Paul's Blog Entries for June 2025
Tuesday 3rd June 2025
Fedora Project
Updated perl-IO-Socket-SSL to 2.090 in Rawhide:
Local Packages
Updated perl-IO-Socket-SSL to 2.090 as per the Fedora version
Wednesday 4th June 2025
Fedora Project
Updated curl to 8.14.1:
asyn-thrdd: Fix clean-up when RR fails due to OOM
autotools: Recognize more Linux targets when setting '-D_GNU_SOURCE'
BUG-BOUNTY.md: Mention the medium bounty amount in 2025
- cmake: Fix missed version number for multi-pkg-config detections
- cmdline-docs: Mention HTTP resumed uploads to be shaky
curl: make -N handled correctly
curl: Upload from '.' fix
- dllmain: Exclude from Cygwin builds
docs/tests: Remove mention of hyper
- docs: Fix typos
ftp: Fix tear-down of DATA connection in done
- http: Fail early when rewind of input failed when following redirects
- license: Update some copyright links to curl.se
memanalyze.pl: Fix getaddrinfo/freeaddrinfo checks
- misc: Fix spelling
misc: We write an IPv6 address
multi: Fix add_handle resizing
- spelling: 'a' vs. 'an'
- spelling: Call it null-terminate consistently
test1510: Fix expectation
- tests: Await portfile to be complete
tests: Fix checks for https-mtls proto
- tests: Improve server start reliability
tests: Move test docs into /docs
- tests: Re-enable 1510, document heimdal memleak
- tests: Test mtls also with clientAuth EKU only
tests: Test mtls with --insecure
tls BIOs: Handle BIO_CTRL_EOF correctly
tool_getparam: Make --no-anyauth not be accepted
tool_getparam: Refactored, simplified
tool_getparam: Remove two nextarg NULL checks
VULN-DISCLOSURE-POLICY.md: The distros list wants ≤ 7 days embargo
- wolfssl: Fix sending of early data
ws: Handle blocked sends better (CVE-2025-5399)
- ws: Tests and fixes
Friday 6th June 2025
Fedora Project
Updated perl-Business-ISBN-Data to 20250605.001 in Rawhide:
- Data update for 2025-06-05
Updated perl-File-Find-Rule to 0.35 in EPEL-10.0 and EPEL-10.1:
Use 3-argument version of open() to avoid arbitrary code execution vulnerability (GH#4, CVE-2011-10007)
Local Packages
Updated perl-File-Find-Rule to 0.35 as per the EPEL version
Sunday 8th June 2025
Fedora Project
Updated perl-Modern-Perl to 1.20250607 in Rawhide:
- Update for 2025 year bundle
- Enhance documentation to discourage this module for v5.38 and newer
Wednesday 11th June 2025
Fedora Project
Updated perl-Devel-Cover to 1.50 in Rawhide:
- Avoid some warnings during global destruction
Thursday 12th June 2025
Fedora Project
Updated perl-IO-Socket-SSL to 2.091 in Rawhide:
- Fix behaviour on one-sided SSL shutdown; if the application continued to read after half-closing the SSL connection, this could result in reading encrypted data (i.e. close notify, SSL session tickets...)
See documentation of stop_SSL for detailed description of handling half-closed SSL connections
Local Packages
Rebuilt bluefish (2.2.17) for Python 3.14 in Rawhide
Rebuilt libxml2 (2.12.10) for Python 3.14 in Rawhide
Rebuilt libxslt (1.1.43) for Python 3.14 in Rawhide
Updated perl-IO-Socket-SSL to 2.091 as per the Fedora version
Updated unrar to 7.12 beta 1
Friday 13th June 2025
Fedora Project
Updated perl-Module-Signature to 0.90 in Rawhide:
Fix fail on signature file with an unexpected empty line (CPAN RT#166901)
Local Packages
Updated perl-Module-Signature to 0.90 as per the Fedora version
Monday 16th June 2025
Fedora Project
Updated perltidy to 20250616 (see CHANGES.md for details)
Local Packages
Updated perl-Perl-Tidy to 20250616 as per the Fedora perltidy package
Tuesday 17th June 2025
Fedora Project
Updated perl-IO-Socket-SSL to 2.093 in Rawhide:
- Rework for one-sided SSL shutdown, to implement a useful and secure behaviour without affecting existing applications
Local Packages
Updated perl-IO-Socket-SSL to 2.093 as per the Fedora version
Wednesday 18th June 2025
Fedora Project
Merged PR#1 for perl-Apache-Session-Browseable to update it to version 1.3.17, then built it in Rawhide:
- Add Patroni support
Thursday 19th June 2025
Fedora Project
Updated perl-IO-Socket-SSL to 2.094 in Rawhide:
- Fix memory leak introduced in 2.092
Local Packages
Updated perl-IO-Socket-SSL to 2.094 as per the Fedora version
Friday 20th June 2025
Fedora Project
Updated perl-Specio to 0.51 in Rawhide:
Made it possible to force Specio to use only pure Perl dependencies, by setting the SPECIO_IMPLEMENTATION environment variable to "PP" (GH#23)
Local Packages
Updated perl-Specio to 0.51 as per the Fedora version
Monday 23rd June 2025
Fedora Project
Updated perl-Net-CIDR to 0.26 in Rawhide:
cidrvalidate() should accept IPv6 addresses with one uncompressed 0
Local Packages
Updated curl in the development repository to the new upstream release candidate 8.15.0~rc1
Updated perl-Net-CIDR to 0.26 as per the Fedora version
Thursday 26th June 2025
Fedora Project
Branched and built perl-Crypt-SmbHash (0.12) for EPEL-9
Local Packages
Updated dovecot to 2.4.1:
This is a major new release with incompatible configuration, so it is only included in the Fedora 43 repository, as per the official Fedora dovecot package
Drop no longer supported features (libexttextcat, lucene)
There is also a fix for a GSSAPI regression (Bug #2374419)
Friday 27th June 2025
Fedora Project
Updated perl-B-Keywords to 1.28 in Rawhide:
Add keywords any, all since 5.42.0
Updated perl-Module-Signature to 0.92 in Rawhide:
Add SECURITY.md policy
Move to three-arg open
- Remove spaces from eol
Change build process to Dist::Zilla
The change to Dist::Zilla missed the installation of cpansign (GH#44), so I had to do that manually
Local Packages
Updated perl-B-Keywords to 1.28 as per the Fedora version
Updated perl-Module-Signature to 0.92 as per the Fedora version
Saturday 28th June 2025
Fedora Project
Updated perl-Module-Signature to 0.93 in Rawhide:
The cpansign script was not installed with version 0.92 (GH#44)
Local Packages
Updated check (0.15.2) to remove unused graphviz and texlive-tex build dependencies
Updated perl-Module-Signature to 0.93 as per the Fedora version
Sunday 29th June 2025
Fedora Project
Branched and built spamass-milter (0.4.0) for EPEL-10 and EPEL-10.0