Received: by mail.netbsd.org (Postfix, from userid 605)
	id 52F0E84D5B; Wed, 29 Nov 2017 13:56:29 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id D1F8084CE4
	for <pkgsrc-changes@NetBSD.org>; Wed, 29 Nov 2017 13:56:28 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1])
	by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025)
	with ESMTP id aalKQpECS3tv for <pkgsrc-changes@netbsd.org>;
	Wed, 29 Nov 2017 13:56:28 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id 2AC5D84C82
	for <pkgsrc-changes@NetBSD.org>; Wed, 29 Nov 2017 13:56:28 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id 25C72FB40; Wed, 29 Nov 2017 13:56:28 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1511963788197220"
MIME-Version: 1.0
Date: Wed, 29 Nov 2017 13:56:28 +0000
From: "Thomas Klausner" <wiz@netbsd.org>
Subject: CVS commit: pkgsrc/www/curl
To: pkgsrc-changes@NetBSD.org
Reply-To: wiz@netbsd.org
X-Mailer: log_accum
Message-Id: <20171129135628.25C72FB40@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: pkgsrc-changes.NetBSD.org
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_1511963788197220
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	wiz
Date:		Wed Nov 29 13:56:28 UTC 2017

Modified Files:
	pkgsrc/www/curl: Makefile distinfo

Log Message:
curl: update to 7.57.0.

Curl and libcurl 7.57.0

 o auth: add support for RFC7616 - HTTP Digest access authentication [12]
 o share: add support for sharing the connection cache [31]
 o HTTP: implement Brotli content encoding [28]

This release includes the following bugfixes:

 o CVE-2017-8816: NTLM buffer overflow via integer overflow [47]
 o CVE-2017-8817: FTP wildcard out of bounds read [48]
 o CVE-2017-8818: SSL out of buffer access [49]
 o curl_mime_filedata.3: fix typos [1]
 o libtest: Add required test libraries for lib1552 and lib1553 [2]
 o fix time diffs for systems using unsigned time_t [3]
 o ftplistparser: memory leak fix: free temporary memory always [4]
 o multi: allow table handle sizes to be overridden [5]
 o wildcards: don't use with non-supported protocols [6]
 o curl_fnmatch: return error on illegal wildcard pattern [7]
 o transfer: Fix chunked-encoding upload too early exit [8]
 o curl_setup: Improve detection of CURL_WINDOWS_APP [9]
 o resolvers: only include anything if needed [10]
 o setopt: fix CURLOPT_SSH_AUTH_TYPES option read
 o appveyor: add a win32 build
 o Curl_timeleft: change return type to timediff_t [11]
 o cmake: Export libcurl and curl targets to use by other cmake projects [13]
 o curl: in -F option arg, comma is a delimiter for files only [14]
 o curl: improved ";type=" handling in -F option arguments
 o timeval: use mach_absolute_time() on MacOS [15]
 o curlx: the timeval functions are no longer provided as curlx_* [16]
 o mkhelp.pl: do not generate comment with current date [17]
 o memdebug: use send/recv signature for curl_dosend/curl_dorecv [18]
 o cookie: avoid NULL dereference [19]
 o url: fix CURLOPT_POSTFIELDSIZE arg value check to allow -1 [20]
 o include: remove conncache.h inclusion from where its not needed
 o CURLOPT_MAXREDIRS: allow -1 as a value [21]
 o tests: Fixed torture tests on tests 556 and 650
 o http2: Fixed OOM handling in upgrade request
 o url: fix CURLOPT_DNS_CACHE_TIMEOUT arg value check to allow -1
 o CURLOPT_INFILESIZE: accept -1 [22]
 o curl: pass through [] in URLs instead of calling globbing error [23]
 o curl: speed up handling of many URLs [24]
 o ntlm: avoid malloc(0) for zero length passwords [25]
 o url: remove faulty arg value check from CURLOPT_SSH_AUTH_TYPES [26]
 o HTTP: support multiple Content-Encodings [27]
 o travis: add a job with brotli enabled
 o url: remove unncessary NULL-check
 o fnmatch: remove dead code
 o connect: store IPv6 connection status after valid connection [29]
 o imap: deal with commands case insensitively [30]
 o --interface: add support for Linux VRF [32]
 o content_encoding: fix inflate_stream for no bytes available [33]
 o cmake: Correctly include curl.rc in Windows builds [34]
 o cmake: Add missing setmode check [35]
 o connect.c: remove executable bit on file [36]
 o SMB: fix uninitialized local variable
 o zlib/brotli: only include header files in modules needing them [37]
 o URL: return error on malformed URLs with junk after IPv6 bracket [38]
 o openssl: fix too broad use of HAVE_OPAQUE_EVP_PKEY [39]
 o macOS: Fix missing connectx function with Xcode version older than 9.0 [40]
 o --resolve: allow IP address within [] brackets [41]
 o examples/curlx: Fix code style [42]
 o ntlm: remove unnecessary NULL-check to please scan-build [43]
 o Curl_llist_remove: fix potential NULL pointer deref [43]
 o mime: fix "Value stored to 'sz' is never read" scan-build error [43]
 o openssl: fix "Value stored to 'rc' is never read" scan-build error [43]
 o http2: fix "Value stored to 'hdbuf' is never read" scan-build error [43]
 o http2: fix "Value stored to 'end' is never read" scan-build error [43]
 o Curl_open: fix OOM return error correctly [43]
 o url: reject ASCII control characters and space in host names [44]
 o examples/rtsp: clear RANGE again after use [45]
 o connect: improve the bind error message [46]
 o make: fix "make distclean" [50]
 o connect: add support for new TCP Fast Open API on Linux [51]
 o metalink: fix memory-leak and NULL pointer dereference [52]
 o URL: update "file:" URL handling [53]
 o ssh: remove check for a NULL pointer [54]
 o global_init: ignore CURL_GLOBAL_SSL's absense [55]


To generate a diff of this commit:
cvs rdiff -u -r1.189 -r1.190 pkgsrc/www/curl/Makefile
cvs rdiff -u -r1.139 -r1.140 pkgsrc/www/curl/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1511963788197220
Content-Disposition: inline
Content-Length: 1767
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/www/curl/Makefile
diff -u pkgsrc/www/curl/Makefile:1.189 pkgsrc/www/curl/Makefile:1.190
--- pkgsrc/www/curl/Makefile:1.189	Mon Oct 23 06:59:36 2017
+++ pkgsrc/www/curl/Makefile	Wed Nov 29 13:56:27 2017
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.189 2017/10/23 06:59:36 adam Exp $
+# $NetBSD: Makefile,v 1.190 2017/11/29 13:56:27 wiz Exp $
 
-DISTNAME=	curl-7.56.1
+DISTNAME=	curl-7.57.0
 CATEGORIES=	www
 MASTER_SITES=	https://curl.haxx.se/download/
 EXTRACT_SUFX=	.tar.bz2

Index: pkgsrc/www/curl/distinfo
diff -u pkgsrc/www/curl/distinfo:1.139 pkgsrc/www/curl/distinfo:1.140
--- pkgsrc/www/curl/distinfo:1.139	Fri Nov  3 09:40:37 2017
+++ pkgsrc/www/curl/distinfo	Wed Nov 29 13:56:27 2017
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.139 2017/11/03 09:40:37 jperkin Exp $
+$NetBSD: distinfo,v 1.140 2017/11/29 13:56:27 wiz Exp $
 
-SHA1 (curl-7.56.1.tar.bz2) = f17b8f71f801b266828067f6f7c0e950509890b9
-RMD160 (curl-7.56.1.tar.bz2) = ee08c268c414be3d2c9a0bbcb9b7fbcfb33f48e9
-SHA512 (curl-7.56.1.tar.bz2) = f8a602e6890b2791ea9199c80801ffd027980de3733d4ab001ee80b5167f840cc821c6fe7852087c88a471edc9d3f328cf660af3e2c6f7139d6c8de62b0ade68
-Size (curl-7.56.1.tar.bz2) = 2824548 bytes
+SHA1 (curl-7.57.0.tar.bz2) = 7f47469324bf22cc9ffd1d3a201aa3c76ab626b8
+RMD160 (curl-7.57.0.tar.bz2) = e50c4ff25b6208187c5a3a10a5c8675faf75f64f
+SHA512 (curl-7.57.0.tar.bz2) = f366d2e931d7aff63bac0e1f760ced32c849252947d522427ba92124566906a7e6bd081b6d1630df36895dda2a00ac4cf1bed1470740693ef47ab90c6a270377
+Size (curl-7.57.0.tar.bz2) = 2849283 bytes
 SHA1 (patch-configure) = ba8abac55f11a53d07235e57d21ce5b32a421902
 SHA1 (patch-curl-config.in) = d0cc7bb6a5bf0b9257f40dcffce7093cc0098eb7
 SHA1 (patch-lib_hostcheck.c) = 8e772d3f91cdafae17281cc19004269ece0cf308


--_----------=_1511963788197220--