Log Message:
Pullup ticket #5689 - requested by wiz
www/curl: security fix

Revisions pulled up:
- www/curl/Makefile                                             1.192
- www/curl/PLIST                                                1.67
- www/curl/distinfo                                             1.141
- www/curl/patches/patch-curl-config.in                         1.8

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Jan 24 07:57:19 UTC 2018

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo
   	pkgsrc/www/curl/patches: patch-curl-config.in

   Log Message:
   curl: update to 7.58.0.

   This release includes the following changes:

    o new libssh-powered SSH SCP/SFTP back-end
    o curl-config: add --ssl-backends [10]

   This release includes the following bugfixes:

    o http2: fix incorrect trailer buffer size [40]
    o http: prevent custom Authorization headers in redirects [55]
    o travis: add boringssl build [1]
    o examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL [2]
    o SSL: Avoid magic allocation of SSL backend specific data [3]
    o lib: don't export all symbols, just everything curl_* [4]
    o libssh2: send the correct CURLE error code on scp file not found
    o libssh2: return CURLE_UPLOAD_FAILED on failure to upload
    o openssl: enable pkcs12 in boringssl builds [5]
    o libssh2: remove dead code from SSH_SFTP_QUOTE [6]
    o sasl_getmesssage: make sure we have a long enough string to pass [7]
    o conncache: fix several lock issues [8]
    o threaded-shared-conn.c: new example
    o conncache: only allow multiplexing within same multi handle [9]
    o configure: check for netinet/in6.h [11]
    o URL: tolerate backslash after drive letter for FILE: [12]
    o openldap: add commented out debug possibilities [13]
    o include: get netinet/in.h before linux/tcp.h [14]
    o CONNECT: keep close connection flag in http_connect_state struct [15]
    o BINDINGS: another PostgreSQL client
    o curl: limit -# update frequency for unknown total size [16]
    o configure: add AX_CODE_COVERAGE only if using gcc [17]
    o curl.h: remove incorrect comment about ERRORBUFFER
    o openssl: improve data-pending check for https proxy [18]
    o curl: remove __EMX__ #ifdefs [19]
    o CURLOPT_PRIVATE.3: fix grammar [20]
    o sftp: allow quoted commands to use relative paths [21]
    o CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE
    o RESOLVE: output verbose text when trying to set a duplicate name
    o openssl: Disable file buffering for Win32 SSLKEYLOGFILE [22]
    o multi_done: prune DNS cache [23]
    o tests: update .gitignore for libtests
    o tests: mark data files as non-executable in git
    o CURLOPT_DNS_LOCAL_IP4.3: fixed the "SEE ALSO" to not self-reference
    o curl.1: documented two missing valid exit codes
    o curl.1: mention http:// and https:// as valid proxy prefixes
    o vtls: replaced getenv() with curl_getenv() [24]
    o setopt: less *or equal* than INT_MAX/1000 should be fine [25]
    o examples/smtp-mail.c: use separate defines for options and mail
    o curl: support >256 bytes warning messsages [26]
    o conncache: fix a return code
    o krb5: fix a potential access of uninitialized memory
    o rand: add a clang-analyzer work-around
    o CURLOPT_READFUNCTION.3: refer to argument with correct name [27]
    o brotli: allow compiling with version 0.6.0
    o content_encoding: rework zlib_inflate [28]
    o curl_easy_reset: release mime-related data [29]
    o examples/rtsp: fix error handling macros [30]
    o build-openssl.bat: Added support for VC15
    o build-wolfssl.bat: Added support for VC15
    o build: Added Visual Studio 2017 project files
    o winbuild: Added support for VC15
    o curl: Support size modifiers for --max-filesize [32]
    o examples/cacertinmem: ignore cert-already-exists error [33]
    o brotli: data at the end of content can be lost [34]
    o curl_version_info.3: call the argument 'age' [35]
    o openssl: fix memory leak of SSLKEYLOGFILE filename
    o build: remove HAVE_LIMITS_H check [36]
    o --mail-rcpt: fix short-text description
    o scripts: allow all perl scripts to be run directly [37]
    o progress: calculate transfer speed on milliseconds if possible [38]
    o system.h: check __LONG_MAX__ for defining curl_off_t [31]
    o easy: fix connection ownership in curl_easy_pause [39]
    o setopt: reintroduce non-static Curl_vsetopt() for OS400 support [41]
    o setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values [42]
    o configure.ac: append extra linker flags instead of prepending them [43]
    o HTTP: bail out on negative Content-Length: values [44]
    o docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
    o mime: clone mime tree upon easy handle duplication [45]
    o openssl: enable SSLKEYLOGFILE support by default [46]
    o smtp/pop3/imap_get_message: decrease the data length too... [47]
    o CURLOPT_TCP_NODELAY.3: fix typo [48]
    o SMB: fix numeric constant suffix and variable types [49]
    o ftp-wildcard: fix matching an empty string with "*[^a]" [50]
    o curl_fnmatch: only allow 5 '*' sections in a single pattern
    o openssl: fix potential memory leak in SSLKEYLOGFILE logic
    o SSH: Fix state machine for ssh-agent authentication [51]
    o examples/url2file.c: add missing curl_global_cleanup() call [52]
    o http2: don't close connection when single transfer is stopped [53]
    o libcurl-env.3: first version
    o curl: progress bar refresh, get width using ioctl() [54]
    o CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support [56]