Paul's Blog Entries for January 2024
Monday 1st January 2024
Fedora Project
Updated perl-Finance-Quote to 1.59 in F-38, F-39, Rawhide and EPEL-9:
Fixed XETRA, Tradegate and SInvestor after webpage was restructured (GH#350)
Fidelity.pm temporarily disabled (GH#346)
Finanzpartner.pm - Fix scraper, did not work if quote was higher than the previous day's quote
GoogleWeb.pm - Updated to retrieve mutual fund and BATS prices (GH#355)
BSEIndia.pm:
Updated to use standardized data file at URL https://www.bseindia.com/download/BhavCopy/Equity/BSE_EQ_BHAVCOPY_{DDMMYYYY}.ZIP
- Eliminated need to use temp folders by storing standardized file data from URL into a variable
- Updated names of source fields to conform to those in the standardized data file
Removed print when symbol not found (GH#335)
IndiaMutual.pm - Eliminated need to use temp folders by storing NAV file data from URL into a variable
TMX.pm - Correct a self-reference in documentation (GH#345)
Stooq.pm - Added new currencies and a fix for commodities' prices
YahooWeb.pm - Skip rows in the price table where the prices are "-"; this seems to happen sometimes with TIAA (and perhaps other) securities including TILIX and QCILIX
TSP.pm - Was not returning hash when the HTTP GET failed completely or the content did not contain the expected CSV file (GH#338)
Updated proftpd (1.3.8b) in Rawhide and EPEL-9 to use libsodium to provide ed25519 key support for mod_sftp (Bug #2256340) and to update the logrotate snippet to use try-reload-or-restart rather than reload for distributions with systemd 229 or later (based on PR#3)
Local Packages
Updated proftpd (1.3.8b and 1.3.9rc2) as per the Fedora version
Wednesday 3rd January 2024
Fedora Project
My pull request for a backported (from version 3.4.0, to version 2.12.0) fix for CVE 2023-48795 ("Terrapin" attack) in python-paramiko was merged and built for EPEL-9 and EPEL-8
Updated perl-MIME-tools to 5.511 in Rawhide:
Silence a warning if used with a development version of MIME::QuotedPrint (CPAN RT#149225, CPAN RT#150118)
Local Packages
Updated c-ares to 1.25.0:
- This is a maintenance release
- Changes:
AutoTools: Rewrite build system to be lighter weight and fix issues in some semi-modern systems; it is likely this has broken building on some less common and legacy OSs, please report issues
Rewrite ares_strsplit() as a wrapper for ares__buf_split() for memory safety reasons
The ahost utility now uses ares_getaddrinfo() and returns both IPv4 and IPv6 addresses by default
OpenBSD: Add SOCK_DNS flag when creating socket
- Bug Fixes:
Tests: Live reverse lookups for Google's public DNS servers no longer return results; replace with CloudFlare pubic DNS servers
MacOS legacy SDKs require sys/socket.h before net/if.h
- Connection failures should increment the server failure count first or a retry might be enqueued to the same server
- On systems that don't implement the ability to enumerate network interfaces the stubs used the wrong prototype
- Fix minor warnings and documentation typos
Fix support for older GoogleTest versions
getrandom() may require sys/random.h on some systems
- Fix building tests with symbol hiding enabled
Updated perl-MIME-tools to 5.511 as per the Fedora version
Monday 8th January 2024
Fedora Project
Updated perl-Net-SSLeay to 1.94 in Rawhide:
Net::SSLeay now officially supports all stable releases of OpenSSL 3.1 and 3.2, and LibreSSL 3.5-3.8
Many noisy compiler warnings have been silenced - if SSLeay.xs fails to compile, it should now be much easier to identify the cause
libcrypto's OPENSSL_init_crypto() function and libssl's OPENSSL_init_ssl() function are now exposed, enabling fine-grained control over the initialisation and configuration of both libraries
libssl functions implementing TLS 1.3 PSK authentication are now exposed, in particular SSL_CTX_set_psk_find_session_callback() (on the server side) and SSL_CTX_set_psk_use_session_callback() (on the client side)
libssl functions implementing server-side TLS 1.2 PSK authentication are now exposed, in particular SSL_CTX_set_psk_server_callback()
libssl's SSL_CTX_set_client_hello_cb() function is now exposed, allowing a TLS server to set a callback function that is executed when the server processes a ClientHello message
Many more libcrypto/libssl constants and functions are now exposed; see the release notes for the 1.93 developer releases for a full list
Local Packages
Updated perl-Devel-StackTrace to 2.05:
- Added explicit boolean overloading for trace objects
Without this, Perl will use the object's string overloading and then check the truthiness of the returned string, which is a lot of extra work, which can produce significant slowdowns in some cases, as seen in https://github.com/plack/Plack/pull/697 (GH#23)
- Added explicit boolean overloading for trace objects
Updated perl-Net-SSLeay to 1.94 as per the Fedora version
Tuesday 9th January 2024
Fedora Project
Updated gtkwave to 3.3.118 in F-38, F-39, Rawhide, EPEL-7, EPEL-8 and EPEL-9:
Update xml2stems to handle newer "loc" vs. "fl" XML tags
Change preg_regex_c_1 declaration to use regex_t* as data type
Move gtkwave.appdata.xml to io.github.gtkwave.GTKWave.metainfo.xml
Fixed popen security advisories:
- Fixed FST security advisories:
Fixed evcd2vcd security advisories:
- Fixed VCD security advisories:
TALOS-2023-1804 (CVE-2023-37416, CVE-2023-37419, CVE-2023-37420, CVE-2023-37418, CVE-2023-37417)
TALOS-2023-1805 (CVE-2023-37447, CVE-2023-37446, CVE-2023-37445, CVE-2023-37444, CVE-2023-37442, CVE-2023-37443)
TALOS-2023-1806 (CVE-2023-37576, CVE-2023-37577, CVE-2023-37573, CVE-2023-37578, CVE-2023-37575, CVE-2023-37574)
TALOS-2023-1807 (CVE-2023-37921, CVE-2023-37923, CVE-2023-37922)
- Fixed VZT security advisories:
- Fixed LXT2 security advisories:
- The EPEL updates (especially EPEL-7) involve big version updates but in view of the number of security issues addressed it seemed the sensible thing to do
Updated perl-MIME-tools to 5.512 in Rawhide:
Use much larger chunk sizes for Base-64 encoding, which reduces both encoding time and space overhead (CPAN RT#128400, CPAN RT#130110)
Updated perl-Test-Manifest to 2.024 in Rawhide:
- Refresh distro
Local Packages
Updated gtkwave to 3.3.118 as per the Fedora version
Updated perl-MIME-tools to 5.512 as per the Fedora version
Updated perl-Test-Manifest to 2.024 as per the Fedora version
Wednesday 10th January 2024
Fedora Project
Updated geoipupdate to 6.1.0 in Rawhide:
'geoipupdate' now sets the version in the 'User-Agent' header to the version in the binary; while there were no issues with the version in the header, this makes sure it will match the binary (the header also now includes build information, such as OS and architecture)
White spaces in secret files 'GEOIPUPDATE_ACCOUNT_ID_FILE', 'GEOIPUPDATE_LICENSE_KEY_FILE' are ignored (GH#262)
Local Packages
Updated geoipupdate to 6.1.0 as per the Fedora version
Updated sendmail (8.17.2) to convert the license tag to SPDX format
Friday 12th January 2024
Fedora Project
Updated perl-Business-ISBN-Data to 20240111.001 in Rawhide:
- Data update for 20240111
Saturday 13th January 2024
Local Packages
Uodated ansible-collection-community-libvirt (1.3.0) to depend on ansible-packaging-tests and remove python3-mock dependency
Sunday 14th January 2024
Fedora Project
Updated perl-common-sense (3.7.5) in F-38, F-39 and Rawhide to use %license unconditionally and to avoid use of spec file constructs that are no longer valid with rpm 4.18.92 onwards, fixing an FTBFS in Koschei for F-38
Local Packages
Updated perl-NetAddr-IP (4.079) not to use Socket6 from Fedora 40 onwards since it will be dropped from the distribution
Monday 15th January 2024
Fedora Project
Rebuilt perl-Compress-Raw-Zlib (2.206) for zlib-ng in Rawhide, fixing the FTBFS for perl-IO-Compress in Koschei
Updated perl-DateTime-Format-MySQL to 0.08 in F-38:
Fix parsing microsecond < 100,000 off DateTime object by zero-padding
Updated perl-Modern-Perl to 1.20240115 in F-39 and Rawhide:
- Update for 2024 year bundle
Updated perl-Test-File (1.993) in F-38 to fix FTBFS in Koschei due to use of macros incompatible with rpm 4.18.92 onwards
Local Packages
Updated libidn to 1.42:
Bump required gettext version to 0.19.8 for musl-libc
- Compiler warning improvements
- As before, compiler warnings are enabled by default
They may be disabled using ./configure --disable-gcc-warnings or turn them into fatal errors using ./configure --enable-gcc-warnings=error to add -Werror and sensible -Wno-error='s
Based on gnulib's manywarnings, see https://www.gnu.org/software/gnulib//manual/html_node/manywarnings.html
- Fix type confusion on LLP64/Windows platforms
While libidn has worked using Cygwin libc, it has never worked on ucrt/msvcrt libc; report and tiny patch by Francesco Pretto in https://lists.gnu.org/archive/html/help-libidn/2022-02/msg00000.html
tests: Added script tests/standalone.sh suitable for integrators
The main purpose is to test a system-installed libidn, suitable for distributor checking (à la Debian's autopkgtest/debci)
It may also be used to test a newly built libidn outside the usual 'make check' infrastructure
To check that your system libidn is working, invoke the script with 'srcdir' as an environment variable indicating where it can be find the source code for libidn's tests/ directory (it will use the directory name where the script is by default)
To check that a newly built static libidn behaves, invoke:
env STANDALONE_CFLAGS="-Ilib lib/.libs/libidn.a" tests/standalone.sh
To check that a newly built shared libidn behaves, invoke:
env srcdir=tests STANDALONE_CFLAGS="-Ilib -Wl,-rpath lib/.libs lib/.libs/libidn.so" tests/standalone.sh
If the libidn under testing is too old and has known bugs, that should cause tests to fail, which is intentional
- Updated translations
Update gnulib files and build fixes
Rebuilt perl-Compress-Raw-Zlib (2.206) as per the Fedora version
Tuesday 16th January 2024
Fedora Project
Updated perl-Business-ISBN-Data to 20240116.001 in Rawhide:
- Data update for 20240116
Friday 19th January 2024
Local Packages
Rebuilt ansible-collection-community-libvirt (1.3.0), bluefish (2.2.14), check (0.15.2), curl (8.5.0), davfs2 (1.7.0) and Judy (1.0.5) for the Fedora_40_Mass_Rebuild
Updated libxml2 to 2.12.4:
- Regressions:
- parser: Fix regression parsing standalone declarations
autotools: Re-add --with-xptr-locs configuration option
parser: Fix build --without-output
- parser: Don't grow or shrink pull parser memory buffers
- io: Fix memory lifetime issue with input buffers
I reinstated Xpointer locations support for Fedora < 40, RHEL < 10
Saturday 20th January 2024
Local Packages
Rebuilt dovecot (2.3.21), geoipupdate (6.1.0), gtkwave (3.3.118), libgpg-error (1.47), libmetalink (0.1.3) and libnet (1.3) for the Fedora_40_Mass_Rebuild
Updated perl-Module-CoreList to 5.20240120:
- Updated for v5.39.7
Sunday 21st January 2024
Fedora Project
Updated perl-Getopt-Long-Descriptive to 0.114 in Rawhide:
A switch with (required => 0) is no longer treated as required!
Updated perl-Modern-Perl to 1.20240120 in Rawhide:
Fix tests for Perl < 5.26.0 (CPAN RT#151189)
Fix feature reset for Perl < 5.15 (CPAN RT#151190)
Updated perl-Moose to 2.2207 in Rawhide:
Remove test dependency on Test::CleanNamespaces (GH#184)
Local Packages
Rebuilt libssh2 (1.11.0), mcrcon (0.7.2), mod_fcgid (2.3.9) for the Fedora_40_Mass_Rebuild
Updated perl-IPC-Run3 to 0.049:
Avoid some uninitialized warnings in ProfLogReader
Improve errno handling on Windows
- Avoid leaking fds
- Fix typos in docs
Updated perl-Moose to 2.2207 as per the Fedora version
Monday 22nd January 2024
Local Packages
Rebuilt libxslt (1.1.39), nmap (7.93), perl-DBI (1.643), perl-IO-AIO (4.8), perl-MCE (1.889), perl-MIME-Types (2.24), perl-Mouse (2.5.10), perl-Object-HashBase (0.010), perl-Perl-Critic (1.152), perl-Specio (0.48), perl-Type-Tiny (2.004000), perl-Unicode-CheckUTF8 (1.03), perl-version (0.9930), proftpd (1.3.8b) and rbldnsd (0.998b) for the Fedora_40_Mass_Rebuild
Updated mod_fastcgi (2.4.7.1) to drop support for httpd 2.2.x
Tuesday 23rd January 2024
Fedora Project
Updated Judy (1.0.5) in Rawhide to hardlink lots of duplicate library manpages together to save space
Updated perl-Business-ISBN-Data to 20240123.001 in Rawhide:
- Data update for 20240123
Updated perl-IO-Socket-SSL to 2.085 in Rawhide:
Fix test that failed due to behaviour changes in OpenSSL 3.2 (GH#147)
Update PublicSuffix
Add examples for TLS JA3/JA4 fingerprinting to tls_fingerprint/
Updated perl-Test-Warnings to 0.033 in Rawhide:
Add Test2 compatibility in the test triggered by done_testing()
New long-awaited feature (!!!) "allow_patterns", to either temporarily or globally exempt particular warning patterns
Local Packages
Re-rebuilt ansible-collection-community-libvirt (1.3.0) for the Fedora_40_Mass_Rebuild (see https://pagure.io/releng/issue/11888)
Updated Judy (1.0.5) as per the Fedora version
Updated perl-ConfigReader-Simple to 1.296:
- Refresh distro, update email address, update repo URL
Updated perl-IO-Socket-SSL to 2.085 as per the Fedora version
Updated perl-Test-Warnings to 0.033 as per the Fedora version
Wednesday 24th January 2024
Local Packages
Re-rebuilt geoipupdate (6.1.0) for the Fedora_40_Mass_Rebuild (see https://pagure.io/releng/issue/11888)
Updated perl-XML-LibXML to 2.0210:
Fix copying external entity from an ext_ent_handler handler (GH#81)
libxml-mm: Fix function prototypes in function pointers
Updated unrar to 7.00 beta 4
Thursday 25th January 2024
Fedora Project
Updated perl-URI to 5.22 in Rawhide:
Use Scalar::Util::reftype instead of ref to check for ARRAY (GH#132)
Local Packages
Re-rebuilt bluefish (2.2.14), check (0.15.2), curl (8.5.0), davfs2 (1.7.0), dovecot (2.3.21), grepmail (5.3111), gtkwave (3.3.118), libgpg-error (1.47), libidn (1.42), libmetalink (0.1.3), libnet (1.3), libssh2 (1.11.0), libxml2 (2.12.4), libxslt (1.1.39), mcrcon (0.7.2), mod_fastcgi (2.4.7.1), mod_fcgid (2.3.9), perl-DBI (1.643), perl-IO-AIO (4.80), perl-MCE (1.889), perl-Object-HashBase (0.010) and proftpd (1.3.8b) for the Fedora_40_Mass_Rebuild (see https://pagure.io/releng/issue/11888)
Updated perl-Search-Elasticsearch to 8.12:
Stable release for Elasticsearch 8.12
Friday 26th January 2024
Fedora Project
Updated perl-MIME-tools to 5.513 in Rawhide:
Add MIME::Parser->ambiguous_content to indicate one of several types of ambiguous MIME content that could be security risks
Add the '@duplicate_parameters' pseudo-parameter to let caller detect duplicate MIME parameters on a MIME header
Updated perl-MouseX-SimpleConfig (0.11) in Rawhide to drop build requirement perl(Test::Vars), which is FTBFS with Perl 5.38
Updated perl-Software-License-CCpack (1.11) in Rawhide to drop test dependency Test::Vars from Fedora 39 onwards since Test::Vars is FTBFS with Perl 5.38
Updated perl-Test-Mojibake (1.3) in Rawhide to drop test dependency perl(Test::Vars) from Fedora 39 onwards as Test::Vars is FTBFS with Perl 5.38
Updated perl-Test-TinyMocker (0.05) in Rawhide to drop test dependency perl(Test::Vars) since Test::Vars is FTBFS with Perl 5.38
Local Packages
Re-rebuilt nmap (7.93), perl-MIME-Types (2.24), perl-Moose (2.2207), perl-Mouse (2.5.10), perl-Perl-Critic (1.152), perl-Specio (0.48) and perl-Type-Tiny (2.004000) for the Fedora_40_Mass_Rebuild (see https://pagure.io/releng/issue/11888)
Updated perl-MIME-tools to 5.513 as per the Fedora version
Updated perl-Net-DNS to 1.43:
Update b.root-servers.net addresses in resolver hints
- Improve accuracy and completeness of dependency metadata
Nameserver: Fix hangs on persistent TCP connection (Windows)
IPSECKEY: Leave gateway undefined for gatetype 0
- Remove remaining support for GOST
Nameserver.pm: Fix DoS vulnerability in TCP handling (CPAN RT#151240)
Net::DNS::Resolver::new would hang for 150s on Win32 with no active DNS (CPAN RT#151232)
Fix bug in Net::DNS::Resolver::Recurse::_referral (CPAN RT#151075)
Address deep recursion in Net::DNS::Resolver::Recurse (CPAN RT#151074)
Updated perl-Software-License-CCpack (1.11) as per the Fedora version
Updated perl-Test-Mojibake (1.3) in Rawhide as per the Fedora version
Saturday 27th January 2024
Fedora Project
Updated perl-YAML-LibYAML to 0.89 in F-38, F-39 and Rawhide:
Local Packages
Updated perl-YAML-LibYAML to 0.89 as per the Fedora version
Rebuilt smbldap-tools (0.9.11) and sendmail (8.17.2) for the Fedora_40_Mass_Rebuild
Sunday 28th January 2024
Fedora Project
Updated perl-URI to 5.25 in Rawhide:
Cache scheme so that only one loading attempt is made (GH#55)
Local Packages
Updated c-ares to 1.26.0:
- This is a feature and bugfix release
- Features:
Event Thread support: Integrators are no longer required to monitor the file descriptors registered by c-ares for events and call 'ares_process()' when enabling the event thread feature via 'ARES_OPT_EVENT_THREAD' passed to 'ares_init_options()' (GH#696)
Added flags to 'ares_dns_parse()' to force RAW packet parsing (GH#693)
- Changes:
Mark 'ares_fds()' as deprecated (GH#691)
- Bugfixes:
Monday 29th January 2024
Local Packages
Rebuilt perl-Compress-Raw-Lzma (2.206) for xz 5.4.6 in Fedora 40 onwards
Tuesday 30th January 2024
Local Packages
Updated perl-Module-CoreList to 5.20240129:
- Re-release due to indexing errors with 5.2040120
Rebuilt perl-HTML-Lint (2.32), pptp (1.10.0), python-passlib (1.7.4), python2-xapian (1.4.23) and spamass-milter (0.4.0) for the Fedora_40_Mass_Rebuild
Wednesday 31st January 2024
Local Packages
Updated curl to 8.6.0:
Add CURLE_TOO_LARGE
Add CURLINFO_QUEUE_TIME_T
Add CURLOPT_SERVER_RESPONSE_TIMEOUT_MS
asyn-thread: Use GetAddrInfoExW on Windows ≥ 8
configure: Make libpsl detection failure cause error
docs/cmdline: Change to .md for cmdline docs
docs: Introduce "curldown" for libcurl man page format
runtests: Support -gl; Like -g but for lldb
altsvc: Free 'as' when returning error
appveyor: Replace PowerShell with bash plus parallel autotools
- appveyor: Switch to out-of-tree builds
asyn-ares: With modern c-ares, use its default timeout
build: Delete unused 'HAVE_{GSSHEIMDAL,GSSMIT,HEIMDAL}'
build: Delete/replace clang warning pragmas
- build: Enable missing OpenSSF-recommended warnings, with fixes
build: Fix '-Wconversion'/'-Wsign-conversion' warnings
build: Fix Windows ADDRESS_FAMILY detection
build: More '-Wformat' fixes
build: Remove redundant 'CURL_PULL_*' settings
cf-h1-proxy: No CURLOPT_USERAGENT in CONNECT with hyper
cf-socket: Show errno in tcpkeepalive error messages
CI/distcheck: Run full tests
cmake: Add option to disable building docs
cmake: Fix generation for system name iOS
cmake: Fix typo
cmake: Freshen up docs/INSTALL.cmake
cmake: Prefill/cache 'HAVE_STRUCT_SOCKADDR_STORAGE'
cmake: Rework options to enable curl and libcurl docs
cmake: When USE_MANUAL=YES, build the curl.1 man page
cmdline-opts/write-out.d: Remove spurious double quotes
cmdline-opts: Update availability for the *-ca-native options
cmdline/gen: Fix the sorting of the man page options
configure: Add libngtcp2_crypto_boringssl detection
configure: Fix no default int compile error in ipv6 detection
configure: When enabling QUIC, check that TLS supports QUIC
connect: Remove margin from eyeballer alloc
content_encoding: Change return code to typedef'ed enum
cookie.d: Document use of empty string to enable cookie engine
cookie: Avoid fopen with empty file name
curl.h: CURLOPT_DNS_SERVERS is only available with c-ares
curl: Show ipfs and ipns as supported "protocols"
curl_easy_getinfo.3: Remove the wrong time value count
curl_multi_fdset.3: Remove mention of null pointer support
CURLINFO_REFERER.3: Clarify that it is the request header
CURLOPT_AUTOREFERER.3: Mention CURLINFO_REFERER
CURLOPT_POSTFIELDS.3: Fix incorrect C string escape in example
CURLOPT_SSH_*_KEYFILE: Clarify
dist: Add tests/errorcodes.pl to the tarball
docs: Clean up Protocols: for cmdline options
- docs: Describe and highlight super cookies
docs: Do not start lines/sentences with So, But nor And
docs: Install curl.1 with cmake
- docs: Mention environment variables not used by schannel
- doh: Remove unused local variable
- examples: Add four new examples
file+ftp: Use stack buffers instead of data->state.buffer
ftp: Handle the PORT parsing without allocation
ftp: Use dynbuf to store entrypath
ftp: Use memdup0 to store the OS from a SYST 215 response
ftpserver.pl: Send 213 SIZE response without spurious newline
gen.pl: Support ## for doing .IP in table-like lists
gen: Do italics/bold for a range of letters, not just single word
- GHA: Add a job scanning for "bad words" in markdown
GHA: Bump ngtcp2, gnutls, mod_h2, quiche
gnutls: Fix build with --disable-verbose
haproxy-clientip.d: Document the arg
- headers: Make sure the trailing newline is not stored
headers: Remove assert from Curl_headers_push
hostip: Return error immediately when Curl_ip2addr() fails
hsts: Remove assert for zero length domain
http2: Improved on_stream_close/data_done handling
- http3/quiche: Fix result code on a stream reset
- http3: Initial support for OpenSSL 3.2 QUIC stack
http: adjust_pollset fix
http: Check for "Host:" case-insensitively
- http: Fix off-by-one error in request method length check
http: Only act on 101 responses when they are HTTP/1.1
- http: Remove comment reference to a removed solution
- http: Use stack scratch buffer
http_proxy: A blank CURLOPT_USERAGENT should not be used in CONNECT
krb5: Add prototype to silence clang warnings on mvsnprintf()
lib: Add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT
- lib: Error out on multissl + http3
lib: Fix variable undeclared error caused by 'infof' changes
lib: Reduce use of strncpy
lib: Rename Curl_strndup to Curl_memdup0 to avoid misunderstanding
lib: Replace readwrite with write_resp
lib: strndup/memdup instead of malloc, memcpy and null-terminate
libssh2: Use 'libssh2_session_callback_set2()' with v1.11.1
libssh: Improve the deprecation warning dismissal
libssh: Suppress warnings without version check
Makefile.am: Fix the MSVC project generation
Makefile.mk: Drop Windows support
mbedtls: Fix '-Wnull-dereference' and '-Wredundant-decls'
mbedtls: Free the entropy when threaded
mime: Use memdup0 instead of malloc + memcpy
mksymbolsmanpage.pl: Provide references to where the symbol is used
mprintf: Overhaul and bugfixes
mqtt: Use stack scratch buffer for recv+publish
multi: Remove total timer reset in file_do() while fetching file://
ngtcp2: Put h3 at the front of alpn
ntlm_wb: Do not use data->state.buffer any longer
openldap: Fix an LDAP crash
openldap: Fix STARTTLS
openssl: Re-match LibreSSL deinit with init
openssl: When verifystatus fails, remove session id from cache (CVE-2024-0853)
- OS400: Sync ILE/RPG binding
pingpong: Stop using the download buffer
pop3: Replace calloc + memcpy with memdup0
pytest: Scorecard tracking CPU and RSS
quiche: Return CURLE_HTTP3 on send to invalid stream
readwrite_data: Loop less
- Revert "urldata: move async resolver state from easy handle to connectdata"
- rtsp: Deal with borked server responses
runtests: For mode="text" on <stdout>, fix newlines on both parts
- sasl: Make login option string override http auth
schannel: Fix '-Warith-conversion' gcc 13 warning
sectransp: Do verify_cert without memdup for blobs
sectransp: Make TLSCipherNameForNumber() available in non-verbose config
sendf: Fix compiler warning with CURL_DISABLE_HEADERS_API
setopt: Clear mimepost when formp is freed
setopt: Use memdup0 when cloning COPYPOSTFIELDS
socks: Fix generic output string to say SOCKS instead of SOCKS4
socks: Use own buffer instead of data->state.buffer
- ssh: Fix namespace of two local macros
- ssh: Use stack scratch buffer for seeks
strerror: Repair get_winsock_error()
system.h: Sync mingw 'CURL_TYPEOF_CURL_SOCKLEN_T' with other compilers
system_win32: Fix a function pointer assignment warning
telnet: Use dynbuf instead of malloc for escape buffer
telnet: Use stack scratch buffer for do
tests/server: Delete workaround for old-mingw
tests: Avoid int/size_t conversion size/sign warnings
tests: Respect $TMPDIR when creating unix domain sockets
- tool: Make parser reject blank arguments if not supported
tool: Prepend output_dir in header callback
tool_getparam: bsearch cmdline options
tool_getparam: Do not try to expand without an argument
tool_getparam: Stop supporting '@filename' style for --cookie
tool_listhelp: Regenerate after recent .d updates
tool_operate: Make --remove-on-error only remove "real" files
tool_operate: Stop setting the file comment on Amiga
transfer: adjust_pollset improvements
- transfer: Fix upload rate limiting, add test cases
transfer: Make the select_bits_paused condition check both directions
transfer: Remove warning: Value stored to 'blen' is never read
- url: Don't set default CA paths for Secure Transport backend
- url: For disabled protocols, mention if found in redirect
urlapi: Remove assert
verify-examples.pl: Fail verification on unescaped backslash
version: Show only the libpsl version, not its dependencies
- vquic: Extract TLS setup into own source
vtls: Fix missing multissl version info
- vtls: Receive max buffer
vtls: Remove the Curl_cft_ssl_proxy object if CURL_DISABLE_PROXY
- websockets: Check for negative payload lengths
- websockets: Refactor decode chain
- windows: Delete redundant headers
- windows: Simplify detecting and using system headers
- wolfssl: Load certificate *chain* for PEM client certs
x509asn1: Remove code for WANT_VERIFYHOST
x509asn1: Switch from malloc to dynbuf
Previous Month: December 2023
Next Month: February 2024