and Rawhide:
Fix exploit (GH#1283, CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication
Modify protocol message handling such that Transport does not respond to MSG_UNIMPLEMENTED with its own MSG_UNIMPLEMENTED; this behaviour probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends)
Add *.pub files to the MANIFEST so distributed source packages contain some necessary test assets (GH#1262)
Updated python-paramiko to 2.3.3 in F-27:
Fix exploit (GH#1283, CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication
Modify protocol message handling such that Transport does not respond to MSG_UNIMPLEMENTED with its own MSG_UNIMPLEMENTED; this behaviour probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends)
Add *.pub files to the MANIFEST so distributed source packages contain some necessary test assets (GH#1262)
Backport pytest support and application of the black code formatter (both of which previously only existed in the 2.4 branch and above) to everything 2.0 and newer, which makes back/forward porting bugfixes significantly easier (GH#1291)
Local Packages
Updated perl-File-Slurp to 9999.21:
Fixed spelling mistakes in POD (CPAN RT#85251)
Fixed a typo in an example (CPAN RT#72116, CPAN RT#80279)
Remove documentation mentions of Perl < 5.006 as that's required
- Fix POD coverage tests by adding a few more ignored functions
Added t/00-report-prereqs.t and t/edit_file.t
Move the POD tests to xt/author and added more xt/author tests
Fix all trailing whitespace in accordance with xt/author/eol.t
Updated the Makefile.PL to get all of the prereqs in there
Add CI testing via TravisCI and AppVeyor
Get rid of assumption of . in @INC in tests
Remove t/TestDriver.pm
Add t/lib/FileSlurpTest.pm
- Make sure all tests use a properly acquired temporary file
- Clean up prereqs a bit further
Document all failure cases in the 01-error* tests
Moved the CORE:: function overrides to their own test class to only be included when overriding is necessary
Unset $^W in a few strategic places to silence warnings when Test::Harness or ExtUtils::MakeMaker turn them on
Got rid of a few MYMETA leftovers in the MANIFEST
Add Git repository info to the Makefile
- Add a contributors list for display on metacpan
Thursday 11th October 2018
Fedora Project
Updated gtkwave to 3.3.95 in Rawhide:
Added fflush on stdout for help text as fix for possible stdout problem with mingw/msys shells
Added preliminary support for Time data type
- Warnings fixes for Verilator integration
Fixed install_proc_filter usage for Tcl invocation
Change integer type to "integer" in SST to differentiate it from sv ints
- Premiminary support for enum tables embedded in FST files
Local Packages
Updated gtkwave to 3.3.95 as per the Fedora version
Friday 12th October 2018
Local Packages
New package python-setuptools_subversion (3.1)
Updated curl (7.61.1) to enable TLS 1.3 post-handshake auth in OpenSSL and to update the documentation of --tlsv1.0 in the curl(1) man page
Monday 15th October 2018
Local Packages
Updated mod_fastcgi to version 2.4.7.1 from FastCGI-Archives on GitHub
*nix: On graceful restart, send SIGTERM, then wait 2 seconds before removing any unix domain sockets
Fix uid_t/gid_t compiler warnings
A few more EINTR fixes
Don't let the Content-Length header propagate on errors or across redirects
Fix pass-header handling (prefix with HTTP_)
- Add an EOS bucket to the output filter chain
Handle EINTR and EAGAIN in places AIX stress testing revealed issues
- Fix process spawning on WIN under Apache 2.2.9 (an incompatible change was introduced in APR 1.3)
Allow duplicate Status, Location and Content-Type headers (consistent with mod_cgi)
- Fix a spurious idle timeout error that occurred under unique application timing and response size conditions
- Fix cast from pointer to integer of different size
Fix printf %d warning
- Apache 2.4 compile fix
Tuesday 16th October 2018
Local Packages
Updated perl-File-Slurp to 9999.22:
Update the SYNOPSIS documentation
- Fix some EUMM metadata depending on version
Fix Windows path concatenation on read_dir
- Document each function with proper POD heads and re-order in alphabetical
Dump the POD to GH markdown for a README.md
Remove the README file
Remove some work-arounds for older Perls < 5.6
Do not inherit from Exporter (requires Exporter 5.57)
Fix perms.t to run on all platforms (CPAN RT#92401)
Clean up handle.t (we no longer use the -w flag anywhere)
Wednesday 17th October 2018
Local Packages
Updated java-1.8.0-oracle to Java SE 8 Update 192
Thursday 18th October 2018
Fedora Project
Updated perl-Module-ExtractUse to 0.343 in Rawhide:
Mention Perl::PrereqScanner modules family
Local Packages
Updated perl-DateTime-Locale to 1.23:
- Rebuilt all locale data with CLDR 34, released on 2018-10-15
Updated perl-DateTime-TimeZone to 2.20:
Added more documentation on how local time zones work, and a warning to set $ENV{TZ} if you're writing tests for code that tries to use the local time zone
- This release is based on version 2018f of the Olson database
- Contemporary changes for Russia (Volgograd), Fiji, and Chile
Updated perl-Module-ExtractUse to 0.343 as per the Fedora version
Rebuilt sendmail (8.15.2) to stay in sync with Rawhide
Friday 19th October 2018
Local Packages
Updated ppp (2.4.7) to split out the network-scripts into their own package (network-scripts-ppp) from Fedora 29 onwards
Monday 22nd October 2018
Fedora Project
Updated milter-greylist to 4.6.2 in EPEL-7 (Bug #1641384):
Enable SPF support using libspf2
- Support IPv6 DNSRBL
Fix strtok_r() state usage
Document queueID log for PostFix
Fix file descriptor leak in spamd code
- Fix DKIM ACL evaluation
Add rawfrom ACL clause to match unprocessed FROM command
Fix helo ACL clause string match
- Avoid excessive GeoIP logs if database was not set
- Fix crashes on configuration reload
- Allow empty quoted strings in configuration
- Add GeoIP support for IPv6
Updated perl-Modern-Perl to 1.20181021 in Rawhide:
Autogenerate META.json file (GH#7)
Remove Module::Build build dependency to make installation easier
Local Packages
Updated perl-File-Slurp to 9999.23:
Fix an error on the test rewrites with a bad value for binmode
Create a 00-report-prereqs.dd to ease testing on 5.6
Bump requirement for File::Spec to 3.01 as Cwd was shipped separately before and the one that came with 5.6 had taint issues
- Cleaned up the Change log to make all dates uniform
Updated perl-Module-CoreList to 5.20181020:
- Updated for v5.29.4
Wednesday 24th October 2018
Fedora Project
Updated perl-Clone to 0.40 in Rawhide:
Reuse COWed PV when cloning (fixes CPAN RT#97535)
- Extra protection against potential infinite loop
- Improved tests
Local Packages
Updated c-ares to 1.15.0:
Add ares_init_options() configurability for path to resolv.conf file
Ability to exclude building of tools (adig, ahost, acountry) in CMake
- Android: Support for domain search suffix
Report ARES_ENOTFOUND for .onion domain names as per RFC7686
AIX build fix for trying to include both nameser_compat.h and onameser_compat.h
- Windows: Improve DNS suffixes extracting from WinNT registry
- Fix modern GCC warnings
- Apply the IPv6 server blacklist to all nameserver sources, not just Windows
Fix warnings emitted by MSVC when using -W4
- Prevent changing name servers while queries are outstanding
Harden and rationalize c-ares timeout computation
Distribute ares_android.h
ares_set_servers_csv() on failure should not leave channel in a bad state
- Add missing docs to distribution
Updated perl-Clone to 0.40 as per the Fedora version
Friday 26th October 2018
Fedora Project
Updated perl-Clone to 0.41 in Rawhide:
Check the CowREFCNT of a COWed PV; this should fix some issues people have been having with 0.40 on DBD drives and DBIx::Class
- Make buildtools files not executable
Updated perl-YAML-Syck to 1.31 in Rawhide:
Switch to ExtUtils::MakeMaker for builder
- Switch official issue tracker and repo to github
MANIFEST warning is now fixed; also shipping additional tests because of this
I built with I_STDLIB and I_STRING defined manually, to make sure <stdlib.h> and <string.h> are included, which quietens lots of warnings
Local Packages
Updated perl-Clone to 0.41 as per the Fedora version
Updated perl-YAML-Syck to 1.31 as per the Fedora version
Sunday 28th October 2018
Fedora Project
Updated perl-Error to 0.17027 in Rawhide:
Documentation and examples enhancements (PR#1)
Updated perl-Specio to 0.43 in Rawhide:
Optimized compile-time operations to make Specio itself quicker to load; Specio's load time is a non-trivial part of the load time of DateTime (and presumably other things that use it)
Based on GH#85
Local Packages
Updated perl-DateTime-TimeZone to 2.21:
- This release is based on version 2018f of the Olson database
- Contemporary changes for Morocco
Updated perl-Error to 0.17027 as per the Fedora version
Updated perl-Specio to 0.43 as per the Fedora version
Monday 29th October 2018
Fedora Project
Updated perl-DBD-CSV to 0.54 in Rawhide:
Free unref scalar test fixed in Text::CSV_XS 1.35
Local Packages
Updated perl-DBD-CSV to 0.54 as per the Fedora version
Updated perl-DBI to 1.642:
Fix '.' in @INC for proxy test under parallel load
Fix driver-related croak() in DBI->connect to report the original DSN (GH#67)
Introduce a new statement DBI method $sth->last_insert_id() (GH#64)
Allow to call $dbh->last_insert_id() method without arguments (GH#64)
Added a new XS API function variant dbd_db_do6() (GH#61)
Fix misprints in doc of selectall_hashref (GH#69)
Remove outdated links to DBI related training resources (CPAN RT#125999)
Tuesday 30th October 2018
Fedora Project
Updated perl-Pod-Readme to 1.2.0 in Rawhide:
Local Packages
Rebuilt libidn (1.34) for distributions up to Fedora 28, to stay in sync with the Fedora version
Updated perl-File-Slurp to 9999.24:
- Document the clear downfalls of using file handles of any kind rather than just the file's path string
Updated perl-Pod-Readme to 1.2.0 as per the Fedora version
Wednesday 31st October 2018
Fedora Project
Updated perl-Pod-Readme to 1.2.1 in Rawhide:
Restore license to "Perl_5" that was inadvertently changed in the conversion to use Dist::Zilla (GH#25)
Local Packages
Updated curl to 7.62.0:
Fix SASL password overflow via integer overflow (CVE-2018-16839)
Fix use-after-free in handle close (CVE-2018-16840)
Fix warning message out-of-buffer read (CVE-2018-16842)
Lots of other new stuff and bug fixes - see RELEASE-NOTES for details
Updated getmail to 5.7:
When users specify an SSL version that no longer exists in the Python ssl module, do not result in an unhandled exception
Catch IMAP UNAVAILABLE temporary error during login
Updated perl-Pod-Readme to 1.2.1 as per the Fedora version
Previous Month: September 2018
Next Month: November 2018