Log message:
*: recursive bump for default Kerberos implementation switch

Log message:
*: recursive bump for icu 77 and libxml2 2.14

Log message:
curl libcurl-gnutls: updated to 8.13.0

Changes 8.13.0:

curl: add write-out variable 'tls_earlydata'
curl: make --url support a file with URLs
gnutls: set priority via --ciphers
IMAP: add CURLOPT_UPLOAD_FLAGS and --upload-flags
lib: add CURLFOLLOW_OBEYCODE and CURLFOLLOW_FIRSTONLY
OpenSSL/quictls: add support for TLSv1.3 early data
rustls: add support for CERTINFO
rustls: add support for SSLKEYLOGFILE
rustls: support ECH w/ DoH lookup for config
rustls: support native platform verifier
var: add a '64dec' function that can base64 decode a string
wolfssl: tls early data support
bugfixes

Log message:
curl: updated to 8.12.1

8.12.1

Bugfixes:

all: remove FIXME and TODO comments
asyn-thread: fix build with `CURL_DISABLE_SOCKETPAIR`
asyn-thread: fix HTTPS RR crash
asyn-thread: fix the returned bitmask from Curl_resolver_getsock
asyn-thread: survive a c-ares channel set to NULL
build: add tool_hugehelp.c into IBMi build
checksrc.pl: warn on FIXME/TODO comments
cmake/Find: set `<Modulename>_FOUND` for compatibility when found via \ 
`pkg-config`
cmake: add integration tests, run them in CI
cmake: always reference OpenSSL and ZLIB via imported targets
cmake: avoid unnecessary `-L` for implicit link dirs
cmake: drop `LDAP_DEPRECATED=1` macro, to sync with autotools
cmake: fix `HAVE_GETHOSTBYNAME_R_*` detections with `CURL_WERROR=ON`
cmake: fix to detect `HAVE_OPENSSL_SRP` in MSVC UWP builds
cmake: fix/add missing feature detections for Windows/MS-DOS
cmake: initialize variables where missing
cmake: lib order fixes for picky linkers (e.g. binutils `ld`)
cmake: normalize before matching paths with syspaths
cmake: respect `GNUTLS_CFLAGS` when detected via `pkg-config`
cmake: respect `GNUTLS_LIBRARY_DIRS` in `libcurl.pc` and `curl-config`
cmake: save a line with `CMAKE_C_IMPLICIT_LINK_DIRECTORIES` exclusion
cmake: tidy up string append and list prepend syntax
configure/cmake: check for realpath
configure/cmake: set asyn-rr a feature only if httpsrr is enabled
content_encoding: #error on too old zlib
curl_global_sslset.md: Add SSL backend names
CURLOPT_SSH_KNOWNHOSTS.md: strongly recommend using this
CURLSHOPT_SHARE.md: adjust for the new SSL session cache
docs: better explain multi-part byte range behavior
docs: use valid example domain names
generate.bat: remove curl_get_line.c from the curlx file list
header.md: mention `Authorization:` and `Cookie:` special treatment
imap: TLS upgrade fix
INTERNALS: fix c-ares, as we actually support 1.6.0 or later
ldap: drop support for legacy Novell LDAP SDK
lib: include necessary headers for `inet_ntop`/`inet_pton`
lib: silence LibreSSL collision warning on non-MSVC Windows
libssh2: comparison is always true because rc <= -1
libssh2: raise lowest supported version to 1.2.8
libssh: drop support for libssh older than 0.9.0
libssh: silence `-Wconversion` with a cast (Windows 32-bit)
netrc: return code cleanup, fix missing file error
openssl-quic: ignore ciphers for h3
openssl: fix out of scope variables in goto
pop3: TLS upgrade fix
runtests: fix the disabling of the memory tracking
runtests: quote commands to support paths with spaces
scache: add magic checks
smb: silence `-Warray-bounds` with gcc 13+
smtp: TLS upgrade fix
SPONSORS.md: clarify that we don't promise goods or services
test1516: avoid failure due to spaces in path
test2080: simplify, avoid the null byte
tests: fix test 558, 1330 for MSVC, allow TrackMemory with MSVC in cmake
tidy-up: make per-file `ARRAYSIZE` macros global as `CURL_ARRAYSIZE`
tool_cfgable: sort struct fields by size, use bitfields for booleans
tool_getparam: add "TLS required" flag for each such option
tool_progress: fix percent output of large parallel transfers
tool_ssls: switch to tool-specific get_line function
verbose.md: mention how carriage-return might occur in headers
vquic: make the "disable GSO" use infof, not failf
vtls: fix multissl-init
vtsl: eliminate 'data->state.ssl_scache'
wakeup_write: make sure the eventfd write sends eight bytes
wolfssl: silence compiler warning (MSVC 2019), simplify existing

Log message:
don't add unknown configure option for libiconv in a few packages

Log message:
curl: do not leak build LDFLAGS into curl-config

Just do what the patch originally intended to do -- add the necessary
rpath flag to the --libs output.

Bump PKGREVISION.

Ok leot@

Log message:
curl: update to 8.12.0.

curl and libcurl 8.12.0

 Public curl releases:         264
 Command line options:         267
 curl_easy_setopt() options:   306
 Public functions in libcurl:  96
 Contributors:                 3332

This release includes the following changes:

 o curl: add byte range support to --variable reading from file [56]
 o curl: make --etag-save acknowledge --create-dirs [31]
 o getinfo: fix CURLINFO_QUEUE_TIME_T and add 'time_queue' var [55]
 o getinfo: provide info which auth was used for HTTP and proxy [40]
 o hyper: drop support [57]
 o openssl: add support to use keys and certificates from PKCS#11 provider [77]
 o QUIC: 0RTT for gnutls via CURLSSLOPT_EARLYDATA [61]
 o vtls: feature ssls-export for SSL session im-/export [141]

This release includes the following bugfixes:

 o altsvc: avoid integer overflow in expire calculation [16]
 o altsvc: return error on dot-only name [178]
 o android: add CI jobs, buildinfo, cmake docs, disable `CURL_USE_PKGCONFIG` by \ 
default [185]
 o asyn-ares: acknowledge CURLOPT_DNS_SERVERS set to NULL [190]
 o asyn-ares: fix memory leak [233]
 o asyn-ares: initial HTTPS resolve support [166]
 o asyn-thread: use c-ares to resolve HTTPS RR [205]
 o async-thread: avoid closing eventfd twice [9]
 o autotools: add support for mingw UWP builds [192]
 o autotools: silence gcc warnings in libtool code [96]
 o binmode: convert to macro and use it from tests [44]
 o build: delete `-Wsign-conversion` related FIXMEs [137]
 o build: drop `-Winline` picky warning [53]
 o build: drop `tool_hugehelp.c.cvs`, tidy up macros, drop `buildconf.bat` [200]
 o build: drop macro used to enable `-Wsign-conversion` warnings in CI [224]
 o build: drop unused feature macros, update exception list [51]
 o build: fix `-Wtrampolines` picky warning for gcc 4.x versions [156]
 o build: fix compiling with GCC 4.x versions [214]
 o build: fix the tidy targets for autotools [52]
 o build: fix unsigned `time_t` detection for cmake, MS-DOS, AmigaOS [104]
 o build: replace configure check with PP condition (Android <21) [97]
 o build: stop detecting `sched_yield()` on Windows [176]
 o c-ares: fix/tidy-up macro initializations, avoid a deprecated function [209]
 o cd2nroff: do not insist on quoted <> within backticks [222]
 o cd2nroff: support "none" as a TLS backend [29]
 o cf-https-connect: look into httpsrr alpns when available [152]
 o cf-socket: error if address can't be copied [72]
 o cfilters: kill connection filter events attach+detach [217]
 o checksrc.bat: remove explicit SNPRINTF bypass [174]
 o checksrc: ban use of sscanf() [7]
 o checksrc: check for return with parens around a value/name [130]
 o checksrc: exclude generated bundle files to avoid race condition [235]
 o checksrc: fix the return() checker [35]
 o checksrc: introduce 'banfunc' to ban specific functions [117]
 o cmake/Find: add `iphlpapi` for c-ares, omit syslibs if dep not found [203]
 o cmake/FindLDAP: avoid empty 'Requires' item when omitting `pkg-config` module [90]
 o cmake/FindLDAP: avoid framework locations for libs too (Apple) [122]
 o cmake/FindLibpsl: protect against `pkg-config` "half-detection" [89]
 o cmake/FindLibssh: sync header comment with other modules
 o cmake/FindMbedTLS: drop lib duplicates early [17]
 o cmake: add `librtmp` Find module [86]
 o cmake: add LDAP Find module [46]
 o cmake: add native `pkg-config` detection for remaining Find modules [37]
 o cmake: allow `CURL_LTO` regardless of `CURL_BUILD_TYPE`, enable in CI [88]
 o cmake: clang-cl improvements [42]
 o cmake: delete accidental debug message
 o cmake: deprecate winbuild, add migration guide from legacy build methods [157]
 o cmake: detect mingw-w64 version, pre-fill `HAVE_STRTOK_R` [179]
 o cmake: do not store `MINGW64_VERSION` in cache [175]
 o cmake: drop `CURL_USE_PKGCONFIG` from `curl-config.cmake.in` [208]
 o cmake: drop `fseeko()` pre-fill and check for Windows [201]
 o cmake: drop duplicate Windows cache value [81]
 o cmake: drop redundant FOUND checks (libgsasl, libssh, libuv) [49]
 o cmake: drop redundant opening/closing `.*` from `MATCH` expressions [64]
 o cmake: drop unused `HAVE_SYS_XATTR_H` detection [79]
 o cmake: drop VS2010 "Dialog Hell" workaround added in 2013 [136]
 o cmake: extend zlib's `AUTO` option to brotli, zstd and enable if found [36]
 o cmake: fix `net/in.h` detection for MS-DOS [103]
 o cmake: improve `curl_dumpvars()` and move to `Utilities.cmake` [50]
 o cmake: make libpsl required by default [45]
 o cmake: make system libraries `dl`, `m`, `pthread` customizable [123]
 o cmake: move `pkg-config` names to Find modules [87]
 o cmake: move GSS init before feature detections [93]
 o cmake: move mingw UWP workaround from GHA to `CMakeLists.txt` [194]
 o cmake: namespace functions and macros [41]
 o cmake: optimize out 4 picky warning option detections with gcc [78]
 o cmake: pick a better IPv6 feature flag when assembling the feature list [132]
 o cmake: pre-fill `HAVE_STDATOMIC_H`, `HAVE_ATOMIC` for mingw-w64 [180]
 o cmake: pre-fill `HAVE_STDINT_H` on Windows [149]
 o cmake: prefer dash-style MSVC options [216]
 o cmake: publish/check supported protocols/features via `CURLConfig.cmake` [100]
 o cmake: replace `unset(VAR)` with `set(VAR "")` for init [43]
 o cmake: sync OpenSSL QUIC fork detection with autotools [102]
 o cmake: use `CMAKE_REQUIRED_LINK_DIRECTORIES` [48]
 o cmake: use `STREQUAL` to detect Linux [68]
 o cmake: warn for OpenSSL versions missing TLS 1.3 support [221]
 o cmdline-opts/version.md: describe multissl, mention SSLS-EXPORT [170]
 o completion.pl: add completion for paths after @ for fish [82]
 o config-mac: drop `MACOS_SSL_SUPPORT` macro [63]
 o config: drop unused code and variables [135]
 o configure: do not inline 'dnl' comments
 o configure: drop unused detections and macros [105]
 o configure: streamline Windows large file feature check [138]
 o configure: UWP and Android follow-up fixes [184]
 o conncache: count shutdowns against host and max limits [154]
 o conncache: result_cb comment removed from function docs [1]
 o content_encoding: drop support for zlib before 1.2.0.4 [211]
 o content_encoding: namespace GZIP flag constants [147]
 o content_encoding: put the decomp buffers into the writer structs [210]
 o content_encoding: support use of custom libzstd memory functions [186]
 o cookie: cap expire times to 400 days [111]
 o cookie: fix crash in netscape cookie parsing [84]
 o cookie: parse only the exact expire date [3]
 o curl-functions.m4: fix indentation in `CURL_SIZEOF()` [131]
 o curl: return error if etag options are used with multiple URLs [5]
 o curl_multi_fdset: include the shutdown connections in the set [168]
 o curl_multi_waitfds.md: tidy up the example [162]
 o curl_multibyte: support Windows paths longer than MAX_PATH [76]
 o curl_setup: fix missing `ADDRESS_FAMILY` type in rare build cases [144]
 o curl_sha512_256: rename symbols to the curl namespace [124]
 o curl_url_set.md: adjust the added-in to 7.62.0 [94]
 o curl_ws_recv.md: fix typo
 o CURLOPT_CONNECT_ONLY.md: an easy handle with this option set cannot be reused \ 
[164]
 o CURLOPT_PROXY.md: clarify the crendential support in proxy URLs [66]
 o CURLOPT_RESOLVE.md: fix wording [30]
 o CURLOPT_SEEKFUNCTION.md: used for FTP, HTTP and SFTP (only) [109]
 o docs/BUGS.md: remove leading space from a link
 o docs/cmdline-opts/_ENVIRONMENT.md: minor language fix [119]
 o docs/cmdline-opts/location.md: fix typos for location flag [226]
 o docs/HTTP-COOKIES.md: link to more information [125]
 o docs/HTTPSRR.md: initial HTTPS RR documentation [204]
 o docs/libcurl/opts: clarify the return values [114]
 o docs/libcurl: return value overhall [120]
 o docs/TLS-SESSIONS: fix typo, the->they [189]
 o docs: document the behavior of -- in the curl command line [198]
 o docs: use lowercase curl and libcurl [113]
 o doh: cleanups and extended HTTPS RR code [161]
 o doh: send HTTPS RR requests for all HTTP(S) transfers [160]
 o easy: allow connect-only handle reuse with easy_perform [232]
 o easy: make curl_easy_perform() return error if connection still there [163]
 o easy_lock: use Sleep(1) for thread yield on old Windows [191]
 o ECH: update APIs to those agreed with OpenSSL maintainers [101]
 o examples/block-ip: drop redundant `memory.h` include
 o examples/block-ip: show how to block IP addresses [74]
 o examples/complicated: fix warnings, bump deprecated callback, tidy up [59]
 o examples/synctime.c: remove references to dead URLs and functionality [62]
 o examples: make them compile with compatibility functions disabled (Windows) [58]
 o examples: use return according to code style
 o file: drop `OPEN_NEEDS_ARG3` option [91]
 o file: fix Android compiler warning [85]
 o gitignore: add generated unity sources for lib and src
 o GnuTLS: fix 'time_appconnect' for early data [127]
 o hash: add asserts in hash_element_dtor() [126]
 o HTTP/2: strip TE request header [140]
 o http2: fix data_pending check [241]
 o http2: fix value stored to 'result' is never read [71]
 o http: fix build with `CURL_DISABLE_COOKIES` [95]
 o http: ignore invalid Retry-After times [107]
 o http_aws_sigv4: Fix invalid compare function handling zero-length pairs [24]
 o https-connect: start next immediately on failure [223]
 o INFRASTRUCTURE.md: project infra [99]
 o INSTALL-CMAKE.md: fix punctuation
 o INSTALL.md: add CMake examples for macOS and iOS [242]
 o INSTALL.md: document VS2008 and mingw-w64 [165]
 o INTERNALS.md: sync wolfSSL version requirement with source code
 o lib517: extend the getdate test with quotes and leading "junk" [4]
 o lib: clarify 'conn->httpversion' [213]
 o lib: redirect handling by protocol handler [212]
 o lib: remove `__EMX__` guards [83]
 o lib: replace `inline` redefine with `CURL_INLINE` macro [47]
 o lib: supress deprecation warnings in apple builds [32]
 o lib: TLS session ticket caching reworked [60]
 o libcurl/opts: do not save files in dirs where attackers have access [199]
 o Makefile.dist: delete [237]
 o Makefile.mk: drop in favour of autotools and cmake (MS-DOS, AmigaOS3) [38]
 o mbedtls: fix handling of blocked sends [116]
 o mbedtls: PSA can be used independently of TLS 1.3 (avoid runtime errors) [219]
 o mime: explicitly rewind subparts at attachment time. [80]
 o mprintf: fix integer handling in float precision [173]
 o mprintf: terminate snprintf output on windows [172]
 o msvc: add missing push/pop for warning pragmas [236]
 o msvc: assume `_INTEGRAL_MAX_BITS >= 64` [158]
 o msvc: drop checks for ancient versions [133]
 o msvc: fix building with `HAVE_INET_NTOP` and MSVC <=1900 [151]
 o msvc: require VS2005 for large file support [143]
 o msvc: tidy up `_CRT_*_NO_DEPRECATE` definitions [148]
 o multi: fix curl_multi_waitfds reporting of fd_count [73]
 o multi: fix return code for an already-removed easy handle [106]
 o multihandle: add an ssl_scache here [129]
 o multissl: auto-enable `OPENSSL_COEXIST` for wolfSSL + OpenSSL [92]
 o multissl: make openssl + wolfssl builds work [34]
 o netrc: 'default' with no credentials is not a match [108]
 o netrc: fix password-only entries [28]
 o netrc: restore _netrc fallback logic [6]
 o ngtcp2: fix memory leak on connect failure [225]
 o ngtcp2: fix two cases of value stored never read [65]
 o openssl: define `HAVE_KEYLOG_CALLBACK` before use [227]
 o openssl: drop unused `HAVE_SSL_GET_SHUTDOWN` macro [228]
 o openssl: fix ECH logic [67]
 o osslq: use SSL_poll to determine writeability of QUIC streams [139]
 o projects/Windows: remove wolfSSL from legacy projects [75]
 o projects: fix `INSTALL-CMAKE.md` references
 o pytest: remove 'repeat' parameter [182]
 o pytest: use httpd/apache2 directly, no apachectl [169]
 o RELEASE-PROCEDURE.md: mention how to publish security advisories [2]
 o runtests.pl: fix precedence issue [207]
 o scripts/mdlinkcheck: markdown link checker [19]
 o sectransp: free certificate on error [12]
 o select: avoid a NULL deref in cwfds_add_sock [128]
 o smb: fix compiler warning [112]
 o src: add `CURL_STRICMP()` macro, use `_stricmp()` on Windows [54]
 o src: drop support for `CURL_TESTDIR` debug env [121]
 o src: omit hugehelp and ca-embed from libcurltool [215]
 o ssl session cache: change cache dimensions [159]
 o strparse: string parsing helper functions [8]
 o symbols-in-versions: update version for LIBCURL_VERSION and \ 
LIBCURL_VERSION_NUM [193]
 o system.h: add 64-bit curl_off_t definitions for NonStop [11]
 o system.h: drop compilers lacking 64-bit integer type (Windows/MS-DOS) [155]
 o system.h: drop duplicate and no-op code [153]
 o system.h: fix indentation [142]
 o telnet: handle single-byte input option [177]
 o test1960: don't close the socket too early [220]
 o test483: require cookie support [98]
 o tests/http/clients: use proper sleep() call on NonStop [10]
 o tests: change the behavior of swsbounce [202]
 o tests: stop promoting perl warnings to fatal errors
 o TheArtOfHttpScripting.md: rewrite double 'that' [115]
 o tidy-up: `curl_setup.h`, `curl_setup_once.h`, `config-win32ce.h` [146]
 o tidy-up: drop parenthesis around `return` expression [167]
 o tidy-up: drop parenthesis around `return` values [134]
 o tidy-up: extend `CURL_O_BINARY` to lib and tests [195]
 o TLS: check connection for SSL use, not handler [181]
 o tool_formparse.c: make curlx_uztoso a static in here [39]
 o tool_formparse: accept digits in --form type= strings [33]
 o tool_getparam: ECH param parsing refix [150]
 o tool_getparam: fail --hostpubsha256 if libssh2 is not used [229]
 o tool_getparam: fix "Ignored Return Value" [21]
 o tool_getparam: fix memory leak on error in parse_ech [14]
 o tool_getparam: fix the ECH parser [20]
 o tool_operate: make --etag-compare always accept a non-existing file [22]
 o transfer: fix CURLOPT_CURLU override logic [171]
 o urlapi: fix redirect to a new fragment or query (only) [118]
 o urldata: tweak the UserDefined struct [240]
 o variable.md: mention --expand-variable for variables to variables [13]
 o variable.md: show function use with examples [18]
 o version: fix the IDN feature for winidn and appleidn [187]
 o vquic: fix 4th function call argument is an uninitialized value [70]
 o vquic: make vquic_send_packets not return without setting psent [69]
 o vtls: fix default SSL backend as a fallback [231]
 o vtls: only remember the expiry timestamp in session cache [110]
 o vtls: remove 'detach/attach' functions from TLS handler struct [25]
 o vtls: remove unusued 'check_cxn' from TLS handler struct [26]
 o vtls: replace "none"-functions with NULL pointers [27]
 o VULN-DISCLOSURE-POLICY.md: mention the not setting CVSS [23]
 o VULN-DISCLOSURE-POLICY: on legacy dependencies [239]
 o websocket: fix message send corruption [188]
 o windows: drop dupe macros, detect `CURL_OS` for WinCE ARM, indentation [183]
 o windows: drop redundant `USE_WIN32_SMALL_FILES` macro [145]
 o windows: drop two missed `buildconf.bat` references
 o windows: merge `config-win32ce.h` into `config-win32.h` [196]
 o ws-docs: extend WebSocket documentation [206]
 o ws-docs: remove the outdated texts saying ws support is experimental [15]
 o ws: reject frames with unknown reserved bits set [230]
 o x509asn1: add parse recursion limit [197]

Log message:
www/curl: Bump PKGREVISON for libcurl.pc change for NetBSD