[blfs-book] [BLFS Trac] #6618: curl-7.43.0

Wed, 17 Jun 2015 04:30:05 -0700 

#6618: curl-7.43.0
-------------------------+-------------------------
 Reporter:  fo           |      Owner:  blfs-book@…
     Type:  enhancement  |     Status:  new
 Priority:  normal       |  Milestone:  7.8
Component:  BOOK         |    Version:  SVN
 Severity:  normal       |   Keywords:
-------------------------+-------------------------
 [http://curl.haxx.se/download/curl-7.43.0.tar.lzma]

 [http://curl.haxx.se/download/curl-7.43.0.tar.lzma.asc]

 [http://curl.haxx.se/docs/adv_20150617A.html] (CVE-2015-3236)

 [http://curl.haxx.se/docs/adv_20150617B.html] (CVE-2015-3237)

 [http://curl.haxx.se/changes.html#7_43_0]

 {{{
  Fixed in 7.43.0 - June 17 2015

 Changes:

    • Added CURLOPT_PROXY_SERVICE_NAME
    • Added CURLOPT_SERVICE_NAME
    • New curl option: --proxy-service-name
    • New curl option: --service-name
    • New curl option: --data-raw
    • Added CURLOPT_PIPEWAIT
    • Added support for multiplexing transfers using HTTP/2, enable this
      with the new CURLPIPE_MULTIPLEX bit for CURLMOPT_PIPELINING
    • HTTP/2: requires nghttp2 1.0.0 or later
    • scripts: add zsh.pl for generating zsh completion
    • curl.h: add CURL_HTTP_VERSION_2

 Bugfixes:

    • CVE-2015-3236: lingering HTTP credentials in connection re-use
    • CVE-2015-3237: SMB send off unrelated memory contents
    • nss: fix compilation failure with old versions of NSS
    • curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
    • schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error
    • Curl_ossl_init: load builtin modules
    • configure: follow-up fix for krb5-config
    • sasl_sspi: Populate domain from the realm in the challenge
    • netrc: support 'default' token
    • README: convert to UTF-8
    • cyassl: Implement public key pinning
    • nss: implement public key pinning for NSS backend
    • mingw build: add arch -m32/-m64 to LDFLAGS
    • schannel: Fix out of bounds array
    • configure: remove autogenerated files by autoconf
    • configure: remove --automake from libtoolize call
    • acinclude.m4: fix shell test for default CA cert bundle/path
    • schannel: fix regression in schannel_recv
    • openssl: skip trace outputs for ssl_ver == 0
    • gnutls: properly retrieve certificate status
    • netrc: Read in text mode when cygwin
    • winbuild: Document the option used to statically link the CRT
    • FTP: Make EPSV use the control IP address rather than the original
      host
    • FTP: fix dangling conn->ip_addr dereference on verbose EPSV
    • conncache: keep bundles on host+port bases, not only host names
    • runtests.pl: use 'h2c' now, no -14 anymore
    • curlver: introducing new version number (checking) macros
    • openssl: boringssl build brekage, use SSL_CTX_set_msg_callback
    • CURLOPT_POSTFIELDS.3: correct variable names
    • curl_easy_unescape.3: update RFC reference
    • gnutls: don't fail on non-fatal alerts during handshake
    • testcurl.pl: allow source to be in an arbitrary directory
    • CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy
    • SSPI-error: Change SEC_E_ILLEGAL_MESSAGE description
    • parse_proxy: switch off tunneling if non-HTTP proxy
    • share_init: fix OOM crash
    • perl: remove subdir, not touched in 9 years
    • CURLOPT_COOKIELIST.3: Add example
    • CURLOPT_COOKIE.3: Explain that the cookies won't be modified
    • CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain
    • FAQ: How do I port libcurl to my OS?
    • openssl: Use TLS_client_method for OpenSSL 1.1.0+
    • HTTP-NTLM: fail auth on connection close instead of looping
    • curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT
    • curl_getdate.3: update RFC reference
    • curl_multi_info_read.3: added example
    • curl_multi_perform.3: added example
    • curl_multi_timeout.3: added example
    • cookie: Stop exporting any-domain cookies
    • openssl: remove dummy callback use from SSL_CTX_set_verify()
    • openssl: remove SSL_get_session()-using code
    • openssl: removed USERDATA_IN_PWD_CALLBACK kludge
    • openssl: removed error string #ifdef
    • openssl: Fix verification of server-sent legacy intermediates
    • docs: man page indentation and syntax fixes
    • docs: Spelling fixes
    • fopen.c: fix a few compiler warnings
    • CURLOPT_OPENSOCKETFUNCTION: return error at once
    • schannel: Add support for optional client certificates
    • build: Properly detect OpenSSL 1.0.2 when using configure
    • urldata: store POST size in state.infilesize too
    • security:choose_mech remove dead code
    • rtsp_do: remove dead code
    • docs: many HTTP URIs changed to HTTPS
    • schannel: schannel_recv overhaul
 }}}

--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/6618>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to