Wednesday 11th September 2019
Fedora Project
Branched and built perl-Log-Dispatch (2.68) for EPEL-8
Branched and built perl-Log-Dispatch-FileRotate (1.36) for EPEL-8
Local Packages
Updated curl to 7.66.0:
CVE-2019-5481: FTP-KRB double-free
CVE-2019-5482: TFTP small blocksize heap buffer overflow
CURLINFO_RETRY_AFTER: Parse the Retry-After header value
- HTTP3: Initial (experimental still not working) support
curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool
curl: Support parallel transfers with -Z
curl_multi_poll: A sister to curl_multi_wait() that waits more
sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID
- CI: Remove duplicate configure flag for LGTM.com
- CMake: Remove needless newlines at end of gss variables
CMake: Use platform dependent name for dlopen() library
CURLINFO docs: Mention that in redirects times are added
CURLOPT_ALTSVC.3: Use a "" file name to not load from a file
CURLOPT_ALTSVC_CTRL.3: Remove CURLALTSVC_ALTUSED
CURLOPT_HEADERFUNCTION.3: Clarify
CURLOPT_HTTP_VERSION: Setting this to 3 forces HTTP/3 use directly
CURLOPT_READFUNCTION.3: Provide inline example
CURLOPT_SSL_VERIFYHOST: Treat the value 1 as 2
Curl_addr2string: Take an addrlen argument too
Curl_fillreadbuffer: Avoid double-free trailer buf on error
- HTTP: Use chunked Transfer-Encoding for HTTP_POST if size unknown
- alt-svc: Add protocol version selection masking
- alt-svc: Fix removal of expired cache entry
alt-svc: Make it use h3-22 with ngtcp2 as well
- alt-svc: More liberal ALPN name parsing
alt-svc: Send Alt-Used: in redirected requests
- alt-svc: With quiche, use the quiche h3 alpn string
appveyor: Pass on -k to make
asyn-thread: Create a socketpair to wait on
- build-openssl: Fix build with Visual Studio 2019
cleanup: Move functions out of url.c and make them static
cleanup: Remove the 'numsocks' argument used in many places
configure: Avoid undefined check_for_ca_bundle
curl.h: Add CURL_HTTP_VERSION_3 to the version enum
curl.h: Fix outdated comment
curl: Cap the maximum allowed values for retry time arguments
curl: Handle a libcurl build without netrc support
curl: Make use of CURLINFO_RETRY_AFTER when retrying
curl: Remove outdated comment
curl: Use .curlrc (with a dot) on Windows
curl: Use CURLINFO_PROTOCOL to check for HTTP(s)
curl_global_init_mem.3: Mention it was added in 7.12.0
curl_version: Bump string buffer size to 250
curl_version_info.3: Mentioned ALTSVC and HTTP3
curl_version_info: Offer quic (and h3) library info
curl_version_info: Provide nghttp2 details
- defines: Avoid underscore-prefixed defines
docs/ALTSVC: Remove what works and the experimental explanation
docs/EXPERIMENTAL: Explain what it means and what's experimental now
docs/MANUAL.md: Converted to markdown from plain text
docs/examples/curlx: Fix errors
docs: s/curl_debug/curl_dbg_debug in comments and docs
- easy: Resize receive buffer on easy handle reset
- examples: Avoid reserved names in hiperfifo examples
examples: Add http3.c, altsvc.c and http3-present.c
getenv: Support up to 4K environment variable contents on Windows
- http09: Disable HTTP/0.9 by default in both tool and library
http2: When marked for closure and wanted to close == OK
http2_recv: Trigger another read when the last data is returned
- http: Fix use of credentials from URL when using HTTP proxy
http_negotiate: Improve handling of gss_init_sec_context() failures
- md4: Use our own MD4 when no crypto libraries are available
multi: Call detach_connection before Curl_disconnect
netrc: Make the code try ".netrc" on Windows
- nss: Use TLSv1.3 as default if supported
- openssl: Build warning free with boringssl
openssl: Use SSL_CTX_set_<min|max>_proto_version() when available
- plan9: Add support for running on Plan 9
- progress: Reset download/uploaded counter between transfers
readwrite_data: Repair setting the TIMER_STARTTRANSFER stamp
scp: Fix directory name length used in memcpy
smb: Initialize *msg to NULL in smb_send_and_recv()
smtp: Check for and bail out on too short EHLO response
- source: Remove names from source comments
spnego_sspi: Add typecast to fix build warning
src/makefile: Fix uncompressed hugehelp.c generation
ssh-libssh: Do not specify O_APPEND when not in append mode
ssh: Move code into vssh for SSH backends
- sspi: Fix memory leaks
- tests: Replace outdated test case numbering documentation
- tftp: Return error when packet is too small for options
timediff: Make it 64 bit (if possible) even with 32 bit time_t
- travis: Reduce number of torture tests in 'coverage'
url: Make use of new HTTP version if alt-svc has one
- urlapi: Verify the IPv6 numerical address
- urldata: Avoid 'generic', use dedicated pointers
vauth: Use CURLE_AUTH_ERROR for auth function errors
Updated glib (1.2.10) to fix building in C99 mode
Updated gtk+ (1.2.10) to fix building in C99 mode
Updated libxslt (1.1.33) to drop Python 2 bindings from Fedora 31 onwards (Bug #1738016)
Updated perl-File-Find-Rule-Perl (1.15) to fix wrong date in changelog entry