Paul's Blog Entries for January 2026
Friday 2nd January 2026
Local Packages
Updated perl-DBD-SQLite to 1.78:
- Upgraded bundled SQLite to 3.51.1
- Omit constants for newly-added C-array extension
- SQLite 3.51.0 has two extensions (C-array and percentile) amalgamated but both are disabled by default
Make ->column_info() also return generated columns (GH#119)
- I updated the package build to use the bundled SQLite unless the system SQLite is 3.31.0 or above (needed for generated columns)
Saturday 3rd January 2026
Fedora Project
Updated perl-Devel-Hide to 0.0016 in Rawhide:
- Drop support for perl 5.6 (deprecated since 0.0012)
Local Packages
Updated perl-Devel-Hide to 0.0016 as per the Fedora version
Sunday 4th January 2026
Fedora Project
Became owner of (orphaned) perl-B-Hooks-Parser and did a clean-up and rebuild (version 0.21) in Rawhide
Monday 5th January 2026
Fedora Project
Updated gtkwave to 3.3.126 in Rawhide:
Added -H --noheader command line option for GTK3
Added headerbar rc variable to disable GTK3 headerbars
- Fix for rendering multi-line string constants in dumps
- Add warning message for missing XPM loader
Updated libghw to current version
- Changed behaviour of X search in pattern search so it is matched by a single X bit
Updated perl-GD to 2.84 in Rawhide:
Added Makefile.PL --with and --without options to bypass auto-detection errors or upstream libgd or subsequent library errors (GH#55)
Better support MSWin32 without gdlib.pc (requires manual --options and --lib_gd_path)
Work around broken ExtUtils::PkgConfig->find (GH#61)
Fixed snprintf for newer MSVC (>= VS 2015)
Added GD::Image::supported() image types method
Added newFromTiffData() method
Fixed t/GD.t for unsupported image types
Add GIFANIM to the default since 2.0.33 (GH#56)
Honour PKG_CONFIG_PATH for finding gdlib.pc (GH#57)
Add demos/png2jpeg.pl
I added a patch to ensure that XPM support is included even if libX11 is not explicitly linked, if libgd has XPM support itself
Updated perl-IO-Socket-SSL to 2.096 in Rawhide:
Allow stacking TLS layers with SSL_usebio; this also allows LWP (after patches) to access an https site through a TLS-enabled proxy
Local Packages
Updated gtkwave to 3.3.126 as per the Fedora version
Updated perl-IO-Socket-SSL to 2.096 as per the Fedora version
Wednesday 7th January 2026
Fedora Project
Updated perl-IO-Socket-SSL to 2.098 in Rawhide:
Fix GH#175 with upgrading from plain socket (no object) by using correct fdopen mode +< instead of <+
Another fix for GH#175 to make sure that an unblessed socket gets blessed in place instead of using new_from_fd; document that it will not retain original class with unblessed sockets on error, since this never worked anyway (there is no native unbless)
Updated perl-MetaCPAN-Client to 2.035000 in Rawhide:
Fix a compatibility issue for ES 8 in scroller setting (GH#131)
Local Packages
Updated perl-Compress-Raw-Lzma (2.214) to rebuild against xz 5.8.2
Updated perl-IO-Socket-SSL to 2.098 as per the Fedora version
Updated perl-MetaCPAN-Client to 2.035000 as per the Fedora version
Updated perl-Type-Tiny to 2.010001:
Fix for $LIST_SEPARATOR changes breaking Type::Coercion, Types::Common, Types::Standard
Updated curl to 8.18.0:
- build: Drop support for VS2008 (Windows)
- build: Drop Windows CE / CeGCC support
gnutls: Drop support for GnuTLS < 3.6.5
gnutls: Implement CURLOPT_CAINFO_BLOB
- openssl: Bump minimum OpenSSL version to 3.0.0
_PROGRESS.md: Add the E unit, mention kibibyte
- altsvc: More flexibility on same destination
altsvc: Accept ma/persist per alternative entry
altsvc: Make it one malloc instead of three per entry
AmigaOS: Increase minimum stack size for tool_main
- apple sectrust: Fix ancient evaluation
apple-sectrust: Always ask when 'native_ca_store' is in use
asyn-ares: Handle Curl_dnscache_mk_entry() OOM error
- asyn-ares: Remove hostname free on OOM
asyn-thrdd: Fix Curl_async_getaddrinfo() on systems without getaddrinfo
asyn-thrdd: Release rrname if ares_init_options fails
auth: Always treat Curl_auth_ntlm_get() returning NULL as OOM
autotools: Add nettle library detection via pkg-config (for GnuTLS)
autotools: Drop autoconf <2.59 compatibility code (zz60-xc-ovr)
autotools: Fix LargeFile feature display on Windows (after prev patch)
autotools: Tidy-up 'if' expressions
badwords: Add fist -> first, fix fallouts
badwords: Catch and fix threading-related words
badwords: Fix issues found in scripts and other files
badwords: Fix issues found in tests
build: Add build-level 'CURL_DISABLE_TYPECHECK' options
build: Exclude clang prereleases from compiler warning options
build: Replace '-pedantic' with '-Wpedantic' when supported
build: Set '-Wno-format-signedness'
- build: Tidy up MSVC CRT warning suppression macros
ccsidcurl: Make curl_mime_data_ccsid() use the converted size
cf-h1-proxy: Support folded headers in CONNECT responses
cf-https-connect: Allocate ctx at first in cf_hc_create()
cf-socket: Drop feature check for 'IPV6_V6ONLY' on Windows
cf-socket: Enable Win10 'TCP_KEEP*' options with old SDKs
cf-socket: Limit use of 'TCP_KEEP*' to Windows 10.0.16299+ at runtime
cf-socket: Return OOM error if socket() fails due to OOM
cf-socket: Trace ignored errors
cfilters: Make conn_forget_socket a private libssh function
checksrc.pl: Detect assign followed by more than one space
- cmake: Adjust defaults for target platforms not supporting shared libs
cmake: Define dependencies as 'IMPORTED' interface targets
cmake: Delete unused file 'CMake/CMakeConfigurableFile.in'
cmake: Disable 'CURL_CA_PATH' auto-detection if 'USE_APPLE_SECTRUST=ON'
cmake: Fix 'ws2_32' reference in 'curl-config.cmake'
cmake: Honour 'CURL_DISABLE_INSTALL' and 'CURL_ENABLE_EXPORT_TARGET'
cmake: Replace deprecated 'OPENSSL_FOUND' with 'OpenSSL_FOUND'
cmake: Replace deprecated 'PERL_FOUND' with 'Perl_FOUND'
cmake: Save and restore 'CMAKE_MODULE_PATH' in 'curl-config.cmake'
cmake: Set found status to OFF when not found (for compression deps)
- code: Minor indent fixes before closing braces
CODE_STYLE.md: Sync banned function list with checksrc.pl
compressed.md: Might generate a huge amount of bytes
config-win32.h: Delete obsolete, non-Windows comments
config-win32.h: Drop unused/obsolete 'CURL_HAS_OPENLDAP_LDAPSDK'
config2setopts: Add space in cookie header with multiple -b
config2setopts: Bail out if curl_url_get() returns OOM
config2setopts: Exit if curl_url_set() fails on OOM
- configure: Delete unused variable
conncache: Silence '-Wnull-dereference' on gcc 14 RISC-V 64
- conncontrol: Re-use handling
connect: Reshuffle Curl_timeleft_ms to avoid 'redundant condition'
- connection: Attached transfer count
content_encoding: Avoid strcpy
- cookie: Return proper error on OOM
- cookie: Allocate the main struct once cookie is fine
- cookie: Flush better
- cookie: Only keep and use the canonical cleaned up path
- cookie: Propagate errors better, clean up the internal API
- cookie: Return error on OOM
- cookie: When parsing a cookie header, delay all allocations until okay
cshutdn: Acknowledge FD_SETSIZE for shutdown descriptors
- curl: Fix progress meter in parallel mode
curl_fopen: Do not pass invalid mode flags to 'open()' on Windows
curl_gssapi: Make sure Curl_gss_log_error() has an initialized buffer
curl_ntlm_core: Fix DES_* symbols for some wolfSSL builds
curl_quiche: Refuse headers with CR, LF or null bytes
curl_sasl: If redirected, require permission to use bearer (CVE-2025-14524)
curl_sasl: Make Curl_sasl_decode_mech compare case insensitively
curl_setup.h: Document more funcs flagged by '_CRT_SECURE_NO_WARNINGS'
curl_setup.h: Drop stray '#undef stat' (Windows)
curl_setup.h: Drop superfluous parenthesis from 'Curl_safefree' macro
curl_threads: Don't do another malloc if the first fails
curl_trc: Delete unused DoH remains
CURLINFO: Remove 'get' and 'get the' from each short desc
CURLINFO_SCHEME/PROTOCOL: They return the "scheme" for a "transfer"
CURLINFO_TLS_SSL_PTR.md: Remove CURLINFO_TLS_SESSION text
CURLMOPT_SOCKETFUNCTION.md: Fix the callback argument use
CURLOPT_ACCEPT_ENCODING.md: Warn about the expansion
CURLOPT_FOLLOWLOCATION.md: s/Authentication:/Authorization:/
CURLOPT_HAPROXY_CLIENT_IP.md: Emphasize reused connection use
CURLOPT_READFUNCTION.md: Clarify the size of the buffer
CURLOPT_SSH_KEYFUNCTION.md: Fix minor indent mistake in example
curlx/fopen: Replace open CRT functions with their '_s' counterparts (Windows)
curlx/multibyte: Stop setting macros for non-Windows
curlx/strerr: Use 'strerror_s()' on Windows
curlx: Add 'curlx_rename()', fix to support long filenames on Windows
curlx: curlx_strcopy() instead of strcpy()
curlx: Limit use of system allocators to the minimum possible
curlx: Replace 'mbstowcs'/'wcstombs' with '_s' counterparts (Windows)
curlx: Replace 'sprintf' with 'snprintf'
curlx: Use curl alloc in 'curlx_win32_stat()' (Windows)
curlx: Use curlx allocators in non-memdebug builds (Windows)
DEPRECATE: Add CMake <3.18 deprecation for April 2026
- digest: Fix OWS and escaped quote handling
digest_sspi: Fix a memory leak on error path
digest_sspi: Properly free sspi identity
DISTROS.md: Add OpenBSD
DISTROS: Fix a Mageia URL
DISTROS: Remove broken URLs for buildroot
- doc: Some returned in-memory data may not be altered
Dockerfile: Update debian:bookworm-slim digest to e899040
docs/libcurl: Fix C formatting nits
docs: Add a note about --compressed to note about binary output
- docs: Clarify how to do unix domain sockets with SOCKS proxy
docs: Fix checksrc 'EQUALSPACE' warnings
docs: Fix time_posttransfer output unit as seconds
docs: Mention umask need when curl creates files
- docs: Remove dead URLs
docs: Rename CURLcode variables to 'result'
docs: Spell it Rustls with a capital R
docs: Switch more URLs to https://
docs: Use .example URLs for proxies
docs: Use mresult as variable name for CURLMcode
escape: Add a length check in curl_easy_escape
- example: Fix formatting nits
examples/crawler: Fix variable
examples/multi-uv: Fix invalid req->data access
examples/threaded-ssl: Delete in favour of 'examples/threaded'
examples/threaded: Fix race condition
- examples: Fix minor typo
- examples: Make functions/data static where missing
- examples: Tidy-up headers and includes
examples: Use 64-bit 'fstat' on Windows
FAQ/TODO/KNOWN_BUGS: Convert to markdown
FAQ: Fix hackerone URL
file: Do not pass invalid mode flags to 'open()' on upload (Windows)
- formdata: Validate callback is non-NULL before use
ftp: Make EPRT connections non-blocking
- ftp: Refactor a piece of code by merging the repeated part
ftp: Remove #ifdef for define that is always defined
- ftp: Return better on OOM in two places
ftp: Return from ftp_state_use_port immediately on OOM
getenv: Drop internal 1-to-1 wrapper
getinfo: Improve perf in debug mode
gnutls: Add PROFILE_MEDIUM as default
- gnutls: Report accurate error when TLS-SRP is not built-in
- gtls: Add return checks and optimize the code
gtls: Call keylog_close in clean-up
gtls: Skip session resumption when verifystatus is set
h2/h3: Handle methods with spaces
headers: Add length argument to Curl_headers_push()
hostcheck: Fail wildcard match if host starts with a dot
hostip.h: Drop redundant 'setjmp.h' include
- hostip: Don't store negative lookup on OOM
hostip: Make more functions return CURLcode
hostip: Only store negative response for CURLE_COULDNT_RESOLVE_HOST
- hsts: Propagate and error out correctly on OOM
hsts: Use one malloc instead of two per entry
http: Acknowledge OOM errors from Curl_input_ntlm
http: Avoid two strdup()s and do minor simplifications
- http: Error on OOM when creating range header
http: Fix OOM exit in Curl_http_follow
http: Handle oom error from Curl_input_digest()
http: Replace atoi use in Curl_http_follow with curlx_str_number
- http: Return OOM errors from hsts properly
http: The :authority header should never contain user+password
- http: Unfold response headers earlier
idn: Avoid allocations and wcslen on Windows
- idn: Clarify null-termination on Windows
idn: Fix memory leak in 'win32_ascii_to_idn()'
idn: Use curlx allocators on Windows
- imap: Check buffer length before accessing it
imap: Make sure Curl_pgrsSetDownloadSize() does not overflow
inet_ntop: Avoid the strlen()
INSTALL-CMAKE.md: Document static option defaults more
- krb5: Fix detecting channel binding feature
krb5_sspi: Unify a part of error handling
ldap: Call ldap_init() before setting the options (CVE-2025-14017)
- ldap: Drop PP logic for old, unsupported, Windows SDKs
- ldap: Improve detection of Apple LDAP
- ldap: Provide version for "legacy" ldap as well
lib/sendf.h: Forward declare two structs
- lib: Clean-up for some typos about spaces and code style
lib: Create unitprotos.h in the builddir, not srcdir
lib: Drop unused or duplicate 'curlx/timeval.h' includes
- lib: Drop unused protocol headers
lib: Eliminate size_t casts
- lib: Error for OOM when extracting URL query
- lib: Fix formatting nits
lib: Fix gssapi.h include on IBMi
lib: Name the main CURLMcode variable 'mresult'
- lib: Refactor the type of funcs that have useless return and checks
lib: Replace '_tcsncpy'/'wcsncpy'/'wcscpy' with '_s' counterparts (Windows)
- lib: Timer stats improvements
lib: Use 'SOCKET_WRITABLE()'/'SOCKET_READABLE()' where possible
- libssh2: Add paths to error messages for quote commands
libssh2: Clean up ssh_force_knownhost_key_type
libssh2: Consider strdup() failures OOM and return correctly
libssh2: Replace atoi() in ssh_force_knownhost_key_type
- libssh: Fix state machine loop to progress as it should
libssh: Properly free sftp_attributes
libssh: Require private key or user-agent for public key auth (CVE-2025-15224)
libssh: Set both knownhosts options to the same file (CVE-2025-15079)
libtests: Replace 'atoi()' with 'curlx_str_number()'
limit-rate: Add example using --limit-rate and --max-time together
- localtime: Detect thread-safe alternatives and use them
m4/sectrust: Fix test(1) operator
- manage: Expand the 'libcurl support required' message
- mbedTLS: Clean up insecure/deprecated code
mbedtls: Fix potential use of uninitialized 'nread'
- mbedtls: Sync format across log messages
mbedtls_threadlock: Avoid calloc, use array
mdlinkcheck: Ignore IP numbers, allow '@' in raw URLs
mdlinkcheck: Only look for markdown links in markdown files
- memdebug: Add mutex for thread safety
memdebug: Fix realloc logging
mk-ca-bundle.md: The file format docs URL is permaredirected
mk-ca-bundle.pl: Default to SHA256 fingerprints with '-t' option
mk-ca-bundle.pl: Use 'open()' with argument list to replace backticks
- mqtt: Reject overly big messages
- mqtt: Return error when a too large packet is decoded
multi: Make max_total_* members size_t
multi: Remove MSTATE_TUNNELING
- multi: Simplify admin handle processing
multibyte: Limit 'curlx_convert_*wchar*()' functions to Unicode builds
ngtcp2+openssl: Fix leak of session
ngtcp2: Remove the unused Curl_conn_is_ngtcp2 function
- ngtcp2: Retune window sizes
- noproxy: Fix build on systems without IPv6
- noproxy: Fix ipv6 handling
noproxy: Replace atoi with curlx_str_number
- openssl: Exit properly on OOM when getting certchain
openssl: Fix a potential memory leak of bio_out
openssl: Fix a potential memory leak of params.cert
- openssl: Fix building against no-dsa openssl
openssl: Fix building against no-ocsp openssl with Apple SecTrust
openssl: No verify failf message unless strict
openssl: Release ssl_session if sess_reuse_cb fails
- openssl: Remove code handling default version
openssl: Simplify 'HAVE_KEYLOG_CALLBACK' guard
openssl: Stop checking for 'OPENSSL_NO_SHA*' macros
openssl: Stop checking for 'OPENSSL_NO_TLSEXT' macro
openssl: Toggling CURLSSLOPT_NO_PARTIALCHAIN makes a different CA cache (CVE-2025-14819)
OS400/ccsidcurl: Fix curl_easy_setopt_ccsid for non-converted blobs
OS400/makefile.sh: Fix shellcheck warning SC2038
os400sys: Replace 'strcpy()' with 'memcpy()'
- osslq: Code readability
- progress: Make it one column narrower
- progress: Narrower time display, multiple fixes
- progress: Show fewer digits
projects/README.md: Markdown fixes
- pytest fixes and improvements
- pytest: Add tests using sshd
- pytest: Disable two H3 earlydata tests for all platforms (was: macOS)
- pytest: Do not ignore server issues
- pytest: Enable OCSP test 17_08 for LibreSSL
- pytest: Fix and improve reliability
- pytest: Improve stragglers
- pytest: quiche flakiness
pytest: Skip H2 tests if feature missing from curl
- quiche: Use client writer
- ratelimit blocking: Fix busy loop
- ratelimit: Redesign
- rtmp: Fix double-free on URL parse errors
- rtmp: Precaution for a potential integer truncation
rtmp: Stop redefining 'setsockopt' system symbol on Windows
runner.pm: Run memanalyzer as a Perl module
runtests: Add options to set minimum number of tests, use them
runtests: Detect bad libssh differently for test 1459
runtests: Drop Python 2 support remains
runtests: Enable torture testing with threaded resolver
runtests: Improve XML prolog check, enable '-w' permanently, fix two tests
runtests: Make memanalyzer a Perl module (for 1.1-2x speed-up per test run)
- rustls: Fix a potential memory issue
rustls: Minor adjustment of sizeof()
- rustls: Simplify init err path
rustls: Verify that verifier_builder is not NULL
- schannel: Cap the maximum allowed size for loading cert
schannel: Fix memory leak of cert_store_path on four error paths
schannel: Replace atoi() with curlx_str_number()
schannel: Use Win8 'CERT_NAME_SEARCH_ALL_NAMES_FLAG' with old SDKs
schannel_verify: Fix a memory leak of cert_context
- scripts: Fix shellcheck SC2046 warnings
scripts: Use end-of-options marker in 'find -exec' commands
setopt: Disable CURLOPT_HAPROXY_CLIENT_IP on NULL
- setopt: When setting bad protocols, don't store them
- sftp: Fix range downloads in both SSH backends
slist: constify Curl_slist_append_nodup() string argument
- smb: Fix a size check to be overflow safe
socketpair: Drop redundant '_WIN32' branch and include
socks_sspi: Use free() not FreeContextBuffer()
- source: Misc typos
speedcheck: Do not trigger low speed cancel on transfers with CURL_READFUNC_PAUSE
speedlimit: Also reset on send unpausing
src: Drop redundant definition of 'BIT()'
- src: Fix formatting nits
- ssh: Tracing and better pollset handling
sspi: Fix memory leaks on error paths in 'Curl_create_sspi_identity()'
- sws: Fix binding to unix socket on Windows
- synctime: Tidy up, make it work on all platforms
- telnet: Abort on bad suboption sequence
telnet: Replace atoi for BINARY handling with curlx_str_number
TEST-SUITE.md: Correct the man page's path
test07_22: Fix flakiness
test1475: Consistently use %CR in headers
test1498: Disable 'HTTP PUT from stdin' test on Windows
test2045: Replace HTML multi-line comment markup with '#' comments
test318: Tweak the name a little
test3207: Enable memdebug for this test again
test363: Delete stray character (typo) from a section tag
test568: Fix codespell, catch it next time early in CI
test568: Remove what looks like an email and a URL
test787: Fix possible typo & -> % in curl option
test96: Fix to accept non-unity memdump content with MSVC
tests/data: Move '--libcurl' output to external data files
tests/data: Replace hard-coded test numbers with '%TESTNUMBER'
tests/data: Support using native newlines on disk, drop '.gitattributes'
tests/server: Do not fall back to original data file in 'test2fopen()'
tests/server: Fix initialization on Windows Vista+
tests/server: Replace 'atoi()' and 'atol()' with 'curlx_str_number()'
tests: Add '%AMP' macro, use it in two tests
- tests: Add a standard log line for alloc failures
- tests: Allow 2500-2503 to use ~2MB malloc
- tests: Drop redundant parentheses from two macro expressions
- tests: Fix formatting nits
tests: Rename CURLMcode variables to mresult
tftp: Release filename if conn_get_remote_addr fails
tftpd: Fix/tidy up 'open()' mode flags
tidy-up: Avoid '(())', clang-format fixes and more
tidy-up: Move 'CURL_UNCONST()' out from macro 'curl_unicodefree()'
tidy-up: URLs (cont.) and mdlinkcheck
- tidy-up: URLs
TODO: Remove a mandriva.com reference
tool: Consider (some) curl_easy_setopt errors fatal
tool: Log when loading .curlrc in verbose mode
tool_cfgable: Free ssl-sessions at exit
tool_doswin: Clear pointer when thread takes ownership
tool_doswin: Increase allowable length of path sanitizer
tool_doswin: Remove the max length check
tool_getparam: Simplify the --rate parser
tool_getparam: Use memdup0() instead of malloc + copy
tool_getparam: Verify that a file exists for some options
tool_help: Add checks to avoid unsigned wrap around
tool_ipfs: Check return codes better
tool_msgs: Make voutf() use stack instead of heap
tool_operate: Exit on curl_share_setopt errors
tool_operate: Fix a case of ignoring return code in operate()
tool_operate: Fix case of ignoring return code in single_transfer
tool_operate: Remove redundant condition
tool_operate: Return error for OOM in append2query
tool_operate: Use curlx_str_number instead of atoi
tool_paramhlp: Refuse --proto remove all protocols
tool_paramhlp: Remove a malloc+free from proto2num()
tool_paramhlp: Simplify number parsing
tool_progress: Fix large time outputs and decimal size display
tool_urlglob: Acknowledge OOM in peek_ipv6
tool_urlglob: Clean up used memory on errors better
tool_urlglob: constify an argument
tool_urlglob: Fix propagating OOM error from 'sanitize_file_name()'
tool_urlglob: Support globs as long as config line lengths
tool_writeout: Bail out proper on OOM
url: Fix return code for OOM in parse_proxy()
url: If curl_url_get() fails due to OOM, error out properly
url: If OOM in parse_proxy() return error
url: Return error at once when OOM in netrc handling
urlapi: Fix mem-leaks in curl_url_get error paths
- urlapi: Handle OOM properly when setting URL
urlapi: Return OOM correctly from parse_hostname_login()
- verify-release: Update to avoid shellcheck warning SC2034
vquic-tls/gnutls: Call Curl_gtls_verifyserver unconditionally (CVE-2025-13034)
vquic: Do not pass invalid mode flags to 'open()' (Windows)
vquic: do_sendmsg full init
- vquic: Ignore 0-length UDP packets
vquic: Initialize new callback in nghttp3 1.14.0+
vtls: Drop unused 'use_alpn' from 'ssl_connect_data' struct
vtls: Fix CURLOPT_CAPATH use
vtls: Handle possible malicious certs_num from peer
- vtls: Pinned key check
VULN-DISCLOSURE-POLICY.md: CRLF in data
wcurl: Import v2026.01.05
windows: Assume 'USE_WIN32_LARGE_FILES'
windows: Fix 'CreateFile()' calls to support long filenames
windows: Use '_strdup()' instead of 'strdup()' where missing
- wolfSSL: Able to differentiate between IP and DNS in alt names
- wolfssl: Avoid NULL dereference in OOM situation
- wolfssl: Fix a potential memory leak of session
- wolfssl: Fix cipher list, skip 5.8.4 regression
wolfssl: Fix possible assert with '!HAVE_NO_EX' wolfSSL builds
wolfssl: Proof use of wolfSSL_i2d_SSL_SESSION
wolfssl: Simplify wssl_send_earlydata
- ws: Replace a cast by matching the format string
x509asn1: Drop unused 'hostcheck.h', 'vtls_int.h' includes
I enabled HTTP/3 support with ngtcp2 from Fedora 43 onwards
- I also had to drop support for distributions prior to F-36, EL-9 since OpenSSL 3.x is now a requirement
- Finally, I had to (hopefully temporarily) disable new test 2090 on EL, where it seems to be flaky
Thursday 8th January 2026
Fedora Project
Updated perl-MetaCPAN-Client to 2.037000 in Rawhide:
Updated perltidy to 20260109 in Rawhide (see CHANGES.md for details)
The Pod::Html dependency was changed to Pod::Simple::XHTML, which is now the preferred back-end option for HTML generation
Local Packages
Updated perl-MetaCPAN-Client to 2.037000 as per the Fedora version
Updated perl-Perl-Tidy to 20260109 as per the Fedora perltidy package
Friday 9th January 2026
Fedora Project
Updated perl-Business-ISBN-Data to 20260109.001 in F-42, F-43 and Rawhide:
- Data update for 2026-01-08
Previous Month: December 2025