Authentication-Results: name.execsw.org; dkim=pass (1024-bit key) header.d=netbsd.org header.i=@netbsd.org header.b=Y5h/vAyp; dkim=pass (1024-bit key) header.d=netbsd.org header.i=@netbsd.org header.b=fDFr8Hm4 Received: by mail.netbsd.org (Postfix, from userid 605) id 5685284E90; Wed, 27 Mar 2024 13:53:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netbsd.org; s=20240131; t=1711547618; bh=xy/5Moh+qH8pXS1q9kgThrjeUyq2InxE0BVskqQEXho=; h=Date:From:Subject:To:Reply-To:List-Id:List-Unsubscribe; b=Y5h/vAypa73SqfIkZyIdxaXySTmftNB2RDWuClDC31DHLofIUxjUKgfSRyhwk/7jY STaSy6olZ4uuGWHp5sER/JxFdBXH/JthL2MsprJPzZbtQjmrsj2vLQne+0xWl/LhUN 7p5VdgZKadVwd2TF9kJBCPZKMlngiJ18hC45VpPY= Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 47A0484E73 for ; Wed, 27 Mar 2024 13:53:37 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Authentication-Results: mail.netbsd.org (amavisd-new); dkim=pass (1024-bit key) header.d=netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id fQEVWR4s7PyJ for ; Wed, 27 Mar 2024 13:53:36 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197]) by mail.netbsd.org (Postfix) with ESMTP id 0EAED84CCA for ; Wed, 27 Mar 2024 13:53:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netbsd.org; s=20240131; t=1711547616; bh=xy/5Moh+qH8pXS1q9kgThrjeUyq2InxE0BVskqQEXho=; h=Date:From:Subject:To:Reply-To; b=fDFr8Hm4bJb8TAvlPGOaapNqxb3NtCgrVO/5Fd4ze1s8stRgrZAqaVmZWqCTypWKl gZAfmYyW03IpriQT/wsTroebI0Bxi3JIGivNji9FNQdbxjR5Wzxbmzv+L5SGBwdFoJ lE1zunarkbigovi16R8ThdyZ1RyxKBhJlQSKe2dw= Received: by cvs.NetBSD.org (Postfix, from userid 500) id 06182FA2C; Wed, 27 Mar 2024 13:53:36 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1711547615130320" MIME-Version: 1.0 Date: Wed, 27 Mar 2024 13:53:35 +0000 From: "Thomas Klausner" Subject: CVS commit: pkgsrc/www/curl To: pkgsrc-changes@NetBSD.org Reply-To: wiz@netbsd.org X-Mailer: log_accum Message-Id: <20240327135336.06182FA2C@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1711547615130320 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: wiz Date: Wed Mar 27 13:53:35 UTC 2024 Modified Files: pkgsrc/www/curl: Makefile.common PLIST distinfo Log Message: curl: update to 8.7.1. Security fix release. Fixed in 8.7.1 - March 27 2024 8.7.1 Bugfixes: Fixed empty tool_hugehelp.c file Fixed in 8.7.0 - March 27 2024 Changes: configure: add --disable-docs flag CURLINFO_USED_PROXY: return bool whether the proxy was used digest: support SHA-512/256 DoH: add trace configuration write-out: add '%{proxy_used}' Bugfixes: ALTSVC.md: correct a typo asyn-ares: fix data race warning asyn-thread: use wakeup_close to close the read descriptor badwords: use hostname, not host name BINDINGS: add mcurl, the python binding bufq: writing into a softlimit queue cannot be partial c-hyper: add header collection writer in hyper builds cd2nroff: gen: make `\>` in input to render as plain '>' in output cd2nroff: remove backticks from titles checksrc.pl: fix handling .checksrc with CRLF cmake: add USE_OPENSSL_QUIC support cmake: add warning for using TLS libraries without 1.3 support cmake: enable `ENABLE_CURL_MANUAL` by default cmake: fix `CURL_WINDOWS_SSPI=ON` with Schannel disabled cmake: fix function description in comment cmake: fix install for older CMake versions cmake: fix libcurl.pc and curl-config library specifications cmdline-docs/Makefile: avoid using a fixed temp file name cmdline-docs: quote and angle bracket cleanup cmdline-opts/_EXITCODES: sync with libcurl-errors cmdline-opts/_VARIABLES.md: improve the description cmdline-opts/_VERSION: provide %VERSION correctly cmdline-opts: shorter help texts configure: add pkg-config support to rustls detection configure: add warning for using TLS libraries without 1.3 support configure: build & install shell completions when enabled configure: do not link with nghttp3 unless necessary configure: Don't build shell completions when disabled configure: Don't make shell completions without perl configure: find libpsl with pkg-config connect.c: fix typo CONTRIBUTE: update the section on documentation format cookie.md: provide an example sending a fixed cookie cookie: if psl fails, reject the cookie curl: exit on config file parser errors curl: make --libcurl output better CURLOPT_*SSLVERSION curl: when allocating variables, add the name into the struct curl_setup.h: add curl_uint64_t internal type curldown: fix email address in Copyright CURLMOPT_MAX*: mention what happens if changed mid-transfer CURLOPT_INTERFACE.md: remove spurious amp, add see-also CURLOPT_POSTQUOTE.md: fix typo CURLOPT_SSL_CTX_FUNCTION.md: no promises of lifetime after return CURLOPT_WRITEFUNCTION.md: typo fix digest: add check for hashing error dist: make sure the http tests are in the tarball DISTROS: add document with distro pointers docs/libcurl: add TLS backend info for all TLS options docs/libcurl: generate PROTOCOLS from meta-data docs: add missing slashes to SChannel client certificate documentation docs: add necessary setup for nghttp3 docs: ascii version of manpage without nroff docs: dist curl*.1 and install without perl docs: make curldown do angle brackets like markdown docs: make each libcurl man specify protocol(s) docs: make sure curl.1 is included in dist tarballs docs: update minimal binary size in INSTALL.md docs: use present tense examples: use present tense in comments file: use xfer buf for file:// transfers fopen: fix narrowing conversion warning on 32-bit Android form-string.md: correct the example ftp: do lineend conversions in client writer ftp: fix socket wait activity in ftp_domore_getsock ftp: tracing improvements ftp: treat a 226 arriving before data as a signal to read data gen.pl: make the "manpageification" faster gen: make `\>` in input to render as plain '>' in output getparam: make --ftp-ssl work again GHA/linux: add sysctl trick to work-around GitHub runner issue GIT-INFO: convert to markdown GOVERNANCE: document the core team header.md: remove backslash, make nicer markdown HTTP/2: write response directly http2, http3: return CURLE_PARTIAL_FILE when bytes were received http2: fix push discard http2: memory errors in the push callbacks are fatal http2: minor tweaks to optimize two struct sizes http2: push headers better cleanup http2: remove the third (unused) argument from http2_data_done() HTTP3.md: adjust the OpenSSL QUIC install instructions http: better error message for HTTP/1.x response without status line http: improve response header handling, save cpu cycles http: move headers collecting to writer http: remove stale comment about rewindbeforesend http: separate response parsing from response action http_chunks: fix the accounting of consumed bytes http_chunks: remove unused 'endptr' variable https-proxy: use IP address and cert with ip in alt names hyper: implement unpausing via client reader ipv6.md: mention IPv4 mapped addresses KNOWN_BUGS: POP3 issue when reading small chunks lib1598: fix `CURLOPT_POSTFIELDSIZE` usage lib582: remove code causing warning that is never run lib: add `void *ctx` to reader/writer instances lib: convert Curl_get_line to use dynbuf lib: Curl_read/Curl_write clarifications lib: enhance client reader resume + rewind lib: initialize output pointers to NULL before calling strto[ff,l,ul] lib: keep conn IP information together lib: move 'done' parameter to SingleRequests lib: remove curl_mimepart object when CURL_DISABLE_MIME libcurl-docs: cleanups libcurl-security.md: Active FTP passes on the local IP address libssh/libssh2: return error on too big range MANUAL.md: fix typo mbedtls: fix building when MBEDTLS_X509_REMOVE_INFO flag is defined mbedtls: fix pytest for newer versions mbedtls: properly cleanup the thread-shared entropy mbedtls: use mbedtls_ssl_conf_{min|max}_tls_version md4: include strdup.h for the memdup proto mime: add client reader misc: fix typos in docs and lib mkhelp: simplify the generated hugehelp program mprintf: fix format prefix I32/I64 for windows compilers multi: add xfer_buf to multi handle multi: fix multi_sock handling of select_bits multi: make add_handle free any multi_easy ngtcp2: no recvbuf for stream ntml_wb: fix buffer type typo OpenSSL QUIC: adapt to v3.3.x openssl-quic: check on Windows that socket conv to int is possible openssl-quic: fix BIO leak and Windows warning openssl-quic: fix unity build, casing, indentation OS400: avoid using awk in the build scripts paramhlp: fix CRLF-stripping files with "-d @file" proxy1.0.md: fix example pytest: adapt to API change request: clarify message when request has been sent off rustls: make curl compile with 0.12.0 schannel: fix hang on unexpected server close scripts: fix cijobs.pl for Azure and GHA sendf: ignore response body to HEAD setopt: fix check for CURLOPT_PROXY_TLSAUTH_TYPE value setopt: fix disabling all protocols sha512_256: add support for GnuTLS and OpenSSL smtp: fix STARTTLS SPONSORS: describe the basics strtoofft: fix the overflow check test 1541: verify getinfo values on first header callback test1165: improve pattern matching tests: support setting/using blank content env variables TIMER_STARTTRANSFER: set the same for everyone TLS: start shutdown only when peer did not already close TODO: update 13.11 with more information tool_cb_hdr: only parse etag + content-disposition for 2xx tool_getparam: accept a blank -w "" tool_getparam: handle non-existing (out of range) short-options tool_operate: change precedence of server Retry-After time tool_operate: do not set CURLOPT_QUICK_EXIT in debug builds trace-config.md: remove the mutexed options list transfer.c: break receive loop in speed limited transfers transfer: improve Windows SO_SNDBUF update limit urldata: move authneg bit from conn to Curl_easy version: allow building with ancient libpsl vquic-tls: fix the error code returned for bad CA file vtls: fix tls proxy peer verification vtls: revert "receive max buffer" + add test case VULN-DISCLOSURE-POLICY.md: update detail about CVE requests websocket: fix curl_ws_recv() wolfSSL: do not call the stub function wolfSSL_BIO_set_init() write-out.md: clarify error handling details To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/curl/Makefile.common cvs rdiff -u -r1.97 -r1.98 pkgsrc/www/curl/PLIST cvs rdiff -u -r1.201 -r1.202 pkgsrc/www/curl/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1711547615130320 Content-Disposition: inline Content-Length: 2588 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/www/curl/Makefile.common diff -u pkgsrc/www/curl/Makefile.common:1.11 pkgsrc/www/curl/Makefile.common:1.12 --- pkgsrc/www/curl/Makefile.common:1.11 Wed Jan 31 07:21:08 2024 +++ pkgsrc/www/curl/Makefile.common Wed Mar 27 13:53:35 2024 @@ -1,7 +1,7 @@ -# $NetBSD: Makefile.common,v 1.11 2024/01/31 07:21:08 wiz Exp $ +# $NetBSD: Makefile.common,v 1.12 2024/03/27 13:53:35 wiz Exp $ # used by www/libcurl-gnutls/Makefile -DISTNAME= curl-8.6.0 +DISTNAME= curl-8.7.1 CATEGORIES= www MASTER_SITES= https://curl.se/download/ EXTRACT_SUFX= .tar.xz Index: pkgsrc/www/curl/PLIST diff -u pkgsrc/www/curl/PLIST:1.97 pkgsrc/www/curl/PLIST:1.98 --- pkgsrc/www/curl/PLIST:1.97 Wed Jan 31 07:21:08 2024 +++ pkgsrc/www/curl/PLIST Wed Mar 27 13:53:35 2024 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.97 2024/01/31 07:21:08 wiz Exp $ +@comment $NetBSD: PLIST,v 1.98 2024/03/27 13:53:35 wiz Exp $ bin/curl bin/curl-config include/curl/curl.h @@ -17,7 +17,6 @@ lib/libcurl.la lib/pkgconfig/libcurl.pc man/man1/curl-config.1 man/man1/curl.1 -man/man1/mk-ca-bundle.1 man/man3/CURLINFO_ACTIVESOCKET.3 man/man3/CURLINFO_APPCONNECT_TIME.3 man/man3/CURLINFO_APPCONNECT_TIME_T.3 @@ -89,6 +88,7 @@ man/man3/CURLINFO_TLS_SESSION.3 man/man3/CURLINFO_TLS_SSL_PTR.3 man/man3/CURLINFO_TOTAL_TIME.3 man/man3/CURLINFO_TOTAL_TIME_T.3 +man/man3/CURLINFO_USED_PROXY.3 man/man3/CURLINFO_XFER_ID.3 man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 Index: pkgsrc/www/curl/distinfo diff -u pkgsrc/www/curl/distinfo:1.201 pkgsrc/www/curl/distinfo:1.202 --- pkgsrc/www/curl/distinfo:1.201 Wed Jan 31 07:21:08 2024 +++ pkgsrc/www/curl/distinfo Wed Mar 27 13:53:35 2024 @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.201 2024/01/31 07:21:08 wiz Exp $ +$NetBSD: distinfo,v 1.202 2024/03/27 13:53:35 wiz Exp $ -BLAKE2s (curl-8.6.0.tar.xz) = 2727cb26a32536ad349e9c5536e9b2daeed7b9bf5cf2e9b4137c2994119c84e7 -SHA512 (curl-8.6.0.tar.xz) = 359c08d88a5dec441255b36afe1a821730eca0ca8800ba52f57132b9e7d21f32457623907b4ae4876904b5e505eb1a59652372bb7de8dbd8db429dae9785e036 -Size (curl-8.6.0.tar.xz) = 2630108 bytes +BLAKE2s (curl-8.7.1.tar.xz) = 377475ad93ca7385d0e030dbcd885fc0b804ea8b0d6199d8768b546b5b99779a +SHA512 (curl-8.7.1.tar.xz) = 5bbde9d5648e9226f5490fa951690aaf159149345f3a315df2ba58b2468f3e59ca32e8a49734338afc861803a4f81caac6d642a4699b72c6310ebfb1f618aad2 +Size (curl-8.7.1.tar.xz) = 2707016 bytes SHA1 (patch-configure) = e24042bf5e032bbc5e57a4ef0eb5b651944d9bc8 SHA1 (patch-curl-config.in) = a58c777fc1a0a087776e62ed2e2a1e0a339716df --_----------=_1711547615130320--