Friday 1st March 2024

Fedora Project

• Updated perl-B-Hooks-EndOfScope to 0.28 in F-40 and Rawhide:

  • Add optional prereqs to metadata to help prereq analysis tools (CPAN RT#151992)

• Updated perl-Business-ISBN-Data to 20240229.001 in F-40 and Rawhide:

  • Data update for 20240229

• Updated perl-IO-Zlib to 1.15 in F-40 and Rawhide:

  • Specify license in module metadata

Local Packages

• New package perl-Variable-OnDestruct (0.07)

• Updated nmap to 7.94 (see CHANGELOG for details)

  • zenmap now requires Python 3

  • Required system lua version is now 5.4 if not bundling it

  • Provide ncat in nmap-ncat for convenience (Bug #2214073)

  • I added a patch to fix finding zenmap messages files (GH#2718, GH#2789)

• Updated perl-B-Hooks-EndOfScope to 0.28 as per the Fedora version

• Updated perl-IO-Zlib to 1.15 as per the Fedora version

• Updated unrar to 7.00

Sunday 3rd March 2024

Fedora Project

• Updated perl-Business-ISBN-Data to 20240302.001 in F-40 and Rawhide:

  • Data update for 20240302

Tuesday 5th March 2024

Fedora Project

• Updated perl-ExtUtils-CChecker to 0.12 in F-40 and Rawhide:

  • Document the '->define' method

  • Overall module style updates

  • 'use v5.14' in all files

  • Use 'package NAME VER' syntax

  • Use 'Test2::V0' instead of 'Test::More' + 'Test::Fatal'

Friday 8th March 2024

Fedora Project

• Updated perl-Business-ISBN-Data to 20240308.001 in F-40 and Rawhide:

  • Data update for 20240308

• Updated perl-Expect to 1.37 in F-40 and Rawhide:

  • Fix to timeout code

Local Packages

• Updated perl-Expect to 1.37 as per the Fedora version

Monday 11th March 2024

Fedora Project

• Updated perl-PPI to 1.278 in F-40 and Rawhide:

  • Add support for new octal number syntax (GH#295)

Local Packages

• Rebuilt perl-Compress-Raw-Lzma against xz 5.6.1 (Bug #2267598)

• Updated perl-PPI to 1.278 as per the Fedora version

Tuesday 12th March 2024

Fedora Project

• Updated perl-Expect to 1.38 in F-40 and Rawhide:

  • Fix to fix to timeout code

• Updated perl-MetaCPAN-Client to 2.031001 in F-40 and Rawhide:

  • Show a real error for internal errors (GH#121)

Local Packages

• Updated perl-Expect to 1.38 as per the Fedora version

• Updated perl-MetaCPAN-Client to 2.031001 as per the Fedora version

Wednesday 13th March 2024

Fedora Project

• Updated perl-Business-ISBN-Data to 20240313.001 in F-40 and Rawhide:

  • Data update for 20240313

Thursday 14th March 2024

Fedora Project

• Rebuilt perl-Compress-Raw-Lzma (2.209) in Rawhide for ELN (GH#182)

Monday 18th March 2024

Fedora Project

• Updated bluefish to 2.2.15 in F-38, F-39, F-40 and Rawhide:

  • Bluefish 2.2.15 is a minor maintenance release
  • New feature: it can highlight the indenting level with a vertical line, which is very useful during python programming and helps with a lot more programming languages
  • Fix zencoding for python releases newer than 3.12
  • Add a retry button when opening files from a remote location
  • Tiny performance improvement when scrolling
  • Fix a bug in the bookmarks function and the visible indenting function that potentially could lead to a crash
  • The perl syntax detection has been greatly improved
  • YAML syntax detection has been added
  • The code has several fixes to make it compile on modern Mac OSX releases and to make it compile with the clang compiler

Local Packages

• Updated bluefish to 2.2.15 as per the Fedora version

• Updated libxml2 to 2.12.6:

• Regressions:

  • parser: Fix detection of duplicate attributes in XML namespace

  • xmlreader: Fix xmlTextReaderConstEncoding

  • html: Fix htmlCreatePushParserCtxt with encoding

  • xmllint: Return error code if XPath returns empty nodeset

Tuesday 19th March 2024

Fedora Project

• Updated perl-Data-UUID to 1.227 in F-38, F-39, F-40, Rawhide and EPEL-7:

  • New maintainer, GTERMARS

  • Add basic GitHub Actions setup for testing

  • Typo corrections in POD

  • Eliminated use of state/node files in temporary directory (CVE-2013-4184)

• Updated perl-Variable-Magic to 0.64 in F-40 and Rawhide:

  • This is a maintenance release; the code contains no functional change

  • Contributing guidelines are now listed in the new CONTRIBUTING file

  • Fix for t/18-opinfo.t broken under blead (CPAN RT#151104)

Local Packages

• Updated perl-Data-UUID to 1.227 as per the Fedora version

• Updated perl-Variable-Magic to 0.64 as per the Fedora version

Thursday 21st March 2024

Fedora Project

• Updated perl-Business-ISBN-Data to 20240321.001 in F-40 and Rawhide:

  • Data update for 20240321

Local Packages

• Updated perl-Module-CoreList to 5.20240320:

  • Updated for v5.39.9

Friday 22nd March 2024

Local Packages

• Updated perl-Object-HashBase to 0.013:

  • Add support for Class::XSAccessor when it is installed

  • Documentation fixes

Sunday 24th March 2024

Fedora Project

• Updated perl-Business-ISBN-Data to 20240323.001 in F-40 and Rawhide:

  • Data update to 20240323

Monday 25th March 2024

Fedora Project

• Updated gtkwave to 3.3.119 in F-40 and Rawhide:

  • Remove FST_DO_MISALIGNED_OPS

  • Update lz4 to current version from GitHub

  • Change LZ4_compress to LZ4_compress_default

  • Update libghw.c/.h to latest upstream version

  • Fix for -Wsign-compare in fstapi.c

  • Security fixes for GHW

  • Fix left shift of a negative number warning in fstapi.c

  • Fix ctrl-A behaviour for SST filter entry

  • Fix for bad shmat return value in main.c

• Updated perl-File-Copy-Recursive-Reduced to 0.008 in F-40 and Rawhide:

  • Encoding directive added to POD

  • Corrections in test files to guard against CPANtesters who run tests with PERL_AUTHOR_TESTING turned on

Local Packages

• Updated gtkwave to 3.3.119 as per the Fedora version

• Updated perl-File-Copy-Recursive-Reduced to 0.008 as per the Fedora version

Tuesday 26th March 2024

Fedora Project

• Updated proftpd (1.3.6e) in EPEL-8 to fix slow reading of passwd/group files in mod_auth_file (Bug #2270686, GH#1134, GH#1192, GH#1195, GH#1213)

Wednesday 27th March 2024

Local Packages

• Updated curl to 8.7.1:

  • configure: Add --disable-docs flag

  • CURLINFO_USED_PROXY: Return bool whether the proxy was used

  • digest: Support SHA-512/256

  • DoH: Add trace configuration

  • write-out: Add '%{proxy_used}'

  • ALTSVC.md: Correct a typo

  • asyn-ares: Fix data race warning

  • asyn-thread: Use wakeup_close to close the read descriptor

  • badwords: Use hostname, not host name

  • BINDINGS: Add mcurl, the python binding

  • bufq: Writing into a softlimit queue cannot be partial

  • c-hyper: Add header collection writer in hyper builds

  • cd2nroff: gen: Make '\>' in input to render as plain '>' in output

  • cd2nroff: Remove backticks from titles

  • checksrc.pl: Fix handling .checksrc with CRLF

  • cmake: Add USE_OPENSSL_QUIC support

  • cmake: Add warning for using TLS libraries without 1.3 support

  • cmake: Enable 'ENABLE_CURL_MANUAL' by default

  • cmake: Fix 'CURL_WINDOWS_SSPI=ON' with Schannel disabled

  • cmake: Fix function description in comment

  • cmake: Fix install for older CMake versions

  • cmake: Fix libcurl.pc and curl-config library specifications

  • cmdline-docs/Makefile: Avoid using a fixed temp file name

  • cmdline-docs: Quote and angle bracket clean-up

  • cmdline-opts/_EXITCODES: Sync with libcurl-errors

  • cmdline-opts/_VARIABLES.md: Improve the description

  • cmdline-opts/_VERSION: Provide %VERSION correctly

  • cmdline-opts: Shorter help texts

  • configure Add pkg-config support to rustls detection

  • configure: Add warning for using TLS libraries without 1.3 support

  • configure: Build and install shell completions when enabled

  • configure: Do not link with nghttp3 unless necessary

  • configure: Don't build shell completions when disabled

  • configure: Don't make shell completions without perl

  • configure: Find libpsl with pkg-config

  • connect.c: Fix typo

  • CONTRIBUTE: Update the section on documentation format

  • cookie.md: Provide an example sending a fixed cookie

  • cookie: If psl fails, reject the cookie

  • curl: exit on config file parser errors

  • curl: Make --libcurl output better CURLOPT_*SSLVERSION

  • curl: When allocating variables, add the name into the struct

  • curl_setup.h: Add curl_uint64_t internal type

  • curldown: Fix email address in Copyright

  • CURLMOPT_MAX*: Mention what happens if changed mid-transfer

  • CURLOPT_INTERFACE.md: Remove spurious ampersand, add see-also

  • CURLOPT_POSTQUOTE.md: Fix typo

  • CURLOPT_SSL_CTX_FUNCTION.md: No promises of lifetime after return

  • CURLOPT_WRITEFUNCTION.md: Typo fix

  • digest: Add check for hashing error

  • dist: Make sure the http tests are in the tarball

  • DISTROS: Add document with distro pointers

  • docs/libcurl: Add TLS backend info for all TLS options

  • docs/libcurl: Generate PROTOCOLS from meta-data

  • docs: Add missing slashes to SChannel client certificate documentation

  • docs: Add necessary setup for nghttp3

  • docs: ASCII version of manpage without nroff

  • docs: dist curl*.1 and install without perl

  • docs: Make curldown do angle brackets like markdown

  • docs: Make each libcurl man specify protocol(s)

  • docs: Make sure curl.1 is included in dist tarballs

  • docs: Update minimal binary size in INSTALL.md

  • docs: Use present tense

    & examples: Use present tense in comments

  • file: Use xfer buf for file:// transfers

  • fopen: Fix narrowing conversion warning on 32-bit Android

  • form-string.md: Correct the example

  • ftp: Do lineend conversions in client writer

  • ftp: Fix socket wait activity in ftp_domore_getsock

  • ftp: Tracing improvements

  • ftp: Treat a 226 arriving before data as a signal to read data

  • gen.pl: Make the "manpageification" faster

  • gen: Make '\>' in input to render as plain '>' in output

  • getparam: Make --ftp-ssl work again

  • GHA/linux: Add sysctl trick to work-around GitHub runner issue

  • GIT-INFO: Convert to markdown

  • GOVERNANCE: Document the core team

  • header.md: Remove backslash, make nicer markdown

  • HTTP/2: Write response directly

  • http2, http3: Return CURLE_PARTIAL_FILE when bytes were received

  • http2: Fix push discard

  • http2: Memory errors in the push callbacks are fatal

  • http2: Minor tweaks to optimize two struct sizes

  • http2: Push headers better clean-up (CVE-2024-2398)

  • http2: Remove the third (unused) argument from http2_data_done()

  • HTTP3.md: Adjust the OpenSSL QUIC install instructions

  • http: Better error message for HTTP/1.x response without status line

  • http: Improve response header handling, save CPU cycles

  • http: Move headers collecting to writer

  • http: Remove stale comment about rewindbeforesend

  • http: Separate response parsing from response action

  • http_chunks: Fix the accounting of consumed bytes

  • http_chunks: Remove unused 'endptr' variable

  • https-proxy: Use IP address and cert with IP in alt names

  • hyper: Implement unpausing via client reader

  • ipv6.md: Mention IPv4 mapped addresses

  • KNOWN_BUGS: POP3 issue when reading small chunks

  • lib1598: Fix 'CURLOPT_POSTFIELDSIZE' usage

  • lib582: Remove code causing warning that is never run

  • lib: Add 'void *ctx' to reader/writer instances

  • lib: Convert Curl_get_line to use dynbuf

  • lib: Curl_read/Curl_write clarifications

  • lib: Enhance client reader resume + rewind

  • lib: Initialize output pointers to NULL before calling strto[ff,l,ul]

  • lib: Keep conn IP information together

  • lib: Move 'done' parameter to SingleRequests

  • lib: Remove curl_mimepart object when CURL_DISABLE_MIME

  • libcurl-docs: Clean-ups

  • libcurl-security.md: Active FTP passes on the local IP address

  • libssh/libssh2: Return error on too big range

  • MANUAL.md: Fix typo

  • mbedtls: Fix building when MBEDTLS_X509_REMOVE_INFO flag is defined

  • mbedtls: Fix pytest for newer versions (CVE-2024-2466)

  • mbedtls: Properly clean up the thread-shared entropy

  • mbedtls: Use mbedtls_ssl_conf_{min|max}_tls_version

  • md4: Include strdup.h for the memdup proto

  • mime: Add client reader
  • misc: Fix typos in docs and lib

  • mkhelp: Simplify the generated hugehelp program

  • mprintf: Fix format prefix I32/I64 for windows compilers

  • multi: Add xfer_buf to multi handle

  • multi: Fix multi_sock handling of select_bits

  • multi: Make add_handle free any multi_easy

  • ngtcp2: No recvbuf for stream

  • ntml_wb: Fix buffer type typo

  • OpenSSL QUIC: Adapt to v3.3.x

  • openssl-quic: Check on Windows that socket conv to int is possible

  • openssl-quic: Fix BIO leak and Windows warning

  • openssl-quic: Fix unity build, casing, indentation

  • OS400: Avoid using awk in the build scripts

  • paramhlp: Fix CRLF-stripping files with "-d @file"

  • proxy1.0.md: Fix example

  • pytest: Adapt to API change

  • request: Clarify message when request has been sent off

  • rustls: Make curl compile with 0.12.0

  • schannel: Fix hang on unexpected server close

  • scripts: Fix cijobs.pl for Azure and GHA

  • sendf: Ignore response body to HEAD

  • setopt: Fix check for CURLOPT_PROXY_TLSAUTH_TYPE value

  • setopt: Fix disabling all protocols (CVE-2024-2004)

  • sha512_256: Add support for GnuTLS and OpenSSL

  • smtp: Fix STARTTLS

  • SPONSORS: Describe the basics

  • strtoofft: Fix the overflow check

  • test1541: Verify getinfo values on first header callback

  • test1165: Improve pattern matching

  • tests: Support setting/using blank content environment variables

  • TIMER_STARTTRANSFER: Set the same for everyone

  • TLS: Start shutdown only when peer did not already close

  • TODO: Update 13.11 with more information

  • tool_cb_hdr: Only parse etag + content-disposition for 2xx

  • tool_getparam: Accept a blank -w ""

  • tool_getparam: Handle non-existing (out of range) short-options

  • tool_operate: Change precedence of server Retry-After time

  • tool_operate: Do not set CURLOPT_QUICK_EXIT in debug builds

  • trace-config.md: Remove the mutexed options list

  • transfer.c: Break receive loop in speed limited transfers

  • transfer: Improve Windows SO_SNDBUF update limit

  • urldata: Move authneg bit from conn to Curl_easy

  • version: Allow building with ancient libpsl

  • vquic-tls: Fix the error code returned for bad CA file (CVE-2024-2379)

  • vtls: Fix tls proxy peer verification
  • vtls: Revert "receive max buffer" + add test case

  • VULN-DISCLOSURE-POLICY.md: Update detail about CVE requests

  • websocket: Fix curl_ws_recv()

  • wolfSSL: Do not call the stub function wolfSSL_BIO_set_init()

  • write-out.md: Clarify error handling details

• Updated dovecot (2.3.21) to drop i686 build from Fedora 40 onwards as per Changes/EncourageI686LeafRemoval

• Updated perl-Variable-OnDestruct to 0.08:

  • Revert not catching exceptions from destruct handlers
  • Restore functionality on perl ≤ 5.12

Sunday 31st March 2024

Fedora Project

• Updated perl-IO-Compress to 2.208 in Rawhide:

  • Update zipdetails to version 4.002 (see https://github.com/pmqs/zipdetails/blob/v4.002/Changes for details)

  • Test cz-14gzopen.t was failing on AFS filesystem (GH#56)

• Updated proftpd (1.3.8b) in F-38, F-39, F-40, Rawhide and EPEL-9 to add 'proxy' sub-package with unbundled mod_proxy (Bug#2272051) and also a small fix for fsio.c (GH#1677)

Local Packages

• Updated perl-Compress-Raw-Lzma (2.209) to rebuild against xz 5.4.6 in Fedora 40 onwards

• Updated perl-IO-Compress to 2.208 as per the Fedora version

• Updated perl-Variable-OnDestruct to 0.09:

  • Further fix on older perls

• Updated proftpd (1.3.8b and 1.3.9) as per the Fedora version