diff options
author | spz <spz@pkgsrc.org> | 2014-03-30 12:57:54 +0000 |
---|---|---|
committer | spz <spz@pkgsrc.org> | 2014-03-30 12:57:54 +0000 |
commit | 291823a703bb90ccc09a8aa409491c859bf64866 (patch) | |
tree | 01689327c600b9de9865ae45d735f6304ac740a0 /www/curl | |
parent | 7d674ee42b66aaef5c1deaf75be09bed7f31ef6b (diff) | |
download | pkgsrc-291823a703bb90ccc09a8aa409491c859bf64866.tar.gz |
Upstream release notes:
Fixed in 7.36.0 - March 26 2014
Release contains security-related bug fixes
Changes:
ntlm: Added support for NTLMv2
tool: Added support for URL specific options
openssl: add ALPN support
gtls: add ALPN support
nss: add ALPN and NPN support
added CURLOPT_EXPECT_100_TIMEOUT_MS
tool: add --no-alpn and --no-npn
added CURLOPT_SSL_ENABLE_NPN and CURLOPT_SSL_ENABLE_ALPN
winssl: enable TLSv1.1 and TLSv1.2 by default
winssl: TLSv1.2 disables certificate signatures using MD5 hash
winssl: enable hostname verification of IP address using SAN or CN
darwinssl: Don't omit CN verification when an IP address is used
http2: build with current nghttp2 version
polarssl: dropped support for PolarSSL < 1.3.0
openssl: info message with SSL version used
Bugfixes:
SECURITY ADVISORY: wrong re-use of connections
SECURITY ADVISORY: IP address wildcard certificate validation
SECURITY ADVISORY: not verifying certs for TLS to IP address / Darwinssl
SECURITY ADVISORY: not verifying certs for TLS to IP address / Winssl
nss: allow to use ECC ciphers if NSS implements them
netrc: Fixed a memory leak in an OOM condition
ftp: fixed a memory leak on wildcard error path
pipeline: Fixed a NULL pointer dereference on OOM
nss: prefer highest available TLS version
100-continue: fix timeout condition
ssh: Fixed a NULL pointer dereference on OOM condition
formpost: use semicolon in multipart/mixaed
--help: add missing --tlsv1.x options
formdata: Fixed memory leak on OOM condition
ConnectionExists: reusing possible HTTP+NTLM connections better
mingw32: fix compilation
chunked decoder: track overflows correctly
curl_easy_setopt.3: add CURL_HTTP_VERSION_2_0
dict: fix memory leak in OOM exit path
valgrind: added suppression on optimized code
curl: output protocol headers using binary mode
tool: Added URL index to password prompt for multiple operations
ConnectionExists: re-use non-NTLM connections better
axtls: call ssl_read repeatedly
multi: make MAXCONNECTS default 4 x number of easy handles function
configure: Fix the --disable-crypto-auth option
multi: ignore SIGPIPE internally
curl.1: update the description of --tlsv1
SFTP: skip reading the dir when NOBODY=1
easy: Fixed a memory leak on OOM condition
tool: Fixed incorrect return code when setting HTTP request fails
configure: Tiny fix to honor POSIX
tool: Do not output libcurl source for the information only parameters
Rework Open Watcom make files to use standard Wmake features
x509asn: moved out Curl_verifyhost from NSS builds
configure: call it GSS-API
hostcheck: Curl_cert_hostcheck is not used by NSS builds
multi_runsingle: move timestamp into INIT
remote_port: allow connect to port 0
parse_remote_port: error out on illegal port numbers better
ssh: Pass errors from libssh2_sftp_read up the stack
docs: remove documentation on setting up krb4 support
polarssl: build fixes to work with PolarSSL 1.3.x
polarssl: fix possible handshake timeout issue in multi
nss: allow to enable/disable cipher-suites better
ssh: prevent a logic error that could result in an infinite loop
http2: free resources on disconnect
polarssl: avoid extra newlines in debug messages
rtsp: parse "Session:" header properly
trynextip: don't store 'ai' on failed connects
Curl_cert_hostcheck: strip trailing dots in host name and wildcard
Diffstat (limited to 'www/curl')
-rw-r--r-- | www/curl/Makefile | 5 | ||||
-rw-r--r-- | www/curl/distinfo | 12 | ||||
-rw-r--r-- | www/curl/patches/patch-aa | 39 | ||||
-rw-r--r-- | www/curl/patches/patch-curl-config.in | 4 |
4 files changed, 16 insertions, 44 deletions
diff --git a/www/curl/Makefile b/www/curl/Makefile index 92ff2a29bb4..c108c63d02f 100644 --- a/www/curl/Makefile +++ b/www/curl/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.135 2014/02/12 23:18:44 tron Exp $ +# $NetBSD: Makefile,v 1.136 2014/03/30 12:57:54 spz Exp $ -DISTNAME= curl-7.35.0 -PKGREVISION= 1 +DISTNAME= curl-7.36.0 CATEGORIES= www MASTER_SITES= http://curl.haxx.se/download/ \ ftp://ftp.sunet.se/pub/www/utilities/curl/ diff --git a/www/curl/distinfo b/www/curl/distinfo index 88441c6d30f..ce1c6d55a0b 100644 --- a/www/curl/distinfo +++ b/www/curl/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.92 2014/02/01 11:07:14 adam Exp $ +$NetBSD: distinfo,v 1.93 2014/03/30 12:57:54 spz Exp $ -SHA1 (curl-7.35.0.tar.bz2) = 14d1bca35f611112da0db098b0469efb4a60c8a9 -RMD160 (curl-7.35.0.tar.bz2) = 12844fdfa59538b4daa7d68a57e9d7d680473bf3 -Size (curl-7.35.0.tar.bz2) = 2781470 bytes -SHA1 (patch-aa) = 4d634a15504a4b5e046161feb8c83b357becf2f2 -SHA1 (patch-curl-config.in) = 0dd49de806865c19fbf766ad208f8f2495824442 +SHA1 (curl-7.36.0.tar.bz2) = c39b120585a8a8d64ef14459d6d5f22831d4a7c4 +RMD160 (curl-7.36.0.tar.bz2) = 864f0fe3a15f016cf79bf47172a2ae6a54e0cce4 +Size (curl-7.36.0.tar.bz2) = 2809266 bytes +SHA1 (patch-aa) = 41bbc1e6c17c8ff1bf826d7d8ccdaec9ad9e97ed +SHA1 (patch-curl-config.in) = fd87c97b601a6b9269f67fbc066604ee7e22570e diff --git a/www/curl/patches/patch-aa b/www/curl/patches/patch-aa index 4016a8621c5..fbc989d7106 100644 --- a/www/curl/patches/patch-aa +++ b/www/curl/patches/patch-aa @@ -1,9 +1,9 @@ -$NetBSD: patch-aa,v 1.25 2014/02/01 11:07:14 adam Exp $ +$NetBSD: patch-aa,v 1.26 2014/03/30 12:57:54 spz Exp $ builtin krb5-config in platforms such as solaris do not support the gssapi option, and need an explicit -lgss ---- configure.orig 2014-01-29 06:54:45.000000000 +0000 +--- configure.orig 2014-03-25 10:29:28.000000000 +0000 +++ configure @@ -3641,6 +3641,7 @@ $as_echo "$as_me: $xc_bad_var_msg librar ;; @@ -13,7 +13,7 @@ the gssapi option, and need an explicit -lgss if test $xc_bad_var_cflags = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: using CFLAGS: $CFLAGS" >&5 $as_echo "$as_me: using CFLAGS: $CFLAGS" >&6;} -@@ -16619,7 +16620,7 @@ squeeze() { +@@ -16620,7 +16621,7 @@ squeeze() { # @@ -22,7 +22,7 @@ the gssapi option, and need an explicit -lgss # if test "$compiler_id" = "GNU_C" || test "$compiler_id" = "CLANG"; then -@@ -21078,7 +21079,12 @@ $as_echo "yes" >&6; } +@@ -21079,7 +21080,12 @@ $as_echo "yes" >&6; } if test -z "$GSSAPI_INCS"; then if test -f "$GSSAPI_ROOT/bin/krb5-config"; then @@ -36,7 +36,7 @@ the gssapi option, and need an explicit -lgss elif test "$GSSAPI_ROOT" != "yes"; then GSSAPI_INCS="-I$GSSAPI_ROOT/include" fi -@@ -21226,13 +21232,18 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd +@@ -21227,13 +21233,18 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd ;; *) if test -f "$GSSAPI_ROOT/bin/krb5-config"; then @@ -58,7 +58,7 @@ the gssapi option, and need an explicit -lgss fi ;; esac -@@ -21243,7 +21254,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd +@@ -21244,7 +21255,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd LIBS="-lgss $LIBS" ;; *) @@ -67,30 +67,3 @@ the gssapi option, and need an explicit -lgss ;; esac fi -@@ -24834,19 +24845,19 @@ $as_echo "$as_me: WARNING: You need an l - $as_echo "yes" >&6; } - if test "x$OPENSSL_ENABLED" = "x1"; then - versioned_symbols_flavour="OPENSSL_" -- elif test "x$GNUTLS_ENABLED" == "x1"; then -+ elif test "x$GNUTLS_ENABLED" = "x1"; then - versioned_symbols_flavour="GNUTLS_" -- elif test "x$NSS_ENABLED" == "x1"; then -+ elif test "x$NSS_ENABLED" = "x1"; then - versioned_symbols_flavour="NSS_" -- elif test "x$POLARSSL_ENABLED" == "x1"; then -+ elif test "x$POLARSSL_ENABLED" = "x1"; then - versioned_symbols_flavour="POLARSSL_" -- elif test "x$CYASSL_ENABLED" == "x1"; then -+ elif test "x$CYASSL_ENABLED" = "x1"; then - versioned_symbols_flavour="CYASSL_" -- elif test "x$AXTLS_ENABLED" == "x1"; then -+ elif test "x$AXTLS_ENABLED" = "x1"; then - versioned_symbols_flavour="AXTLS_" -- elif test "x$WINSSL_ENABLED" == "x1"; then -+ elif test "x$WINSSL_ENABLED" = "x1"; then - versioned_symbols_flavour="WINSSL_" -- elif test "x$DARWINSSL_ENABLED" == "x1"; then -+ elif test "x$DARWINSSL_ENABLED" = "x1"; then - versioned_symbols_flavour="DARWINSSL_" - else - versioned_symbols_flavour="" diff --git a/www/curl/patches/patch-curl-config.in b/www/curl/patches/patch-curl-config.in index e7712e879a7..ccf58619a08 100644 --- a/www/curl/patches/patch-curl-config.in +++ b/www/curl/patches/patch-curl-config.in @@ -1,8 +1,8 @@ -$NetBSD: patch-curl-config.in,v 1.3 2013/06/29 19:24:57 spz Exp $ +$NetBSD: patch-curl-config.in,v 1.4 2014/03/30 12:57:54 spz Exp $ - make "curl-config --libs" return proper ldflags for shared libraries ---- curl-config.in.orig 2013-06-21 22:29:04.000000000 +0000 +--- curl-config.in.orig 2014-01-05 22:07:54.000000000 +0000 +++ curl-config.in @@ -148,9 +148,9 @@ while test $# -gt 0; do CURLLIBDIR="" |