Wednesday 22nd May 2019
Fedora Project
Updated perl-Test-Spelling to 0.23 in Rawhide:
Local Packages
Updated curl to 7.65.0:
CURLOPT_DNS_USE_GLOBAL_CACHE: removed
CURLOPT_MAXAGE_CONN: Set the maximum allowed age for connection reuse
- pipelining: Removed
CVE-2019-5435: Integer overflows in curl_url_set
CVE-2019-5436: tftp: Use the current blksize for recvfrom()
--config: Clarify that initial : and = might need quoting
AppVeyor: Enable testing for WinSSL build
CURLMOPT_TIMERFUNCTION.3: Warn about the recursive risk
CURLOPT_ADDRESS_SCOPE: Fix range check and more
CURLOPT_CAINFO.3: With Schannel, you want Windows 8 or later
CURLOPT_CHUNK_BGN_FUNCTION.3: Document the struct and time value
CURLOPT_READFUNCTION.3: See also CURLOPT_UPLOAD_BUFFERSIZE
CURL_MAX_INPUT_LENGTH: Largest acceptable string input size
Curl_disconnect: Treat all CONNECT_ONLY connections as "dead"
INTERNALS: Add code highlighting
OS400/ccsidcurl: Replace use of Curl_vsetopt
OpenSSL: Report -fips in version if OpenSSL is built with FIPS
README.md: Fix no-consecutive-blank-lines Codacy warning
VC15 project: Remove MinimalRebuild
- VS projects: Use Unicode for VC10+
WRITEFUNCTION: Add missing set_in_callback around callback
- altsvc: Fix building with cookies disabled
- auth: Rename the various authentication clean up functions
- base64: Build conditionally if there are users
build-openssl.bat: Fixed support for OpenSSL v1.1.0+
- build: Fix "clarify calculation precedence" warnings
checksrc.bat: Ignore snprintf warnings in docs/examples
- cirrus: Customize the disabled tests per FreeBSD version
cleanup: Remove FIXME and TODO comments
cmake: Avoid linking executable for some tests with cmake 3.6+
cmake: Clear CMAKE_REQUIRED_LIBRARIES after each use
cmake: Rename CMAKE_USE_DARWINSSL to CMAKE_USE_SECTRANSP
cmake: Set SSL_BACKENDS
configure: Avoid unportable '==' test(1) operator
configure: Error out if OpenSSL wasn't detected when asked for
configure: Fix default location for fish completions
- cookie: Guard against possible NULL pointer dereference
curl: Make code work with protocol-disabled libcurl
curl: Report error for "--no-" on non-boolean options
curl_easy_getinfo.3: Fix minor formatting mistake
curlver.h: Use parenthesis in CURL_VERSION_BITS macro
docs/BUG-BOUNTY: Bug bounty time
docs/INSTALL: Fix broken link
docs/RELEASE-PROCEDURE: Link to live iCalendar
- documentation: Fix several typos
doh: Acknowledge CURL_DISABLE_DOH
- doh: Disable DOH for the cases it doesn't work
- examples: Remove unused variables
- ftplistparser: Fix LGTM alert "Empty block without comment"
hostip: Acknowledge CURL_DISABLE_SHUFFLE_DNS
- http: Ignore HTTP/2 prior knowledge setting for HTTP proxies
http: Acknowledge CURL_DISABLE_HTTP_AUTH
http: Mark bundle as not for multiuse on < HTTP/2 response
- http_digest: Don't expose functions when HTTP and Crypto Auth are disabled
http_negotiate: Do not treat failure of gss_init_sec_context() as fatal
- http_ntlm: Corrected the name of the include guard
- http_ntlm_wb: Handle auth for only a single request
- http_ntlm_wb: Return the correct error on receiving an empty auth message
lib509: Add missing include for strdup
lib557: Initialize variables
makedebug: Fix ERRORLEVEL detection after running where.exe
- mbedtls: Enable use of EC keys
mime: Acknowledge CURL_DISABLE_MIME
multi: Improved HTTP_1_1_REQUIRED handling
netrc: Acknowledge CURL_DISABLE_NETRC
- nss: Allow fifos and character devices for certificates
- nss: Provide more specific error messages on failed init
ntlm: Fix misaligned function comments for Curl_auth_ntlm_cleanup
- ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4
openssl: Mark connection for close on TLS close_notify
openvms: Remove pre-processor for SecureTransport
- openvms: Remove pre-processors for Windows
- parse_proxy: Use the URL parser API
parsedate: Disabled on CURL_DISABLE_PARSEDATE
- pingpong: Disable more when no pingpong protocols are enabled
polarssl_threadlock: Remove conditionally unused code
progress: Acknowledge CURL_DISABLE_PROGRESS_METER
proxy: Acknowledge DISABLE_PROXY more
resolve: Apply Happy Eyeballs philosophy to parallel c-ares queries
- revert "multi: Support verbose conncache closure handle"
sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616
- sasl: Only enable if there's a protocol enabled using it
- scripts: Fix typos
- singleipconnect: Show port in the verbose "Trying ..." message
- smtp: Fix compiler warning
- socks5: User name and passwords must be shorter than 256
- socks: Fix error message
- socksd: New SOCKS 4+5 server for tests
spnego_gssapi: Fix return code on gss_init_sec_context() failure
- ssh-libssh: Remove unused variable
ssh: Define USE_SSH if SSH is enabled (any backend)
- ssh: Move variable declaration to where it's used
test1002: Correct the name
test2100: Fix typos in test description
tests/server/util: Fix Windows Unicode build
- tests: Run global cleanup at end of tests
- tests: Make Impacket (SMB server) Python 3 compatible
tool_cb_wrt: Fix bad-function-cast warning
tool_formparse: Remove redundant assignment
tool_help: Warn if curl and libcurl versions do not match
tool_help: include <strings.h> for strcasecmp
- transfer: Fix LGTM alert "Comparison is always true"
- travis: Add an osx http-only build
- travis: Allow builds on branches named "ci"
- travis: Install dependencies only when needed
- travis: Update some builds do Xenial
- travis: Updated mesalink builds
url: Always clone the CUROPT_CURLU handle
- url: Convert the zone id from a IPv6 URL to correct scope id
urlapi: Add CURLUPART_ZONEID to set and get
- urlapi: Increase supported scheme length to 40 bytes
- urlapi: Require a non-zero host name length when parsing URL
urlapi: Stricter CURLUPART_PORT parsing
- urlapi: Strip off zone id from numerical IPv6 addresses
- urlapi: urlencode characters above 0x7f correctly
vauth/cleartext: Update the PLAIN login to match RFC 4616
vauth/oauth2: Fix OAUTHBEARER token generation
vauth: Fix incorrect function description for Curl_auth_user_contains_domain
vtls: Fix potential ssl_buffer stack overflow
- wildcard: Disable from build when FTP isn't present
- winbuild: Support MultiSSL builds
- xattr: Skip unittest on unsupported platforms
Updated perl-Test-Spelling to 0.23 as per the Fedora version