pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2023Q3] pkgsrc/www



Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Fri Oct 13 09:38:41 UTC 2023

Modified Files:
        pkgsrc/www/curl [pkgsrc-2023Q3]: Makefile.common PLIST distinfo
        pkgsrc/www/curl/patches [pkgsrc-2023Q3]: patch-configure
        pkgsrc/www/libcurl-gnutls [pkgsrc-2023Q3]: distinfo

Log Message:
Pullup ticket #6809 - requested by leot
www/curl: security fix

Revisions pulled up (via patch):
- www/curl/Makefile.common                                      1.8
- www/curl/PLIST                                                1.96
- www/curl/distinfo                                             1.199
- www/curl/patches/patch-configure                              1.18
- www/libcurl-gnutls/distinfo                                   1.6

---
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Wed Oct 11 07:16:03 UTC 2023

   Modified Files:
           pkgsrc/www/curl: Makefile.common PLIST distinfo
           pkgsrc/www/curl/patches: patch-configure
           pkgsrc/www/libcurl-gnutls: distinfo

   Log Message:
   curl libcurl-gnutls: updated to 8.4.0

   Fixed in 8.4.0 - October 11 2023

   Changes:

   curl: add support for the IPFS protocols via HTTP gateway
   curl_multi_get_handles: get easy handles from a multi handle
   mingw: delete support for legacy mingw.org toolchain

   Bugfixes:

   acinclude.m4: Document proper system truststore on FreeBSD
   appveyor: fix yamlint issues, indent
   appveyor: rewrite batch in PowerShell + CI improvements
   autotools: adjust `CURL_CA_PATH` value to CMake
   autotools: restore `HAVE_IOCTL_*` detections
   base64: also build for curl
   bufq: remove Curl_bufq_skip_and_shift (unused)
   build: delete checks for C89 standard headers
   build: do not publish `HAVE_BORINGSSL`, `HAVE_AWSLC` macros
   cf-socket: simulate slow/blocked receives in debug
   cmake, configure: also link with CoreServices
   cmake: add check for suseconds_t
   cmake: add feature checks for `memrchr` and `getifaddrs`
   cmake: add missing checks
   cmake: delete old `HAVE_LDAP_URL_PARSE` logic
   cmake: detect `HAVE_CLOCK_GETTIME_MONOTONIC_RAW`
   cmake: detect `HAVE_GETADDRINFO_THREADSAFE`
   cmake: detect `sys/wait.h` and `netinet/udp.h`
   cmake: detect TLS-SRP in OpenSSL/wolfSSL/GnuTLS
   cmake: disable unity mode with Windows Unicode + TrackMemory
   cmake: fix `HAVE_LDAP_SSL`, `HAVE_LDAP_URL_PARSE` on non-Windows
   cmake: fix `HAVE_WRITABLE_ARGV` detection
   cmake: fix duplicate symbols when linking tests
   cmake: fix missing `zlib.h` when compiling `libcurltool`
   cmake: fix stderr initialization in unity builds
   cmake: fix the help text to the static build option in CMakeLists.txt
   cmake: fix unity builds for more build combinations
   cmake: fix unity symbol collisions in h2 builds
   cmake: fix unity with Windows Unicode + TrackMemory
   cmake: improve OpenLDAP builds
   cmake: lib `CURL_STATICLIB` fixes (Windows)
   cmake: move global headers to specific checks
   cmake: pre-cache `HAVE_BASENAME` for mingw-w64 and MSVC
   cmake: pre-cache `HAVE_POLL_FINE` on Windows
   cmake: tidy-up `NOT_NEED_LBER_H` detection
   cmake: validate `CURL_DEFAULT_SSL_BACKEND` config value
   configure: check for the capath by default
   configure: remove unused checks
   configure: replace adhoc domain with `localhost` in tests
   configure: sort AC_CHECK_FUNCS
   connect: expire the timeout when trying next
   connect: only start the happy eyeballs timer when needed
   cookie: do not store the expire or max-age strings
   cookie: remove unnecessary struct fields
   cookie: set ->running in cookie_init even if data is NULL
   create-dirs.d: clarify it also uses --output-dirs
   curl.h: mark CURLSSLBACKEND_NSS as deprecated since 8.3.0
   curl_easy_pause.3: mention h2/h3 buffering
   curl_easy_pause.3: mention it works within callbacks
   curl_easy_pause: set "in callback" true on exit if true
   CURLOPT_DEBUGFUNCTION.3: warn about internal handles
   docs/libcurl/opts/Makefile.inc: add missing manpage files
   docs: adapt SEE ALSO sections to new requirements
   docs: explain how PINNEDPUBLICKEY is independent of VERIFYPEER
   docs: replace made up domains with example.com
   docs: update curl man page references
   docs: use CURLSSLBACKEND_NONE
   doh: inherit DEBUGFUNCTION/DATA
   escape: replace Curl_isunreserved with ISUNRESERVED
   FAQ: How do I upgrade curl.exe in Windows?
   GHA/linux: run singleuse to detect single-use global functions
   GHA: add workflow to compare configure vs cmake outputs
   h2-proxy: remove left-over mistake in drain_tunnel()
   h2: testcase and fix for pausing h2 streams
   h3: add support for ngtcp2 with AWS-LC builds
   http2: refused stream handling for retry
   http: fix CURL_DISABLE_BEARER_AUTH breakage
   http: h1/h2 proxy unification
   http: remove wrong comment for http_should_fail
   http: use per-request counter to check too large headers
   http_aws_sigv4: fix sorting with empty parts
   idn: fix WinIDN null ptr deref on bad host
   idn: if idn2_check_version returns NULL, return error
   inet_ntop: add typecast to silence Coverity
   lib: disambiguate Curl_client_write flag semantics
   lib: enable hmac for digest as well
   lib: failf/infof compiler warnings
   lib: let the max filesize option stop too big transfers too
   lib: move handling of `data->req.writer_stack` into Curl_client_write()
   lib: provide and use Curl_hexencode
   lib: remove TIME_WITH_SYS_TIME
   lib: use wrapper for curl_mime_data fseek callback
   libssh2: fix error message on failed pubkey-from-file
   libssh: cap SFTP packet size sent
   Makefile.mk: always set `CURL_STATICLIB` for lib (Windows)
   MANUAL.md: change domain to example.com
   misc: better random strings
   MQTT: improve receive of ACKs
   multi: do CURLM_CALL_MULTI_PERFORM at two more places
   multi: fix small timeouts
   multi: remove Curl_multi_dump
   multi: round the timeout up to prevent early wakeups
   multi: set CURLM_CALL_MULTI_PERFORM after switch to DOING_MORE
   openssl: improve ssl shutdown handling
   openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR
   pytest: exclude test_03_goaway in CI runs due to timing dependency
   quic: set ciphers/curves the same way regular TLS does
   quiche: fix build error with --with-ca-fallback
   RELEASE-PROCEDURE.md: updated coming release dates
   runtests: display the test status if tests appear hung
   runtests: eliminate a warning on old perl versions
   socks: return error if hostname too long for remote resolve
   src/mkhelp: make generated code pass `checksrc`
   test1056: disable on Windows
   test1474: disable test on NetBSD, OpenBSD and Solaris 10
   test1592: greatly increase the maximum test timeout
   test1903: actually verify the cookies after the test
   test1906: set a lower timeout since it's hit on Windows
   test2600: remove special case handling for USE_ALARM_TIMEOUT
   test650: fix an end tag typo
   test661: return from test early in case of curl error
   test: add missing <feature>s
   tests: close the shell used to start sshd
   tests: fix a race condition in ftp server disconnect
   tests: fix compiler warnings
   tests: Fix zombie processes left behind by FTP tests.
   tests: improve SLOWDOWN test reliability by reducing sent data
   tests: increase lib571 timeout from 3s to 30s
   tests: log the test result code after each libtest
   tests: propagate errors in libtests
   tests: set --expect100-timeout to improve test reliability
   tests: show which curl tool `runtests.pl` is using
   tests: stop overriding the lock timeout
   tftpd: always use curl's own tftp.h
   tool: use our own stderr variable
   tool_cb_wrt: fix debug assertion
   tool_getparam: accept variable expansion on file names too
   tool_setopt: remove unused function tool_setopt_flags
   upload-file.d: describe the file name slash/backslash handling
   url: fall back to http/https proxy env-variable if ws/wss not set
   url: fix netrc info message
   warnless: remove unused functions
   wolfssh: do cleanup in Curl_ssh_cleanup
   wolfssl: allow capath with CURLOPT_CAINFO_BLOB
   wolfssl: if CURLOPT_CAINFO_BLOB is set, ignore the CA files
   wolfssl: ignore errors in CA path


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.6.2.1 pkgsrc/www/curl/Makefile.common
cvs rdiff -u -r1.95 -r1.95.2.1 pkgsrc/www/curl/PLIST
cvs rdiff -u -r1.197 -r1.197.2.1 pkgsrc/www/curl/distinfo
cvs rdiff -u -r1.16 -r1.16.12.1 pkgsrc/www/curl/patches/patch-configure
cvs rdiff -u -r1.5 -r1.5.2.1 pkgsrc/www/libcurl-gnutls/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/curl/Makefile.common
diff -u pkgsrc/www/curl/Makefile.common:1.6 pkgsrc/www/curl/Makefile.common:1.6.2.1
--- pkgsrc/www/curl/Makefile.common:1.6 Wed Sep 13 08:15:05 2023
+++ pkgsrc/www/curl/Makefile.common     Fri Oct 13 09:38:41 2023
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile.common,v 1.6 2023/09/13 08:15:05 adam Exp $
+# $NetBSD: Makefile.common,v 1.6.2.1 2023/10/13 09:38:41 bsiegert Exp $
 # used by www/libcurl-gnutls/Makefile
 
-DISTNAME=      curl-8.3.0
+DISTNAME=      curl-8.4.0
 CATEGORIES=    www
 MASTER_SITES=  https://curl.se/download/
 EXTRACT_SUFX=  .tar.xz

Index: pkgsrc/www/curl/PLIST
diff -u pkgsrc/www/curl/PLIST:1.95 pkgsrc/www/curl/PLIST:1.95.2.1
--- pkgsrc/www/curl/PLIST:1.95  Wed Sep 13 08:15:05 2023
+++ pkgsrc/www/curl/PLIST       Fri Oct 13 09:38:41 2023
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.95 2023/09/13 08:15:05 adam Exp $
+@comment $NetBSD: PLIST,v 1.95.2.1 2023/10/13 09:38:41 bsiegert Exp $
 bin/curl
 bin/curl-config
 include/curl/curl.h
@@ -26,6 +26,7 @@ man/man3/CURLINFO_CERTINFO.3
 man/man3/CURLINFO_CONDITION_UNMET.3
 man/man3/CURLINFO_CONNECT_TIME.3
 man/man3/CURLINFO_CONNECT_TIME_T.3
+man/man3/CURLINFO_CONN_ID.3
 man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3
 man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3
 man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD.3
@@ -86,6 +87,7 @@ man/man3/CURLINFO_TLS_SESSION.3
 man/man3/CURLINFO_TLS_SSL_PTR.3
 man/man3/CURLINFO_TOTAL_TIME.3
 man/man3/CURLINFO_TOTAL_TIME_T.3
+man/man3/CURLINFO_XFER_ID.3
 man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
 man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
 man/man3/CURLMOPT_MAXCONNECTS.3
@@ -297,6 +299,7 @@ man/man3/CURLOPT_PROXY_TLSAUTH_TYPE.3
 man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3
 man/man3/CURLOPT_PROXY_TRANSFER_MODE.3
 man/man3/CURLOPT_PUT.3
+man/man3/CURLOPT_QUICK_EXIT.3
 man/man3/CURLOPT_QUOTE.3
 man/man3/CURLOPT_RANDOM_FILE.3
 man/man3/CURLOPT_RANGE.3
@@ -331,6 +334,8 @@ man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3
 man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3
 man/man3/CURLOPT_SSH_AUTH_TYPES.3
 man/man3/CURLOPT_SSH_COMPRESSION.3
+man/man3/CURLOPT_SSH_HOSTKEYDATA.3
+man/man3/CURLOPT_SSH_HOSTKEYFUNCTION.3
 man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3
 man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256.3
 man/man3/CURLOPT_SSH_KEYDATA.3
@@ -456,6 +461,7 @@ man/man3/curl_multi_add_handle.3
 man/man3/curl_multi_assign.3
 man/man3/curl_multi_cleanup.3
 man/man3/curl_multi_fdset.3
+man/man3/curl_multi_get_handles.3
 man/man3/curl_multi_info_read.3
 man/man3/curl_multi_init.3
 man/man3/curl_multi_perform.3
@@ -492,6 +498,7 @@ man/man3/curl_ws_meta.3
 man/man3/curl_ws_recv.3
 man/man3/curl_ws_send.3
 man/man3/libcurl-easy.3
+man/man3/libcurl-env-dbg.3
 man/man3/libcurl-env.3
 man/man3/libcurl-errors.3
 man/man3/libcurl-multi.3

Index: pkgsrc/www/curl/distinfo
diff -u pkgsrc/www/curl/distinfo:1.197 pkgsrc/www/curl/distinfo:1.197.2.1
--- pkgsrc/www/curl/distinfo:1.197      Wed Sep 13 08:15:05 2023
+++ pkgsrc/www/curl/distinfo    Fri Oct 13 09:38:41 2023
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.197 2023/09/13 08:15:05 adam Exp $
+$NetBSD: distinfo,v 1.197.2.1 2023/10/13 09:38:41 bsiegert Exp $
 
-BLAKE2s (curl-8.3.0.tar.xz) = f5bf62169d53dffc0fb6b7c1bcfd1c0874a1fafc7afd34d9500a9dd606d8b6d8
-SHA512 (curl-8.3.0.tar.xz) = 6404b4c74fe1185cb482631ca3a143996cb7298d0d8a76bfafd7696e7729c00559999a069bdba782dee3f3eb273fb678a4438cb27d3deca54022878cdff83a51
-Size (curl-8.3.0.tar.xz) = 2641764 bytes
-SHA1 (patch-configure) = ae123a94fa84ef99dfc1dadd596ac86ef0d143fe
+BLAKE2s (curl-8.4.0.tar.xz) = cdd3a11e796f83496f8299471bcbb6e600919c3677aff50de1121bd05ab8aaaf
+SHA512 (curl-8.4.0.tar.xz) = 7027dbf3b759b39d6ec9c4da58fadd254e84bb93bff599541b3bc3135bad4c2955c6237d7ddd60973f9f1a6948bc32d7e312985fb50658bc958b9f22fee74f2b
+Size (curl-8.4.0.tar.xz) = 2658376 bytes
+SHA1 (patch-configure) = e24042bf5e032bbc5e57a4ef0eb5b651944d9bc8
 SHA1 (patch-curl-config.in) = a58c777fc1a0a087776e62ed2e2a1e0a339716df

Index: pkgsrc/www/curl/patches/patch-configure
diff -u pkgsrc/www/curl/patches/patch-configure:1.16 pkgsrc/www/curl/patches/patch-configure:1.16.12.1
--- pkgsrc/www/curl/patches/patch-configure:1.16        Wed Apr 27 07:51:20 2022
+++ pkgsrc/www/curl/patches/patch-configure     Fri Oct 13 09:38:41 2023
@@ -1,4 +1,4 @@
-$NetBSD: patch-configure,v 1.16 2022/04/27 07:51:20 wiz Exp $
+$NetBSD: patch-configure,v 1.16.12.1 2023/10/13 09:38:41 bsiegert Exp $
 
 - Builtin krb5-config in platforms such as solaris do not support
   the gssapi option, and need an explicit -lgss
@@ -6,9 +6,9 @@ $NetBSD: patch-configure,v 1.16 2022/04/
 - Do not strip debug flags.
 - Support Minix.
 
---- configure.orig     2022-04-25 07:31:45.000000000 +0000
+--- configure.orig     2023-10-09 06:22:20.000000000 +0000
 +++ configure
-@@ -4246,6 +4246,7 @@ printf "%s\n" "$as_me: $xc_bad_var_msg l
+@@ -4282,6 +4282,7 @@ printf "%s\n" "$as_me: $xc_bad_var_msg l
          ;;
      esac
    done
@@ -16,7 +16,7 @@ $NetBSD: patch-configure,v 1.16 2022/04/
    if test $xc_bad_var_cflags = yes; then
      { printf "%s\n" "$as_me:${as_lineno-$LINENO}: using CFLAGS: $CFLAGS" >&5
  printf "%s\n" "$as_me: using CFLAGS: $CFLAGS" >&6;}
-@@ -8648,7 +8649,7 @@ else $as_nop
+@@ -9167,7 +9168,7 @@ else $as_nop
      lt_cv_sys_max_cmd_len=8192;
      ;;
  
@@ -25,7 +25,7 @@ $NetBSD: patch-configure,v 1.16 2022/04/
      # This has been around since 386BSD, at least.  Likely further.
      if test -x /sbin/sysctl; then
        lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
-@@ -9236,12 +9237,8 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu 
+@@ -9755,12 +9756,8 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu
    lt_cv_deplibs_check_method=pass_all
    ;;
  
@@ -40,7 +40,7 @@ $NetBSD: patch-configure,v 1.16 2022/04/
    ;;
  
  newos6*)
-@@ -13520,14 +13517,13 @@ _LT_EOF
+@@ -14010,14 +14007,13 @@ _LT_EOF
        fi
        ;;
  
@@ -62,7 +62,7 @@ $NetBSD: patch-configure,v 1.16 2022/04/
        ;;
  
      solaris*)
-@@ -14218,15 +14214,13 @@ printf "%s\n" "$lt_cv_irix_exported_symb
+@@ -14708,15 +14704,13 @@ printf "%s\n" "$lt_cv_irix_exported_symb
        esac
        ;;
  
@@ -83,7 +83,7 @@ $NetBSD: patch-configure,v 1.16 2022/04/
        ;;
  
      newsos6)
-@@ -15337,6 +15331,18 @@ fi
+@@ -15827,6 +15821,18 @@ fi
    dynamic_linker='GNU/Linux ld.so'
    ;;
  
@@ -102,7 +102,7 @@ $NetBSD: patch-configure,v 1.16 2022/04/
  netbsdelf*-gnu)
    version_type=linux
    need_lib_prefix=no
-@@ -17794,7 +17800,7 @@ squeeze() {
+@@ -18465,7 +18471,7 @@ squeeze() {
  
  
        #
@@ -111,7 +111,7 @@ $NetBSD: patch-configure,v 1.16 2022/04/
      #
      tmp_save_CPPFLAGS="$CPPFLAGS"
      tmp_save_CFLAGS="$CFLAGS"
-@@ -18087,13 +18093,6 @@ printf %s "checking if compiler accepts 
+@@ -18760,13 +18766,6 @@ printf %s "checking if compiler accepts
        tmp_options="$flags_dbg_yes"
      fi
      #
@@ -125,7 +125,7 @@ $NetBSD: patch-configure,v 1.16 2022/04/
      squeeze CPPFLAGS
      squeeze CFLAGS
    fi
-@@ -20853,7 +20852,7 @@ printf "%s\n" "no" >&6; }
+@@ -21480,7 +21479,7 @@ printf "%s\n" "no" >&6; }
    tst_cflags="no"
    case $host_os in
      darwin*)
@@ -134,7 +134,7 @@ $NetBSD: patch-configure,v 1.16 2022/04/
        ;;
    esac
  
-@@ -25252,7 +25251,7 @@ printf "%s\n" "found" >&6; }
+@@ -25920,7 +25919,7 @@ printf "%s\n" "found" >&6; }
          LIBS="-lgss $LIBS"
          ;;
       *)

Index: pkgsrc/www/libcurl-gnutls/distinfo
diff -u pkgsrc/www/libcurl-gnutls/distinfo:1.5 pkgsrc/www/libcurl-gnutls/distinfo:1.5.2.1
--- pkgsrc/www/libcurl-gnutls/distinfo:1.5      Wed Sep 13 08:15:05 2023
+++ pkgsrc/www/libcurl-gnutls/distinfo  Fri Oct 13 09:38:41 2023
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.5 2023/09/13 08:15:05 adam Exp $
+$NetBSD: distinfo,v 1.5.2.1 2023/10/13 09:38:41 bsiegert Exp $
 
-BLAKE2s (curl-8.3.0.tar.xz) = f5bf62169d53dffc0fb6b7c1bcfd1c0874a1fafc7afd34d9500a9dd606d8b6d8
-SHA512 (curl-8.3.0.tar.xz) = 6404b4c74fe1185cb482631ca3a143996cb7298d0d8a76bfafd7696e7729c00559999a069bdba782dee3f3eb273fb678a4438cb27d3deca54022878cdff83a51
-Size (curl-8.3.0.tar.xz) = 2641764 bytes
+BLAKE2s (curl-8.4.0.tar.xz) = cdd3a11e796f83496f8299471bcbb6e600919c3677aff50de1121bd05ab8aaaf
+SHA512 (curl-8.4.0.tar.xz) = 7027dbf3b759b39d6ec9c4da58fadd254e84bb93bff599541b3bc3135bad4c2955c6237d7ddd60973f9f1a6948bc32d7e312985fb50658bc958b9f22fee74f2b
+Size (curl-8.4.0.tar.xz) = 2658376 bytes
 SHA1 (patch-configure) = ae123a94fa84ef99dfc1dadd596ac86ef0d143fe
 SHA1 (patch-curl-config.in) = a58c777fc1a0a087776e62ed2e2a1e0a339716df



Home | Main Index | Thread Index | Old Index