pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: pkgsrc/www/curl
As I sent yesterday, and which I hope made it through to tech-pkg from gmail:
"Despite the fact that the freeze is now over, I've been informed that
there are problems with curl 7.43.0 caching "Content-Length" between
requests on the same connection. Probably best to wait for a fixed
version to come from upstream."
Best,
Alistair
On 29 June 2015 at 22:46, S.P.Zeidler <spz%netbsd.org@localhost> wrote:
> Module Name: pkgsrc
> Committed By: spz
> Date: Tue Jun 30 05:46:56 UTC 2015
>
> Modified Files:
> pkgsrc/www/curl: Makefile PLIST distinfo
> pkgsrc/www/curl/patches: patch-aa patch-curl-config.in
> patch-lib_hostcheck.c
> Removed Files:
> pkgsrc/www/curl/patches: patch-lib_http2.c
>
> Log Message:
> update of curl to version 7.43.0. Upstream RELEASE_NOTES:
>
> Curl and libcurl 7.43.0
>
> Public curl releases: 147
> Command line options: 176
> curl_easy_setopt() options: 219
> Public functions in libcurl: 58
> Contributors: 1291
>
> This release includes the following changes:
>
> o Added CURLOPT_PROXY_SERVICE_NAME[11]
> o Added CURLOPT_SERVICE_NAME[12]
> o New curl option: --proxy-service-name[13]
> o Mew curl option: --service-name [14]
> o New curl option: --data-raw [5]
> o Added CURLOPT_PIPEWAIT [15]
> o Added support for multiplexing transfers using HTTP/2, enable this
> with the new CURLPIPE_MULTIPLEX bit for CURLMOPT_PIPELINING [16]
> o HTTP/2: requires nghttp2 1.0.0 or later
> o scripts: add zsh.pl for generating zsh completion
> o curl.h: add CURL_HTTP_VERSION_2
>
> This release includes the following bugfixes:
>
> o CVE-2015-3236: lingering HTTP credentials in connection re-use [30]
> o CVE-2015-3237: SMB send off unrelated memory contents [31]
> o nss: fix compilation failure with old versions of NSS [1]
> o curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
> o schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error
> o Curl_ossl_init: load builtin modules [2]
> o configure: follow-up fix for krb5-config [3]
> o sasl_sspi: Populate domain from the realm in the challenge [4]
> o netrc: support 'default' token
> o README: convert to UTF-8
> o cyassl: Implement public key pinning
> o nss: implement public key pinning for NSS backend
> o mingw build: add arch -m32/-m64 to LDFLAGS
> o schannel: Fix out of bounds array [6]
> o configure: remove autogenerated files by autoconf
> o configure: remove --automake from libtoolize call
> o acinclude.m4: fix shell test for default CA cert bundle/path
> o schannel: fix regression in schannel_recv [7]
> o openssl: skip trace outputs for ssl_ver == 0 [8]
> o gnutls: properly retrieve certificate status
> o netrc: Read in text mode when cygwin [9]
> o winbuild: Document the option used to statically link the CRT [10]
> o FTP: Make EPSV use the control IP address rather than the original host
> o FTP: fix dangling conn->ip_addr dereference on verbose EPSV
> o conncache: keep bundles on host+port bases, not only host names
> o runtests.pl: use 'h2c' now, no -14 anymore
> o curlver: introducing new version number (checking) macros
> o openssl: boringssl build brekage, use SSL_CTX_set_msg_callback [17]
> o CURLOPT_POSTFIELDS.3: correct variable names [18]
> o curl_easy_unescape.3: update RFC reference [19]
> o gnutls: don't fail on non-fatal alerts during handshake
> o testcurl.pl: allow source to be in an arbitrary directory
> o CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy
> o SSPI-error: Change SEC_E_ILLEGAL_MESSAGE description [20]
> o parse_proxy: switch off tunneling if non-HTTP proxy [21]
> o share_init: fix OOM crash
> o perl: remove subdir, not touched in 9 years
> o CURLOPT_COOKIELIST.3: Add example
> o CURLOPT_COOKIE.3: Explain that the cookies won't be modified [22]
> o CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain [23]
> o FAQ: How do I port libcurl to my OS?
> o openssl: Use TLS_client_method for OpenSSL 1.1.0+
> o HTTP-NTLM: fail auth on connection close instead of looping [24]
> o curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT [25]
> o curl_getdate.3: update RFC reference
> o curl_multi_info_read.3: added example
> o curl_multi_perform.3: added example
> o curl_multi_timeout.3: added example
> o cookie: Stop exporting any-domain cookies [26]
> o openssl: remove dummy callback use from SSL_CTX_set_verify()
> o openssl: remove SSL_get_session()-using code
> o openssl: removed USERDATA_IN_PWD_CALLBACK kludge
> o openssl: removed error string #ifdef
> o openssl: Fix verification of server-sent legacy intermediates [27]
> o docs: man page indentation and syntax fixes
> o docs: Spelling fixes
> o fopen.c: fix a few compiler warnings
> o CURLOPT_OPENSOCKETFUNCTION: return error at once [28]
> o schannel: Add support for optional client certificates
> o build: Properly detect OpenSSL 1.0.2 when using configure
> o urldata: store POST size in state.infilesize too [29]
> o security:choose_mech remove dead code
> o rtsp_do: remove dead code
> o docs: many HTTP URIs changed to HTTPS
> o schannel: schannel_recv overhaul [32]
>
> This release includes the following known bugs:
>
> o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)
>
> This release would not have looked like this without help, code, reports and
> advice from friends like these:
>
> Alessandro Ghedini, Alexander Dyagilev, Anders Bakken, Anthony Avina,
> Ashish Shukla, Bert Huijben, Brian Chrisman, Brian Prodoehl, Chris Araman,
> Dagobert Michelsen, Dan Fandrich, Daniel Melani, Daniel Stenberg,
> Dmitry Eremin-Solenikov, Drake Arconis, Egon Eckert, Frank Meier, Fred Stluka,
> Gisle Vanem, Grant Pannell, Isaac Boukris, Jens Rantil, Joel Depooter,
> Kamil Dudka, Linus Nielsen Feltzing, Linus Nielsen Feltzing Feltzing,
> Liviu Chircu, Marc Hoersken, Michael Osipov, Oren Souroujon, Orgad Shaneh,
> Patrick Monnerat, Patrick Rapin, Paul Howarth, Paul Oliver, Rafayel Mkrtchyan,
> Ray Satiro, Sean Boudreau, Tatsuhiro Tsujikawa, Tomas Tomecek, Viktor Szakáts,
> Ville Skyttä, Yehezkel Horowitz,
> (43 contributors)
>
> Thanks! (and sorry if I forgot to mention someone)
>
> References to bug reports and discussions on issues:
>
> [1] = http://curl.haxx.se/mail/lib-2015-04/0095.html
> [2] = https://github.com/bagder/curl/pull/206
> [3] = https://github.com/bagder/curl/commit/5b668606527613179d0349f21b4ab0df2971e3d2#commitcomment-10473445
> [4] = https://github.com/bagder/curl/pull/141
> [5] = https://github.com/bagder/curl/issues/198
> [6] = http://curl.haxx.se/mail/lib-2015-04/0199.html
> [7] = https://github.com/bagder/curl/issues/244
> [8] = https://github.com/bagder/curl/issues/219
> [9] = https://github.com/bagder/curl/pull/258
> [10] = https://github.com/bagder/curl/issues/254
> [11] = http://curl.haxx.se/libcurl/c/CURLOPT_PROXY_SERVICE_NAME.html
> [12] = http://curl.haxx.se/libcurl/c/CURLOPT_SERVICE_NAME.html
> [13] = http://curl.haxx.se/docs/manpage.html#--proxy-service-name
> [14] = http://curl.haxx.se/docs/manpage.html#--service-name
> [15] = http://curl.haxx.se/libcurl/c/CURLOPT_PIPEWAIT.html
> [16] = http://curl.haxx.se/libcurl/c/CURLMOPT_PIPELINING.html
> [17] = https://github.com/bagder/curl/issues/275
> [18] = https://github.com/bagder/curl/issues/281
> [19] = https://github.com/bagder/curl/issues/282
> [20] = https://github.com/bagder/curl/issues/267
> [21] = http://curl.haxx.se/mail/lib-2015-05/0056.html
> [22] = http://curl.haxx.se/mail/lib-2015-05/0115.html
> [23] = http://curl.haxx.se/mail/lib-2015-05/0137.html
> [24] = https://github.com/bagder/curl/issues/256
> [25] = https://github.com/bagder/curl/pull/258#issuecomment-107093055
> [26] = https://github.com/bagder/curl/issues/292
> [27] = https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
> [28] = http://curl.haxx.se/mail/lib-2015-06/0047.html
> [29] = http://curl.haxx.se/mail/lib-2015-06/0019.html
> [30] = http://curl.haxx.se/docs/adv_20150617A.html
> [31] = http://curl.haxx.se/docs/adv_20150617B.html
> [32] = https://github.com/bagder/curl/issues/244
>
>
> To generate a diff of this commit:
> cvs rdiff -u -r1.150 -r1.151 pkgsrc/www/curl/Makefile
> cvs rdiff -u -r1.49 -r1.50 pkgsrc/www/curl/PLIST
> cvs rdiff -u -r1.105 -r1.106 pkgsrc/www/curl/distinfo
> cvs rdiff -u -r1.30 -r1.31 pkgsrc/www/curl/patches/patch-aa
> cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/curl/patches/patch-curl-config.in
> cvs rdiff -u -r1.1 -r1.2 pkgsrc/www/curl/patches/patch-lib_hostcheck.c
> cvs rdiff -u -r1.1 -r0 pkgsrc/www/curl/patches/patch-lib_http2.c
>
> Please note that diffs are not public domain; they are subject to the
> copyright notices on the relevant files.
>
Home |
Main Index |
Thread Index |
Old Index