Hello community, here is the log from the commit of package perl-Net-SSLeay for openSUSE:Factory checked in at 2019-06-01 09:43:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/perl-Net-SSLeay (Old) and /work/SRC/openSUSE:Factory/.perl-Net-SSLeay.new.5148 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-Net-SSLeay" Sat Jun 1 09:43:23 2019 rev:31 rq:705653 version:1.88 Changes: -------- --- /work/SRC/openSUSE:Factory/perl-Net-SSLeay/perl-Net-SSLeay.changes 2019-03-13 09:09:57.999419333 +0100 +++ /work/SRC/openSUSE:Factory/.perl-Net-SSLeay.new.5148/perl-Net-SSLeay.changes 2019-06-01 09:43:24.807448958 +0200 @@ -1,0 +2,133 @@ +Mon May 27 11:29:57 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonza...@suse.com> + +- Update to 1.88 + 1.88 2019-05-10 + - New stable release incorporating all changes from developer + releases 1.86_01 to 1.86_11. + - From this release, Net-SSLeay is switching to an "odd/even" + developer/stable release version numbering system, like that of + many core modules (e.g. ExtUtils::MakeMaker): developer releases + will have an odd minor version number (and the usual "_xx" suffix), + and stable releases will have an even minor version number. This + means there is no Net-SSLeay 1.87. + - Summary of major changes since version 1.85: + - Mike McCauley has stepped down as maintainer. The new maintainers + are Chris Novakovic, Heikki Vatiainen and Tuure Vartiainen. + - The source code has moved from the now-defunct Debian Subversion + server (alioth.debian.org) to GitHub + (https://github.com/radiator-software/p5-net-ssleay). + - Net-SSLeay is provided under the terms of the Artistic License + 2.0 - this has been the case since version 1.66, but references + to other licenses remained in the source code, causing ambiguity. + - Perl 5.8.1 or newer is now required to use Net-SSLeay. This has + already been the case for some time in practice, as the test + suite hasn't fully passed on Perl 5.6 for several years. + - Much-improved compatibility with OpenSSL 1.1.1, and improved + support for TLS 1.3. + - Fixed a long-standing bug in cb_data_advanced_put() that caused + memory leaks when callbacks were frequently added and removed. + - Support in the test suite for "hardened" OpenSSL configurations + that set a default security level of 2 or higher (e.g., in the + OpenSSL packages that ship with recent versions of Debian, Fedora + and Ubuntu). + + 1.86_11 2019-05-08 + - Clarified Net-SSLeay's licensing terms: the module distribution has + been released under the terms of the Artistic License 2.0 since + version 1.66; references to other licenses have been removed. Fixes + RT#106314. Thanks to Kent Fredric for pointing out the ambiguity. + - Replace the HTTPS hosts in the external tests (some of which were + no longer online) with more resilient ones. Closes issue #26. + + 1.86_10 2019-05-04 + - Use locally-generated certificate chain in local tests rather + than the Twitter one, which changes regularly and breaks the + test suite unnecessarily. Fixes RT#129201. Thanks to Petr Písař + for the report and patch, and Steffen Ullrich for an alternative + patch suggestion. + - In t/local/09_ctx_new.t, rather than checking that the functions + (CTX_)get_min_proto_version and (CTX_)get_max_proto_version return + 0x0000 (indicating the lowest and highest versions supported by + libssl respectively, which is not the case if a run-time + configuration is enforcing a different minimum or maximum), just + check whether the returned value is one of those mentioned on the + SSL_CTX_set_min_proto_version(3) man page. Partially fixes + RT#128025. Thanks to Slaven Rezić and Dmytro Zagashev for the + downstream reports. + - Move from 1024-bit keys/certificates to 2048-bit keys/certificates + across the entire test suite. This removes the need to manually + set the security level to 1 in tests that used the old keys, and + fixes large numbers of test failures on modern Linux distributions + that set the minimum OpenSSL security level to 2. Fixes RT#126270 + and the remainder of RT#128025. Thanks to Petr Písař and Slaven + Rezić for the downstream reports. + - In t/local/06_tcpecho.t and t/local/07_sslecho.t, connect to + 127.0.0.1 instead of localhost. This fixes these tests when + executed inside a network sandbox that disrupts the behaviour of + gethostbyname(). Fixes RT#128207. Thanks to Kent Fredric for the + downstream report. + + 1.86_09 2019-03-12 + - Add missing files to MANIFEST that prevented tests from passing + when installing from the 1.86_08 release tarball. + + 1.86_08 2019-03-12 + - Add and fix functions needed to properly implement client + side session reuse for TLS 1.3 with using + CTX_sess_set_new_cb. Newly exposed functions: + SSL_SESSION_dup and SSL_SESSION_up_ref. + Fixed functions: i2d_SSL_SESSION and d2i_SSL_SESSION. + Thanks to Steffen Ullrich. + - Add functions functions to allow reading multiple pems from + file and creating untrusted chain: These functions allow you + to: + - Read in a PEM file with multiple certificates as a + STACK_OF(X509_INFO) + - Determine the size of the STACK_OF(X509_INFO) and value at + an index, which allows you to loop over the stack. + - Retrieve the X509 structure from each X509_INFO structure + in the stack. + Then you can create a new STACK_OF(X509) and push the X509 + structures onto the new stack. You can then pass this + STACK_OF(X509) to X509_STORE_CTX_init which will allow you + to add additional untrusted certificates to the chain for + verification. Exposed functions are: + PEM_X509_INFO_read_bio + sk_X509_INFO_num + sk_X509_INFO_value + sk_X509_INFO_free + sk_X509_new_null + sk_X509_free + sk_X509_push + New function implemented by Net::SSLeay: + P_X509_INFO_get_x509 + Thanks to Marc Reisner. + - Add functions and constants that are necessary to verify a + certificate using a hash directory outside of an SSL/TLS + connection. Newly exposed functions: + X509_STORE_CTX_init + X509_STORE_CTX_free + X509_STORE_new + X509_STORE_free + X509_STORE_add_lookup + X509_LOOKUP_hash_dir + X509_LOOKUP_add_dir + Newly exposed constants: + X509_FILETYPE_ASN1 + X509_FILETYPE_DEFAULT + X509_FILETYPE_PEM + Thanks to Marc Reisner. + - Declare n_a in ssleay_set_psk_client_callback_invoke and + ssleay_ctx_set_psk_client_callback_invoke to avoid a compilation + error with Perl versions below 5.8.8. Fixes RT#128030. Thanks to + Graham Ollis for the report. + - Add X509_get0_serialNumber. Thanks to Marc Reisner. + - Enable Travis CI for LibreSSL 2.2.1, 2.7.5, 2.8.3 and 2.9.0 + on Perl 5.20 and more recent. + - Expose the following functions for curve and group selection: + - CTX_set_ecdh_auto, set_ecdh_auto + - CTX_set1_curves_list, set1_curves_list + - CTX_set1_groups_list, set1_groups_list + Thanks to Steffen Ullrich. + +------------------------------------------------------------------- Old: ---- Net-SSLeay-1.86_07.tar.gz New: ---- Net-SSLeay-1.88.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-Net-SSLeay.spec ++++++ --- /var/tmp/diff_new_pack.BXZ8Jp/_old 2019-06-01 09:43:25.211448820 +0200 +++ /var/tmp/diff_new_pack.BXZ8Jp/_new 2019-06-01 09:43:25.211448820 +0200 @@ -18,14 +18,13 @@ %define cpan_name Net-SSLeay Name: perl-Net-SSLeay -Version: 1.86_07 +Version: 1.88 Release: 0 Summary: Perl extension for using OpenSSL License: Artistic-2.0 Group: Development/Libraries/Perl -URL: http://search.cpan.org/dist/Net-SSLeay/ -#Source: http://www.cpan.org/modules/by-module/Net/Net-SSLeay-%{version}.tar.gz -Source: https://cpan.metacpan.org/authors/id/R/RA/RADIATOR/%{cpan_name}-%{version}.tar.gz +URL: https://metacpan.org/release/%{cpan_name} +Source0: https://cpan.metacpan.org/authors/id/C/CH/CHRISN/%{cpan_name}-%{version}.tar.gz BuildRequires: libopenssl-devel BuildRequires: openssl BuildRequires: perl ++++++ Net-SSLeay-1.86_07.tar.gz -> Net-SSLeay-1.88.tar.gz ++++++ ++++ 4583 lines of diff (skipped)