www/curl: security fix Revisions pulled up: - www/curl/Makefile 1.180 - www/curl/PLIST 1.63 - www/curl/distinfo 1.130-1.131 - www/curl/patches/patch-src_Makefile.in 1.1 --- Module Name: pkgsrc Committed By: wiz Date: Wed Apr 19 10:28:07 UTC 2017 Modified Files: pkgsrc/www/curl: Makefile PLIST distinfo Log Message: Updated curl to 7.54.0. Curl and libcurl 7.54.0 Public curl releases: 165 Command line options: 207 curl_easy_setopt() options: 245 Public functions in libcurl: 61 Contributors: 1538 This release includes the following changes: o Add CURL_SSLVERSION_MAX_* constants to CURLOPT_SSLVERSION [19] o Add --max-tls [19] o Add CURLOPT_SUPPRESS_CONNECT_HEADERS [24] o Add --suppress-connect-headers [24] This release includes the following bugfixes: o CVE-2017-7468: switch off SSL session id when client cert is used [68] o cmake: Replace invalid UTF-8 byte sequence [1] o tests: use consistent environment variables for setting charset o proxy: fixed a memory leak on OOM o ftp: removed an erroneous free in an OOM path o docs: de-duplicate file lists in the Makefiles [2] o ftp: fixed a NULL pointer dereference on OOM o gopher: fixed detection of an error condition from Curl_urldecode o url: fix unix-socket support for proxy-disabled builds [3] o test1139: allow for the possibility that the man page is not rebuilt o cyassl: get library version string at runtime o digest_sspi: fix compilation warning o tests: enable HTTP/2 tests to run with non-default port numbers o warnless: suppress compiler warning o darwinssl: Warn that disabling host verify also disables SNI [4] o configure: fix for --enable-pthreads [5] o checksrc.bat: Ignore curl_config.h.in, curl_config.h o no-keepalive.d: fix typo [6] o configure: fix --with-zlib when a path is specified [7] o build: fix gcc7 implicit fallthrough warnings [8] o fix potential use of uninitialized variables [9] o CURLOPT_SSL_CTX_FUNCTION.3: Fix EXAMPLE formatting errors [10] o CMake: Reorganize SSL support, separate WinSSL and SSPI [11] o CMake: Add DarwinSSL support [12] o CMake: Add mbedTLS support [13] o ares: return error at once if timed out before name resolve starts [14] o BINDINGS: added C++, perl, go and Scilab bindings o URL: return error on malformed URLs with junk after port number o KNOWN_BUGS: Add DarwinSSL won't import PKCS#12 without a password [15] o http2: Fix assertion error on redirect with CL=0 [16] o updatemanpages.pl: Update man pages to use current date and versions [17] o --insecure: clarify that this option is for server connections [18] o mkhelp: simplified the gzip code o build: fixed making man page in out-of-tree tarball builds o tests: disabled 1903 due to flakiness o openssl: add two /* FALLTHROUGH */ to satisfy coverity o cmdline-opts: fixed a few typos o authneg: clear auth.multi flag at http_done [20] o curl_easy_reset: Also reset the authentication state [21] o proxy: skip SSL initialization for closed connections [22] o http_proxy: ignore TE and CL in CONNECT 2xx responses [23] o tool_writeout: fixed a buffer read overrun on --write-out o make: regenerate docs/curl.1 by running make in docs [25] o winbuild: add basic support for OpenSSL 1.1.x [26] o build: removed redundant DEPENDENCIES from makefiles o CURLINFO_LOCAL_PORT.3: added example o curl: show HTTPS-Proxy options on CURLE_SSL_CACERT [27] o tests: strip more options from non-HTTP --libcurl tests o tests: fixed the documented test server port numbers o runtests.pl: fixed display of the Gopher IPv6 port number o multi: fix streamclose() crash in debug mode [28] o cmake: build manual pages [29] o cmake: add support for building HTML and PDF docs [30] o mbedtls: add support for CURLOPT_SSL_CTX_FUNCTION [31] o make: introduce 'test-nonflaky' target o CURLINFO_PRIMARY_IP.3: add example o tests/README: mention nroff for --manual tests [32] o mkhelp: disable compression if the perl gzip module is unavailable o openssl: fall back on SSL_ERROR_* string when no error detail [33] o asiohiper: make sure socket is open in event_cb [34] o tests/README: make "Run" section foolproof [35] o curl: check for end of input in writeout backslash handling o .gitattributes: turn off CRLF for *.am [36] o multi: fix MinGW-w64 compiler warnings o schannel: fix variable shadowing warning o openssl: exclude DSA code when OPENSSL_NO_DSA is defined [37] o http: Fix proxy connection reuse with basic-auth [38] o pause: handle mixed types of data when paused [39] o http: do not treat FTPS over CONNECT as HTTPS o conncache: make hashkey avoid malloc [40] o make: use the variable MAKE for recursive calls [41] o curl: fix callback argument inconsistency [42] o NTLM: check for features with #ifdef instead of #if [43] o cmake: add several missing files to the dist o select: use correct SIZEOF_ constant [44] o connect: fix unreferenced parameter warning o schannel: fix unused variable warning o gcc7: fix * in boolean context [45] o http2: silence unused parameter warnings o ssh: fix narrowing conversion warning o telnet: (win32) fix read callback return variable [46] o docs: Explain --fail-early does not imply --fail [47] o docs: added examples for CURLINFO_FILETIME.3 and CURLOPT_FILETIME.3 o tests/server/util: remove in6addr_any for recent MinGW [48] o multi: make curl_multi_wait avoid malloc in the typical case [49] o include: curl/system.h is a run-time version of curlbuild.h [50] o easy: silence compiler warning o llist: replace Curl_llist_alloc with Curl_llist_init [51] o hash: move key into hash struct to reduce mallocs [52] o url: don't free postponed data on connection reuse [53] o curl_sasl: declare mechtable static o curl: fix Windows Unicode build o multi: fix queueing of pending easy handles [54] o tool_operate: fix MinGW compiler warning [55] o low_speed_limit: improved function for longer time periods [56] o gtls: fix compiler warning o sspi: print out InitializeSecurityContext() error message [57] o schannel: fix compiler warnings [58] o vtls: fix unreferenced variable warnings o INSTALL.md: fix secure transport configure arguments o CURLINFO_SCHEME.3: fix variable type o libcurl-thread.3: also mention threaded-resolver [59] o nss: load CA certificates even with --insecure [60] o openssl: fix this statement may fall through [61] o poll: prefer <poll.h> over <sys/poll.h> [62] o polarssl: unbreak build with versions < 1.3.8 [63] o Curl_expire_latest: ignore already expired timers [64] o configure: turn implicit function declarations into errors [65] o mbedtls: fix memory leak in error path [66] o http2: fix handle leak in error path [67] o .gitattributes: force shell scripts to LF [69] o configure.ac: ignore CR after version numbers [70] o extern-scan.pl: strip trailing CR [71] o openssl: make SSL_ERROR_to_str more future-proof [72] o openssl: fix thread-safety bugs in error-handling [73] o openssl: don't try to print nonexistant peer private keys [74] o nss: fix MinGW compiler warnings [75] --- Module Name: pkgsrc Committed By: ryoon Date: Wed Apr 19 16:37:33 UTC 2017 Modified Files: pkgsrc/www/curl: distinfo Added Files: pkgsrc/www/curl/patches: patch-src_Makefile.in Log Message: Do not use GNU make syntax. Fix build with bmake