./www/curl, Client that groks URLs

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2017Q1, Version: 7.54.0, Package name: curl-7.54.0, Maintainer: pkgsrc-users

Curl is a command line tool for transferring files with URL syntax, supporting
FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. Curl supports
HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload,
proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate,
kerberos...), file transfer resume, proxy tunneling and a busload of other
useful tricks.


Required to run:
[devel/libidn]

Required to build:
[pkgtools/cwrappers]

Package options: gssapi, inet6, libidn

Master sites:

SHA1: e1cc251508e98bc5a8b9d5c40d8a4f6e48465d1c
RMD160: 853ff262182b071c5cf93ffecaf6ee049c3fffc7
Filesize: 2541.295 KB

Version history: (Expand)


CVS history: (Expand)


   2017-04-23 11:15:48 by Benny Siegert | Files touched by this commit (4) | Package updated
Log message:
Pullup ticket #5327 - requested by wiz
www/curl: security fix

Revisions pulled up:
- www/curl/Makefile                                             1.180
- www/curl/PLIST                                                1.63
- www/curl/distinfo                                             1.130-1.131
- www/curl/patches/patch-src_Makefile.in                        1.1

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Apr 19 10:28:07 UTC 2017

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo

   Log message:
   Updated curl to 7.54.0.

   Curl and libcurl 7.54.0

    Public curl releases:         165
    Command line options:         207
    curl_easy_setopt() options:   245
    Public functions in libcurl:  61
    Contributors:                 1538

   This release includes the following changes:
    o Add CURL_SSLVERSION_MAX_* constants to CURLOPT_SSLVERSION [19]
    o Add --max-tls [19]
    o Add CURLOPT_SUPPRESS_CONNECT_HEADERS [24]
    o Add --suppress-connect-headers [24]

   This release includes the following bugfixes:

    o CVE-2017-7468: switch off SSL session id when client cert is used [68]
    o cmake: Replace invalid UTF-8 byte sequence [1]
    o tests: use consistent environment variables for setting charset
    o proxy: fixed a memory leak on OOM
    o ftp: removed an erroneous free in an OOM path
    o docs: de-duplicate file lists in the Makefiles [2]
    o ftp: fixed a NULL pointer dereference on OOM
    o gopher: fixed detection of an error condition from Curl_urldecode
    o url: fix unix-socket support for proxy-disabled builds [3]
    o test1139: allow for the possibility that the man page is not rebuilt
    o cyassl: get library version string at runtime
    o digest_sspi: fix compilation warning
    o tests: enable HTTP/2 tests to run with non-default port numbers
    o warnless: suppress compiler warning
    o darwinssl: Warn that disabling host verify also disables SNI [4]
    o configure: fix for --enable-pthreads [5]
    o checksrc.bat: Ignore curl_config.h.in, curl_config.h
    o no-keepalive.d: fix typo [6]
    o configure: fix --with-zlib when a path is specified [7]
    o build: fix gcc7 implicit fallthrough warnings [8]
    o fix potential use of uninitialized variables [9]
    o CURLOPT_SSL_CTX_FUNCTION.3: Fix EXAMPLE formatting errors [10]
    o CMake: Reorganize SSL support, separate WinSSL and SSPI [11]
    o CMake: Add DarwinSSL support [12]
    o CMake: Add mbedTLS support [13]
    o ares: return error at once if timed out before name resolve starts [14]
    o BINDINGS: added C++, perl, go and Scilab bindings
    o URL: return error on malformed URLs with junk after port number
    o KNOWN_BUGS: Add DarwinSSL won't import PKCS#12 without a password [15]
    o http2: Fix assertion error on redirect with CL=0 [16]
    o updatemanpages.pl: Update man pages to use current date and versions [17]
    o --insecure: clarify that this option is for server connections [18]
    o mkhelp: simplified the gzip code
    o build: fixed making man page in out-of-tree tarball builds
    o tests: disabled 1903 due to flakiness
    o openssl: add two /* FALLTHROUGH */ to satisfy coverity
    o cmdline-opts: fixed a few typos
    o authneg: clear auth.multi flag at http_done [20]
    o curl_easy_reset: Also reset the authentication state [21]
    o proxy: skip SSL initialization for closed connections [22]
    o http_proxy: ignore TE and CL in CONNECT 2xx responses [23]
    o tool_writeout: fixed a buffer read overrun on --write-out
    o make: regenerate docs/curl.1 by running make in docs [25]
    o winbuild: add basic support for OpenSSL 1.1.x [26]
    o build: removed redundant DEPENDENCIES from makefiles
    o CURLINFO_LOCAL_PORT.3: added example
    o curl: show HTTPS-Proxy options on CURLE_SSL_CACERT [27]
    o tests: strip more options from non-HTTP --libcurl tests
    o tests: fixed the documented test server port numbers
    o runtests.pl: fixed display of the Gopher IPv6 port number
    o multi: fix streamclose() crash in debug mode [28]
    o cmake: build manual pages [29]
    o cmake: add support for building HTML and PDF docs [30]
    o mbedtls: add support for CURLOPT_SSL_CTX_FUNCTION [31]
    o make: introduce 'test-nonflaky' target
    o CURLINFO_PRIMARY_IP.3: add example
    o tests/README: mention nroff for --manual tests [32]
    o mkhelp: disable compression if the perl gzip module is unavailable
    o openssl: fall back on SSL_ERROR_* string when no error detail [33]
    o asiohiper: make sure socket is open in event_cb [34]
    o tests/README: make "Run" section foolproof [35]
    o curl: check for end of input in writeout backslash handling
    o .gitattributes: turn off CRLF for *.am [36]
    o multi: fix MinGW-w64 compiler warnings
    o schannel: fix variable shadowing warning
    o openssl: exclude DSA code when OPENSSL_NO_DSA is defined [37]
    o http: Fix proxy connection reuse with basic-auth [38]
    o pause: handle mixed types of data when paused [39]
    o http: do not treat FTPS over CONNECT as HTTPS
    o conncache: make hashkey avoid malloc [40]
    o make: use the variable MAKE for recursive calls [41]
    o curl: fix callback argument inconsistency [42]
    o NTLM: check for features with #ifdef instead of #if [43]
    o cmake: add several missing files to the dist
    o select: use correct SIZEOF_ constant [44]
    o connect: fix unreferenced parameter warning
    o schannel: fix unused variable warning
    o gcc7: fix * in boolean context [45]
    o http2: silence unused parameter warnings
    o ssh: fix narrowing conversion warning
    o telnet: (win32) fix read callback return variable [46]
    o docs: Explain --fail-early does not imply --fail [47]
    o docs: added examples for CURLINFO_FILETIME.3 and CURLOPT_FILETIME.3
    o tests/server/util: remove in6addr_any for recent MinGW [48]
    o multi: make curl_multi_wait avoid malloc in the typical case [49]
    o include: curl/system.h is a run-time version of curlbuild.h [50]
    o easy: silence compiler warning
    o llist: replace Curl_llist_alloc with Curl_llist_init [51]
    o hash: move key into hash struct to reduce mallocs [52]
    o url: don't free postponed data on connection reuse [53]
    o curl_sasl: declare mechtable static
    o curl: fix Windows Unicode build
    o multi: fix queueing of pending easy handles [54]
    o tool_operate: fix MinGW compiler warning [55]
    o low_speed_limit: improved function for longer time periods [56]
    o gtls: fix compiler warning
    o sspi: print out InitializeSecurityContext() error message [57]
    o schannel: fix compiler warnings [58]
    o vtls: fix unreferenced variable warnings
    o INSTALL.md: fix secure transport configure arguments
    o CURLINFO_SCHEME.3: fix variable type
    o libcurl-thread.3: also mention threaded-resolver [59]
    o nss: load CA certificates even with --insecure [60]
    o openssl: fix this statement may fall through [61]
    o poll: prefer <poll.h> over <sys/poll.h> [62]
    o polarssl: unbreak build with versions < 1.3.8 [63]
    o Curl_expire_latest: ignore already expired timers [64]
    o configure: turn implicit function declarations into errors [65]
    o mbedtls: fix memory leak in error path [66]
    o http2: fix handle leak in error path [67]
    o .gitattributes: force shell scripts to LF [69]
    o configure.ac: ignore CR after version numbers [70]
    o extern-scan.pl: strip trailing CR [71]
    o openssl: make SSL_ERROR_to_str more future-proof [72]
    o openssl: fix thread-safety bugs in error-handling [73]
    o openssl: don't try to print nonexistant peer private keys [74]
    o nss: fix MinGW compiler warnings [75]

---
   Module Name:    pkgsrc
   Committed By:   ryoon
   Date:           Wed Apr 19 16:37:33 UTC 2017

   Modified Files:
           pkgsrc/www/curl: distinfo
   Added Files:
           pkgsrc/www/curl/patches: patch-src_Makefile.in

   Log message:
   Do not use GNU make syntax. Fix build with bmake
   2017-04-05 23:16:45 by S.P.Zeidler | Files touched by this commit (2)
Log message:
Pullup ticket #5242 - requested by wiz
www/curl: security patch

Revisions pulled up:
- www/curl/Makefile                                             1.179
- www/curl/distinfo                                             1.129

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Apr  5 12:12:58 UTC 2017

   Modified Files:
   	pkgsrc/www/curl: Makefile distinfo

   Log message:
   Updated curl to 7.53.1nb1.

   Add upstream patch fixing CVE-2017-7407.

   To generate a diff of this commit:
   cvs rdiff -u -r1.178 -r1.179 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.128 -r1.129 pkgsrc/www/curl/distinfo