Wed Mar 4 14:47:01 2009 UTC ()
Update "curl" package to version 7.19.4. Changes since version 7.19.3:
Changes:
 - Added CURLOPT_NOPROXY and the corresponding --noproxy
 - the OpenSSL-specific code disables TICKET (rfc5077) which is enabled
   by default in openssl 0.9.8j
 - Added CURLOPT_TFTP_BLKSIZE
 - Added CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC -
   with the corresponding curl options --socks5-gssapi-service and
   --socks5-gssapi-nec
 - Improved IPv6 support when built with with c-ares >= 1.6.1
 - Added CURLPROXY_HTTP_1_0 and --proxy1.0
 - Added docs/libcurl/symbols-in-versions
 - Added CURLINFO_CONDITION_UNMET
 - Added support for Digest and NTLM authentication using GnuTLS
 - CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 to retry the CWD
   even when MKD fails
 - GnuTLS initing moved to curl_global_init()
 - Added CURLOPT_REDIR_PROTOCOLS and CURLOPT_PROTOCOLS
Bugfixes:
 - missing ssh.obj in VS makefiles
 - FTP ;type=i URLs now work with CURLOPT_PROXY_TRANSFER_MODE in
   Turkish locale
 - realms with quoted quotation marks in HTTP Digest headers
 - VC9 makefiles are now really included
 - multi interface memory leak with CURLMOPT_MAXCONNECTS set
 - CURLINFO_CONTENT_LENGTH_DOWNLOAD size from file:// "transfers" with
   CURLOPT_NOBODY set true
 - memory leak on some libz errors for content encodings
 - NSS-enabled build is repaired
 - superfluous wait in SFTP downloads removed
 - FTP with the multi interface no longer kills the control connection
   as easily on transfer failures
 - compilation halting when using VS2008 to build a Windows 2000 target
 - ease creation of libcurl Mac OS X Framework
 - CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD
   are -1 if unknown
 - Negotiate proxy authentication
 - CURLOPT_INTERFACE and CURLOPT_LOCALPORT used together

This update fixes the security problem reported in CVE-2009-0037.


(tron)
diff -r1.88 -r1.89 pkgsrc/www/curl/Makefile
diff -r1.57 -r1.58 pkgsrc/www/curl/distinfo
cvs diff -r1.88 -r1.89 pkgsrc/www/curl/Makefile (expand / switch to unified diff)

--- pkgsrc/www/curl/Makefile 2009/02/21 13:38:37 1.88
+++ pkgsrc/www/curl/Makefile 2009/03/04 14:47:01 1.89
@@ -1,16 +1,16 @@ @@ -1,16 +1,16 @@
1# $NetBSD: Makefile,v 1.88 2009/02/21 13:38:37 wiz Exp $ 1# $NetBSD: Makefile,v 1.89 2009/03/04 14:47:01 tron Exp $
2 2
3DISTNAME= curl-7.19.3 3DISTNAME= curl-7.19.4
4CATEGORIES= www 4CATEGORIES= www
5MASTER_SITES= http://curl.haxx.se/download/ \ 5MASTER_SITES= http://curl.haxx.se/download/ \
6 ftp://ftp.sunet.se/pub/www/utilities/curl/ 6 ftp://ftp.sunet.se/pub/www/utilities/curl/
7EXTRACT_SUFX= .tar.bz2 7EXTRACT_SUFX= .tar.bz2
8 8
9MAINTAINER= recht@NetBSD.org 9MAINTAINER= recht@NetBSD.org
10HOMEPAGE= http://curl.haxx.se/ 10HOMEPAGE= http://curl.haxx.se/
11COMMENT= Client that groks URLs 11COMMENT= Client that groks URLs
12 12
13PKG_INSTALLATION_TYPES= overwrite pkgviews 13PKG_INSTALLATION_TYPES= overwrite pkgviews
14PKG_DESTDIR_SUPPORT= user-destdir 14PKG_DESTDIR_SUPPORT= user-destdir
15 15
16# list it into IPv6-ready packages 16# list it into IPv6-ready packages
cvs diff -r1.57 -r1.58 pkgsrc/www/curl/distinfo (expand / switch to unified diff)

--- pkgsrc/www/curl/distinfo 2009/02/21 13:38:37 1.57
+++ pkgsrc/www/curl/distinfo 2009/03/04 14:47:01 1.58
@@ -1,6 +1,6 @@ @@ -1,6 +1,6 @@
1$NetBSD: distinfo,v 1.57 2009/02/21 13:38:37 wiz Exp $ 1$NetBSD: distinfo,v 1.58 2009/03/04 14:47:01 tron Exp $
2 2
3SHA1 (curl-7.19.3.tar.bz2) = c2ee72537d422bac1b10d8bfaa0401c12a3b2407 3SHA1 (curl-7.19.4.tar.bz2) = 6b8cb206990cd68d8653cea16a47bd0febd5c50d
4RMD160 (curl-7.19.3.tar.bz2) = 8f3074728776d6ad8e3c129eb63b41258a29552a 4RMD160 (curl-7.19.4.tar.bz2) = 91f46c421e0f23f268640d39f45a74621e951245
5Size (curl-7.19.3.tar.bz2) = 2238923 bytes 5Size (curl-7.19.4.tar.bz2) = 2296879 bytes
6SHA1 (patch-aa) = 2f9651c723ed91efecc7e565e74bc7740628163f 6SHA1 (patch-aa) = 2f9651c723ed91efecc7e565e74bc7740628163f