Path to this page:
./
www/curl,
Client that groks URLs
Branch: pkgsrc-2017Q4,
Version: 7.59.0,
Package name: curl-7.59.0,
Maintainer: pkgsrc-usersCurl is a command line tool for transferring files with URL syntax, supporting
FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. Curl supports
HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload,
proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate,
kerberos...), file transfer resume, proxy tunneling and a busload of other
useful tricks.
Required to run:[
devel/libidn2]
Required to build:[
pkgtools/cwrappers]
Package options: gssapi, idn, inet6
Master sites:
SHA1: 0dd78aa857342b85b90bd6b0a53f6aee3516cb13
RMD160: 48e5c291285d46753e4bab1c720c98dc91a0a16f
Filesize: 2836.092 KB
Version history: (Expand)
- (2018-03-17) Updated to version: curl-7.59.0
- (2018-01-25) Updated to version: curl-7.58.0
- (2018-01-02) Package added to pkgsrc.se, version curl-7.57.0 (created)
CVS history: (Expand)
2018-03-16 22:16:19 by S.P.Zeidler | Files touched by this commit (3) | |
Log message:
Pullup ticket #5721 - requested by maya
www/curl: security update
Revisions pulled up:
- www/curl/Makefile 1.194
- www/curl/PLIST 1.68
- www/curl/distinfo 1.142
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Wed Mar 14 07:44:24 UTC 2018
Modified Files:
pkgsrc/www/curl: Makefile PLIST distinfo
Log message:
curl: update to 7.59.0.
Curl and libcurl 7.59.0
This release includes the following changes:
o curl: add --proxy-pinnedpubkey [10]
o added: CURLOPT_TIMEVALUE_LARGE and CURLINFO_FILETIME_T [13]
o CURLOPT_RESOLVE: Add support for multiple IP addresses per entry [37]
o Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS [37]
o Add new tool option --happy-eyeballs-timeout-ms [37]
o Add CURLOPT_RESOLVER_START_FUNCTION and CURLOPT_RESOLVER_START_DATA [39]
This release includes the following bugfixes:
o openldap: check ldap_get_attribute_ber() results for NULL before using [50]
o FTP: reject path components with control codes [51]
o readwrite: make sure excess reads don't go beyond buffer end [52]
o lib555: drop text conversion and encode data as ascii codes [1]
o lib517: make variable static to avoid compiler warning
o lib544: sync ascii code data with textual data [1]
o GSKit: restore pinnedpubkey functionality [2]
o darwinssl: Don't import client certificates into Keychain on macOS [3]
o parsedate: fix date parsing for systems with 32 bit long [4]
o openssl: fix pinned public key build error in FIPS mode [5]
o SChannel/WinSSL: Implement public key pinning [6]
o cookies: remove verbose "cookie size:" output
o progress-bar: don't use stderr explicitly, use bar->out [7]
o Fixes for MSDOS
o build: open VC15 projects with VS 2017
o curl_ctype: private is*() type macros and functions [8]
o configure: set PATH_SEPARATOR to colon for PATH w/o separator [9]
o winbuild: make linker generate proper PDB [11]
o curl_easy_reset: clear digest auth state [12]
o curl/curl.h: fix comment typo for CURLOPT_DNS_LOCAL_IP6 [14]
o range: commonize FTP and FILE range handling [15]
o progress-bar docs: update to match implementation [16]
o fnmatch: do not match the empty string with a character set
o fnmatch: accept an alphanum to be followed by a non-alphanum in char set [17]
o build: fix termios issue on android cross-compile [18]
o getdate: return -1 for out of range [19]
o formdata: use the mime-content type function [20]
o time-cond: fix reading the file modification time on Windows [21]
o build-openssl.bat: Extend VC15 support to include Enterprise and Professional
o build-wolfssl.bat: Extend VC15 support to include Enterprise and Professional
o openssl: Don't add verify locations when verifypeer=0
o fnmatch: optimize processing of consecutive *s and ?s pattern characters [22]
o schannel: fix compiler warnings [23]
o content_encoding: Add "none" alias to "identity" [24]
o get_posix_time: only check for overflows if they can happen
o http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING [25]
o README: language fix [26]
o sha256: build with OpenSSL < 0.9.8 [27]
o smtp: fix processing of initial dot in data [28]
o --tlsauthtype: works only if libcurl is built with TLS-SRP support [29]
o tests: new tests for http raw mode [30]
o libcurl-security.3: man page discussion security concerns when using libcurl
o curl_gssapi: make sure this file too uses our *printf()
o BINDINGS: fix curb link (and remove ruby-curl-multi)
o nss: use PK11_CreateManagedGenericObject() if available [31]
o travis: add build with iconv enabled [32]
o ssh: add two missing state names [33]
o CURLOPT_HEADERFUNCTION.3: mention folded headers
o http: fix the max header length detection logic [34]
o header callback: don't chop headers into smaller pieces [35]
o CURLOPT_HEADER.3: clarify problems with different data sizes
o curl --version: show PSL if the run-time lib has it enabled
o examples/sftpuploadresume: resume upload via CURLOPT_APPEND [36]
o Return error if called recursively from within callbacks [38]
o sasl: prefer PLAIN mechanism over LOGIN
o winbuild: Use CALL to run batch scripts [40]
o curl_share_setopt.3: connection cache is shared within multi handles
o winbuild: Use macros for the names of some build utilities [41]
o projects/README: remove reference to dead IDN link/package [42]
o lib655: silence compiler warning [43]
o configure: Fix version check for OpenSSL 1.1.1
o docs/MANUAL: formfind.pl is not accessible on the site anymore [44]
o unit1309: fix warning on Windows x64 [45]
o unit1307: proper cleanup on OOM to fix torture tests
o curl_ctype: fix macro redefinition warnings
o build: get CFLAGS (including -werror) used for examples and tests [46]
o NO_PROXY: fix for IPv6 numericals in the URL [47]
o krb5: use nondeprecated functions [48]
o winbuild: prefer documented zlib library names [49]
o http2: mark the connection for close on GOAWAY [53]
o limit-rate: kick in even before "limit" data has been received [54]
o HTTP: allow "header;" to replace an internal header with a blank \
one [55]
o http2: verbose output new MAX_CONCURRENT_STREAMS values
o SECURITY: distros' max embargo time is 14 days
o curl tool: accept --compressed also if Brotli is enabled and zlib is not
o WolfSSL: adding TLSv1.3 [56]
o checksrc.pl: add -i and -m options
o CURLOPT_COOKIEFILE.3: "-" as file name means stdin
To generate a diff of this commit:
cvs rdiff -u -r1.193 -r1.194 pkgsrc/www/curl/Makefile
cvs rdiff -u -r1.67 -r1.68 pkgsrc/www/curl/PLIST
cvs rdiff -u -r1.141 -r1.142 pkgsrc/www/curl/distinfo
|
2018-01-24 20:43:13 by Benny Siegert | Files touched by this commit (4) | |
Log message:
Pullup ticket #5689 - requested by wiz
www/curl: security fix
Revisions pulled up:
- www/curl/Makefile 1.192
- www/curl/PLIST 1.67
- www/curl/distinfo 1.141
- www/curl/patches/patch-curl-config.in 1.8
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Jan 24 07:57:19 UTC 2018
Modified Files:
pkgsrc/www/curl: Makefile PLIST distinfo
pkgsrc/www/curl/patches: patch-curl-config.in
Log message:
curl: update to 7.58.0.
This release includes the following changes:
o new libssh-powered SSH SCP/SFTP back-end
o curl-config: add --ssl-backends [10]
This release includes the following bugfixes:
o http2: fix incorrect trailer buffer size [40]
o http: prevent custom Authorization headers in redirects [55]
o travis: add boringssl build [1]
o examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL [2]
o SSL: Avoid magic allocation of SSL backend specific data [3]
o lib: don't export all symbols, just everything curl_* [4]
o libssh2: send the correct CURLE error code on scp file not found
o libssh2: return CURLE_UPLOAD_FAILED on failure to upload
o openssl: enable pkcs12 in boringssl builds [5]
o libssh2: remove dead code from SSH_SFTP_QUOTE [6]
o sasl_getmesssage: make sure we have a long enough string to pass [7]
o conncache: fix several lock issues [8]
o threaded-shared-conn.c: new example
o conncache: only allow multiplexing within same multi handle [9]
o configure: check for netinet/in6.h [11]
o URL: tolerate backslash after drive letter for FILE: [12]
o openldap: add commented out debug possibilities [13]
o include: get netinet/in.h before linux/tcp.h [14]
o CONNECT: keep close connection flag in http_connect_state struct [15]
o BINDINGS: another PostgreSQL client
o curl: limit -# update frequency for unknown total size [16]
o configure: add AX_CODE_COVERAGE only if using gcc [17]
o curl.h: remove incorrect comment about ERRORBUFFER
o openssl: improve data-pending check for https proxy [18]
o curl: remove __EMX__ #ifdefs [19]
o CURLOPT_PRIVATE.3: fix grammar [20]
o sftp: allow quoted commands to use relative paths [21]
o CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE
o RESOLVE: output verbose text when trying to set a duplicate name
o openssl: Disable file buffering for Win32 SSLKEYLOGFILE [22]
o multi_done: prune DNS cache [23]
o tests: update .gitignore for libtests
o tests: mark data files as non-executable in git
o CURLOPT_DNS_LOCAL_IP4.3: fixed the "SEE ALSO" to not self-reference
o curl.1: documented two missing valid exit codes
o curl.1: mention http:// and https:// as valid proxy prefixes
o vtls: replaced getenv() with curl_getenv() [24]
o setopt: less *or equal* than INT_MAX/1000 should be fine [25]
o examples/smtp-mail.c: use separate defines for options and mail
o curl: support >256 bytes warning messsages [26]
o conncache: fix a return code
o krb5: fix a potential access of uninitialized memory
o rand: add a clang-analyzer work-around
o CURLOPT_READFUNCTION.3: refer to argument with correct name [27]
o brotli: allow compiling with version 0.6.0
o content_encoding: rework zlib_inflate [28]
o curl_easy_reset: release mime-related data [29]
o examples/rtsp: fix error handling macros [30]
o build-openssl.bat: Added support for VC15
o build-wolfssl.bat: Added support for VC15
o build: Added Visual Studio 2017 project files
o winbuild: Added support for VC15
o curl: Support size modifiers for --max-filesize [32]
o examples/cacertinmem: ignore cert-already-exists error [33]
o brotli: data at the end of content can be lost [34]
o curl_version_info.3: call the argument 'age' [35]
o openssl: fix memory leak of SSLKEYLOGFILE filename
o build: remove HAVE_LIMITS_H check [36]
o --mail-rcpt: fix short-text description
o scripts: allow all perl scripts to be run directly [37]
o progress: calculate transfer speed on milliseconds if possible [38]
o system.h: check __LONG_MAX__ for defining curl_off_t [31]
o easy: fix connection ownership in curl_easy_pause [39]
o setopt: reintroduce non-static Curl_vsetopt() for OS400 support [41]
o setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values [42]
o configure.ac: append extra linker flags instead of prepending them [43]
o HTTP: bail out on negative Content-Length: values [44]
o docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
o mime: clone mime tree upon easy handle duplication [45]
o openssl: enable SSLKEYLOGFILE support by default [46]
o smtp/pop3/imap_get_message: decrease the data length too... [47]
o CURLOPT_TCP_NODELAY.3: fix typo [48]
o SMB: fix numeric constant suffix and variable types [49]
o ftp-wildcard: fix matching an empty string with "*[^a]" [50]
o curl_fnmatch: only allow 5 '*' sections in a single pattern
o openssl: fix potential memory leak in SSLKEYLOGFILE logic
o SSH: Fix state machine for ssh-agent authentication [51]
o examples/url2file.c: add missing curl_global_cleanup() call [52]
o http2: don't close connection when single transfer is stopped [53]
o libcurl-env.3: first version
o curl: progress bar refresh, get width using ioctl() [54]
o CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support [56]
|