Monday 1st November 2021

Local Packages

• Updated davfs2 to 1.6.1:

  • configure.ac: Add Neon version 0.32

  • mount.davfs.c, get_options: Ignore all unknown options

  • mount_davfs.c, write_mtab_entry: Add option _netdev to utab-entry

• Updated getmail to 5.16:

  • Add new use_netrc and netrc_file configuration options to support reading username/password from a .netrc file

  • Documentation updates

• Updated mcrcon to 0.7.2:

  • Quit gracefully when Ctrl-D or Ctrl+C is pressed

  • Remove "exit" and "quit" as quitting commands (these are actual rcon commands on some servers)

  • Suppress compiler warning (strncpy)

  • Fix erroneous string length in packet building function

  • Fix typo in ANSI escape sequence for LCYAN

  • Make stdout and stderr unbuffered

• Updated perl-Moose to 2.2200:

  • Replaced all uses of Sub::Name with Sub::Util, since the latter is part of core as of Perl 5.22

Friday 5th November 2021

Local Packages

• Updated perl-Net-SSLeay (development repo only) to the development release 1.91_01 (see Changes for details)

Sunday 7th November 2021

Local Packages

• Updated libgpg-error to 1.43 (https://dev.gnupg.org/T5352):

  • Fix for building against GNU libc 2.34 (https://dev.gnupg.org/T5547)

  • Fix build problems on macOS (https://dev.gnupg.org/T5440, https://dev.gnupg.org/T5610)

  • Fix gpgrt-config problems (https://dev.gnupg.org/T5381, https://dev.gnupg.org/T5595)

  • Fix gpgrt_free for legacy platforms

  • Fix truncation of error message in the middle of a character (https://dev.gnupg.org/T5048)

  • Fix the --disable-threads configure options (https://dev.gnupg.org/T5495)

  • Improve lock-obj generation for cross-builds

  • Improve cross-builds (https://dev.gnupg.org/T5365)

  • Improve gpgrt_wait_processes (https://dev.gnupg.org/T5381)

  • Allow config files to read values from the Windows Registry and from envvars
  • Update the Russian and Czech translations

• Updated perl-HTTP-Tiny to 0.080:

  • Fixed uninitialized value warnings on older Perls when the REQUEST_METHOD environment variable is set and CGI_HTTP_PROXY is not

• Updated perl-Moose to 2.2201:

  • Remove remaining traces of Sub::Name

Monday 8th November 2021

Fedora Project

• Updated perl-Math-GMP to 2.23 in Rawhide:

  • Add support for bmulf() to multiply by a floating point number

  • Add support for bnok() (Binomial)

Wednesday 10th November 2021

Fedora Project

• Updated perl-Finance-Quote (1.51) in F-35 and Rawhide to add explicit dependency on perl(LWP::Protocol::https) (Bug #2021755)

• Updated python-crypto (2.6.1) in Rawhide to fix Python 3.11 compatibility (Bug #2021808)

Local Packages

• Updated curl to 7.80.0:

  • CURLOPT_MAXLIFETIME_CONN: Maximum allowed lifetime for conn reuse

  • CURLOPT_PREREQFUNCTION: Add new callback

  • libssh2: Add SHA256 fingerprint support

  • urlapi: Add curl_url_strerror()

  • urlapi: Support UNC paths in file: URLs on Windows

  • wolfssl: Allow setting of groups/curves

  • .github: Retry macos "brew install" command on failure

  • aws-sigv4: Make signature work when post data is binary

  • BINDINGS: URL updates

  • build: Remove checks for WinSock 1

  • c-hyper: Don't abort CONNECT responses early when auth-in-progress

  • c-hyper: Make Curl_http propagate errors better

  • c-hyper: Make CURLOPT_SUPPRESS_CONNECT_HEADERS work

  • c-hyper: Make test 217 run

  • c-hyper: Use hyper_request_set_uri_parts to make h2 better

  • checksrc: Ignore preprocessor lines

  • CI/makefiles: Introduce dedicated test target

  • ci: Update Lift config to match requirements of curl build
  • cirrus: Remove FreeBSD 11.4 from the matrix

  • cirrus: Switch to openldap24-client

  • cleanup: constify unmodified static structs

  • cmake: Add CURL_ENABLE_SSL option

  • cmake: Fix error getting LOCATION property on non-imported target

  • cmake: Restore support for SecureTransport on iOS

  • cmake: With OpenSSL, define OPENSSL_SUPPRESS_DEPRECATED

  • cmdline-opts: Made the 'Added:' field mandatory

  • configure.ac: Replace krb5-config with pkg-config

  • configure: When hyper is selected, deselect nghttp2

  • connect: Use sysaddr_un from sys/un.h or custom-defined for Windows

  • curl-confopts.m4: Remove --enable/disable-hidden-symbols

  • curl-openssl.m4: Modify library order for openssl linking

  • curl-openssl: Pass argument to sed single-quoted

  • curl.1: Remove mentions of really old version changes

  • curl: Actually append "-" to --range without number only

  • curl: Correct grammar in generated libcurl code

  • curl: Print help descriptions in an aligned right column

  • curl_gssapi: Fix link error on macOS Monterey

  • curl_multi_socket_action.3: Add a "RETURN VALUE" section

  • curl_ntlm_core: Use OpenSSL only if DES is available

  • Curl_updateconninfo: Store addresses for QUIC connections too

  • CURLOPT_ALTSVC_CTRL.3: Mention conn reuse is preferred

  • CURLOPT_HSTSWRITEFUNCTION.3: Using CURLOPT_HSTS_CTRL is required

  • CURLOPT_HTTPHEADER.3: Add description for specific headers

  • docs/HTTP3: Improve build instructions

  • docs/Makefile.am: Repair 'make html'

  • docs: Fix typo in CURLOPT_TRAILERFUNCTION example

  • docs: Provide "RETURN VALUE" section for more function manpages

  • docs: Reduce use of "very"

  • doh: Remove experimental code for DoH with GET

  • examples/htmltidy: Correct wrong printf() use

  • examples/imap-append: Fix end-of-data check

  • ftp: Make the MKD retry to retry once per directory

  • gen.pl: Insert the current date and version in generated man page

  • gen.pl: Replace leading single quotes with \(aq

  • http2: Make getsock not wait for write if there's no remote window

  • http3: Fix the HTTP/3 Explained book link
  • http: Fix Basic auth with empty name field in URL

  • http: Reject HTTP response codes < 100

  • http: Remove assert that breaks hyper
  • http: Set content length earlier

  • http_proxy: Make hyper CONNECT() return the correct error code

  • http_proxy: Multiple CONNECT with hyper done better

  • hyper: Disable test 1294 since hyper doesn't allow such crazy headers

  • hyper: Does not support disabling CURLOPT_HTTP_TRANSFER_DECODING

  • hyper: Pass the CONNECT line to the debug callback

  • imap: Display quota information

  • INSTALL: Update symbol hiding option

  • lib/mk-ca-bundle.pl: Skip certs passed Not Valid After date

  • lib: Avoid fall-through cases in switch statements

  • libcurl.rc: Switch out the copyright symbol for plain ASCII

  • libssh2: Get the version at runtime if possible

  • limit-rate.d: This is average over several seconds

  • llist: Remove redundant code, branch will not be executed

  • Makefile.m32: Fix to not require OpenSSL with -libssh2 or -rtmp options

  • maketgz: Redirect updatemanpages.pl output to /dev/null

  • man pages: Require all to use the same section header order

  • manpage: Adjust the asterisk in some SYNOPSIS sections

  • md5: Fix compilation with OpenSSL 3.0 API
  • misc: Fix a few issues on MidnightBSD
  • misc: Fix typos in docs and comments

  • ngtcp2: Advertise h3 as well as h3-29

  • ngtcp2: Compile with the latest nghttp3

  • ngtcp2: Specify the missing required callback functions

  • ngtcp2: Use latest QUIC TLS RFC9001

  • NTLM: Use DES_set_key_unchecked with OpenSSL

  • openssl: If verifypeer is not requested, skip the CA loading

  • openssl: With OpenSSL 1.1.0+ a failed RAND_status means goaway

  • Revert "src/tool_filetime: Disable -Wformat on mingw for this file"
  • sasl: Binary messages
  • schannel: Fix memory leak due to failed SSL connection

  • scripts/delta: Count command line options in the new file

  • sendf: Accept zero-length data in Curl_client_write()

  • sha256: Use high-level EVP interface for OpenSSL

  • smooth-gtk-thread.c: Enhance the mutex lock use

  • sws: Fix memory leak on exit

  • test1160: Edited to work with hyper

  • test1173: Make manpage-syntax.pl spot \n errors in examples

  • test1185: Verify checksrc

  • test1266/1267: Disabled on hyper: no HTTP/0.9 support

  • test1287: Make work on hyper

  • test207: Accept a different error code for hyper

  • test262: Don't attempt with hyper

  • test552: Updated to work with hyper

  • test559: Add 'HTTP' in keywords

  • tests/smbserver.py: Fix compatibility with impacket 0.9.23+

  • tests: Add Schannel-specific tests and disable unsupported ones
  • tests: Disable test 2043
  • tests: Kill some test servers afterwards to avoid locked logfiles

  • tests: Use python3 in test 1451

  • tls: Remove newline from three infof() calls

  • tool_cb_prg: Make resumed upload progress bar show better

  • tool_listhelp: Easier generated with gen.pl

  • tool_main: Fix typo in comment

  • tool_operate: A failed etag save now only fails that transfer

  • URL-SYNTAX: Add IMAP UID SEARCH example

  • url: Check the return value of curl_url()

  • url: Set "k->size" -1 at start of request

  • urlapi: Skip a strlen(), pass in zero

  • urlapi: URL decode percent-encoded host names

  • version_win32: Use actual version instead of manifested version

  • vtls: Fix a memory leak if an SSL session cannot be added to the cache
  • wolfssl: Use for SHA256, MD4, MD5, and setting DES odd parity

  • zuul: Pin the quiche build to use an older cmake-rs

• I had to add a workaround for GSSAPI detection in Fedora 19 and Fedora 20, which have only krb5-config and no corresponding pkg-config file

Thursday 11th November 2021

Fedora Project

• Updated python-crypto (2.6.1) in Rawhide to patch out the use of distutils, which will be going away in Python 3.12

Sunday 14th November 2021

Fedora Project

• Updated curl (7.80.0) in Rawhide to add perl(Digest::SHA) as a build requirement, since it is now used by sshserver.pl in the test suite; this necessitated adding an upstream fix to skip a couple of SSH-related tests that fail when the back-end is libssh rather than libssh2

Local Packages

• Updated curl (7.80.0) as per the Fedora version

Monday 15th November 2021

Fedora Project

• Updated perl-Archive-Peek to 0.37 in Rawhide:

  • Add repository metadata

  • Port from Moose to Moo and Type::Tiny

  • Make prereqs more specific with respect to phase
  • Add negative test

Local Packages

• New package perl-Types-Path-Tiny (0.006)

• Updated perl-Archive-Peek to 0.37 as per the Fedora version

• Rebuilt sendmail (8.17.1) for updated libnsl2 in Rawhide

Tuesday 16th November 2021

Fedora Project

• Updated perl-MCE to 1.875 in Rawhide:

  • Specify a percentage for max_workers (https://www.perlmonks.org/?node_id=11134439)

  • Added t/03_max_workers.t

• Updated pperl-PPIx-QuoteLike to 0.019 in Rawhide:

  • Add CONRIBUTING file

  • Try to quell weird Win32 test failures that seem to occur only in tests where I am using 'use open' to put the standard handles into UTF-8 mode; the fix (hopefully) is to do this to the Test::Harness handles at run time instead of to the standard handles at compile time

Local Packages

• Updated perl-MCE to 1.875 as per the Fedora version

• Updated perl-PPIx-QuoteLike to 0.019 as per the Fedora version

• Updated perl-Test2-Suite to 0.000142:

  • Fix deprecation diagnostics

  • Fix older perls by removing //=

• Updated unrar to 6.10 beta 2

Wednesday 17th November 2021

Fedora Project

• Updated perl-Math-GMP to 2.24 in Rawhide:

  • Tests and better documentation for bnok() (Binomial)

  • Eliminate warning about not_here() in GMP.xs

Monday 22nd November 2021

Local Packages

• Updated perl-Module-CoreList to 5.20211120:

  • Updated for v5.35.6

Wednesday 24th November 2021

Fedora Project

• Updated perl-Try-Tiny to 0.31 in Rawhide:

  • Plug Syntax::Keyword::Try and Feature::Compat::Try in the docs

Local Packages

• Updated perl-Try-Tiny to 0.31 as per the Fedora version

Monday 29th November 2021

Fedora Project

• Updated python-paramiko to 2.8.1 in Rawhide:

  • Fix listdir failure when server uses a locale (GH#985, GH#992); now on Python 2.7 SFTPAttributes will decode abbreviated month names correctly rather than raise 'UnicodeDecodeError'

  • Deleting items from '~paramiko.hostkeys.HostKeys' would incorrectly raise 'KeyError' even for valid keys, due to a logic bug (GH#1024)

  • Update RSA and ECDSA key decoding subroutines to correctly catch exception types thrown by modern versions of Cryptography (specifically 'TypeError' and its internal 'UnsupportedAlgorithm') (GH#1257, GH#1266); these exception classes will now become '~paramiko.ssh_exception.SSHException' instances instead of bubbling up

  • Update '~paramiko.pkey.PKey' and subclasses to compare ('__eq__') via direct field/attribute comparison instead of hashing (while retaining the existing behaviour of '__hash__' via a slight refactor) (GH#908)

  • Warning:

  • This fixes a security flaw! If you are running Paramiko on 32-bit systems with low entropy (such as any 32-bit Python 2, or a 32-bit Python 3 that is running with 'PYTHONHASHSEED=0') it is possible for an attacker to craft a new keypair from an exfiltrated public key, which Paramiko would consider equal to the original key; this could enable attacks such as, but not limited to, the following:

    • Paramiko server processes would incorrectly authenticate the attacker (using their generated private key) as if they were the victim; we see this as the most plausible attack using this flaw
    • Paramiko client processes would incorrectly validate a connected server (when host key verification is enabled) while subjected to a man-in-the-middle attack; this impacts more users than the server-side version, but also carries higher requirements for the attacker, namely successful DNS poisoning or other MITM techniques

Local Packages

• Updated perl-PPIx-Regexp to 0.082:

  • Add --version to eg/predump, and document all options with double dashes

  • Silence 'uninitialized' warning generated by /(?<=.{35})/

  • Try to quell weird Win32 test failures that seem to occur only in tests where I am using 'use open' to put the standard handles into UTF-8 mode; the fix (I hope) is to do this to the Test::Harness handles at run time instead of to the standard handles at compile time

  • Add file CONTRIBUTING