Message ID | 20190209093722.11080-1-matthias.fischer@ipfire.org |
---|---|
State | Accepted |
Commit | d5b7f82a40b69a57d6d849c2e6da583c6772fc9a |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id 10E0088B606 for <patchwork@web07.i.ipfire.org>; Sat, 9 Feb 2019 09:37:31 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 43xRmB01PTz5HDM9; Sat, 9 Feb 2019 09:37:29 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1549705050; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:references:list-id: list-unsubscribe:list-subscribe:list-post; bh=mSlRF+S/4CDCwTLDxG8fI683rYcgCBjZ42dHYXYrAk4=; b=vdPxXK35EP/mziGzH1mPn1lcC3VYw6tcXShRK0hunxKs1qJf5dw//ms15ans/H7arRcFfP 7BB5OWFqtN0XmS8BWzc4rZxPrV0L7IYj//nfPFJFlvKZ5XFUMoBYfpeAFR+lAqN2HKDCHe M5Qs/OQ7D1DTE2V2/GZAkYIbjt8B6ED3Btl6rV2P2Lt/OdPNts+5A3iZy7EVsF/5RR8CcR RKFb8MG9POX3b2l7MCghiWouAjqV3VRH9ctuh10XXQnlaHWvKrDmJYsja0cnAiNLg9TFT6 lT/1fQ8F1MoXP3Z90IMq9umOo8fhZu4IQe5FqDYb3P2U41uqONL1KOQNVIHLjw== Received: from Devel.localdomain (p4FF5633E.dip0.t-ipconnect.de [79.245.99.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 43xRm64Ytdz5HDLs for <development@lists.ipfire.org>; Sat, 9 Feb 2019 09:37:26 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1549705046; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:references; bh=mSlRF+S/4CDCwTLDxG8fI683rYcgCBjZ42dHYXYrAk4=; b=IwremjCwpBV3vEqpvczgmu86lGanNzp4Et2fkmu+rhqx30P5yh7HnZK/OW9RlzIiCi0F0W 6g6p+mZm2fgJJpEf7XaUnkCstXf35dTAcOcL/CfJA0W3+ljzcW5hBQ3XywJ7I0Gq0gIcg9 d0pER7GohIWxySXaZwVZsvkatiRwG6vu/ydJ8bUt4MXcxNNGLBcfciKaoqHcQhs7HT41hx EBxB6f0UAvHGLW1rRQ0hLvmYeY66PzpSQ5292QuMLTKwH0Z/0eOCPpGs1/vyFrHWscuFRQ WN6KgIWrULNNP6JhFaBs+MeSDshzkaf8p1WjJy0Qs81UPv58egyZj4lA8yWSzA== From: Matthias Fischer <matthias.fischer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] curl: Update to 7.64.0 Date: Sat, 9 Feb 2019 10:37:22 +0100 Message-Id: <20190209093722.11080-1-matthias.fischer@ipfire.org> X-Mailer: git-send-email 2.18.0 Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=mfischer smtp.mailfrom=matthias.fischer@ipfire.org X-Spamd-Result: default: False [-5.01 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; DKIM_SIGNED(0.00)[]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM(-2.91)[-0.970,0]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3320, ipnet:79.192.0.0/10, country:DE]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%] X-Spam-Status: No, score=-5.01 X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <https://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Series |
curl: Update to 7.64.0
|
|
Commit Message
Matthias Fischer
Feb. 9, 2019, 8:37 p.m. UTC
Hi,
For details see:
https://curl.haxx.se/changes.html
This came rather unexpected - if I'd known, I'd have waited with 7.63.0.
"Changes:
cookies: leave secure cookies alone
hostip: support wildcard hosts
http: Implement trailing headers for chunked transfers
http: added options for allowing HTTP/0.9 responses
timeval: Use high resolution timestamps on Windows
Bugfixes:
CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
CVE-2019-3823: SMTP end-of-response out-of-bounds read
FAQ: remove mention of sourceforge for github
OS400: handle memory error in list conversion
OS400: upgrade ILE/RPG binding.
README: add codacy code quality badge
Revert http_negotiate: do not close connection
THANKS: added several missing names from year <= 2000
build: make 'tidy' target work for metalink builds
cmake: added checks for variadic macros
cmake: updated check for HAVE_POLL_FINE to match autotools
cmake: use lowercase for function name like the rest of the code
configure: detect xlclang separately from clang
configure: fix recv/send/select detection on Android
configure: rewrite --enable-code-coverage
conncache_unlock: avoid indirection by changing input argument type
cookie: fix comment typo
cookies: allow secure override when done over HTTPS
cookies: extend domain checks to non psl builds
cookies: skip custom cookies when redirecting cross-site
curl --xattr: strip credentials from any URL that is stored
curl -J: refuse to append to the destination file
curl/urlapi.h: include "curl.h" first
curl_multi_remove_handle() don't block terminating c-ares requests
darwinssl: accept setting max-tls with default min-tls
disconnect: separate connections and easy handles better
disconnect: set conn->data for protocol disconnect
docs/version.d: mention MultiSSL
docs: fix the --tls-max description
docs: use $(INSTALL_DATA) to install man page
docs: use meaningless port number in CURLOPT_LOCALPORT example
gopher: always include the entire gopher-path in request
http2: clear pause stream id if it gets closed
if2ip: remove unused function Curl_if_is_interface_name
libssh: do not let libssh create socket
libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh
libssh: free sftp_canonicalize_path() data correctly
libtest/stub_gssapi: use "real" snprintf
mbedtls: use VERIFYHOST
multi: multiplexing improvements
multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
ntlm: fix NTMLv2 compliance
ntlm_sspi: add support for channel binding
openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
openssl: fix the SSL_get_tlsext_status_ocsp_resp call
openvms: fix OpenSSL discovery on VAX
openvms: fix typos in documentation
os400: add a missing closing bracket
os400: fix extra parameter syntax error
pingpong: change default response timeout to 120 seconds
pingpong: ignore regular timeout in disconnect phase
printf: fix format specifiers
runtests.pl: Fix perl call to include srcdir
schannel: fix compiler warning
schannel: preserve original certificate path parameter
schannel: stop calling it "winssl"
sigpipe: if mbedTLS is used, ignore SIGPIPE
smb: fix incorrect path in request if connection reused
ssh: log the libssh2 error message when ssh session startup fails
test1558: verify CURLINFO_PROTOCOL on file:// transfer
test1561: improve test name
test1653: make it survive torture tests
tests: allow tests to pass by 2037-02-12
tests: move objnames-* from lib into tests
timediff: fix math for unsigned time_t
timeval: Disable MSVC Analyzer GetTickCount warning
tool_cb_prg: avoid integer overflow
travis: added cmake build for osx
urlapi: Fix port parsing of eol colon
urlapi: distinguish possibly empty query
urlapi: fix parsing ipv6 with zone index
urldata: rename easy_conn to just conn
winbuild: conditionally use /DZLIB_WINAPI
wolfssl: fix memory-leak in threaded use
spnego_sspi: add support for channel binding"
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
config/rootfiles/common/curl | 3 +++
lfs/curl | 4 ++--
2 files changed, 5 insertions(+), 2 deletions(-)
Comments
Thank you. Merged. > On 9 Feb 2019, at 09:37, Matthias Fischer <matthias.fischer@ipfire.org> wrote: > > Hi, > > For details see: > https://curl.haxx.se/changes.html > > This came rather unexpected - if I'd known, I'd have waited with 7.63.0. > > "Changes: > cookies: leave secure cookies alone > hostip: support wildcard hosts > http: Implement trailing headers for chunked transfers > http: added options for allowing HTTP/0.9 responses > timeval: Use high resolution timestamps on Windows > > Bugfixes: > CVE-2018-16890: NTLM type-2 out-of-bounds buffer read > CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow > CVE-2019-3823: SMTP end-of-response out-of-bounds read > FAQ: remove mention of sourceforge for github > OS400: handle memory error in list conversion > OS400: upgrade ILE/RPG binding. > README: add codacy code quality badge > Revert http_negotiate: do not close connection > THANKS: added several missing names from year <= 2000 > build: make 'tidy' target work for metalink builds > cmake: added checks for variadic macros > cmake: updated check for HAVE_POLL_FINE to match autotools > cmake: use lowercase for function name like the rest of the code > configure: detect xlclang separately from clang > configure: fix recv/send/select detection on Android > configure: rewrite --enable-code-coverage > conncache_unlock: avoid indirection by changing input argument type > cookie: fix comment typo > cookies: allow secure override when done over HTTPS > cookies: extend domain checks to non psl builds > cookies: skip custom cookies when redirecting cross-site > curl --xattr: strip credentials from any URL that is stored > curl -J: refuse to append to the destination file > curl/urlapi.h: include "curl.h" first > curl_multi_remove_handle() don't block terminating c-ares requests > darwinssl: accept setting max-tls with default min-tls > disconnect: separate connections and easy handles better > disconnect: set conn->data for protocol disconnect > docs/version.d: mention MultiSSL > docs: fix the --tls-max description > docs: use $(INSTALL_DATA) to install man page > docs: use meaningless port number in CURLOPT_LOCALPORT example > gopher: always include the entire gopher-path in request > http2: clear pause stream id if it gets closed > if2ip: remove unused function Curl_if_is_interface_name > libssh: do not let libssh create socket > libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh > libssh: free sftp_canonicalize_path() data correctly > libtest/stub_gssapi: use "real" snprintf > mbedtls: use VERIFYHOST > multi: multiplexing improvements > multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time > ntlm: fix NTMLv2 compliance > ntlm_sspi: add support for channel binding > openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated > openssl: fix the SSL_get_tlsext_status_ocsp_resp call > openvms: fix OpenSSL discovery on VAX > openvms: fix typos in documentation > os400: add a missing closing bracket > os400: fix extra parameter syntax error > pingpong: change default response timeout to 120 seconds > pingpong: ignore regular timeout in disconnect phase > printf: fix format specifiers > runtests.pl: Fix perl call to include srcdir > schannel: fix compiler warning > schannel: preserve original certificate path parameter > schannel: stop calling it "winssl" > sigpipe: if mbedTLS is used, ignore SIGPIPE > smb: fix incorrect path in request if connection reused > ssh: log the libssh2 error message when ssh session startup fails > test1558: verify CURLINFO_PROTOCOL on file:// transfer > test1561: improve test name > test1653: make it survive torture tests > tests: allow tests to pass by 2037-02-12 > tests: move objnames-* from lib into tests > timediff: fix math for unsigned time_t > timeval: Disable MSVC Analyzer GetTickCount warning > tool_cb_prg: avoid integer overflow > travis: added cmake build for osx > urlapi: Fix port parsing of eol colon > urlapi: distinguish possibly empty query > urlapi: fix parsing ipv6 with zone index > urldata: rename easy_conn to just conn > winbuild: conditionally use /DZLIB_WINAPI > wolfssl: fix memory-leak in threaded use > spnego_sspi: add support for channel binding" > > Best, > Matthias > > Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> > --- > config/rootfiles/common/curl | 3 +++ > lfs/curl | 4 ++-- > 2 files changed, 5 insertions(+), 2 deletions(-) > > diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl > index 5c616f8da..1eb9f6f37 100644 > --- a/config/rootfiles/common/curl > +++ b/config/rootfiles/common/curl > @@ -170,6 +170,7 @@ usr/lib/libcurl.so.4.5.0 > #usr/share/man/man3/CURLOPT_HEADERDATA.3 > #usr/share/man/man3/CURLOPT_HEADERFUNCTION.3 > #usr/share/man/man3/CURLOPT_HEADEROPT.3 > +#usr/share/man/man3/CURLOPT_HTTP09_ALLOWED.3 > #usr/share/man/man3/CURLOPT_HTTP200ALIASES.3 > #usr/share/man/man3/CURLOPT_HTTPAUTH.3 > #usr/share/man/man3/CURLOPT_HTTPGET.3 > @@ -340,6 +341,8 @@ usr/lib/libcurl.so.4.5.0 > #usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3 > #usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3 > #usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3 > +#usr/share/man/man3/CURLOPT_TRAILERDATA.3 > +#usr/share/man/man3/CURLOPT_TRAILERFUNCTION.3 > #usr/share/man/man3/CURLOPT_TRANSFERTEXT.3 > #usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3 > #usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3 > diff --git a/lfs/curl b/lfs/curl > index f00677b5e..e57bbbf45 100644 > --- a/lfs/curl > +++ b/lfs/curl > @@ -24,7 +24,7 @@ > > include Config > > -VER = 7.63.0 > +VER = 7.64.0 > > THISAPP = curl-$(VER) > DL_FILE = $(THISAPP).tar.gz > @@ -40,7 +40,7 @@ objects = $(DL_FILE) > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > -$(DL_FILE)_MD5 = 6121427a7199cd6094fc48c9e31e8992 > +$(DL_FILE)_MD5 = a026740d599a32bcbbe6e70679397899 > > install : $(TARGET) > > -- > 2.18.0 >
diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl index 5c616f8da..1eb9f6f37 100644 --- a/config/rootfiles/common/curl +++ b/config/rootfiles/common/curl @@ -170,6 +170,7 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/CURLOPT_HEADERDATA.3 #usr/share/man/man3/CURLOPT_HEADERFUNCTION.3 #usr/share/man/man3/CURLOPT_HEADEROPT.3 +#usr/share/man/man3/CURLOPT_HTTP09_ALLOWED.3 #usr/share/man/man3/CURLOPT_HTTP200ALIASES.3 #usr/share/man/man3/CURLOPT_HTTPAUTH.3 #usr/share/man/man3/CURLOPT_HTTPGET.3 @@ -340,6 +341,8 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3 #usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3 #usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3 +#usr/share/man/man3/CURLOPT_TRAILERDATA.3 +#usr/share/man/man3/CURLOPT_TRAILERFUNCTION.3 #usr/share/man/man3/CURLOPT_TRANSFERTEXT.3 #usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3 #usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3 diff --git a/lfs/curl b/lfs/curl index f00677b5e..e57bbbf45 100644 --- a/lfs/curl +++ b/lfs/curl @@ -24,7 +24,7 @@ include Config -VER = 7.63.0 +VER = 7.64.0 THISAPP = curl-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 6121427a7199cd6094fc48c9e31e8992 +$(DL_FILE)_MD5 = a026740d599a32bcbbe6e70679397899 install : $(TARGET)