Paul's Blog Entries for March 2021
Tuesday 2nd March 2021
Local Packages
Rebuilt check (0.15.2) to sync with the Rawhide build
Updated perl-Search-Elasticsearch to 7.711001:
Fix release for Elasticsearch 7.11 (GH#202)
Wednesday 3rd March 2021
Fedora Project
Updated python-paramiko (2.7.2) in F-34 and Rawhide to drop invoke dependencies (invoke needs an ancient version of pytest that nobody is prepared to maintain)
RPM Fusion Project
Updated xv (3.10a) to fix jas_memdump replacement function
Local Packages
Updated sendmail (8.16.1) to drop support for old EOL distributions prior to Fedora 19
Updated xv (3.10a) as per the RPM Fusion package
Friday 5th March 2021
Fedora Project
Updated perl-Test-File to 1.448 in F-34 and Rawhide:
Try handling all-numeric user and group names (GH#26)
Local Packages
Updated dovecot (2.3.x):
Updated dovecot to 2.3.14:
- Added new aliases for some variables; usage of the old ones is possible, but discouraged (these were partially added already to v2.3.13)
See https://doc.dovecot.org/configuration_manual/config_file/config_variables/ for more information
Optimize imap/pop3/submission/managesieve proxies to use less CPU at the cost of extra memory usage
Remove autocreate, expire, snarf and mail-filter plugins
Remove cydir storage driver
- Remove XZ/LZMA write support; read support will be removed in a future release
doveadm -D: add timestamps to debug output even when LOG_STDERR_TIMESTAMP environment variable is not set (timestamp format is taken from log_timestamp setting)
If BROKENCHAR or listescape plugin is used, the escaped folder names may be slightly different from before in some situations; this is unlikely to cause issues, although caching clients may redownload the folders
imapc: it now enables BROKENCHAR=~ by default to escape remote folder names if necessary; this also means that if there are any '~' characters in the remote folder names, they will be visible as "~7e"
imapc: when using local index files, folder names were escaped on the filesystem a bit differently (this has effect only if there are folder names that actually require escaping, which isn't so common); the old style folders will automatically be deleted from the filesystem
stats: update exported metrics to be compliant with OpenMetrics standard
doveadm: add an optional '-p' parameter to metadata list command; if enabled, "/private", and "/shared" metadata prefixes will be prepended to the keys in the list output
doveconf: support environment variables in config files; see https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#environment-variables for more details
indexer-worker: change indexer to disconnect from indexer-worker after each request, which allows service indexer-worker's service_count and idle_kill settings to work; these can be used to restart indexer-worker processes once in a while to reduce their memory usage
auth: "nodelay" with various authentication mechanisms such as apop and digest-md5 crashed AUTH process if authentication failed
auth: auth lua script generating an error triggered an assertion failure:
Panic: file db-lua.c: line 630 (auth_lua_call_password_verify): assertion failed: (lua_gettop(script->L) == 0)
configure: fix libunwind detection to work on other than x86_64 systems
doveadm-server: process could crash if logging was done outside command handling; for example http-client could have done debug logging afterwards, resulting in either segfault or:
Panic: file http-client.c: line 642 (http_client_context_close): assertion failed: (cctx->clients_list == NULL)
dsync: folder name escaping with BROKENCHAR didn't work completely correctly, which particularly caused problems with dsync-migrations using imapc where some of the remote folder names may not have been accessible
dsync: doveadm sync + imapc doesn't always sync all mails when doing an incremental sync (-1), which could lead to mail loss when used for migration; this happens only when GUIDs aren't used (i.e. imapc without imapc_features=guid-forced)
fts-tika: when tika server returns error, some mails cause
Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts): assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input))
lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have resulted in crashes, which exposed that Dovecot was wrongly accepting atoms in "nstring" handling; changed the IMAP parsing to be more strict about this now
lib-index: if dovecot.index.cache has corrupted message size, fetching BODY/BODYSTRUCTURE may cause assert-crash:
Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish): assertion failed: (mail->data.parts != NULL)
lib-index: minor error handling and race condition fixes related to rotating dovecot.index.log; these didn't usually cause problems, unless the log files were rotated rapidly
lib-lua: Lua scripts using coroutines or lua libraries using coroutines (e.g., cqueues) panicked
Message PREVIEW handled whitespace wrong so first space would get eaten from between words
FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively
lib-mail: when max nested MIME parts were reached, IMAP BODYSTRUCTURE was written in a way that may have caused confusion for IMAP clients and also Dovecot itself when parsing it; the truncated part is now written out using application/octet-stream MIME type
lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to use them:
Panic: file hmac.c: line 26 (hmac_init): assertion failed: (meth->context_size <= MAC_MAX_CONTEXT_SIZE)
event filters: NOT keyword did not have the correct associativity: NOT a AND b were getting parsed as NOT (a AND b) instead of (NOT a) AND b
Ignore ECONNRESET when closing socket; this avoids logging useless errors on systems like FreeBSD
- event filters: event filter syntax error may lead to
Panic: file event-filter.c: line 137 (event_filter_parse): assertion failed: (state.output == NULL)
lib: timeval_cmp_margin() was broken on 32-bit systems, which could potentially have caused HTTP timeouts to be handled incorrectly
log: instance_name wasn't used as syslog ident by the log process
master: after a service reached process_limit and client_limit, it could have taken up to 1 second to realize that more client connections became available, during which time client connections could have been rejected unnecessarily and a warning logged: Warning: service(...): process_limit (...) reached, client connections are being dropped
stats: crash would occur when generating openmetrics data for metrics using aggregating functions
stats: event filters comparing against empty strings crash the stats process
Updated pigeonhole to 0.5.14:
IMAP FILTER command: cmd-filter-sieve - do not allow NIL as script name argument
Updated perl-Test-File to 1.448 as per the Fedora version
Monday 8th March 2021
Local Packages
Updated python2-xapian to 1.4.18
Updated unrar to 6.01 beta 1, incorporating a number of changes from the RPM Fusion package:
- Don't create versioned shared library, stick with upstream library name
- Drop patch for unresolved symbol issues
- Add rpm macro file so that dependent packages can add versioned dependency
Saturday 13th March 2021
Fedora Project
Updated perl-Getopt-Long-Descriptive to 0.106 in F-34 and Rawhide:
- Improved formatting of switches
When available, use Term::ReadKey to get terminal width
- When an option name is defined twice, warn about it (this will become fatal in a future version)
Updated perl-MouseX-Getopt (0.38) in F-34 and Rawhide to fix compatibility with Getopt::Long::Descriptive 0.106
Monday 15th March 2021
Fedora Project
Updated perl-Getopt-Long-Descriptive to 0.107 in F-34 and Rawhide:
Term::ReadKey has been dropped; caused too many problems
- Minimum perl version is now v5.10.1, not v5.10.0
Updated perl-MouseX-Getopt (0.38) to fix compatibility with Getopt::Long::Descriptive 0.107
Tuesday 16th March 2021
Fedora Project
Updated perl-Getopt-Long-Descriptive to 0.108 in Rawhide:
- Provide diagnostics in tests when more warnings arrive than are expected
Wednesday 17th March 2021
Fedora Project
Updated perl-Getopt-Long-Descriptive to 0.109 in F-34 and Rawhide:
Eliminate warnings-count failure by requiring an ExtUtils::MakeMaker from late 2013 or later; without this, very old EU::MM could pass -w to the tests, enabling more warnings than we wanted
Thursday 18th March 2021
Fedora Project
Updated perl-MooseX-Getopt to 0.75 in F-34 and Rawhide:
Adjust tests to deal with formatting changes in Getopt::Long::Descriptive 0.106 (RT#134754)
Friday 19th March 2021
Local Packages
Updated nmap (7.80) to manage nc symlink using alternatives (Bug #1653119)
Updated perl-File-Which to 1.24:
- Documentation improvements
Moved repository to new GitHub organization
New package python2-six (1.15.0)
Monday 22nd March 2021
Local Packages
Updated perl-Module-CoreList to 5.20210320:
- Updated for v5.33.8
Updated perl-Moo to 2.005003:
Remove MooseX::Types from developer prereqs
Recommend Sub::Util rather than Sub::Name, since Sub::Util is in core
Fix line numbers when using oo module (perl -Moo)
- Adjust some author tests to rely less on external modules
Lower Exporter prereq to any version
Bump Role::Tiny prereq to 2.003004
Refactor and simplify role application code, as allowed by new Role::Tiny version
Switch to using normal strict+warnings rather than strictures for authors
Remove strictures from recommends, as Moo does not use it anywhere
Remove Task::Weaken prereq, as it served no purpose
Remove MRO::Compat prereq, using it only when user code does
Remove use of Devel::GlobalDestruction in code, only using Devel::GlobalDestruction::XS when it is available; Devel::GlobalDestruction is still a dependency on perl < 5.14 to facilitate the installation of the ::XS module
Moo now has no mandatory perl version specific dependencies; the version specific modules are now optional or not used, which means that code using Moo can be fatpacked on a new perl version without special cases, and it will work on older perl versions
- Fix perl version check in global destruction code
Fix C3 test skipping properly when MRO::Compat not available on perl < 5.10
Silence 'once' warnings from Moo::_Utils
Updated perl-Net-Server to 2.010:
Add SSL_verify_callback
Fix SSLEAY connect spinloop
- Various pod typos
Allow for logging to STDOUT for HTTP
Add PATCH verb to HTTP
Tuesday 23rd March 2021
Local Packages
Updated libgpg-error update to 1.42 (https://dev.gnupg.org/T5194):
Allow Unicode file names under Windows for the gettext domain
Improve cross-compiling support (https://dev.gnupg.org/T5289)
Improve $libdir determination by gpgrt-config (https://dev.gnupg.org/T5293)
Support --disable-thread by gen-lock-obj.sh (https://dev.gnupg.org/T5296)
New symbol: GPG_ERR_SOURCE_TPM2D
Wednesday 24th March 2021
Fedora Project
Updated perl-Perl-Critic to 1.140 in F-34 and Rawhide:
Subroutines::RequireFinalReturn now lets you specify a terminal_methods parameter to specify methods that should be seen as terminal; this is like the terminal_funcs parameter, but for methods (GH#920)
Removed an extra /x in RequireInterpolationOfMetachars.pm that caused deprecation warnings in Perl 5.22 and higher (GH#822)
Documentation::RequirePackageMatchesPodName now recognizes the package name if it's in 'I<>' or 'B<>' markup (GH#913)
Updated perl-Text-CSV_XS to 1.46 in F-34 and Rawhide:
- It's 2021
New attribute comment_str (RFC 4180-bis)
New attribute skip_empty_rows (RFC 4180-bis)
http → https in links in docs
Fix several issues with auto-detecting \r as EOL
- Tested on perl-5.6.1 .. perl-5.32.1 and perl-5.33.8 (145)
Local Packages
Updated curl (7.75.0) to fix SIGSEGV upon disconnect of a ldaps:// transfer (Bug #1941925)
Updated perl-Perl-Critic to 1.140 as per the Fedora version
Updated perl-Text-CSV_XS to 1.46 as per the Fedora version
Thursday 25th March 2021
Local Packages
Updated perl-Search-Elasticsearch to 7.712:
Stable release for Elasticsearch 7.12
Friday 26th March 2021
Local Packages
Updated perl-PPIx-QuoteLike to 0.016:
- Add rt.cpan.org back to bug reporting methods; long live RT!
Get prerequisites up to snuff, and add xt/author/prereq.t to ensure they stay that way
- Refactor authortest into three, so I do not have to generate stub files to test without optional modules
Updated perl-PPIx-Regexp to 0.079:
Get prerequisites up to snuff, and add xt/author/prereq.t to ensure they stay that way
- Add rt.cpan.org back to bug reporting methods; long live RT!
Saturday 27th March 2021
Fedora Project
Updated perl-UNIVERSAL-require to 0.19 in F-34 and Rawhide:
- Noted that the module is now deprecated
Added a list of alternatives to SEE ALSO
Local Packages
Updated perl-UNIVERSAL-require to 0.19 as per the Fedora version
Updated sendmail (8.16.1) to disable NIS support in builds for RHEL versions after RHEL8
Monday 29th March 2021
Local Packages
Updated perl-Moo to 2.005004:
Fix file set in %INC in create_class_with_roles (CPAN RT#134845)
Tuesday 30th March 2021
Local Packages
Updated perl-Net-DNS to 1.30:
- Simplify parsing of multi-line RRs in zone file
- Improve robustness of "dry" resolver tests
- Avoid deep recursion in non-fatal test report
Wednesday 31st March 2021
Fedora Project
Updated perl-Net-CIDR to 0.21 in F-34 and Rawhide:
Update perldoc to emphasize proper usage of ciddrvalidate()
Local Packages
Updated curl to 7.76.0:
cookies: Support multiple -b parameters
curl: Add --fail-with-body
- doh: Add options to disable ssl verification
- http: Add support to read and store the referrer header
sasl: Support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl
vtls: Initial implementation of rustls backend
CVE-2021-22876: Strip credentials from the auto-referer header field
CVE-2021-22890: Add 'isproxy' argument to Curl_ssl_get/addsessionid()
asyn-ares: Use consistent resolve error message
BUG-BOUNTY: Removed the cooperation mention
- build: Delete unused feature guards
build: Fix --disable-dateparse
build: Fix --disable-http-auth
build: Remove all traces of USE_BLOCKING_SOCKETS
c-hyper: Remove superfluous pointer check
c-hyper: Support automatic content-encoding
CI/azure: Disable test 433 on azure-ubuntu
CI/azure: Replace python-impacket with python3-impacket
ci: Stop building on freebsd-12-1
- cmake: Fix import library name for non-MS compiler on Windows
cmake: Use CMAKE_INSTALL_INCLUDEDIR indirection
- cmake: Support WinIDN
config: Fix building SMB with configure using Win32 Crypto
- config: Fix detection of restricted Windows App environment
configure: Fail if --with-quiche is used and quiche isn't found
configure: Make AC_TRY_* into AC_*_IFELSE
configure: Make hyper opt-in, and fail if missing
configure: Only add OpenSSL paths if they are defined
configure: Provide Largefile feature for curl-config
configure: Remove use of deprecated macros
configure: s/AC_HELP_STRING/AS_HELP_STRING/
- cookies: Fix potential NULL pointer deref with PSL
curl: Set CURLOPT_NEW_FILE_PERMS if requested
curl_easy_setopt.3: Add curl_easy_option* functions to SEE ALSO
curl_multibyte: Always return a heap-allocated copy of string
curl_multibyte: Fall back to local code page stat/access on Windows
Curl_timeleft: Check both timeouts during connect
curl_url_set.3: Mention CURLU_PATH_AS_IS
CURLOPT_QUOTE.3: Clarify that libcurl doesn't parse what's sent
docs/HTTP2: Remove the outdated remark about multiplexing for the tool
docs/Makefile.inc: Format to be update-friendly
docs: Add CURLOPT_CURLU to 'See also' in curl_url_ functions
docs: Add missing Arg tag to --stderr
docs: Add SSL backend names to CURL_SSL_BACKEND
docs: Clarify timeouts for queued transfers in multi API
- docs: Explain DOH transfers inherit some SSL settings
docs: Fix FILE example URL in --metalink documentation
docs: Make gen.pl support *italic* and **bold**
- doh: Fix sharing user's resolve list with DOH handles
doh: Inherit CURLOPT_STDERR from user's easy handle
- dynbuf: Bump the max HTTP request to 1MB
examples: Remove threaded-shared-conn.c due to bug
- file: Support unicode URLs on windows
ftp: Add 'list_only' to the transfer state struct
ftp: Add 'prefer_ascii' to the transfer state struct
ftp: Allow SIZE to fail when doing (resumed) upload
ftp: Avoid SIZE when asking for a TYPE A file
ftp: Fix Codacy/cppcheck warning about null pointer arithmetic
ftp: Fix memory leak in ftp_done
ftp: Never set data->set.ftp_append outside setopt
gen.pl: Quote "bare" minuses in the nroff curl.1
github: Add torture-ftp for FTP-only torture testing
gnutls: Assume nettle crypto support
gskit: Correct the gskit_send() prototype
hostip: Fix build with sync resolver
hostip: Fix crash in sync resolver builds that use DOH
- hsts: Remove unused defines
http2: Don't set KEEP_SEND when there's no more data to be sent
http2: Fail if connection terminated without END_STREAM
- http: Cap body data amount during send speed limiting
- http: Do not add a referrer header with empty value
http: Make 416 not fail with resume + CURLOPT_FAILONERRROR
- http: Remove superfluous NULL assign
- http: Strip default port from URL sent to proxy
- http: Use credentials from transfer, not connection
ldap: Use correct memory free function
lib1536: Check ptr against NULL before dereferencing it
lib1537: Check ptr against NULL before dereferencing it
lib: Remove 'conn->data' completely
libssh2: kdb_callback: Get the right struct pointer
libssh2: ssh_connect: Clear session pointer after free
memdebug: Close debug logfile explicitly on exit
mingw: Enable using strcasecmp()
multi: Close the connection when h2=>h1 downgrading
multi: Do once-per-transfer inits in before_perform in DID state
multi: Rename the multi transfer states
multi: Update pending list when removing handle
ngtcp2: Adapt to the new recv_datagram callback
ngtcp2: Clarify calculation precedence
ngtcp2: Fix build error due to change in ngtcp2_addr_init
ngtcp2: Sync with recent API updates
openldap: Avoid NULL pointer dereferences
openssl: Adapt to v3's new const for a few API calls
openssl: Ensure to check SSL_CTX_set_alpn_protos return values
openssl: Remove get_ssl_version_txt in favour of SSL_get_version
openssl: Set the transfer pointer for logging early
OS400: Update for CURLOPT_AWS_SIGV4
parse_proxy: Fix a memory leak in the OOM path
pathhelp.pm: Fix use of pwd -L in Msys environment
- projects: Update VS projects for OpenSSL 1.1.x
quiche: Fix build error: use 'int' for port number
quiche: Fix crash when failing to connect
retry-all-errors.d: Explain curl errors versus HTTP response errors
retry.d: Clarify transient 5xx HTTP response codes
runtests.pl: Add %TESTNUMBER variable to make copying tests more convenient
runtests.pl: Add a -P option to specify an external proxy
runtests.pl: Kill processes locking test log files
setopt: Error on CURLOPT_HTTP09_ALLOWED set true with Hyper
test1188: Change error to check for: --fail HTTP status
test220/314: Adjust to run with Hyper
test304: Header CRLF clean-up to work with Hyper
test306: Make it not run with Hyper
tests: Disable .curlrc in more environments
tests: Use %TESTNUMBER instead of fixed number
- tftp: Remove the 3600 second default timeout
time: Enable 64-bit time_t in supported mingw environments
tool_help: Add missing argument for --create-file-mode
tool_help: Increase space between option and description
tool_operate: Bail if set CURLOPT_HTTP09_ALLOWED returns error
travis: Add a rustls build
- travis: Bump wolfssl to 4.7.0
- travis: Only build wolfssl when needed
- travis: Split "torture" into a separate "events" build
travis: Switch ngtcp2 build over to quictls
travis: Use ubuntu nghttp2 package instead of build our own
url.c: Use consistent error message for failed resolve
url: Fix memory leak if OOM in the HSTS handling
url: Fix possible use-after-free in default protocol
urldata: Don't touch data->set.httpversion at run-time
urldata: Fix build without HTTP and MQTT
urldata: Make 'actions[]' use unsigned char instead of int
urldata: Merge "struct DynamicStatic" into "struct UrlState"
urldata: Remove the 'rtspversion' field
urldata: Remove the _ORIG suffix from string names
version.d: Add missing features to the features list
wolfssl: Don't store a NULL sessionid
Updated perl-Moose to 2.2015:
A test has been rewritten so as to remove IO::String from the prerequisite list (GH#179)
Optional prereq on List::SomeUtils has been replaced with List::Util 1.56
Updated perl-Net-CIDR to 0.21 as per the Fedora version
Previous Month: February 2021
Next Month: April 2021