Wed Dec 21 10:07:37 2016 UTC ()
Updated curl to 7.52.0. Security fixes.

Version 7.52.0 (20 Dec 2016)

Changes:

    nss: map CURL_SSLVERSION_DEFAULT to NSS default
    vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3
    curl: introduce the --tlsv1.3 option to force TLS 1.3
    curl: Add --retry-connrefused
    proxy: Support HTTPS proxy and SOCKS+HTTP(s)
    add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}
    curl: add --fail-early

Bugfixes:

    CVE-2016-9586: printf floating point buffer overflow
    CVE-2016-9952: Win CE schannel cert wildcard matches too much
    CVE-2016-9953: Win CE schannel cert name out of buffer read
    msvc: removed a straggling reference to strequal.c
    winbuild: remove strcase.obj from curl build
    examples: bugfixed multi-uv.c
    configure: verify that compiler groks -Werror=partial-availability
    mbedtls: fix build with mbedtls versions < 2.4.0
    dist: add unit test CMakeLists.txt to the tarball
    curl -w: added more decimal digits to timing counters
    easy: Initialize info variables on easy init and duphandle
    cmake: disable poll for macOS
    http2: Don't send header fields prohibited by HTTP/2 spec
    ssh: check md5 fingerprints case insensitively (regression)
    openssl: initial TLS 1.3 adaptions
    curl_formadd.3: *_FILECONTENT and *_FILE need the file to be kept
    printf: fix ".*f" handling
    examples/fileupload.c: fclose the file as well
    SPNEGO: Fix memory leak when authentication fails
    realloc: use Curl_saferealloc to avoid common mistakes
    openssl: make sure to fail in the unlikely event that PRNG seeding fails
    URL-parser: for file://[host]/ URLs, the [host] must be localhost
    timeval: prefer time_t to hold seconds instead of long
    Curl_rand: fixed and moved to rand.c
    glob: fix [a-c] globbing regression
    darwinssl: fix SSL client certificate not found on MacOS Sierra
    curl.1: Clarify --dump-header only writes received headers
    http2: Fix address sanitizer memcpy warning
    http2: Use huge HTTP/2 windows
    connects: Don't mix unix domain sockets with regular ones
    url: Fix conn reuse for local ports and interfaces
    x509: Limit ASN.1 structure sizes to 256K
    checksrc: add more checks
    winbuild: add config option ENABLE_NGHTTP2
    http2: check nghttp2_session_set_local_window_size exists
    http2: Fix crashes when parent stream gets aborted
    CURLOPT_CONNECT_TO: Skip non-matching "connect-to" entries
    URL parser: reject non-numerical port numbers
    CONNECT: reject TE or CL in 2xx responses
    CONNECT: read responses one byte at a time
    curl: support zero-length argument strings in config files
    openssl: don't use OpenSSL's ERR_PACK
    curl.1: generated with the new man page system
    curl_easy_recv: Improve documentation and example program
    Curl_getconnectinfo: avoid checking if the connection is closed
    CIPHERS.md: attempt to document TLS cipher names


(wiz)
diff -r1.173 -r1.174 pkgsrc/www/curl/Makefile
diff -r1.60 -r1.61 pkgsrc/www/curl/PLIST
diff -r1.124 -r1.125 pkgsrc/www/curl/distinfo
cvs diff -r1.173 -r1.174 pkgsrc/www/curl/Makefile (expand / switch to unified diff)

--- pkgsrc/www/curl/Makefile 2016/11/02 07:09:38 1.173
+++ pkgsrc/www/curl/Makefile 2016/12/21 10:07:37 1.174
@@ -1,16 +1,16 @@ @@ -1,16 +1,16 @@
1# $NetBSD: Makefile,v 1.173 2016/11/02 07:09:38 maya Exp $ 1# $NetBSD: Makefile,v 1.174 2016/12/21 10:07:37 wiz Exp $
2 2
3DISTNAME= curl-7.51.0 3DISTNAME= curl-7.52.0
4CATEGORIES= www 4CATEGORIES= www
5MASTER_SITES= https://curl.haxx.se/download/ 5MASTER_SITES= https://curl.haxx.se/download/
6EXTRACT_SUFX= .tar.bz2 6EXTRACT_SUFX= .tar.bz2
7 7
8MAINTAINER= pkgsrc-users@NetBSD.org 8MAINTAINER= pkgsrc-users@NetBSD.org
9HOMEPAGE= https://curl.haxx.se/ 9HOMEPAGE= https://curl.haxx.se/
10COMMENT= Client that groks URLs 10COMMENT= Client that groks URLs
11# not completely, but near enough 11# not completely, but near enough
12LICENSE= mit 12LICENSE= mit
13 13
14# list it into IPv6-ready packages 14# list it into IPv6-ready packages
15BUILD_DEFS+= IPV6_READY 15BUILD_DEFS+= IPV6_READY
16 16
cvs diff -r1.60 -r1.61 pkgsrc/www/curl/PLIST (expand / switch to unified diff)

--- pkgsrc/www/curl/PLIST 2016/11/02 07:09:38 1.60
+++ pkgsrc/www/curl/PLIST 2016/12/21 10:07:37 1.61
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.60 2016/11/02 07:09:38 maya Exp $ 1@comment $NetBSD: PLIST,v 1.61 2016/12/21 10:07:37 wiz Exp $
2bin/curl 2bin/curl
3bin/curl-config 3bin/curl-config
4include/curl/curl.h 4include/curl/curl.h
5include/curl/curlbuild.h 5include/curl/curlbuild.h
6include/curl/curlrules.h 6include/curl/curlrules.h
7include/curl/curlver.h 7include/curl/curlver.h
8include/curl/easy.h 8include/curl/easy.h
9include/curl/mprintf.h 9include/curl/mprintf.h
10include/curl/multi.h 10include/curl/multi.h
11include/curl/stdcheaders.h 11include/curl/stdcheaders.h
12include/curl/typecheck-gcc.h 12include/curl/typecheck-gcc.h
13lib/libcurl.la 13lib/libcurl.la
14lib/pkgconfig/libcurl.pc 14lib/pkgconfig/libcurl.pc
@@ -30,36 +30,39 @@ man/man3/CURLINFO_HEADER_SIZE.3 @@ -30,36 +30,39 @@ man/man3/CURLINFO_HEADER_SIZE.3
30man/man3/CURLINFO_HTTPAUTH_AVAIL.3 30man/man3/CURLINFO_HTTPAUTH_AVAIL.3
31man/man3/CURLINFO_HTTP_CONNECTCODE.3 31man/man3/CURLINFO_HTTP_CONNECTCODE.3
32man/man3/CURLINFO_HTTP_VERSION.3 32man/man3/CURLINFO_HTTP_VERSION.3
33man/man3/CURLINFO_LASTSOCKET.3 33man/man3/CURLINFO_LASTSOCKET.3
34man/man3/CURLINFO_LOCAL_IP.3 34man/man3/CURLINFO_LOCAL_IP.3
35man/man3/CURLINFO_LOCAL_PORT.3 35man/man3/CURLINFO_LOCAL_PORT.3
36man/man3/CURLINFO_NAMELOOKUP_TIME.3 36man/man3/CURLINFO_NAMELOOKUP_TIME.3
37man/man3/CURLINFO_NUM_CONNECTS.3 37man/man3/CURLINFO_NUM_CONNECTS.3
38man/man3/CURLINFO_OS_ERRNO.3 38man/man3/CURLINFO_OS_ERRNO.3
39man/man3/CURLINFO_PRETRANSFER_TIME.3 39man/man3/CURLINFO_PRETRANSFER_TIME.3
40man/man3/CURLINFO_PRIMARY_IP.3 40man/man3/CURLINFO_PRIMARY_IP.3
41man/man3/CURLINFO_PRIMARY_PORT.3 41man/man3/CURLINFO_PRIMARY_PORT.3
42man/man3/CURLINFO_PRIVATE.3 42man/man3/CURLINFO_PRIVATE.3
 43man/man3/CURLINFO_PROTOCOL.3
43man/man3/CURLINFO_PROXYAUTH_AVAIL.3 44man/man3/CURLINFO_PROXYAUTH_AVAIL.3
 45man/man3/CURLINFO_PROXY_SSL_VERIFYRESULT.3
44man/man3/CURLINFO_REDIRECT_COUNT.3 46man/man3/CURLINFO_REDIRECT_COUNT.3
45man/man3/CURLINFO_REDIRECT_TIME.3 47man/man3/CURLINFO_REDIRECT_TIME.3
46man/man3/CURLINFO_REDIRECT_URL.3 48man/man3/CURLINFO_REDIRECT_URL.3
47man/man3/CURLINFO_REQUEST_SIZE.3 49man/man3/CURLINFO_REQUEST_SIZE.3
48man/man3/CURLINFO_RESPONSE_CODE.3 50man/man3/CURLINFO_RESPONSE_CODE.3
49man/man3/CURLINFO_RTSP_CLIENT_CSEQ.3 51man/man3/CURLINFO_RTSP_CLIENT_CSEQ.3
50man/man3/CURLINFO_RTSP_CSEQ_RECV.3 52man/man3/CURLINFO_RTSP_CSEQ_RECV.3
51man/man3/CURLINFO_RTSP_SERVER_CSEQ.3 53man/man3/CURLINFO_RTSP_SERVER_CSEQ.3
52man/man3/CURLINFO_RTSP_SESSION_ID.3 54man/man3/CURLINFO_RTSP_SESSION_ID.3
 55man/man3/CURLINFO_SCHEME.3
53man/man3/CURLINFO_SIZE_DOWNLOAD.3 56man/man3/CURLINFO_SIZE_DOWNLOAD.3
54man/man3/CURLINFO_SIZE_UPLOAD.3 57man/man3/CURLINFO_SIZE_UPLOAD.3
55man/man3/CURLINFO_SPEED_DOWNLOAD.3 58man/man3/CURLINFO_SPEED_DOWNLOAD.3
56man/man3/CURLINFO_SPEED_UPLOAD.3 59man/man3/CURLINFO_SPEED_UPLOAD.3
57man/man3/CURLINFO_SSL_ENGINES.3 60man/man3/CURLINFO_SSL_ENGINES.3
58man/man3/CURLINFO_SSL_VERIFYRESULT.3 61man/man3/CURLINFO_SSL_VERIFYRESULT.3
59man/man3/CURLINFO_STARTTRANSFER_TIME.3 62man/man3/CURLINFO_STARTTRANSFER_TIME.3
60man/man3/CURLINFO_TLS_SESSION.3 63man/man3/CURLINFO_TLS_SESSION.3
61man/man3/CURLINFO_TLS_SSL_PTR.3 64man/man3/CURLINFO_TLS_SSL_PTR.3
62man/man3/CURLINFO_TOTAL_TIME.3 65man/man3/CURLINFO_TOTAL_TIME.3
63man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 66man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
64man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 67man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
65man/man3/CURLMOPT_MAXCONNECTS.3 68man/man3/CURLMOPT_MAXCONNECTS.3
@@ -190,39 +193,57 @@ man/man3/CURLOPT_OPENSOCKETDATA.3 @@ -190,39 +193,57 @@ man/man3/CURLOPT_OPENSOCKETDATA.3
190man/man3/CURLOPT_OPENSOCKETFUNCTION.3 193man/man3/CURLOPT_OPENSOCKETFUNCTION.3
191man/man3/CURLOPT_PASSWORD.3 194man/man3/CURLOPT_PASSWORD.3
192man/man3/CURLOPT_PATH_AS_IS.3 195man/man3/CURLOPT_PATH_AS_IS.3
193man/man3/CURLOPT_PINNEDPUBLICKEY.3 196man/man3/CURLOPT_PINNEDPUBLICKEY.3
194man/man3/CURLOPT_PIPEWAIT.3 197man/man3/CURLOPT_PIPEWAIT.3
195man/man3/CURLOPT_PORT.3 198man/man3/CURLOPT_PORT.3
196man/man3/CURLOPT_POST.3 199man/man3/CURLOPT_POST.3
197man/man3/CURLOPT_POSTFIELDS.3 200man/man3/CURLOPT_POSTFIELDS.3
198man/man3/CURLOPT_POSTFIELDSIZE.3 201man/man3/CURLOPT_POSTFIELDSIZE.3
199man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3 202man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3
200man/man3/CURLOPT_POSTQUOTE.3 203man/man3/CURLOPT_POSTQUOTE.3
201man/man3/CURLOPT_POSTREDIR.3 204man/man3/CURLOPT_POSTREDIR.3
202man/man3/CURLOPT_PREQUOTE.3 205man/man3/CURLOPT_PREQUOTE.3
 206man/man3/CURLOPT_PRE_PROXY.3
203man/man3/CURLOPT_PRIVATE.3 207man/man3/CURLOPT_PRIVATE.3
204man/man3/CURLOPT_PROGRESSDATA.3 208man/man3/CURLOPT_PROGRESSDATA.3
205man/man3/CURLOPT_PROGRESSFUNCTION.3 209man/man3/CURLOPT_PROGRESSFUNCTION.3
206man/man3/CURLOPT_PROTOCOLS.3 210man/man3/CURLOPT_PROTOCOLS.3
207man/man3/CURLOPT_PROXY.3 211man/man3/CURLOPT_PROXY.3
208man/man3/CURLOPT_PROXYAUTH.3 212man/man3/CURLOPT_PROXYAUTH.3
209man/man3/CURLOPT_PROXYHEADER.3 213man/man3/CURLOPT_PROXYHEADER.3
210man/man3/CURLOPT_PROXYPASSWORD.3 214man/man3/CURLOPT_PROXYPASSWORD.3
211man/man3/CURLOPT_PROXYPORT.3 215man/man3/CURLOPT_PROXYPORT.3
212man/man3/CURLOPT_PROXYTYPE.3 216man/man3/CURLOPT_PROXYTYPE.3
213man/man3/CURLOPT_PROXYUSERNAME.3 217man/man3/CURLOPT_PROXYUSERNAME.3
214man/man3/CURLOPT_PROXYUSERPWD.3 218man/man3/CURLOPT_PROXYUSERPWD.3
 219man/man3/CURLOPT_PROXY_CAINFO.3
 220man/man3/CURLOPT_PROXY_CAPATH.3
 221man/man3/CURLOPT_PROXY_CRLFILE.3
 222man/man3/CURLOPT_PROXY_KEYPASSWD.3
 223man/man3/CURLOPT_PROXY_PINNEDPUBLICKEY.3
215man/man3/CURLOPT_PROXY_SERVICE_NAME.3 224man/man3/CURLOPT_PROXY_SERVICE_NAME.3
 225man/man3/CURLOPT_PROXY_SSLCERT.3
 226man/man3/CURLOPT_PROXY_SSLCERTTYPE.3
 227man/man3/CURLOPT_PROXY_SSLKEY.3
 228man/man3/CURLOPT_PROXY_SSLKEYTYPE.3
 229man/man3/CURLOPT_PROXY_SSLVERSION.3
 230man/man3/CURLOPT_PROXY_SSL_CIPHER_LIST.3
 231man/man3/CURLOPT_PROXY_SSL_OPTIONS.3
 232man/man3/CURLOPT_PROXY_SSL_VERIFYHOST.3
 233man/man3/CURLOPT_PROXY_SSL_VERIFYPEER.3
 234man/man3/CURLOPT_PROXY_TLSAUTH_PASSWORD.3
 235man/man3/CURLOPT_PROXY_TLSAUTH_TYPE.3
 236man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3
216man/man3/CURLOPT_PROXY_TRANSFER_MODE.3 237man/man3/CURLOPT_PROXY_TRANSFER_MODE.3
217man/man3/CURLOPT_PUT.3 238man/man3/CURLOPT_PUT.3
218man/man3/CURLOPT_QUOTE.3 239man/man3/CURLOPT_QUOTE.3
219man/man3/CURLOPT_RANDOM_FILE.3 240man/man3/CURLOPT_RANDOM_FILE.3
220man/man3/CURLOPT_RANGE.3 241man/man3/CURLOPT_RANGE.3
221man/man3/CURLOPT_READDATA.3 242man/man3/CURLOPT_READDATA.3
222man/man3/CURLOPT_READFUNCTION.3 243man/man3/CURLOPT_READFUNCTION.3
223man/man3/CURLOPT_REDIR_PROTOCOLS.3 244man/man3/CURLOPT_REDIR_PROTOCOLS.3
224man/man3/CURLOPT_REFERER.3 245man/man3/CURLOPT_REFERER.3
225man/man3/CURLOPT_RESOLVE.3 246man/man3/CURLOPT_RESOLVE.3
226man/man3/CURLOPT_RESUME_FROM.3 247man/man3/CURLOPT_RESUME_FROM.3
227man/man3/CURLOPT_RESUME_FROM_LARGE.3 248man/man3/CURLOPT_RESUME_FROM_LARGE.3
228man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3 249man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3
cvs diff -r1.124 -r1.125 pkgsrc/www/curl/distinfo (expand / switch to unified diff)

--- pkgsrc/www/curl/distinfo 2016/11/02 07:09:38 1.124
+++ pkgsrc/www/curl/distinfo 2016/12/21 10:07:37 1.125
@@ -1,9 +1,9 @@ @@ -1,9 +1,9 @@
1$NetBSD: distinfo,v 1.124 2016/11/02 07:09:38 maya Exp $ 1$NetBSD: distinfo,v 1.125 2016/12/21 10:07:37 wiz Exp $
2 2
3SHA1 (curl-7.51.0.tar.bz2) = f02a14bbe580d2a8cf3bf45a79d39eb595220ac7 3SHA1 (curl-7.52.0.tar.bz2) = bbf74384097e9af74a1b9a37500bd814cb681c0a
4RMD160 (curl-7.51.0.tar.bz2) = 234ca5a35fb911ad8428799c7186f07ae5df5965 4RMD160 (curl-7.52.0.tar.bz2) = 56038ef34b9837b3b6ea62a51b5f9530517d822d
5SHA512 (curl-7.51.0.tar.bz2) = f4da06a5ea8ef1553130cec9c162ecf51153208106473b52924dc75d57b564ef845347eb252942c138db4b5ccbc17b4fb3d026afc2d1cbec2ee1566046d11cbf 5SHA512 (curl-7.52.0.tar.bz2) = 03b1539bdb9993fa4d4022dabca0ad5f923e6f71120ccbf800cda75e6b7c6da0256555a0cd80e9f121820d6647824ee80f35142409c42084ed8e27e5204b1f9a
6Size (curl-7.51.0.tar.bz2) = 2570046 bytes 6Size (curl-7.52.0.tar.bz2) = 2604185 bytes
7SHA1 (patch-aa) = d79a8d6c15863848f2328553cbc273bbc941f749 7SHA1 (patch-aa) = d79a8d6c15863848f2328553cbc273bbc941f749
8SHA1 (patch-curl-config.in) = d0cc7bb6a5bf0b9257f40dcffce7093cc0098eb7 8SHA1 (patch-curl-config.in) = d0cc7bb6a5bf0b9257f40dcffce7093cc0098eb7
9SHA1 (patch-lib_hostcheck.c) = 8e772d3f91cdafae17281cc19004269ece0cf308 9SHA1 (patch-lib_hostcheck.c) = 8e772d3f91cdafae17281cc19004269ece0cf308