Paul's Blog Entries for December 2024
Tuesday 3rd December 2024
Fedora Project
Updated perl-Convert-PEM to 0.13 in Rawhide and EPEL-10:
Fix recent issues in Crypt::DSA (CPAN RT#156495)
Handle undefined values and redefined iv (GH#2)
Updated perl-OLE-Storage_Lite to 0.20 in EPEL-8:
Fixed issue with dates being misinterpreted after 2020 (CPAN RT#124513)
Wednesday 4th December 2024
Fedora Project
Updated perl-Crypt-Curve25519 (0.07) in Rawhide to use the %{make_build} and %{make_install} macros
Updated perl-Crypt-DSA to 1.19 in Rawhide:
- New maintainer
This release resolves CVE-2011-3599
- Added a statement to recommend against using DSA
- Fixed a few long standing bugs
The build process is moved to Dist::Zilla
Updated perl-IO-Socket-Socks (0.74) in Rawhide to use the %{make_build} and %{make_install} macros, and to enable SOCKS_SLOW_TESTS
Updated perl-Math-GMP (2.25) in Rawhide to use the %{make_build} and %{make_install} macros
Updated perl-Test-Manifest (2.024) in Rawhide to use the %{make_build} and %{make_install} macros
Branched and built perl-Crypt-Curve25519 (0.07) for EPEL-10
Branched and built perl-Data-Buffer (0.06) for EPEL-10
Branched and built perl-IO-Socket-Socks (0.74) for EPEL-10
Branched and built perl-Math-GMP (2.25) for EPEL-10
Branched and built perl-Test-Manifest (2.024) for EPEL-10
Local Packages
Updated mcrcon to 0.7.3:
Add support for Valve style rcon authentication (GH#106)
Change maximum packet size to correct value (4096 => 4106) (GH#103)
Print auth failed message to stderr instead of stdout
- Fail immediately if received packet size is out of spec
Return proper exit code from run_terminal_mode()
Add error messages to rcon_command() function
Thursday 5th December 2024
Fedora Project
Updated perl-Business-ISBN-Data to 20241205.001 in Rawhide:
- 2024-12-04 data update
Local Packages
Updated unrar to 7.10 beta 2
Friday 6th December 2024
Local Packages
Updated davfs2 (1.7.1) to add support for building with neon version 0.34
Saturday 7th December 2024
Fedora Project
Branched and built python-lexicon (2.0.1) for EPEL-10
Sunday 8th December 2024
Fedora Project
Updated perl-Business-ISBN-Data to 20241206.001 in Rawhide:
- Data update for 2024-12-05
Tuesday 10th December 2024
Fedora Project
Updated spamass-milter 0.4.0 for F-40 to add option to request that spam messages are quarantined by sendmail (PR#2)
Wednesday 11th December 2024
Fedora Project
Updated perl-File-Find-Object to 0.3.9 in Rawhide:
Avoid implicit symbol imports (https://perl-begin.org/tutorials/bad-elements/#non_explicitly_imported_symbols)
Local Packages
Updated curl to 8.11.1:
- build: Fix ECH to always enable HTTPS RR
- build: Fix MSVC UWP builds
build: Omit certain deps from 'libcurl.pc' unless found via 'pkg-config'
build: Use '_fseeki64()' on Windows, drop detections
cmake: Do not echo most inherited 'LDFLAGS' to config files
cmake: Drop cmake args list from 'buildinfo.txt'
cmake: Include 'wolfssl/options.h' first
cmake: Remove legacy unused IMMEDIATE keyword
cmake: Restore cmake args list in 'buildinfo.txt'
cmake: Set 'CURL_STATICLIB' for static lib when 'SHARE_LIB_OBJECT=OFF'
- cmake: Sync GSS config code with other deps
- cmake: Typo in comment
cmake: Work around 'ios.toolchain.cmake' breaking feature-detections
cmakelint: Fix to check root 'CMakeLists.txt'
cmdline/ech.md: Formatting clean-ups
configure: Add FIXMEs for disabled pkg-config references
configure: Do not echo most inherited 'LDFLAGS' to config files
configure: Replace '$#' shell syntax
- cookie: Treat cookie name case sensitively
curl-rustls.m4: Keep existing 'CPPFLAGS'/'LDFLAGS' when detected
curl.h: Mark two error codes as obsolete
curl: --continue-at is mutually exclusive with --no-clobber
curl: --continue-at is mutually exclusive with --range
curl: --continue-at is mutually exclusive with --remove-on-error
curl: --test-duphandle in debug builds runs "duphandled"
- curl: Do more command line parsing in sub functions
- curl: Rename struct var to fix AIX build
- curl: Use realtime in trace timestamps
curl_multi_socket_all.md: Soften the deprecation warning
CURLOPT_PREREQFUNCTION.md: Add result code on failure
- digest: Produce a shorter cnonce in Digest headers
- DISTROS: Update Alt Linux links
dmaketgz: Use --no-cache when building docker image
docs: Bring back ALTSVC.md and HSTS.md
docs: Document default 'User-Agent'
docs: Suggest --ssl-reqd instead of --ftp-ssl
duphandle: Also init netrc
- ECH: Enable support for the AWS-LC backend
- hostip: Don't use the resolver for FQDN localhost
http_negotiate: Allow for a one byte larger channel binding buffer
http_proxy: Move dynhds_add_custom here from http.c
KNOWN_BUGS: Setting a disabled option should return CURLE_NOT_BUILT_IN
krb5: Fix socket/sockindex confusion, MSVC compiler warnings
lib: Fixes for wolfSSL OPENSSL_COEXIST
libssh: Use libssh sftp_aio to upload file
- libssh: When using IPv6 numerical address, add brackets
- macos: Disable gcc 'availability' workaround as needed
mbedtls: Call psa_crypt_init() in global init
- mime: Fix reader stall on small read lengths
mk-ca-bundle: Remove CKA_NSS_SERVER_DISTRUST_AFTER conditions
mprintf: Fix the integer overflow checks
multi: Add clarifying comment for wakeup_write()
multi: Fix callback for 'CURLMOPT_TIMERFUNCTION' not being called again when...
netrc: Address several netrc parser flaws (CVE-2024-11053)
- netrc: Support large file, longer lines, longer tokens
- nghttp2: Use custom memory functions
- OpenSSL: Improve error message on expired certificate
- openssl: Remove three "Useless Assignments"
openssl: Stop using SSL_CTX_ function prefix for our functions
- os400: Fix IBMi builds
- os400: Fix IBMi EBCDIC conversion of arguments
pytest: Add test for use of CURLMOPT_MAX_HOST_CONNECTIONS
- rtsp: Check EOS in the RTSP receive and return an error code
- schannel: Remove TLS 1.3 ciphersuite-list support
setopt: Fix CURLOPT_HTTP_CONTENT_DECODING
- setopt: Fix missing options for builds without HTTP and MQTT
show-headers.md: Clarify the headers are saved with the data
socket: Handle binding to "host!<ip>"
socketpair: Fix enabling 'USE_EVENTFD`
strtok: Use namespaced 'strtok_r' macro instead of redefining it
tests: Add the ending time stamp in testcurl.pl
- tests: Re-enable 2086, and 472, 1299, 1613 for Windows
- TODO: Consider OCSP stapling by default
tool_formparse: Remove use of sscanf()
tool_getparam: Parse --localport without using sscanf
tool_getpass: Fix UWP '-Wnull-dereference'
tool_getpass: Replace 'getch()' call with '_getch()' on Windows
tool_urlglob: Parse character globbing range without sscanf
- vtls: Fix compile warning when ALPN is not available
Rebuilt libnet (1.3) to align with the October 2024 mass rebuild for EL-10
Updated perl-File-Find-Object to 0.3.9 as per the Fedora version
Thursday 12th December 2024
Fedora Project
Merged PR#3 for python-fluidity-sm in Rawhide to drop dependencies on python3-spec and python3-nose, using unittest instead
Updated proftpd to 1.3.8c in F-40, F-41, Rawhide and EPEL-9:
Using FTPS after upgrading from 1.3.8a to 1.3.8b lead to crash (GH#1770)
Bad handling of lack of extended attributes lead to SFTP out of memory error (GH#1785)
mod_sftp_sql logged "header value too long" due to unexpected key header text (GH#1529)
SSH ECDSA host key algorithms were not used as expected despite configuring appropriate key (GH#1839)
RADIUS Message-Authenticator verification failed with ProFTPD mod_radius (GH#1840)
Supplemental group inheritance granted unintended access to GID 0 due to lack of supplemental groups from mod_sql (GH#1830)
Updated proftpd to 1.3.9rc3 with mod_vroot 0.9.12 in EPEL-10:
Bad handling of lack of extended attributes lead to SFTP out of memory error (GH#1785)
Using mod_facl and mod_vroot at same time caused unexpected permissions issues (GH#1780)
mod_sftp_sql logged "header value too long" due to unexpected key header text (GH#1529)
SFTP statvfs extension failed when mod_vroot was in use (GH#1792)
Implement limits@openssh.com SFTP extension (GH#1798)
Implement SFTPAuthPublicKeys directive for configuring the list of public key algorithms allowed for authentication (GH#1806)
Fix stack trace changing to directory with DisplayChdir file using %F variable on a large filesystem (GH#1819)
Remove inherited supplemental groups when started with root privileges (GH#1836)
SSH ECDSA host key algorithms were not used as expected despite configuring appropriate key (GH#1839)
RADIUS Message-Authenticator verification failed with ProFTPD mod_radius (GH#1840)
Supplemental group inheritance granted unintended access to GID 0 due to lack of supplemental groups from mod_sql (GH#1830)
mod_vroot 0.9.12:
Implement a realpath(3) callback for the FSIO API, for better interoperability of other modules when mod_vroot is in effect
Local Packages
Updated proftpd to 1.3.8c as per the Fedora version
Updated proftpd (1.3.9) to 1.3.9rc3 and mod_vroot 0.9.12 as per the EPEL-10 version
Friday 13th December 2024
Fedora Project
Updated perl-Cpanel-JSON-XS to 4.39 in Rawhide:
Fix inconsistent behaviour between decoding escaped and unescaped surrogates, and escaped non-characters vs. non-escaped non-characters; now aligned to JSON::PP (GH#227, GH#233)
Add type_all_string tests (GH#236)
Silence UV to char cast warnings (GH#232)
Fix MSVC preprocessor errors (GH#232)
Fix -Wformat warnings on Windows (GH#228)
Clarify BigInt decoding (GH#226)
Branched and built perl-Crypt-DSA (1.19) for EPEL-10
Updated perl-parent to 0.244 in Rawhide:
Update (commented) comparison with $] to use quotes
Branched and built python-should_dsl (2.1.2) for EPEL-9
Local Packages
Updated perl-Cpanel-JSON-XS to 4.39 as per the Fedora version
Updated perl-parent to 0.244 as per the Fedora version
Sunday 15th December 2024
Fedora Project
Updated curl (8.11.1) in Rawhide to fix crash with "Unexpected error 9 on netlink descriptor 10" (Bug #2332350, GH#15725, GH#15727)
Local Packages
Updated curl (8.11.1) as per the Fedora version
Monday 16th December 2024
Fedora Project
Updated perl-CPAN-Meta-YAML to 0.19 in Rawhide:
Generated from ETHER/YAML-Tiny-1.75.tar.gz
Updated perl-Sub-Name to 0.28 in Rawhide:
- Fix version comparison logic for forward compatibility
Updated perl-YAML-Tiny to 1.75 in Rawhide:
Local Packages
Updated perl-CPAN-Meta-YAML to 0.19 as per the Fedora version
Updated perl-Sub-Name to 0.28 as per the Fedora version
Updated perl-YAML-Tiny to 1.75 as per the Fedora version
Tuesday 17th December 2024
Fedora Project
Updated ansible-collection-community-libvirt to 1.3.1 in Rawhide:
libvirt_lxc: add configuration for libvirt_lxc_noseclabel
Updated perl-CPAN-Meta-YAML to 0.20 in Rawhide:
Generated from ETHER/YAML-Tiny-1.76.tar.gz
Updated perl-YAML-Tiny to 1.76 in Rawhide:
Local Packages
Updated ansible-collection-community-libvirt to 1.3.1 as per the Fedora version
Updated c-ares to 1.34.4:
- This is a bugfix release
- Changes:
- Bugfixes:
Empty TXT records were not being preserved (GH#922)
docs: Update deprecation notices for 'ares_create_query()' and 'ares_mkquery()' (GH#910)
license: Some files weren't properly updated (GH#920)
Fix bind local device regression from 1.34.0 (GH#929, GH#931, GH#935)
CMake: Set policy version to prevent deprecation warnings (GH#932)
CMake: Shared and static library names should be the same on unix platforms like autotools uses (GH#933)
Update to latest autoconf archive macros for enhanced system compatibility (GH#936)
Updated perl-CPAN-Meta-YAML to 0.20 as per the Fedora version
Updated perl-YAML-Tiny to 1.76 as per the Fedora version
Friday 20th December 2024
Fedora Project
Updated perl-Business-ISBN-Data to 20241220.001 in Rawhide:
- Data update for 2024-12-20
Updated perl-Test-Simple to 1.302206 in Rawhide:
Use our instead of 'use vars'
Fix $[ usage
- Documentation updates
Remove Test::Builder::IO::Scalar (GH#1016)
Local Packages
Updated perl-Capture-Tiny to 0.50:
Stringify '$]' for far future compatibility
- Fixed docs about custom files for capture
Updated perl-Module-CoreList to 5.20241220:
- Updated for v5.41.7
Updated perl-Test-Simple to 1.302206 as per the Fedora version
Sunday 22nd December 2024
Fedora Project
Branched and built perl-Net-SSH-Perl (2.142) for EPEL-10
Monday 23rd December 2024
Fedora Project
Built perl-TAP-Formatter-JUnit (0.16) in Rawhide
It had been failing to build due to an issue in perl-Test-Harness, fixed in perl-Test-Harness-3.50
Tuesday 24th December 2024
Fedora Project
Updated perl-Business-ISBN-Data to 20241224.001 in Rawhide:
- Data update for 2024-12-24
Updated perl-Specio to 0.49 in Rawhide:
- Attempting to import any structured type caused a confusing "Can't store CODE items" error
Removed the "this is alpha" warning from Specio::Library::Structured; it's as production-ready as it's going to get
Branched and built perl-GDGraph (1.56) for EPEL-10
Branched and built perl-GDTextUtil (0.86) for EPEL-10
Local Packages
Updated perl-Specio to 0.49 as per the Fedora version
Friday 27th December 2024
Local Packages
Updated libxml2 to 2.12.9:
- Security:
Fix XXE protection in downstream code (CVE-2024-40896)
- Improvements:
Undeprecate xmlKeepBlanksDefault
Updated perl-Net-DNS to 1.49:
Add DSYNC package for Generalized Notification
EDNS: Add support for ZONEVERSION option
Fix "Use of uninitialized value" errors when using TCP connections (CPAN RT#157700)
Fix Net::DNS::Nameserver: SOA not present in NODATA response (CPAN RT#157669)
Fix EDNS option structure does not match JSON from $packet->edns->print (CPAN RT#157195)
Fix user-hostile return value from SVCB key methods (CPAN RT#157043)
Saturday 28th December 2024
Fedora Project
Updated perl-PPI to 1.281 in Rawhide:
- Framework for recognition of parsing feature activation via:
'use $PERL_VERSION' in code
'use feature' in code
'use $Common::CPAN::Module' in code
PPI::Document->new( feature_mods => ... )
PPI::Document->new( custom_feature_includes => ... )
PPI::Document->new( custom_feature_include_cb => ... )
$ENV{PPI_CUSTOM_FEATURE_INCLUDES}
- Added ability to parse features:
signatures, as PPI::Structure::Signature
try catch, as PPI::Statement::Compound
- Framework for recognition of parsing feature activation via:
Updated perl-Test-Simple to 1.302207:
Fix debugging info when JSON::MaybeXS is missing
- Fix typos
Add TEST2_ENABLE_PLUGINS environment variable
Add Test2::Env docs
Local Packages
Updated perl-PPI to 1.281 as per the Fedora version
Updated perl-Term-Table to 0.024:
Additional changes to t/honor_env_in_non_tty.t, and adding debugging
Updated perl-Test-Simple to 1.302207 as per the Fedora version
Monday 30th December 2024
Fedora Project
Updated perl-Text-CSV_XS to 1.58 in Rawhide:
Add strict_eol (warnings default in csv())
- Add XS line number in errors
- Add streaming support (not set in stone)
Local Packages
Updated perl-Text-CSV_XS to 1.58 as per the Fedora version
Tuesday 31st December 2024
Fedora Project
Updated perl-Getopt-Long-Descriptive to 0.116 in Rawhide:
Do not leave Getopt::Long configuration in an altered state after getting options
Previous Month: November 2024
Next Month: January 2025