./www/curl, Client that groks URLs

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2017Q4, Version: 7.59.0, Package name: curl-7.59.0, Maintainer: pkgsrc-users

Curl is a command line tool for transferring files with URL syntax, supporting
HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload,
proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate,
kerberos...), file transfer resume, proxy tunneling and a busload of other
useful tricks.

Required to run:

Required to build:

Package options: gssapi, idn, inet6

Master sites:

SHA1: 0dd78aa857342b85b90bd6b0a53f6aee3516cb13
RMD160: 48e5c291285d46753e4bab1c720c98dc91a0a16f
Filesize: 2836.092 KB

Version history: (Expand)

CVS history: (Expand)

   2018-03-16 22:16:19 by S.P.Zeidler | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket #5721 - requested by maya
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.194
- www/curl/PLIST                                                1.68
- www/curl/distinfo                                             1.142

   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Mar 14 07:44:24 UTC 2018

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo

   Log message:
   curl: update to 7.59.0.

   Curl and libcurl 7.59.0

   This release includes the following changes:

    o curl: add --proxy-pinnedpubkey [10]
    o CURLOPT_RESOLVE: Add support for multiple IP addresses per entry [37]
    o Add new tool option --happy-eyeballs-timeout-ms [37]

   This release includes the following bugfixes:

    o openldap: check ldap_get_attribute_ber() results for NULL before using [50]
    o FTP: reject path components with control codes [51]
    o readwrite: make sure excess reads don't go beyond buffer end [52]
    o lib555: drop text conversion and encode data as ascii codes [1]
    o lib517: make variable static to avoid compiler warning
    o lib544: sync ascii code data with textual data [1]
    o GSKit: restore pinnedpubkey functionality [2]
    o darwinssl: Don't import client certificates into Keychain on macOS [3]
    o parsedate: fix date parsing for systems with 32 bit long [4]
    o openssl: fix pinned public key build error in FIPS mode [5]
    o SChannel/WinSSL: Implement public key pinning [6]
    o cookies: remove verbose "cookie size:" output
    o progress-bar: don't use stderr explicitly, use bar->out [7]
    o Fixes for MSDOS
    o build: open VC15 projects with VS 2017
    o curl_ctype: private is*() type macros and functions [8]
    o configure: set PATH_SEPARATOR to colon for PATH w/o separator [9]
    o winbuild: make linker generate proper PDB [11]
    o curl_easy_reset: clear digest auth state [12]
    o curl/curl.h: fix comment typo for CURLOPT_DNS_LOCAL_IP6 [14]
    o range: commonize FTP and FILE range handling [15]
    o progress-bar docs: update to match implementation [16]
    o fnmatch: do not match the empty string with a character set
    o fnmatch: accept an alphanum to be followed by a non-alphanum in char set [17]
    o build: fix termios issue on android cross-compile [18]
    o getdate: return -1 for out of range [19]
    o formdata: use the mime-content type function [20]
    o time-cond: fix reading the file modification time on Windows [21]
    o build-openssl.bat: Extend VC15 support to include Enterprise and Professional
    o build-wolfssl.bat: Extend VC15 support to include Enterprise and Professional
    o openssl: Don't add verify locations when verifypeer=0
    o fnmatch: optimize processing of consecutive *s and ?s pattern characters [22]
    o schannel: fix compiler warnings [23]
    o content_encoding: Add "none" alias to "identity" [24]
    o get_posix_time: only check for overflows if they can happen
    o http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING [25]
    o README: language fix [26]
    o sha256: build with OpenSSL < 0.9.8 [27]
    o smtp: fix processing of initial dot in data [28]
    o --tlsauthtype: works only if libcurl is built with TLS-SRP support [29]
    o tests: new tests for http raw mode [30]
    o libcurl-security.3: man page discussion security concerns when using libcurl
    o curl_gssapi: make sure this file too uses our *printf()
    o BINDINGS: fix curb link (and remove ruby-curl-multi)
    o nss: use PK11_CreateManagedGenericObject() if available [31]
    o travis: add build with iconv enabled [32]
    o ssh: add two missing state names [33]
    o CURLOPT_HEADERFUNCTION.3: mention folded headers
    o http: fix the max header length detection logic [34]
    o header callback: don't chop headers into smaller pieces [35]
    o CURLOPT_HEADER.3: clarify problems with different data sizes
    o curl --version: show PSL if the run-time lib has it enabled
    o examples/sftpuploadresume: resume upload via CURLOPT_APPEND [36]
    o Return error if called recursively from within callbacks [38]
    o sasl: prefer PLAIN mechanism over LOGIN
    o winbuild: Use CALL to run batch scripts [40]
    o curl_share_setopt.3: connection cache is shared within multi handles
    o winbuild: Use macros for the names of some build utilities [41]
    o projects/README: remove reference to dead IDN link/package [42]
    o lib655: silence compiler warning [43]
    o configure: Fix version check for OpenSSL 1.1.1
    o docs/MANUAL: formfind.pl is not accessible on the site anymore [44]
    o unit1309: fix warning on Windows x64 [45]
    o unit1307: proper cleanup on OOM to fix torture tests
    o curl_ctype: fix macro redefinition warnings
    o build: get CFLAGS (including -werror) used for examples and tests [46]
    o NO_PROXY: fix for IPv6 numericals in the URL [47]
    o krb5: use nondeprecated functions [48]
    o winbuild: prefer documented zlib library names [49]
    o http2: mark the connection for close on GOAWAY [53]
    o limit-rate: kick in even before "limit" data has been received [54]
    o HTTP: allow "header;" to replace an internal header with a blank \ 
one [55]
    o http2: verbose output new MAX_CONCURRENT_STREAMS values
    o SECURITY: distros' max embargo time is 14 days
    o curl tool: accept --compressed also if Brotli is enabled and zlib is not
    o WolfSSL: adding TLSv1.3 [56]
    o checksrc.pl: add -i and -m options
    o CURLOPT_COOKIEFILE.3: "-" as file name means stdin

   To generate a diff of this commit:
   cvs rdiff -u -r1.193 -r1.194 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.67 -r1.68 pkgsrc/www/curl/PLIST
   cvs rdiff -u -r1.141 -r1.142 pkgsrc/www/curl/distinfo
   2018-01-24 20:43:13 by Benny Siegert | Files touched by this commit (4) | Package updated
Log message:
Pullup ticket #5689 - requested by wiz
www/curl: security fix

Revisions pulled up:
- www/curl/Makefile                                             1.192
- www/curl/PLIST                                                1.67
- www/curl/distinfo                                             1.141
- www/curl/patches/patch-curl-config.in                         1.8

   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Jan 24 07:57:19 UTC 2018

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo
   	pkgsrc/www/curl/patches: patch-curl-config.in

   Log message:
   curl: update to 7.58.0.

   This release includes the following changes:

    o new libssh-powered SSH SCP/SFTP back-end
    o curl-config: add --ssl-backends [10]

   This release includes the following bugfixes:

    o http2: fix incorrect trailer buffer size [40]
    o http: prevent custom Authorization headers in redirects [55]
    o travis: add boringssl build [1]
    o examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL [2]
    o SSL: Avoid magic allocation of SSL backend specific data [3]
    o lib: don't export all symbols, just everything curl_* [4]
    o libssh2: send the correct CURLE error code on scp file not found
    o libssh2: return CURLE_UPLOAD_FAILED on failure to upload
    o openssl: enable pkcs12 in boringssl builds [5]
    o libssh2: remove dead code from SSH_SFTP_QUOTE [6]
    o sasl_getmesssage: make sure we have a long enough string to pass [7]
    o conncache: fix several lock issues [8]
    o threaded-shared-conn.c: new example
    o conncache: only allow multiplexing within same multi handle [9]
    o configure: check for netinet/in6.h [11]
    o URL: tolerate backslash after drive letter for FILE: [12]
    o openldap: add commented out debug possibilities [13]
    o include: get netinet/in.h before linux/tcp.h [14]
    o CONNECT: keep close connection flag in http_connect_state struct [15]
    o BINDINGS: another PostgreSQL client
    o curl: limit -# update frequency for unknown total size [16]
    o configure: add AX_CODE_COVERAGE only if using gcc [17]
    o curl.h: remove incorrect comment about ERRORBUFFER
    o openssl: improve data-pending check for https proxy [18]
    o curl: remove __EMX__ #ifdefs [19]
    o CURLOPT_PRIVATE.3: fix grammar [20]
    o sftp: allow quoted commands to use relative paths [21]
    o RESOLVE: output verbose text when trying to set a duplicate name
    o openssl: Disable file buffering for Win32 SSLKEYLOGFILE [22]
    o multi_done: prune DNS cache [23]
    o tests: update .gitignore for libtests
    o tests: mark data files as non-executable in git
    o CURLOPT_DNS_LOCAL_IP4.3: fixed the "SEE ALSO" to not self-reference
    o curl.1: documented two missing valid exit codes
    o curl.1: mention http:// and https:// as valid proxy prefixes
    o vtls: replaced getenv() with curl_getenv() [24]
    o setopt: less *or equal* than INT_MAX/1000 should be fine [25]
    o examples/smtp-mail.c: use separate defines for options and mail
    o curl: support >256 bytes warning messsages [26]
    o conncache: fix a return code
    o krb5: fix a potential access of uninitialized memory
    o rand: add a clang-analyzer work-around
    o CURLOPT_READFUNCTION.3: refer to argument with correct name [27]
    o brotli: allow compiling with version 0.6.0
    o content_encoding: rework zlib_inflate [28]
    o curl_easy_reset: release mime-related data [29]
    o examples/rtsp: fix error handling macros [30]
    o build-openssl.bat: Added support for VC15
    o build-wolfssl.bat: Added support for VC15
    o build: Added Visual Studio 2017 project files
    o winbuild: Added support for VC15
    o curl: Support size modifiers for --max-filesize [32]
    o examples/cacertinmem: ignore cert-already-exists error [33]
    o brotli: data at the end of content can be lost [34]
    o curl_version_info.3: call the argument 'age' [35]
    o openssl: fix memory leak of SSLKEYLOGFILE filename
    o build: remove HAVE_LIMITS_H check [36]
    o --mail-rcpt: fix short-text description
    o scripts: allow all perl scripts to be run directly [37]
    o progress: calculate transfer speed on milliseconds if possible [38]
    o system.h: check __LONG_MAX__ for defining curl_off_t [31]
    o easy: fix connection ownership in curl_easy_pause [39]
    o setopt: reintroduce non-static Curl_vsetopt() for OS400 support [41]
    o setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values [42]
    o configure.ac: append extra linker flags instead of prepending them [43]
    o HTTP: bail out on negative Content-Length: values [44]
    o docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
    o mime: clone mime tree upon easy handle duplication [45]
    o openssl: enable SSLKEYLOGFILE support by default [46]
    o smtp/pop3/imap_get_message: decrease the data length too... [47]
    o CURLOPT_TCP_NODELAY.3: fix typo [48]
    o SMB: fix numeric constant suffix and variable types [49]
    o ftp-wildcard: fix matching an empty string with "*[^a]" [50]
    o curl_fnmatch: only allow 5 '*' sections in a single pattern
    o openssl: fix potential memory leak in SSLKEYLOGFILE logic
    o SSH: Fix state machine for ssh-agent authentication [51]
    o examples/url2file.c: add missing curl_global_cleanup() call [52]
    o http2: don't close connection when single transfer is stopped [53]
    o libcurl-env.3: first version
    o curl: progress bar refresh, get width using ioctl() [54]
    o CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support [56]