[blfs-book] [BLFS Trac] #7000: curl-7.45.0

Thu, 08 Oct 2015 07:54:07 -0700 

#7000: curl-7.45.0
-------------------------+-------------------------
 Reporter:  fo           |      Owner:  blfs-book@…
     Type:  enhancement  |     Status:  new
 Priority:  normal       |  Milestone:  7.9
Component:  BOOK         |    Version:  SVN
 Severity:  normal       |   Keywords:
-------------------------+-------------------------
 [http://curl.haxx.se/download/curl-7.45.0.tar.lzma]

 [http://curl.haxx.se/download/curl-7.45.0.tar.lzma.asc]

 [http://curl.haxx.se/docs/vuln-7.45.0.html]

 {{{
 curl 7.45.0 - Single version vulnerability summary

 curl version 7.45.0 was released on October 7 2015. The following 0
 security problems are known to exist in this version.

 Yay - there are no published security vulnerabilities for this version!
 }}}

 [http://curl.haxx.se/mail/archive-2015-08/0001.html]

 or

 [http://curl.haxx.se/changes.html#7_45_0]

 {{{
 curl-users

 [RELEASE] Curl and libcurl 7.45.0

 From: Daniel Stenberg <daniel_at_haxx.se>
 Date: Wed, 7 Oct 2015 10:28:31 +0200 (CEST)

 This release includes the following changes:

   o added CURLOPT_DEFAULT_PROTOCOL [6]
   o added new tool option --proto-default [6]
   o getinfo: added CURLINFO_ACTIVESOCKET
   o turned CURLINFO_* option docs as stand-alone man pages
   o curl: point out unnecessary uses of -X in verbose mode [17]

 This release includes the following bugfixes:

   o curl_global_init_mem.3: Stronger thread safety warning [1]
   o buildconf.bat: Fixed issues when ran in directories with special
     chars [2]
   o cmake: Fix CurlTests check for gethostbyname_r with 5 arguments
   o generate.bat: Fixed issues when ran in directories with special
     chars
   o generate.bat: Only call buildconf.bat if it exists
   o generate.bat: Added support for generating only the prerequisite
     files
   o curl.1: Document weaknesses in SSLv2 and SSLv3
   o CURLOPT_HTTP_VERSION.3: connection re-use goes before version
   o docs: Update the redirect protocols disabled by default
   o inet_pton.c: Fix MSVC run-time check failure
   o CURLMOPT_PUSHFUNCTION.3: fix argument types
   o rtsp: support basic/digest authentication
   o rtsp: stop reading empty DESCRIBE responses
   o travis: Upgrading to container based build [3]
   o travis.yml: Add OS X testbot
   o FTP: make state machine not get stuck in state
   o openssl: handle lack of server cert when strict checking disabled
     [4]
   o configure: change functions to detect openssl (clones) [5]
   o configure: detect latest boringssl [5]
   o runtests: Allow for spaces in server-verify curl custom path
   o http2: on_frame_recv: get a proper 'conn' for the debug logging
   o ntlm: mark deliberate switch case fall-through
   o http2: remove dead code
   o curl_easy_{escape,unescape}.3: "char *" vs. "const char *" [7]
   o curl: point out the conflicting HTTP methods if used
   o cmake: added Windows SSL support [8]
   o curl_easy_{escape,setopt}.3: fix example
   o curl_easy_escape.3: escape '\n' [9]
   o libcurl.m4: Put braces around empty if body [10]
   o buildconf.bat: Fixed double blank line in 'curl manual' warning
     output
   o sasl: Only define Curl_sasl_digest_get_pair() when CRYPTO_AUTH
     enabled
   o inet_pton.c: Fix MSVC run-time check failure
   o CURLOPT_FOLLOWLOCATION.3: mention methods for redirects
   o http2: don't pass on Connection: headers [11]
   o nss: do not directly access SSL_ImplementedCiphers [12]
   o docs: numerous cleanups and spelling fixes
   o FTP: do_more: add check for wait_data_conn in upload case [13]
   o parse_proxy: reject illegal port numbers [14]
   o cmake: IPv6 : disable Unix header check on Windows platform [15]
   o winbuild: run buildconf.bat if necessary
   o buildconf.bat: fix syntax error
   o curl_sspi: fix possibly undefined CRYPT_E_REVOKED [16]
   o nss: prevent NSS from incorrectly re-using a session [18]
   o libcurl-errors.3: add two missing error codes
   o openssl: fix build with < 0.9.8
   o openssl: refactor certificate parsing to use OpenSSL memory BIO [19]
   o openldap: only part of LDAP query results received [20]
   o ssl: add server cert's "sha256//" hash to verbose [21]
   o NTLM: Reset auth-done when using a fresh connection [22]
   o curl: generate easysrc only on --libcurl [23]
   o tests: disable 1801 until fixed [24]
   o CURLINFO_TLS_SESSION: always return backend info
   o gnutls: Support CURLOPT_KEYPASSWD
   o gnutls: Report actual GnuTLS error message for certificate errors
   o tests: disable 1510 due to CI-problems on github
   o cmake: Put "winsock2.h" before "windows.h" during configure checks
   o cmake: Ensure discovered include dirs are considered
   o configure: Add missing ')' for CURL_CHECK_OPTION_RT [25]
   o build: fix failures with -Wcast-align and -Werror [26]
   o FTP: fix uploading ASCII with unknown size
   o readwrite_data: set a max number of loops
   o http2: avoid superfluous Curl_expire() calls
   o http2: set TCP_NODELAY unconditionally [27]
   o docs: fix unescaped '\n' in man pages
   o openssl: Fix algorithm init to make (gost) engines work [28]
   o win32: make recent Borland compilers use long long
   o runtests: Fix pid check in checkdied
   o gopher: don't send NUL byte [29]
   o tool_setopt: fix c_escape truncated octal [30]
   o hiperfifo: fix the pointer passed to WRITEDATA [31]
   o getinfo: Fix return code for unknown CURLINFO options [32]


 References to bug reports and discussions on issues:

   [1] = http://curl.haxx.se/mail/lib-2015-08/0016.html
   [2] = https://github.com/bagder/curl/pull/379
   [3] = http://curl.haxx.se/bug/?i=388
   [4] = http://curl.haxx.se/bug/?i=392
   [5] =
 https://android.googlesource.com/platform/external/curl/+/f551028d5caab
 29d4b4a4ae8c159c76c3cfd4887%5E!/
   [6] = http://curl.haxx.se/bug/?i=351
   [7] = http://curl.haxx.se/bug/?i=395
   [8] = http://curl.haxx.se/bug/?i=399
   [9] = http://curl.haxx.se/bug/?i=398
   [10] = http://curl.haxx.se/bug/?i=402
   [11] = http://curl.haxx.se/bug/?i=401
   [12] =
 https://lists.fedoraproject.org/pipermail/devel/2015-September/214117.html
   [13] = http://curl.haxx.se/bug/?i=405
   [14] = http://curl.haxx.se/bug/?i=415
   [15] = http://curl.haxx.se/bug/?i=409
   [16] = http://curl.haxx.se/bug/?i=411
   [17] = http://daniel.haxx.se/blog/2015/09/11/unnecessary-use-of-curl-x/
   [18] = https://bugzilla.mozilla.org/1202264
   [19] = http://curl.haxx.se/bug/?i=427
   [20] = http://curl.haxx.se/bug/?i=440
   [21] = http://curl.haxx.se/bug/?i=410
   [22] = http://curl.haxx.se/bug/?i=435
   [23] = http://curl.haxx.se/bug/?i=429
   [24] = http://curl.haxx.se/bug/?i=380
   [25] = http://curl.haxx.se/bug/?i=456
   [26] = http://curl.haxx.se/bug/?i=457
   [27] = http://curl.haxx.se/mail/lib-2015-09/0097.html
   [28] = http://curl.haxx.se/bug/?i=447
   [29] = http://curl.haxx.se/bug/?i=466
   [30] = http://curl.haxx.se/bug/?i=469
   [31] = http://curl.haxx.se/bug/?i=471
   [32] = http://curl.haxx.se/bug/?i=468

 --
   / daniel.haxx.se
 }}}

--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/7000>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to