pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2015Q1]: pkgsrc/www/curl Pullup ticket #4705 - requested by spz
details: https://anonhg.NetBSD.org/pkgsrc/rev/ab979c795688
branches: pkgsrc-2015Q1
changeset: 649214:ab979c795688
user: tron <tron%pkgsrc.org@localhost>
date: Wed Apr 29 21:25:22 2015 +0000
description:
Pullup ticket #4705 - requested by spz
www/curl: security update
Revisions pulled up:
- www/curl/Makefile 1.147
- www/curl/PLIST 1.48
- www/curl/distinfo 1.103
- www/curl/patches/patch-aa 1.30
---
Module Name: pkgsrc
Committed By: jperkin
Date: Wed Apr 22 14:35:21 UTC 2015
Modified Files:
pkgsrc/www/curl: Makefile PLIST distinfo
pkgsrc/www/curl/patches: patch-aa
Log Message:
Update to curl-7.42.0.
This release includes the following changes:
o openssl: show the cipher selection to use in verbose text
o gtls: implement CURLOPT_CERTINFO
o add CURLOPT_SSL_FALSESTART option (darwinssl and NSS)
o curl: add --false-start option
o add CURLOPT_PATH_AS_IS
o curl: add --path-as-is option
o curl: create output file on successful download of an empty file
This release includes the following bugfixes:
o ConnectionExists: for NTLM re-use, require credentials to match
o cookie: cookie parser out of boundary memory access
o fix_hostname: zero length host name caused -1 index offset
o http_done: close Negotiate connections when done
o sws: timeout idle CONNECT connections
o nss: improve error handling in Curl_nss_random()
o nss: do not skip Curl_nss_seed() if data is NULL
o curl-config.in: eliminate double quotes around CURL_CA_BUNDLE
o http2: move lots of verbose output to be debug-only
o dist: add extern-scan.pl to the tarball
o http2: return recv error on unexpected EOF
o build: Use default RandomizedBaseAddress directive in VC9+ project files
o build: Removed DataExecutionPrevention directive from VC9+ project files
o tool: Updated the warnf() function to use the GlobalConfig structure
o http2: Return error if stream was closed with other than NO_ERROR
o mprintf.h: remove #ifdef CURLDEBUG
o libtest: fixed linker errors on msvc
o tool: use ENABLE_CURLX_PRINTF instead of _MPRINTF_REPLACE
o curl.1: fix "The the" typo
o cmake: handle build definitions CURLDEBUG/DEBUGBUILD
o openssl: remove all uses of USE_SSLEAY
o multi: fix memory-leak on timeout (regression)
o curl_easy_setopt.3: added CURLOPT_SSL_VERIFYSTATUS
o metalink: add some error checks
o TLS: make it possible to enable ALPN/NPN without HTTP/2
o http2: use CURL_HTTP_VERSION_* symbols instead of NPN_*
o conncontrol: only log changes to the connection bit
o multi: fix *getsock() with CONNECT
o symbols.pl: handle '-' in the deprecated field
o MacOSX-Framework: use @rpath instead of @executable_path
o GnuTLS: add support for CURLOPT_CAPATH
o GnuTLS: print negotiated TLS version and full cipher suite name
o GnuTLS: don't print double newline after certificate dates
o memanalyze.pl: handle free(NULL)
o proxy: re-use proxy connections (regression)
o mk-ca-bundle: Don't report SHA1 numbers with "-q"
o http: always send Host: header as first header
o openssl: sort ciphers to use based on strength
o openssl: use colons properly in the ciphers list
o http2: detect premature close without data transfered
o hostip: Fix signal race in Curl_resolv_timeout
o closesocket: call multi socket cb on close even with custom close
o mksymbolsmanpage.pl: use std header and generate better nroff header
o connect: Fix happy eyeballs logic for IPv4-only builds
o curl_easy_perform.3: remove superfluous close brace from example
o HTTP: don't use Expect: headers when on HTTP/2
o Curl_sh_entry: remove unused 'timestamp'
o docs/libcurl: makefile portability fix
o mkhelp: Remove trailing carriage return from every line of input
o nss: explicitly tell NSS to disable NPN/ALPN when libcurl disables it
o curl_easy_setopt.3: added a few missing options
o metalink: fix resource leak in OOM
o axtls: version 1.5.2 now requires that config.h be manually included
o HTTP: don't switch to HTTP/2 from 1.1 until we get the 101
o cyassl: detect the library as renamed wolfssl
o CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" section
o CURLOPT_URL.3: Added "SECURITY CONCERNS
o openssl: try to avoid accessing OCSP structs when possible
o test938: added missing closing tags
o testcurl: Allow '=' in values given on command line
o tests/certs: added make target to rebuild certificates
o tests/certs: rebuild certificates with modified key usage bits
o gtls: avoid uninitialized variable
o gtls: dereferencing NULL pointer
o gtls: add check of return code
o test1513: eliminated race condition in test run
o dict: rename byte to avoid compiler shadowed declaration warning
o curl_easy_recv/send: make them work with the multi interface
o vtls: fix compile with --disable-crypto-auth but with SSL
o openssl: adapt to ASN1/X509 things gone opaque in 1.1
o openssl: verifystatus: only use the OCSP work-around <= 1.0.2a
o curl_memory: make curl_memory.h the second-last header file loaded
o testcurl.pl: add the --notes option to supply more info about a build
o cyassl: If wolfSSL then identify as such in version string
o cyassl: Check for invalid length parameter in Curl_cyassl_random
o cyassl: default to highest possible TLS version
o Curl_ssl_md5sum: return CURLcode (fixes OOM)
o polarssl: remove dead code
o polarssl: called mbedTLS in 1.3.10 and later
o globbing: fix step parsing for character globbing ranges
o globbing: fix url number calculation when using range with step
o multi: on a request completion, check all CONNECT_PEND transfers
o build: link curl to openssl libraries when openssl support is enabled
o url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined
o vtls: Don't accept unknown CURLOPT_SSLVERSION values
o build: Fix libcurl.sln erroneous mixed configurations
o cyassl: remove undefined reference to CyaSSL_no_filesystem_verify
o cyassl: add SSL context callback support for CyaSSL
o tool: only set SSL options if SSL is enabled
o multi: remove_handle: move pending connections
o configure: Use KRB5CONFIG for krb5-config
o axtls: add timeout within Curl_axtls_connect
o CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"
o cyassl: Fix library initialization return value
o cookie: handle spaces after the name in Set-Cookie
o http2: Fix missing nghttp2_session_send call in Curl_http2_switched
o cyassl: Fix certificate load check
o build-openssl.bat: Fix mixed line endings
o checksrc.bat: Check lib\vtls source
o DNS: fix refreshing of obsolete dns cache entries
o CURLOPT_RESOLVE: actually implement removals
o checksrc.bat: quotes to support an SRC_DIR with spaces
o cyassl: Remove 'Connecting to' message from cyassl_connect_step2
o cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size
o lib/transfer.c: Remove factor of 8 from sleep time calculation
o lib/makefile.m32: add missing libs to build libcurl.dll
o build: Generate source prerequisites for Visual Studio in generate.bat
o cyassl: Include the CyaSSL build config
o firefox-db2pem: fix wildcard to find Firefox default profile
o BUGS: refer to the github issue tracker now as primary
o vtls_openssl: improve several certificate error messages
o cyassl: Add support for TLS extension SNI
o parsecfg: do not continue past a zero termination
o configure --with-nss=PATH: query pkg-config if available
o configure --with-nss: drop redundant if statement
o cyassl: Fix include order
o HTTP: fix PUT regression with Negotiate
o curl_version_info.3: fixed the 'protocols' variable type
diffstat:
www/curl/Makefile | 5 ++---
www/curl/PLIST | 4 +++-
www/curl/distinfo | 10 +++++-----
www/curl/patches/patch-aa | 28 +++++++++++++---------------
4 files changed, 23 insertions(+), 24 deletions(-)
diffs (111 lines):
diff -r d813a843d388 -r ab979c795688 www/curl/Makefile
--- a/www/curl/Makefile Wed Apr 29 21:21:34 2015 +0000
+++ b/www/curl/Makefile Wed Apr 29 21:25:22 2015 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.146 2015/03/23 09:38:50 nros Exp $
+# $NetBSD: Makefile,v 1.146.2.1 2015/04/29 21:25:22 tron Exp $
-DISTNAME= curl-7.41.0
-PKGREVISION= 1
+DISTNAME= curl-7.42.0
CATEGORIES= www
MASTER_SITES= http://curl.haxx.se/download/ \
ftp://ftp.sunet.se/pub/www/utilities/curl/
diff -r d813a843d388 -r ab979c795688 www/curl/PLIST
--- a/www/curl/PLIST Wed Apr 29 21:21:34 2015 +0000
+++ b/www/curl/PLIST Wed Apr 29 21:25:22 2015 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.47 2015/03/01 15:01:00 wiz Exp $
+@comment $NetBSD: PLIST,v 1.47.2.1 2015/04/29 21:25:22 tron Exp $
bin/curl
bin/curl-config
include/curl/curl.h
@@ -138,6 +138,7 @@
man/man3/CURLOPT_OPENSOCKETDATA.3
man/man3/CURLOPT_OPENSOCKETFUNCTION.3
man/man3/CURLOPT_PASSWORD.3
+man/man3/CURLOPT_PATH_AS_IS.3
man/man3/CURLOPT_PORT.3
man/man3/CURLOPT_POST.3
man/man3/CURLOPT_POSTFIELDS.3
@@ -203,6 +204,7 @@
man/man3/CURLOPT_SSL_CTX_FUNCTION.3
man/man3/CURLOPT_SSL_ENABLE_ALPN.3
man/man3/CURLOPT_SSL_ENABLE_NPN.3
+man/man3/CURLOPT_SSL_FALSESTART.3
man/man3/CURLOPT_SSL_OPTIONS.3
man/man3/CURLOPT_SSL_SESSIONID_CACHE.3
man/man3/CURLOPT_SSL_VERIFYHOST.3
diff -r d813a843d388 -r ab979c795688 www/curl/distinfo
--- a/www/curl/distinfo Wed Apr 29 21:21:34 2015 +0000
+++ b/www/curl/distinfo Wed Apr 29 21:25:22 2015 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.102 2015/03/01 15:01:00 wiz Exp $
+$NetBSD: distinfo,v 1.102.2.1 2015/04/29 21:25:22 tron Exp $
-SHA1 (curl-7.41.0.tar.bz2) = 6784591ed7dc3452a8ef6fba050777c50775c4f1
-RMD160 (curl-7.41.0.tar.bz2) = 8aa31d13947a9f0c13d7445e1da70554555fe67a
-Size (curl-7.41.0.tar.bz2) = 3304508 bytes
-SHA1 (patch-aa) = bb12008145096a963948ae69124746875452afa7
+SHA1 (curl-7.42.0.tar.bz2) = 5cabee25dcefca7f071e660bd79847f69aeff6af
+RMD160 (curl-7.42.0.tar.bz2) = 876fc1de75dc5e342b3fb6b2ddeb9bbba481c9a4
+Size (curl-7.42.0.tar.bz2) = 3330103 bytes
+SHA1 (patch-aa) = 59ec0be3ac90470fdc5935881da6a14dbab9d378
SHA1 (patch-curl-config.in) = fd87c97b601a6b9269f67fbc066604ee7e22570e
SHA1 (patch-lib_hostcheck.c) = 9faf94f44703c7d37377fd3af319ca5c27df34c2
diff -r d813a843d388 -r ab979c795688 www/curl/patches/patch-aa
--- a/www/curl/patches/patch-aa Wed Apr 29 21:21:34 2015 +0000
+++ b/www/curl/patches/patch-aa Wed Apr 29 21:25:22 2015 +0000
@@ -1,9 +1,9 @@
-$NetBSD: patch-aa,v 1.29 2015/03/01 15:01:00 wiz Exp $
+$NetBSD: patch-aa,v 1.29.2.1 2015/04/29 21:25:22 tron Exp $
builtin krb5-config in platforms such as solaris do not support
the gssapi option, and need an explicit -lgss
---- configure.orig 2015-02-24 23:05:37.000000000 +0000
+--- configure.orig 2015-04-21 07:21:35.000000000 +0000
+++ configure
@@ -3703,6 +3703,7 @@ $as_echo "$as_me: $xc_bad_var_msg librar
;;
@@ -22,21 +22,19 @@
#
if test "$compiler_id" = "GNU_C" ||
test "$compiler_id" = "CLANG"; then
-@@ -21128,7 +21129,12 @@ $as_echo "yes" >&6; }
- if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
+@@ -21131,6 +21132,11 @@ $as_echo "yes" >&6; }
GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi`
elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
-- GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
-+ if $GSSAPI_ROOT/bin/krb5-config --cflags gssapi 2>&1 | \
-+ grep "Unknown option" > /dev/null ; then
-+ GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags`
-+ else
-+ GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
-+ fi
+ GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
++ if $GSSAPI_ROOT/bin/krb5-config --cflags gssapi 2>&1 | grep "Unknown option" >/dev/null; then
++ GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags`
++ else
++ GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
++ fi
+ elif test -f "$KRB5CONFIG"; then
+ GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi`
elif test "$GSSAPI_ROOT" != "yes"; then
- GSSAPI_INCS="-I$GSSAPI_ROOT/include"
- fi
-@@ -21301,7 +21307,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd
+@@ -21305,7 +21311,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd
LIBS="-lgss $LIBS"
;;
*)
@@ -45,7 +43,7 @@
;;
esac
fi
-@@ -24016,7 +24022,7 @@ _ACEOF
+@@ -24264,7 +24270,7 @@ _ACEOF
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $capath (capath)" >&5
$as_echo "$capath (capath)" >&6; }
fi
Home |
Main Index |
Thread Index |
Old Index