Commits
- Commit:
6b793e59c78e9b48ba9f93d876116a8222eb82b6
- From:
- Sergey Bronnikov <sergeyb@tarantool.org>
- Date:
third_party: update libcurl from 8.7.0 to 8.8.0+patches
The patch updates curl module to the version 8.8.0 [1] plus
a number of commits in a range curl-8_8_0..30de937bda0f because
it includes a fix for a regression [2] caught on the previous bump.
The new version brings a number of functional fixes.
Previous changelog entry has been removed because duplicate
entries about bumps in release changelog confuses end users.
Closes #9612
1. https://curl.se/changes.html#8_8_0
2. https://github.com/curl/curl/issues/13740
NO_DOC=libcurl submodule bump
NO_TEST=libcurl submodule bump
- Commit:
15a6bc8e1353a0278a3ce54c1701380a0ff23538
- From:
- Sergey Bronnikov <sergeyb@tarantool.org>
- Date:
third_party: update libcurl from 8.6.0 to 8.7.1
The patch updates curl module to the version 8.7.1 [1][2] that
brings a number of functional and security fixes, and updates
CMake module for building curl library.
Security fixes:
- CVE-2024-2004: Usage of disabled protocol. (low)
- CVE-2024-2398: HTTP/2 push headers memory-leak. (medium)
- CVE-2024-2379: QUIC certificate check bypass with wolfSSL. (low)
- CVE-2024-2466: TLS certificate check bypass with mbedTLS. (medium)
Changes in CMake module:
- Option `USE_OPENSSL_QUIC` was added and disabled by default [3]
Previous changelog entry has been removed because duplicate
entries about bumps in release changelog confuses end users.
The bump was blocked by a regression in libcurl [4][5].
1. https://curl.se/changes.html#8_7_1
2. https://github.com/curl/curl/compare/curl-8_6_0...curl-8_7_1
3. https://github.com/curl/curl/commit/8e741644a229c3791963b4f5cae1dcfccba842dd
4. https://curl.se/mail/lib-2024-03/0059.html
5. https://github.com/curl/curl/issues/13260
NO_DOC=libcurl submodule bump
NO_TEST=libcurl submodule bump
- Commit:
ce4390285a76d3d95b26b735e1badd1788ec4e29
- From:
- Sergey Bronnikov <sergeyb@tarantool.org>
- Date:
third_party: update libcurl from 8.5.0+patch to 8.6.0
The patch updates curl module to the version 8.6.0 [1][2] that
brings a number of functional fixes, and updates CMake module for
building curl library.
Changes in CMake module:
- Option `ENABLE_CURL_MANUAL` was added and disabled by default [3]
- Option `BUILD_LIBCURL_DOCS` was added and disabled by default [3]
The patch follows up commit 9bdf2bab97d4 ("httpc: fix reading data
in a chunked request") where curl submodule was updated to
a version based on 8.5.0 release with applied patch with fix [4].
Previous changelog entry has been removed because duplicate
entries about bumps in release changelog confuses end users.
This bump was blocked by a regression in libcurl [5].
1. https://curl.se/changes.html#8_6_0
2. https://github.com/curl/curl/compare/curl-8_5_0...curl-8_6_0
3. https://github.com/curl/curl/commit/a808aab06851d4364ab1773c664df3d906a497a9
4. https://github.com/curl/curl/commit/cdd905a9854305657ebbe645095e1189dcda28c7
5. https://github.com/curl/curl/commit/b8c003832d730bb2f4b9de4204675ca5d9f7a903
NO_DOC=libcurl submodule bump
NO_TEST=libcurl submodule bump
- Commit:
6d5f1db5433b61dcca2ef78dbc53ff5d989a1e2a
- From:
- DerekBum <alextruewestern@gmail.com>
- Via:
- Serge Petrenko <35663196+sergepetrenko@users.noreply.github.com>
- Date:
box: feature `tuple:format` to get a format of a tuple
This patch adds `tuple:format()` method to get a format
of a tuple.
Closes #10005
@TarantoolBot document
Title: New `format` method for `box.tuple`
Product: Tarantool
Since: 3.2
The `tuple:format` method returns a format of a tuple.
- Commit:
3d97334fa3e1ea6a94058c73137f115eb2160b3c
- From:
- Sergey Bronnikov <sergeyb@tarantool.org>
- Via:
- Sergey Kaplun <sergey_v_kaplun@mail.ru>
- Date:
test/fuzz: speedup string serialization
- clamp before cleaning string because cleaning is not cheap
(O(n), where max n is equal to kMaxStrLength)
- call cleaning for identifiers only, there is no sense to
cleaning string literals
- replace symbols disallowed by Lua grammar in indentifier's
names with '_'
The patch saves 16 sec on 145k samples (401 sec before the patch
and 385 sec after the patch). It is actually not so much, but it
is about 2.5 min per hour.
NO_CHANGELOG=testing
NO_DOC=testing