Paul's Blog Entries for July 2024
Saturday 6th July 2024
Local Packages
Updated perl-Test-Without-Module to 0.22:
- Fix test suite to not skip a failing test
- License changed to Artistic-2.0
Sunday 7th July 2024
Local Packages
Updated libxslt to 1.1.42:
- Regressions:
extensions: Re-add call to xmlCheckFilename with older libxml2
- Improvements:
utils: Don't use deprecated xmlCharEncodingHandler member
transform: Handle filesystem paths after libxml2 changes
locale: Work around issue with FreeBSD's strxfrm_l
- Build Systems:
cmake: Add LIBXSLT_WITH_PROGRAMS option
cmake: Fix HAVE_GCRYPT check
Monday 8th July 2024
Fedora Project
Updated perl-IO-Socket-SSL to 2.087 in Rawhide:
Internal optimzation: implement _touch_entry in session cache instead of using del+add
Support for PSK, see SSL_psk in documentation
Local Packages
Updated c-ares to 1.32.1:
- This is a feature and bugfix release
- Features:
Add support for DNS 0x20 to help prevent cache poisoning attacks, enabled by specifying 'ARES_FLAG_DNS0x20', disabled by default (GH#800)
Rework query timeout logic to automatically adjust timeouts based on network conditions; the timeout specified is now only used as a hint until there is enough history to calculate a more valid timeout (GH#794)
- Changes:
Enable Query Cache by default (GH#786)
DNS RR TXT strings should not be automatically concatenated as there are use cases outside of RFC 7208; in order to maintain ABI compliance, the ability to retrieve TXT strings concatenated is retained as well as a new API to retrieve the individual strings, which restores behaviour from c-ares 1.20.0 (GH#801)
Clean up header inclusion logic to make hacking on code easier (GH#797)
- GCC/Clang: Enable even more strict warnings to catch more coding flaws
MSVC: Enable '/W4' warning level (GH#792)
- Bugfixes:
Enhance Windows DNS configuration change detection to also detect manual DNS configuration changes (GH#785)
Various legacy MacOS Build fixes (GH#782)
Ndots value of zero in resolv.conf was not being honoured
Watt-32 build support had been broken for some time (GH#781)
Distribute 'ares_dns_rec_type_tostr' manpage (GH#778)
Tests: Fix thread race condition in test cases for EventThread (GH#803)
Windows: Fix building with UNICODE (GH#802)
Thread Safety: 'ares_timeout()' was missing lock
Fix building with DJGPP (32-bit protected mode DOS) (GH#789)
Channel lock needs to be recursive to ensure calls into c-ares functions can be made from callbacks, otherwise deadlocks will occur (fixes regression introduced in 1.32.0)
Updated perl-IO-Socket-SSL to 2.087 as per the Fedora version
Updated perl-Module-CoreList to 5.20240702:
- Updated for v5.41.0 and v5.41.1
Tuesday 9th July 2024
Fedora Project
Bumped and rebuilt gtorrentviewer (0.2b) in Rawhide to fix FTBFS in Koschei due to use of obsolete %patchN syntax, already fixed in git
Bumped and rebuilt mod_fcgid (2.3.9) in Rawhide to fix FTBFS in Koschei due to use of obsolete %patchN syntax, already fixed in git
Bumped and rebuilt perl-Archive-Any-Lite (0.11) in Rawhide to fix FTBFS in Koschei due to use of obsolete %patchN syntax, already fixed in git
Updated perl-Business-ISBN-Data to 20240709.001 in Rawhide:
- Data update for 20240709
Bumped and rebuilt perl-Convert-PEM (0.08) in Rawhide to fix FTBFS in Koschei due to use of obsolete %patchN syntax, already fixed in git
Bumped and rebuilt perl-Crypt-DSA (1.17) in Rawhide to fix FTBFS in Koschei due to use of obsolete %patchN syntax, already fixed in git
Bumped and rebuilt perl-Module-Install-ReadmeFromPod (0.30) in Rawhide to fix FTBFS in Koschei due to use of obsolete %patchN syntax, already fixed in git
Updated perl-Net-SSLeay (1.94) in Rawhide to BR: openssl-devel-engine, at least for now, as the build fails in the absence of <openssl/engine.h>
- I will consider building without engine support a little later.
Bumped and rebuilt perl-Readonly (2.05) in Rawhide to fix FTBFS in Koschei due to use of obsolete %patchN syntax, already fixed in git
Bumped and rebuilt perl-Test-utf8 (1.02) in Rawhide to fix FTBFS in Koschei due to use of obsolete %patchN syntax, already fixed in git
Local Packages
Updated mod_fcgid (2.3.9) as per the Fedora version
Updated perl-Net-SSLeay (1.94) as per the Fedora version
Wednesday 10th July 2024
Fedora Project
Updated libssh2 (1.11.0) in Rawhide to build without OpenSSL ENGINE support from Fedora 41 onwards
Updated perl-Business-ISBN-Data to 20240710.001 in Rawhide:
- Data update for 20240710
Updated perl-IO-Socket-SSL (2.087) to pick an upstream fix for runtime warning (GH#155, PR#1)
Local Packages
Updated libssh2 (1.11.0) as per the Fedora version
Updated perl-IO-Socket-SSL (2.087) as per the Fedora version
Thursday 11th July 2024
Fedora Project
Updated curl (8.8.0) in Rawhide to fix build with OpenSSL ENGINE support from Fedora 41 onwards
Updated perl-Lexical-SealRequireHints (0.012) to package its tests (PR#1)
Updated proftpd (1.3.8b) to fix support for building with no ENGINE support in OpenSSL (GH#1816) and avoid a potential null pointer dereference in mod_tls and mod_proxy (GH#1817)
Local Packages
Updated curl (8.8.0) as per the Fedora version
Updated proftpd (1.3.8b) as per the Fedora version
Sunday 14th July 2024
Fedora Project
Merged PR#2 for perl-Readonly (2.05) in Rawhide to remove an old conditional
Local Packages
Downgraded nmap to 7.92 to address NPSL license issue (Bug #2296006):
https://gitlab.com/fedora/legal/fedora-license-data/-/issues/543
The pcre2 library is only used from F-40 onwards again, as it was prior to 7.95
Support EMS in ssl-enum-ciphers
Monday 15th July 2024
Fedora Project
Updated perl-IO-Socket-SSL to 2.088 in Rawhide:
- Minor fixes for use on ancient versions of perl and for building with newer versions of openssl
Local Packages
Updated perl-Feature-Compat-Class to 0.07:
Updated for Perl v5.40 to support the ':reader' field attribute and '__CLASS__' keyword
Use 'Object::Pad' v0.806 on older perls, in order to support field initialiser expressions that can see earlier fields
Updated perl-IO-Socket-SSL to 2.088 as per the Fedora version
Updated perl-Test-Without-Module to 0.23:
Lower minimum required Perl version back to 5.006 (GH#5)
Tuesday 16th July 2024
Fedora Project
Updated perl-Business-ISBN-Data to 20240716.001 in Rawhide:
- Data update for 20240716
Thursday 18th July 2024
Local Packages
Updated dovecot (2.3.21):
- Fix sieve crash when there are two missing optional scripts
- Do not use deprecated OpenSSL v3 ENGINE API if the Provider API is available
Drop dependency on libstemmer on RHEL
- Use sysusers from Fedora 41 onwards
Rebuilt ansible-collection-community-libvirt (1.3.0), bluefish (2.2.15), curl (8.8.0), geoipupdate (7.0.1) and Judy (1.0.5) for the Fedora_41_Mass_Rebuild
Friday 19th July 2024
Fedora Project
Updated perl-Business-ISBN-Data to 20240718.001 in Rawhide:
- Data update for 20240718
Local Packages
Rebuilt check (0.15.2), grepmail (5.3111), gtkwave (3.3.119), libgpg-error (1.50), libidn (1.42), libnet (1.3), libssh2 (1.11.0), libxml2 (2.12.8), libxslt (1.1.42), mcrcon (0.7.2), mod_fcgid (2.3.9), nmap (7.92), perl-Any-Moose (0.27), perl-Class-XSAccessor (1.19), perl-DBI (1.643), perl-Dir-Self (0.11) and pptp (1.10.0) for the Fedora_41_Mass_Rebuild
Retired libmetalink from Fedora 40 onwards
Saturday 20th July 2024
Local Packages
Rebuilt perl-Feature-Compat-Class (0.07), perl-Function-Parameters (2.2.4) and perl-HTML-Lint (2.32) for the Fedora_41_Mass_Rebuild
Sunday 21st July 2024
Local Packages
Updated perl-IO-AIO (4.81), perl-MCE (1.897), perl-MIME-Types (2.26), perl-MIME-tools (5.515), perl-Moose (2.2207), perl-Mouse (2.5.10), perl-Net-DNS (1.45), perl-Object-HashBase (0.013), perl-Perl-Critic (1.152), perl-Perl-Tidy (20240511) and python-passlib (1.7.4) for the Fedora_41_Mass_Rebuild
Monday 22nd July 2024
Fedora Project
Updated python-paramiko (3.4.0) on Rawhide to remove cache Sphinx build folder ".doctrees"
Local Packages
Updated python2-mod_wsgi to 5.0.0 from F-40 onwards, as per the equivalent package for Python 3 in Fedora
Rebuilt perl-Specio (0.48), perl-Test-InDistDir (1.112071), perl-Test-LeakTrace (0.17), perl-Type-Tiny (2.004000), perl-Types-Path-Tiny (0.006), proftpd (1.3.8b) and python2-mod_wsgi (5.0.0) for the Fedora_41_Mass_Rebuild
Tuesday 23rd July 2024
Fedora Project
Updated perl-Net-SSLeay (1.94) in Rawhide to build without OpenSSL ENGINE support
Local Packages
Updated perl-Module-CoreList to 5.20240702:
- Updated for v5.41.2
Updated perl-Net-SSLeay (1.94) to build without OpenSSL ENGINE support in Fedora 41 onwards
Updated python2-xapian (1.4.23) to sync with xapian-bindings-1.4.23-4 in Rawhide
Updated sendmail (8.18.1) to pull in openssl-devel-engine to fix build in Fedora 41 onwards, and to prepare for bin-sbin merge (Changes/Unify_bin_and_sbin)
Rebuilt rbldnsd (0.998b), smbldap-tools (0.9.11), spamass-milter (0.4.0) for the Fedora_41_Mass_Rebuild
Wednesday 24th July 2024
Local Packages
Updated curl to 8.9.0:
curl: Add --ip-tos (IP Type of Service/Traffic Class)
curl: Add --mptcp
curl: Add --vlan-priority
curl: Add -w %{num_retries}
gnutls: Support CA caching
mbedtls: Support CURLOPT_CERTINFO
- noproxy: Patterns need to be comma-separated
socket: Support binding to interface and IP
tcpkeepalive: Add CURLOPT_TCP_KEEPCNT and --keepalive-cnt
urlapi: Add CURLU_NO_GUESS_SCHEME
wolfssl: Support CA caching
(lib)curl.rc: Set debug flag also for 'CURLDEBUG' and 'UNITTESTS'
asyn-thread: Avoid using GetAddrInfoExW with impersonation
- aws-sigv4: URL encode the canonical path
BINDINGS: Update java link to one that exists
build: Add Debug, TrackMemory, ECH to feature list
- build: Add more supported attributes to the IAR compiler
- build: Fix llvm 16 or older + Xcode 15 or newer, and gcc
- build: Fix llvm 17 and older + macOS SDK 14.4 and newer
- build: Sync warning options between autotools, cmake and compilers
build: Tidy up '__builtin_available' feature checks (Apple)
build: Untangle 'CURLDEBUG' and 'DEBUGBUILD' macros
build: Use '#error' instead of invalid syntax
cd2nroff: Convert two warnings to errors
cd2nroff: Use an empty "##" to signal end of .IP sequence
cf-socket: Improve SO_SNDBUF update for Winsock
cf-socket: Optimize curlx_nonblock() and check its return error
cf-socket: Remove obsolete recvbuf
- cf-socket: Remove two "useless" assignments
cfilters: Make Curl_conn_connect always assign 'done'
cmake: Add CURL_USE_GSASL option with detection + CI test
cmake: Allow 'ENABLE_CURLDEBUG=OFF' with 'ENABLE_DEBUG=ON'
cmake: Allow SOVERSION override with 'CURL_LIBCURL_SOVERSION'
- cmake: Alpha-sort feature list
cmake: Always build unit tests with the 'testdeps' target
cmake: Bring 'curl-config.cmake' closer to 'FindCURL'
cmake: Create 'configurehelp.pm' like autotools does
cmake: Delete unused 'HAVE_LIBSSH2', 'HAVE_LIBSOCKET' macros
cmake: Detect 'libidn2' also via 'pkg-config'
cmake: Enable SOVERSION for Cygwin and 'CMAKE_DLL_NAME_WITH_SOVERSION'
cmake: Fix '-Wredundant-decls' in unity/mingw-w64 builds
cmake: Fix brotli lib order
cmake: Fix building 'unit1600' due to missing 'ssl/openssl.h'
- cmake: Fix building in unity mode
- cmake: Fix building with both md4 and md5 in unity mode
cmake: Fix builds with detected libidn2 lib but undetected header
cmake: Fix feature and protocol lists for SecureTransport
cmake: Fix quotes when appending multiple options (SecureTransport)
- cmake: Fix test 1013 with websockets enabled and no TLS
- cmake: Improve wolfSSL detection
- cmake: Show protocols, then features
cmake: Stop setting SOVERSION for the static lib target
- cmake: Sync CA bundle/path detection with autotools
cmake: Sync protocol/feature list with 'curl -V' output
- cmake: Use 'APPLE' instead of 'CMAKE_SYSTEM_NAME' string
- cmake: Whitespace, formatting/tidy-up in comments
- cmdline-docs: "added in" clean-ups
cmdline-docs: Fix '--proxy-ca-native' example and tidy-ups
cmdline-opts/_PROTOCOLS.md: Mention WS(S)
cmdline-opts/ech.md: Shorten the help text
cmdline-opts/fail.md: Expand and clarify
cmdline-opts/interface.md: Expand the documentation
- cmdline-opts: Category clean-up
- cmdline-opts: Expand the parallel explanations
- cmdline-opts: Shorten six help texts
- cmdline: Expand proxy option explanations
- code: Language clean-up in comments
- configure: CA bundle/path detection fixes
configure: Fix 'SystemConfiguration' detection
configure: Fix pkg-config library name 'libnghttp3'
configure: Fix pkg-config names (zstd, ngtcp2*)
configure: Limit 'SystemConfiguration' test to non-c-ares, IPv6 builds
configure: Remove 'deeper' checks for 'AC_CHECK_FUNCS'
configure: Require a QUIC library if nghttp3 is used
- configure: Sort feature list, lowercase protocols, use backticks
configure: Use '$EGREP' in place of 'grep -E'
configure: Use AC_MSG_WARN for TLS/experimental warning texts
connect-to.md: Expand with examples
- connection: Shutdown TLS (for FTP) better
cookie-jar.md: See also --junk-session-cookies
curl-config: Revert to backticks to support old target envs
curl: Allow etag and content-disposition for 3xx reply
curl: bsearch the --write-out variable name
curl: Check for --disable case-sensitively
curl: List categories in --help
curl: Make warnings and other messages aware of terminal width
curl: Output "flying saucers" with leading carriage return
curl_easy_escape: Elaborate a little on encoding a URL
curl_mprintf.md: Add missing comma
curl_multi_poll.md: Expand the example with an custom file descriptor
curl_str[n]equal.md: Tidy up text to make them stand-alone
curl_url_set.md: libcurl only parses :// URLs
curl_url_set: Elaborate on scheme guessing
curldown: Make 'added-in:' a mandatory header field
CURLOPT_CONNECTTIMEOUT*: Clarify, document the millisecond version
CURLOPT_ECH.md: Remove repeated 'if'
CURLOPT_NETRC.md: Clarify what it does on Windows
CURLOPT_RESOLVE.md: Mention hostname can be wildcard ('*')
CURLOPT_SSL_VERIFYHOST.md: Refresh
CURLOPT_TLSAUTH_PASSWORD/USERNAME.md: Language fixups
DISTROS: Add a link to the list archive
DISTROS: Add AlmaLinux package source link
DISTROS: Add MSYS2 (native) links
docs/cmdline-opts: Fix mail-auth example TLD typo
docs/cmdline-opts: Remove two superfluous "Added in" mentions
docs/libcurl: Polish the single-line descriptions
docs/Makefile.am: Make curl-config.1 install
docs: Reference non deprecated libcurl options
- docs: Start markdown headers with capital letter where applicable
doh-insecure.md: Expand
- doh: Fix clean-up
- doh: Fix leak and zero-length HTTPS RR crash
dump-header.md: Mention minus for stdout
examples/threaded-ssl: Remove locking callback code
examples: Add missing binaries to .gitignore
- examples: Delete unused includes
- examples: Fix compiling with MSVC
- examples: Suppress deprecation warnings locally
FEATURES.md: Refresh
- file: Separate fake headers and body with a stand-alone CRLF
- ftp: Remove redundant null pointer check in loop condition
get.d: Clarify the explanation
- GHA/windows: Add MSVC wolfSSL job with test
- GHA/windows: Ignore FTP test results for old-mingw-w64
- GHA: Add MSVC UWP job, expand jobs with more options
- GHA: Detect and warn for more English contractions
GHA: Disable MQTT and WebSocket tests in Windows jobs
- GHA: Disable TFTP tests in Windows jobs
- GHA: Enable tests 1139, 1177, 1477 on Windows
- GHA: Improve vcpkg cache, add BoringSSL ECH and LibreSSL MSVC jobs
- GHA: Unify http3 workflows into one
- GHA: Use vcpkg to install packages for MSVC jobs
GIT-INFO.md: Remove version requirements
- gnutls: Improve TLS shutdown
- gnutls: Pass in SNI name, not hostname when checking cert
- help: Add flags to output and ssh categories
- hostip: Skip error check for infallible function call
- http/3: Add shutdown support
- http/3: Resume upload on ack if we have more data to send
- http: Remove "struct HTTP"
- http: Write last header line late
- idn: Fix ß with AppleIDN
- idn: Make macidn fail before trying conversion if name too long
idn: Tweak buffer use when converting with macidn (CVE-2024-6874)
lib/v*: Tidy up types and casts
lib: Add a few DEBUGASSERT(data) to aid code analyzers
- lib: Add failure reason on bind errors
- lib: Fix gcc warning in certain debug builds
- lib: Fix thread entry point to return 'DWORD' on WinCE
- lib: Graceful connection shutdown
lib: Prefer 'var = time(NULL)' over 'time(&var)'
- lib: Tidy up types and casts
lib: xfer_setup and non-blocking shutdown
- libcurl-docs: Make option lists alpha-sorted
libcurl-easy.md: Now more than 300 options
libcurl.pc: Add 'Requires.private', 'Requires' for static linking
libcurl.pc: Add more 'Requires.private'/'Requires' dependencies
libssh: Remove CURLOPT_SSL_VERIFYHOST check
- macos: Add workaround for gcc, non-c-ares, IPv6, compile error
- macos: Undo 'availability' macro enabled by Homebrew gcc
- managen: "added in" fixes
- managen: Clean-ups to generate nicer-looking output
- managen: Error on trailing blank lines in input files
- managen: Fix removing backticks from subtitles
managen: Insert final .fi for files ending with a quote
- managen: Introduce "Multi: per-URL"
managen: Only output .RE for manpage output
- managen: Output tabs for each 8 leading spaces
- managen: Warn on excessively long help texts
MANUAL.md: Wrap two example urls that overrun styling
- mbedtls: Check version before getting tls version
- mbedtls: Check version for cipher id
- mbedtls: Correct the error message for cert blob parsing failure
- mbedtls: Send close-notify on close
- mbedtls: v3.6.0 workarounds
- md4: Fix compilation with OpenSSL 1.x with md4 disabled
- misc: Fix typos
mk-ca-bundle.pl: Delay 'curl -V' execution until it is needed
multi: Add multi->proto_hash, a key-value store for protocol data
- multi: Do a final progress update on connect failure
multi: Fix multi_wait() timeout handling
- multi: Fix pollset during RESOLVING phase
multi: multi_getsock(), check correct socket
ngtcp2+quictls: Fix cert-status use
- noproxy: Test bad ipv6 net size first
- openssl/gnutls: Rectify the TLS version checks for QUIC
openssl: Fix %-specifier in infof() call
- openssl: Fix hostname handling when using ECH
- openssl: Stop duplicate ssl key logging for legacy OpenSSL
- os400: Make it compilable again
- pytest: Add ftp upload tests
pytest: Include testenv/vsftpd.py in dist tarball
- quic: Enable UDP GRO
- quic: openssl quic, cmake and doc version update to 3.3.0
- quic: Require at least OpenSSL 3.3 for QUIC
- quic: Update to quiche 0.22.0
quiche: Fix operand of ‘?:’ changes signedness
request.md: Language fix
- request: Change the struct field bodywrites to a bool, only for hyper
reuse: Switch to REUSE 3.2 and REUSE.toml
- runtests: Show name and keywords for failed tests in summary
- runtests: Sort test IDs in summary lines
runtests: Support %DATE for YYYY-MM-DD of right now
runtests: Support %VERNUM
runtests: Support crlf="yes" for the <stderr> section
sectransp: Fix 'HAVE_BUILTIN_AVAILABLE' checks to not emit warnings
- sectransp: Fix clang compiler warnings, stop silencing them
- sectransp: Remove large cipher table
- sectransp: Use common code for cipher suite lookup
- sendf: Fix CRLF conversion of input
- smtp: For starttls, do full upgrade
socket: Change TCP keepalive from ms to seconds on DragonFly BSD
socket: Use SOCK_NONBLOCK to eliminate extra system call
socketpair: Add 'eventfd' and use 'SOCK_NONBLOCK' for 'socketpair()'
src/Makefile.am: Remove SUBDIRS assignment
system_win32: Add missing curl.h include
tcpkeepalive: Support TCP keep-alive parameters on Solaris <11.4
test1119: Adapt for '.md' input
test1139: Scan .md files instead of .3 ones
test1175: Scan libcurl-errors.md, not the generated .3 version
test1486: Verify that write-out.md and tool_writeout.c are in sync
test2600: Disable on win32
test: Add test1484, for HEAD with content
test: Add test1546, chunked not last transfer encoding
tests/scripts: Call it 'manpage' (single word)
tests: Add pytest for --ciphers and --tls13-ciphers options
tests: Delete 'CharConv' remains
tests: Delete redundant '!MSDOS' guard
tests: Extend user/password parsing test1620
tests: Fix sshd IdentityFile path for MinGW/Cygwin
tests: Fix sshd UserKnownHostsFile path for MinGW/Cygwin
- tests: Include current directory when running test Perl commands
- tests: Log "Throwing away" messages before throwing away
tests: Run with "--trace-config all" to provide even more info
tests: Sync feature names with 'curl -V'
tests: test_17_ssl_use.py clarify mbedTLS TLSv1.3 support
tests: Use exec when spawning nghttpx
- tidy-up: Use consistent casing for Windows directories
TODO: Remove some old, clarify, add something
tool_cb_hdr: Return error for failed header writes
tool_operate: Avoid explicitly setting verifypeer to 1
tool_operate: Simplify return code handling from url_proto()
tool_writeout: Get certinfo only when needing it
trace-ascii.md: Mention "%" for stderr
- transfer: Avoid polling socket every transfer loop
- transfer: conn close on paused upload
transfer: Do not use EXPIRE_NOW while blocked
transfer: Remove curl_upload_refill_watermark, no longer used
transfer: Set CSELECT_IN if there is data pending
unit2604: Use 'unitfail' instead of 'error' variable
- url: Allow DoH transfers to override max connection limit
urlapi: Remove unused definition of HOST_BAD
variable.md: Make example use expand
verify-synopsis.pl: Work with .md files
- vms: Fixed language in comment
- vtls: Deprioritize Secure Transport
vtls: Replace addsessionid with set_sessionid
- winbuild: Fix PE version info debug flag
- winbuild: MS-DOS batch tidy-ups
- winbuild: Remove outdated WIN32 defines
- windows: Fix UWP builds, add GHA job
winsock: Move SO_SNDBUF update into cf-socket
wolfssl: Assume key_file equal to clientcert if no key_file
- wolfssl: Use larger error buffer when formatting errors
x509asn1: Add some common ECDSA OIDs
x509asn1: ASN1tostr() should fail when 'constructed' is set
x509asn1: Fallback to dotted OID representation
x509asn1: Make Curl_extract_certinfo store error message
x509asn1: Prevent NULL dereference
x509asn1: Remove superfluous free() (CVE-2024-6197)
x509asn1: Remove two static variables
Thursday 25th July 2024
Fedora Project
Updated perl-Business-ISBN-Data to 20240725.001 in Rawhide:
- Data update for 20240725
Local Packages
Updated c-ares to 1.32.3:
- This is a bugfix release
- Changes:
- Prevent complex recursion during query re-queuing and connection clean-up for stability
- Better propagate error codes in re-queue situations
Try to prevent SIGPIPE from being generated and delivered to integrations
- Bugfixes:
Windows: Rework EventThread AFD code for better stability (GH#811)
- Windows: If an IP address was detected to have changed, it could lead to a crash due to a bad pointer (regression introduced in 1.31.0)
Windows: Use 'QueryPerformanceCounters()' instead of 'GetTickCount64()' for better time accuracy (~15ms => ~1us)
Windows 32-bit config change callback needs to be tagged as 'stdcall', otherwise it could result in a crash
Tests that need accurate timing should not depend on internal symbols as there are C++ equivalents in 'std::chrono' (GH#809)
- Kqueue (MacOS, *BSD): If the open socket count exceeded 8 (unlikely), it would try to allocate a new buffer that was too small
Missing manpage for 'ares_dns_record_set_id()'
Memory leak in 'ares__hosts_entry_to_hostent()' due to allocation strategy (GH#824)
UDP write failure detected via ICMP unreachable should trigger faster failover (GH#821)
Fix pycares test case regression due to wrong error code being returned (regression from 1.31.0) (GH#820)
Fix possible Windows crash during 'ares_destroy()' when using event threads
'ARES_OPT_MAXTIMEOUTMS' wasn't being honoured in all cases
Updated java-1.8.0-oracle to Java SE 8 update 421
Saturday 27th July 2024
Fedora Project
Updated libssh2 (1.11.0) in Rawhide to fix test suite failures with OpenSSH 9.8p1 (GH#1433)
Local Packages
Updated libssh2 (1.11.0) as per the Fedora version
Sunday 28th July 2024
Local Packages
Updated perl-DateTime-Locale to 1.43:
Fixed the prefers_24_hour_time method, which was incorrectly returning false when the locale's time_format_short method contained a quote string with "h" or "K" in it, e.g. the fr-CA locale's time_format_short is "HH 'h' mm": the quoted 'h' caused this method to return false (GH#39)
Wednesday 31st July 2024
Local Packages
Updated curl to 8.9.1:
cmake: Detect 'libssh' via 'pkg-config'
cmake: Detect 'nettle' when building with GnuTLS
cmake: Drop 'if(PKG_CONFIG_FOUND)' guard for 'pkg_check_modules()'
configure: Limit '__builtin_available' test to Darwin
connect: Fix connection shutdown for event-based processing
contrithanks.sh: Use -F with -v to match lines as strings
curl: More defensive socket code for --ip-tos
CURLOPT_SSL_CTX_FUNCTION.md: Mention CA caching
CURLSHOPT_SHARE.md: Mention sessions/cookies as not thread-safe
example/multi-uv: Remove the use of globals
ftpserver.pl: Make POP3 LIST serve content from the test file
GHA/windows: Increase timeout for vcpkg build step
lib: Survive some NULL input args
- macos: Fix Apple SDK bug workaround for non-macOS targets
- misc: Clean-up after removing years from copyright
- os400: Build CLI manual
- os400: Work around an IBM ASCII run-time library bug
RELEASE-PROCEDURE.md: Remove the initial build step
runtests: Fold timing details with GHA, sync '-r' tflags
- tests: Provide FTP directory contents in the test file
- tidy-up: URL updates
TODO: Thread-safe sharing
- transfer: Speed limiting fix for 32-bit systems
- vtls: Avoid forward declaration in MultiSSL builds
wolfSSL: Allow wolfSSL's implementation of kyber to be used
wolfssl: Avoid calling get_cached_x509_store if store is uncachable
- wolfssl: CA store share fix
x509asn1: Unit tests and fixes for gtime2str (CVE-2024-7264)
Previous Month: June 2024
Next Month: August 2024