Mon Feb 11 12:20:44 2013 UTC ()
Update to 7.29.0:

Fixed in 7.29.0 - February 6 2013

Release contains security-related bug fix
(already fixed in pkgsrc)

Changes:

    test: offer "automake" output and check for perl better
    always-multi: always use non-blocking internals
    imap: Added support for sasl digest-md5 authentication
    imap: Added support for sasl cram-md5 authentication
    imap: Added support for sasl ntlm authentication
    imap: Added support for sasl login authentication
    imap: Added support for sasl plain text authentication
    imap: Added support for login disabled server capability
    mk-ca-bundle: add -f, support passing to stdout and more
    writeout: -w now supports remote_ip/port and local_ip/port

Bugfixes:

    SECURITY ADVISORY: SASL buffer overflow vulnerability
    nss: prevent NSS from crashing on client auth hook failure
    darwinssl: Fixed inability to disable peer verification on Snow Leopard and Lion
    curl_multi_remove_handle: fix memory leak triggered with CURLOPT_RESOLVE
    SCP: relative path didn't work as documented
    setup_once.h: HP-UX issue workaround
    configure: fix cross pkg-config detection
    runtests: Do not add undefined values to @INC
    build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag
    multi: fix re-sending request on early connection close
    HTTP: remove stray CRLF in chunk-encoded content-free request bodies
    build: fix AIX compilation and usage of events/revents
    VC Makefiles: add missing hostcheck
    nss: clear session cache if a client certificate from file is used
    nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE
    fix HTTP CONNECT tunnel establishment upon delayed response
    --libcurl: fix for non-zero default options
    FTP: reject illegal port numbers in EPSV 229 responses
    build: use per-target '_CPPFLAGS' for those currently using default
    configure: fix automake 1.13 compatibility
    curl: ignore SIGPIPE
    pop3: Added support for non-blocking SSL upgrade
    pop3: Fixed default authentication detection
    imap: Fixed usernames and passwords that contain escape characters
    packages/DOS/common.dj: remove COFF debug info generation
    imap/pop3/smtp: Fixed failure detection during TLS upgrade
    pop3: Fixed no known authentication mechanism when fallback is required
    formadd: reject trying to read a directory where a file is expected
    formpost: support quotes, commas and semicolon in file names
    docs: update the comments about loading CA certs with NSS
    docs: fix typos in man pages
    darwinssl: Fix bug where packets were sometimes transmitted twice
    winbuild: include version info for .dll .exe
    schannel: Removed extended error connection setup flag
    VMS: fix and generate the VMS build config


(wiz)
diff -r1.123 -r1.124 pkgsrc/www/curl/Makefile
diff -r1.81 -r1.82 pkgsrc/www/curl/distinfo
diff -r1.1 -r0 pkgsrc/www/curl/patches/patch-CVE-2013-0249
diff -r1.20 -r1.21 pkgsrc/www/curl/patches/patch-aa
cvs diff -r1.123 -r1.124 pkgsrc/www/curl/Makefile (expand / switch to unified diff)

--- pkgsrc/www/curl/Makefile 2013/02/08 15:45:42 1.123
+++ pkgsrc/www/curl/Makefile 2013/02/11 12:20:43 1.124
@@ -1,17 +1,16 @@ @@ -1,17 +1,16 @@
1# $NetBSD: Makefile,v 1.123 2013/02/08 15:45:42 drochner Exp $ 1# $NetBSD: Makefile,v 1.124 2013/02/11 12:20:43 wiz Exp $
2 2
3DISTNAME= curl-7.28.1 3DISTNAME= curl-7.29.0
4PKGREVISION= 3 
5CATEGORIES= www 4CATEGORIES= www
6MASTER_SITES= http://curl.haxx.se/download/ \ 5MASTER_SITES= http://curl.haxx.se/download/ \
7 ftp://ftp.sunet.se/pub/www/utilities/curl/ 6 ftp://ftp.sunet.se/pub/www/utilities/curl/
8EXTRACT_SUFX= .tar.bz2 7EXTRACT_SUFX= .tar.bz2
9 8
10MAINTAINER= pkgsrc-users@NetBSD.org 9MAINTAINER= pkgsrc-users@NetBSD.org
11HOMEPAGE= http://curl.haxx.se/ 10HOMEPAGE= http://curl.haxx.se/
12COMMENT= Client that groks URLs 11COMMENT= Client that groks URLs
13# not completely, but near enough 12# not completely, but near enough
14LICENSE= mit 13LICENSE= mit
15 14
16PKG_INSTALLATION_TYPES= overwrite pkgviews 15PKG_INSTALLATION_TYPES= overwrite pkgviews
17 16
cvs diff -r1.81 -r1.82 pkgsrc/www/curl/distinfo (expand / switch to unified diff)

--- pkgsrc/www/curl/distinfo 2013/02/08 15:45:42 1.81
+++ pkgsrc/www/curl/distinfo 2013/02/11 12:20:43 1.82
@@ -1,7 +1,6 @@ @@ -1,7 +1,6 @@
1$NetBSD: distinfo,v 1.81 2013/02/08 15:45:42 drochner Exp $ 1$NetBSD: distinfo,v 1.82 2013/02/11 12:20:43 wiz Exp $
2 2
3SHA1 (curl-7.28.1.tar.bz2) = b5aff1afc4e40fcb78db7a5e27214e0035756f3d 3SHA1 (curl-7.29.0.tar.bz2) = 03eddd295d3d50d60a9dd1c130c8e110ff1aa95a
4RMD160 (curl-7.28.1.tar.bz2) = d4a0cb79756607c3b573970648d639744f15fc65 4RMD160 (curl-7.29.0.tar.bz2) = 50c2ee716736dc0f1de26e032f525e7511912b95
5Size (curl-7.28.1.tar.bz2) = 2516671 bytes 5Size (curl-7.29.0.tar.bz2) = 2556495 bytes
6SHA1 (patch-CVE-2013-0249) = a00098804b17c59905fcd87dc69defc43f2aaf19 6SHA1 (patch-aa) = 07e12cd0576b87cfed74a6a2bf8dd42cb2f5a570
7SHA1 (patch-aa) = 66dc62384fa8dcd5a68f0f9af8b3c449a46fd250 
File Deleted: pkgsrc/www/curl/patches/Attic/patch-CVE-2013-0249
cvs diff -r1.20 -r1.21 pkgsrc/www/curl/patches/Attic/patch-aa (expand / switch to unified diff)

--- pkgsrc/www/curl/patches/Attic/patch-aa 2012/08/01 12:27:12 1.20
+++ pkgsrc/www/curl/patches/Attic/patch-aa 2013/02/11 12:20:44 1.21
@@ -1,46 +1,54 @@ @@ -1,46 +1,54 @@
1$NetBSD: patch-aa,v 1.20 2012/08/01 12:27:12 drochner Exp $ 1$NetBSD: patch-aa,v 1.21 2013/02/11 12:20:44 wiz Exp $
2 2
3--- configure.orig 2012-07-27 18:25:28.000000000 +0000 3--- configure.orig 2013-02-06 09:47:26.000000000 +0000
4+++ configure 4+++ configure
5@@ -15707,7 +15707,7 @@ squeeze() { 5@@ -3635,6 +3635,7 @@ $as_echo "$as_me: $xc_bad_var_msg librar
 6 ;;
 7 esac
 8 done
 9+ xc_bad_var_cflags=no
 10 if test $xc_bad_var_cflags = yes; then
 11 { $as_echo "$as_me:${as_lineno-$LINENO}: using CFLAGS: $CFLAGS" >&5
 12 $as_echo "$as_me: using CFLAGS: $CFLAGS" >&6;}
 13@@ -16373,7 +16374,7 @@ squeeze() {
6  14
7  15
8 # 16 #
9- if test "$compiler_id" != "unknown"; then 17- if test "$compiler_id" != "unknown"; then
10+ if false; then 18+ if false; then
11 # 19 #
12 if test "$compiler_id" = "GNU_C" || 20 if test "$compiler_id" = "GNU_C" ||
13 test "$compiler_id" = "CLANG"; then 21 test "$compiler_id" = "CLANG"; then
14@@ -20390,15 +20390,15 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd 22@@ -21261,15 +21262,15 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd
15 LIBS="$LIBS $gss_libs" 23 LIBS="$gss_libs $LIBS"
16 elif test "$GSSAPI_ROOT" != "yes"; then 24 elif test "$GSSAPI_ROOT" != "yes"; then
17 LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff" 25 LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff"
18- LIBS="$LIBS -lgssapi" 26- LIBS="-lgssapi $LIBS"
19+ LIBS="$LIBS -lgssapi -lkrb5" 27+ LIBS="-lgssapi -lkrb5 $LIBS"
20 else 28 else
21- LIBS="$LIBS -lgssapi" 29- LIBS="-lgssapi $LIBS"
22+ LIBS="$LIBS -lgssapi -lkrb5" 30+ LIBS="-lgssapi -lkrb5 $LIBS"
23 fi 31 fi
24 ;; 32 ;;
25 esac 33 esac
26 else 34 else
27 LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR" 35 LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
28- LIBS="$LIBS -lgssapi" 36- LIBS="-lgssapi $LIBS"
29+ LIBS="$LIBS -lgssapi -lkrb5" 37+ LIBS="-lgssapi -lkrb5 $LIBS"
30 fi 38 fi
31 else 39 else
32 CPPFLAGS="$save_CPPFLAGS" 40 CPPFLAGS="$save_CPPFLAGS"
33@@ -24033,19 +24033,19 @@ $as_echo "$as_me: WARNING: You need an l 41@@ -24833,19 +24834,19 @@ $as_echo "$as_me: WARNING: You need an l
34 $as_echo "yes" >&6; } 42 $as_echo "yes" >&6; }
35 if test "x$OPENSSL_ENABLED" = "x1"; then 43 if test "x$OPENSSL_ENABLED" = "x1"; then
36 versioned_symbols_flavour="OPENSSL_" 44 versioned_symbols_flavour="OPENSSL_"
37- elif test "x$GNUTLS_ENABLED" == "x1"; then 45- elif test "x$GNUTLS_ENABLED" == "x1"; then
38+ elif test "x$GNUTLS_ENABLED" = "x1"; then 46+ elif test "x$GNUTLS_ENABLED" = "x1"; then
39 versioned_symbols_flavour="GNUTLS_" 47 versioned_symbols_flavour="GNUTLS_"
40- elif test "x$NSS_ENABLED" == "x1"; then 48- elif test "x$NSS_ENABLED" == "x1"; then
41+ elif test "x$NSS_ENABLED" = "x1"; then 49+ elif test "x$NSS_ENABLED" = "x1"; then
42 versioned_symbols_flavour="NSS_" 50 versioned_symbols_flavour="NSS_"
43- elif test "x$POLARSSL_ENABLED" == "x1"; then 51- elif test "x$POLARSSL_ENABLED" == "x1"; then
44+ elif test "x$POLARSSL_ENABLED" = "x1"; then 52+ elif test "x$POLARSSL_ENABLED" = "x1"; then
45 versioned_symbols_flavour="POLARSSL_" 53 versioned_symbols_flavour="POLARSSL_"
46- elif test "x$CYASSL_ENABLED" == "x1"; then 54- elif test "x$CYASSL_ENABLED" == "x1"; then