Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20211221
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apache2 (2.4.51 -> 2.4.52)
apache2-manual (2.4.51 -> 2.4.52)
apache2-mod_php7 (7.4.26 -> 7.4.27)
apache2-prefork (2.4.51 -> 2.4.52)
apache2-utils (2.4.51 -> 2.4.52)
cantarell-fonts (0.301 -> 0.303.1)
epiphany (41.2 -> 41.3)
fwupd (1.6.4 -> 1.7.3)
gnome-shell
harfbuzz (3.1.1 -> 3.2.0)
libinput (1.19.2 -> 1.19.3)
libqt5-qtwayland (5.15.2+kde34 -> 5.15.2+kde37)
librsvg (2.52.4 -> 2.52.5)
libstorage-ng (4.4.66 -> 4.4.68)
live555 (2021.11.23 -> 2021.12.18)
mutter
openvpn (2.5.4 -> 2.5.5)
php7 (7.4.26 -> 7.4.27)
python-chardet
remmina (1.4.22 -> 1.4.23)
squid (5.2 -> 5.3)
suse-module-tools (16.0.16 -> 16.0.17)
xxhash
yast2 (4.4.30 -> 4.4.31)
yast2-storage-ng (4.4.27 -> 4.4.28)
=== Details ===
==== apache2 ====
Version update (2.4.51 -> 2.4.52)
- version update to 2.4.52:
* fix CVE-2021-44224: NULL dereference or SSRF in forward proxy
configurations [boo#1193943]
* fix CVE-2021-44790: buffer overflow when parsing multipart
content in mod_lua [boo#1193942]
* ) http: Enforce that fully qualified uri-paths not to be forward-proxied
have an http(s) scheme, and that the ones to be forward proxied have a
hostname, per HTTP specifications.
* ) OpenSSL autoconf detection improvement: pick up openssl.pc in the
already sent it to the client.
* ) mod_http: Correctly sent a 100 Continue status code when sending an interim
response as result of an Expect: 100-Continue in the request and not the
current status code of the request
* ) mod_dav: Some DAV extensions, like CalDAV, specify both document
elements and property elements that need to be taken into account
when generating a property. The document element and property element
are made available in the dav_liveprop_elem structure by calling
dav_get_liveprop_element()
* ) mod_dav: Add utility functions dav_validate_root_ns(),
dav_find_child_ns(), dav_find_next_ns(), dav_find_attr_ns() and
dav_find_attr() so that other modules get to play too.
* ) mpm_event: Restart stopping of idle children after a load peak
* ) mod_http2: fixes 2 regressions in server limit handling.
1. When reaching server limits, such as MaxRequestsPerChild, the
HTTP/2 connection send a GOAWAY frame much too early on new
connections, leading to invalid protocol state and a client
failing the request
The module now initializes the HTTP/2 protocol correctly and
allows the client to submit one request before the shutdown
via a GOAWAY frame is being announced.
2. A regression in v1.15.24 was fixed that could lead to httpd
child processes not being terminated on a graceful reload or
when reaching MaxConnectionsPerChild. When unprocessed h2
requests were queued at the time, these could stall.
See https://github.com/icing/mod_h2/issues/212.
* ) mod_ssl: Add build support for OpenSSL v3
* ) mod_proxy_connect: Honor the smallest of the backend or client timeout
while tunneling
* ) mod_proxy: SetEnv proxy-nohalfclose (or alike) allows to disable TCP
half-close forwarding when tunneling protocols
* ) core: Be safe with ap_lingering_close() called with a socket NULL-ed by
a third-party module. PR 65627.
* ) mod_md: Fix memory leak in case of failures to load the private key.
* ) mod_md: adding v2.4.8 with the following changes
- Added support for ACME External Account Binding (EAB).
Use the new directive `MDExternalAccountBinding` to provide the
server with the value for key identifier and hmac as provided by
your CA.
While working on some servers, EAB handling is not uniform
across CAs. First tests with a Sectigo Certificate Manager in
demo mode are successful. But ZeroSSL, for example, seems to
regard EAB values as a one-time-use-only thing, which makes them
fail if you create a seconde account or retry the creation of the
first account with the same EAB.
- The directive 'MDCertificateAuthority' now checks if its parameter
is a http/https url or one of a set of known names. Those are
'LetsEncrypt', 'LetsEncrypt-Test', 'Buypass' and 'Buypass-Test'
for now and they are not case-sensitive.
The default of LetsEncrypt is unchanged.
- `MDContactEmail` can now be specified inside a `<MDomain dnsname>`
section.
- Treating 401 HTTP status codes for orders like 403, since some ACME
servers seem to prefer that for accessing oders from other accounts.
- When retrieving certificate chains, try to read the repsonse even
if the HTTP Content-Type is unrecognized.
- Fixed a bug that reset the error counter of a certificate renewal
and prevented the increasing delays in further attempts.
- Fixed the renewal process giving up every time on an already existing
order with some invalid domains. Now, if such are seen in a previous
order, a new order is created for a clean start over again.
See https://github.com/icing/mod_md/issues/268
- Fixed a mixup in md-status handler when static certificate files
and renewal was configured at the same time.
* ) mod_md: values for External Account Binding (EAB) can
now also be configured to be read from a separate JSON
file. This allows to keep server configuration permissions
world readable without exposing secrets.
* ) mod_proxy_uwsgi: Remove duplicate slashes at the beginning of PATH_INFO.
==== apache2-manual ====
Version update (2.4.51 -> 2.4.52)
- version update to 2.4.52:
* fix CVE-2021-44224: NULL dereference or SSRF in forward proxy
configurations [boo#1193943]
* fix CVE-2021-44790: buffer overflow when parsing multipart
content in mod_lua [boo#1193942]
* ) http: Enforce that fully qualified uri-paths not to be forward-proxied
have an http(s) scheme, and that the ones to be forward proxied have a
hostname, per HTTP specifications.
* ) OpenSSL autoconf detection improvement: pick up openssl.pc in the
already sent it to the client.
* ) mod_http: Correctly sent a 100 Continue status code when sending an interim
response as result of an Expect: 100-Continue in the request and not the
current status code of the request
* ) mod_dav: Some DAV extensions, like CalDAV, specify both document
elements and property elements that need to be taken into account
when generating a property. The document element and property element
are made available in the dav_liveprop_elem structure by calling
dav_get_liveprop_element()
* ) mod_dav: Add utility functions dav_validate_root_ns(),
dav_find_child_ns(), dav_find_next_ns(), dav_find_attr_ns() and
dav_find_attr() so that other modules get to play too.
* ) mpm_event: Restart stopping of idle children after a load peak
* ) mod_http2: fixes 2 regressions in server limit handling.
1. When reaching server limits, such as MaxRequestsPerChild, the
HTTP/2 connection send a GOAWAY frame much too early on new
connections, leading to invalid protocol state and a client
failing the request
The module now initializes the HTTP/2 protocol correctly and
allows the client to submit one request before the shutdown
via a GOAWAY frame is being announced.
2. A regression in v1.15.24 was fixed that could lead to httpd
child processes not being terminated on a graceful reload or
when reaching MaxConnectionsPerChild. When unprocessed h2
requests were queued at the time, these could stall.
See https://github.com/icing/mod_h2/issues/212.
* ) mod_ssl: Add build support for OpenSSL v3
* ) mod_proxy_connect: Honor the smallest of the backend or client timeout
while tunneling
* ) mod_proxy: SetEnv proxy-nohalfclose (or alike) allows to disable TCP
half-close forwarding when tunneling protocols
* ) core: Be safe with ap_lingering_close() called with a socket NULL-ed by
a third-party module. PR 65627.
* ) mod_md: Fix memory leak in case of failures to load the private key.
* ) mod_md: adding v2.4.8 with the following changes
- Added support for ACME External Account Binding (EAB).
Use the new directive `MDExternalAccountBinding` to provide the
server with the value for key identifier and hmac as provided by
your CA.
While working on some servers, EAB handling is not uniform
across CAs. First tests with a Sectigo Certificate Manager in
demo mode are successful. But ZeroSSL, for example, seems to
regard EAB values as a one-time-use-only thing, which makes them
fail if you create a seconde account or retry the creation of the
first account with the same EAB.
- The directive 'MDCertificateAuthority' now checks if its parameter
is a http/https url or one of a set of known names. Those are
'LetsEncrypt', 'LetsEncrypt-Test', 'Buypass' and 'Buypass-Test'
for now and they are not case-sensitive.
The default of LetsEncrypt is unchanged.
- `MDContactEmail` can now be specified inside a `<MDomain dnsname>`
section.
- Treating 401 HTTP status codes for orders like 403, since some ACME
servers seem to prefer that for accessing oders from other accounts.
- When retrieving certificate chains, try to read the repsonse even
if the HTTP Content-Type is unrecognized.
- Fixed a bug that reset the error counter of a certificate renewal
and prevented the increasing delays in further attempts.
- Fixed the renewal process giving up every time on an already existing
order with some invalid domains. Now, if such are seen in a previous
order, a new order is created for a clean start over again.
See https://github.com/icing/mod_md/issues/268
- Fixed a mixup in md-status handler when static certificate files
and renewal was configured at the same time.
* ) mod_md: values for External Account Binding (EAB) can
now also be configured to be read from a separate JSON
file. This allows to keep server configuration permissions
world readable without exposing secrets.
* ) mod_proxy_uwsgi: Remove duplicate slashes at the beginning of PATH_INFO.
==== apache2-mod_php7 ====
Version update (7.4.26 -> 7.4.27)
- updated to 7.4.27: This is a bug fix release. See
https://www.php.net/ChangeLog-7.php#7.4.27
==== apache2-prefork ====
Version update (2.4.51 -> 2.4.52)
- version update to 2.4.52:
* fix CVE-2021-44224: NULL dereference or SSRF in forward proxy
configurations [boo#1193943]
* fix CVE-2021-44790: buffer overflow when parsing multipart
content in mod_lua [boo#1193942]
* ) http: Enforce that fully qualified uri-paths not to be forward-proxied
have an http(s) scheme, and that the ones to be forward proxied have a
hostname, per HTTP specifications.
* ) OpenSSL autoconf detection improvement: pick up openssl.pc in the
already sent it to the client.
* ) mod_http: Correctly sent a 100 Continue status code when sending an interim
response as result of an Expect: 100-Continue in the request and not the
current status code of the request
* ) mod_dav: Some DAV extensions, like CalDAV, specify both document
elements and property elements that need to be taken into account
when generating a property. The document element and property element
are made available in the dav_liveprop_elem structure by calling
dav_get_liveprop_element()
* ) mod_dav: Add utility functions dav_validate_root_ns(),
dav_find_child_ns(), dav_find_next_ns(), dav_find_attr_ns() and
dav_find_attr() so that other modules get to play too.
* ) mpm_event: Restart stopping of idle children after a load peak
* ) mod_http2: fixes 2 regressions in server limit handling.
1. When reaching server limits, such as MaxRequestsPerChild, the
HTTP/2 connection send a GOAWAY frame much too early on new
connections, leading to invalid protocol state and a client
failing the request
The module now initializes the HTTP/2 protocol correctly and
allows the client to submit one request before the shutdown
via a GOAWAY frame is being announced.
2. A regression in v1.15.24 was fixed that could lead to httpd
child processes not being terminated on a graceful reload or
when reaching MaxConnectionsPerChild. When unprocessed h2
requests were queued at the time, these could stall.
See https://github.com/icing/mod_h2/issues/212.
* ) mod_ssl: Add build support for OpenSSL v3
* ) mod_proxy_connect: Honor the smallest of the backend or client timeout
while tunneling
* ) mod_proxy: SetEnv proxy-nohalfclose (or alike) allows to disable TCP
half-close forwarding when tunneling protocols
* ) core: Be safe with ap_lingering_close() called with a socket NULL-ed by
a third-party module. PR 65627.
* ) mod_md: Fix memory leak in case of failures to load the private key.
* ) mod_md: adding v2.4.8 with the following changes
- Added support for ACME External Account Binding (EAB).
Use the new directive `MDExternalAccountBinding` to provide the
server with the value for key identifier and hmac as provided by
your CA.
While working on some servers, EAB handling is not uniform
across CAs. First tests with a Sectigo Certificate Manager in
demo mode are successful. But ZeroSSL, for example, seems to
regard EAB values as a one-time-use-only thing, which makes them
fail if you create a seconde account or retry the creation of the
first account with the same EAB.
- The directive 'MDCertificateAuthority' now checks if its parameter
is a http/https url or one of a set of known names. Those are
'LetsEncrypt', 'LetsEncrypt-Test', 'Buypass' and 'Buypass-Test'
for now and they are not case-sensitive.
The default of LetsEncrypt is unchanged.
- `MDContactEmail` can now be specified inside a `<MDomain dnsname>`
section.
- Treating 401 HTTP status codes for orders like 403, since some ACME
servers seem to prefer that for accessing oders from other accounts.
- When retrieving certificate chains, try to read the repsonse even
if the HTTP Content-Type is unrecognized.
- Fixed a bug that reset the error counter of a certificate renewal
and prevented the increasing delays in further attempts.
- Fixed the renewal process giving up every time on an already existing
order with some invalid domains. Now, if such are seen in a previous
order, a new order is created for a clean start over again.
See https://github.com/icing/mod_md/issues/268
- Fixed a mixup in md-status handler when static certificate files
and renewal was configured at the same time.
* ) mod_md: values for External Account Binding (EAB) can
now also be configured to be read from a separate JSON
file. This allows to keep server configuration permissions
world readable without exposing secrets.
* ) mod_proxy_uwsgi: Remove duplicate slashes at the beginning of PATH_INFO.
==== apache2-utils ====
Version update (2.4.51 -> 2.4.52)
- version update to 2.4.52:
* fix CVE-2021-44224: NULL dereference or SSRF in forward proxy
configurations [boo#1193943]
* fix CVE-2021-44790: buffer overflow when parsing multipart
content in mod_lua [boo#1193942]
* ) http: Enforce that fully qualified uri-paths not to be forward-proxied
have an http(s) scheme, and that the ones to be forward proxied have a
hostname, per HTTP specifications.
* ) OpenSSL autoconf detection improvement: pick up openssl.pc in the
already sent it to the client.
* ) mod_http: Correctly sent a 100 Continue status code when sending an interim
response as result of an Expect: 100-Continue in the request and not the
current status code of the request
* ) mod_dav: Some DAV extensions, like CalDAV, specify both document
elements and property elements that need to be taken into account
when generating a property. The document element and property element
are made available in the dav_liveprop_elem structure by calling
dav_get_liveprop_element()
* ) mod_dav: Add utility functions dav_validate_root_ns(),
dav_find_child_ns(), dav_find_next_ns(), dav_find_attr_ns() and
dav_find_attr() so that other modules get to play too.
* ) mpm_event: Restart stopping of idle children after a load peak
* ) mod_http2: fixes 2 regressions in server limit handling.
1. When reaching server limits, such as MaxRequestsPerChild, the
HTTP/2 connection send a GOAWAY frame much too early on new
connections, leading to invalid protocol state and a client
failing the request
The module now initializes the HTTP/2 protocol correctly and
allows the client to submit one request before the shutdown
via a GOAWAY frame is being announced.
2. A regression in v1.15.24 was fixed that could lead to httpd
child processes not being terminated on a graceful reload or
when reaching MaxConnectionsPerChild. When unprocessed h2
requests were queued at the time, these could stall.
See https://github.com/icing/mod_h2/issues/212.
* ) mod_ssl: Add build support for OpenSSL v3
* ) mod_proxy_connect: Honor the smallest of the backend or client timeout
while tunneling
* ) mod_proxy: SetEnv proxy-nohalfclose (or alike) allows to disable TCP
half-close forwarding when tunneling protocols
* ) core: Be safe with ap_lingering_close() called with a socket NULL-ed by
a third-party module. PR 65627.
* ) mod_md: Fix memory leak in case of failures to load the private key.
* ) mod_md: adding v2.4.8 with the following changes
- Added support for ACME External Account Binding (EAB).
Use the new directive `MDExternalAccountBinding` to provide the
server with the value for key identifier and hmac as provided by
your CA.
While working on some servers, EAB handling is not uniform
across CAs. First tests with a Sectigo Certificate Manager in
demo mode are successful. But ZeroSSL, for example, seems to
regard EAB values as a one-time-use-only thing, which makes them
fail if you create a seconde account or retry the creation of the
first account with the same EAB.
- The directive 'MDCertificateAuthority' now checks if its parameter
is a http/https url or one of a set of known names. Those are
'LetsEncrypt', 'LetsEncrypt-Test', 'Buypass' and 'Buypass-Test'
for now and they are not case-sensitive.
The default of LetsEncrypt is unchanged.
- `MDContactEmail` can now be specified inside a `<MDomain dnsname>`
section.
- Treating 401 HTTP status codes for orders like 403, since some ACME
servers seem to prefer that for accessing oders from other accounts.
- When retrieving certificate chains, try to read the repsonse even
if the HTTP Content-Type is unrecognized.
- Fixed a bug that reset the error counter of a certificate renewal
and prevented the increasing delays in further attempts.
- Fixed the renewal process giving up every time on an already existing
order with some invalid domains. Now, if such are seen in a previous
order, a new order is created for a clean start over again.
See https://github.com/icing/mod_md/issues/268
- Fixed a mixup in md-status handler when static certificate files
and renewal was configured at the same time.
* ) mod_md: values for External Account Binding (EAB) can
now also be configured to be read from a separate JSON
file. This allows to keep server configuration permissions
world readable without exposing secrets.
* ) mod_proxy_uwsgi: Remove duplicate slashes at the beginning of PATH_INFO.
==== cantarell-fonts ====
Version update (0.301 -> 0.303.1)
- Update to version 0.303.1:
+ Add missing font.
- Changes from version 0.303:
+ Actually update the version number in the fonts.
- Changes from version 0.302:
+ Maintenance release: Make the variable font the default, only
build statics on demand. Also build two packages with variable
and static fonts. Packagers can chose the statics package if
they run into problems with the variable font, but you should
probably not install both at the same time.
+ Amended OS/2 super- and subscript values so that new Pango can
use them properly.
+ Update production names for Jacute, bulletoperator,
commercialMinusSign, divisionslash, notidentical,
ringcomb_acutecomb and ringcomb_acutecomb.case.
+ Updated appstream translations.
==== epiphany ====
Version update (41.2 -> 41.3)
Subpackages: epiphany-lang gnome-shell-search-provider-epiphany
- Update to version 41.3:
+ Fix Reload buttons on error pages.
+ Fix delete button in about:applications.
==== fwupd ====
Version update (1.6.4 -> 1.7.3)
Subpackages: fwupd-lang libfwupd2 typelib-1_0-Fwupd-2_0
- Update to version 1.7.3:
* This release adds the following features:
+ Add a sync-bkc subcommand to ensure a known set of firmware
versions
+ Add FuArchiveFirmware for plugins that use archives as
firmware files
+ Add quirkable page and sector size properties to FuCfiDevice
+ Make Upower and powerd support optional
* This release fixes the following bugs:
+ Add some sanity checks to the elanfp firmware parser
+ Add the CFI JEDEC instance ID if using the vendor-extended
version
+ Check the value range when parsing the quirk keys
+ Do not wait for a USB runtime if will-disappear is set
+ Enable the MOTD integration when using pam_motd
+ Fix DFU regression when merging the FuProgress work
+ Fix running the tests when fwupd is not installed
+ Fix the GLib error message when inotify max_user_instances is
too low
+ Fix VLI VL820Q7 detection to fix flashing of the Lenovo TBT3
dock
+ Ignore a USB error for STM32 attach when the device goes away
+ Make the HSI tests optional for embedded targets
+ Make the plugin startup order deterministic
+ Set Thunderbolt ports offline on host controller
+ Use endian-safe version functions when enumerating Logitech
hardware
+ Use lowercase flag names in intel-spi to prevent a runtime
warning
+ Wait for the System76 Launch device to come back from DFU
mode
* This release adds support for the following hardware:
+ Most Nordic Semiconductor nRF Secure devices
- Fix build when not on TW: add BR protobuf-c
- Fix build issue in spec
(references to libfwupdplugin2 -> libfwupdplugin5)
==== gnome-shell ====
Subpackages: gnome-extensions gnome-shell-calendar gnome-shell-lang
- Add gnome-shell-exit-crash-workaround.patch:
+ Backport from Ubuntu, This is a workaround to maintain a clean
environment for gnome-shell and particularly JavaScript/GJS to
shutdown without crashing.
+ Proper fixes are still pending
https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1759
https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/648
(bsc#1190878 glgo#GNOME/gnome-shell#4344).
==== harfbuzz ====
Version update (3.1.1 -> 3.2.0)
Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 libharfbuzz0-32bit typelib-1_0-HarfBuzz-0_0
- Update to 3.2.0:
+ Fixed shaping of Apple Color Emoji flags in right-to-left context
+ Fixed positioning of CFF fonts in HB_TINY profile
+ OpenType 1.9 language tags update
+ Add HB_NO_VERTICAL config option
+ Add HB_CONFIG_OVERRIDE_H for easier configuration
+ Improved packing of cmap, loca, and Ligature tables
+ Significantly improved overflow-resolution strategy in the repacker
- Update to 3.1.2:
+ hb-shape / hb-view: revert treating text on the commandline as
single paragraph (was introduced in 3.0.0); add new
- -single-par to do that
+ Subsetter bug fixes
==== libinput ====
Version update (1.19.2 -> 1.19.3)
Subpackages: libinput-udev libinput10
- Update to release 1.19.3
* quirks: add ModelBouncingKeys for A4Tech X-710BK Mouse
* quirks: Dell 15R touchpad settings for firmware v3
* quirks: change touchpad pressure on Lenovo Yoga 2 Pro
* gestures: cancel hold gestures on thumb detection
==== libqt5-qtwayland ====
Version update (5.15.2+kde34 -> 5.15.2+kde37)
Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5
- Update to version 5.15.2+kde37:
* Fix backport, context destruction was omitted
* Client: do not empty clipboard when a new popup/window is opened
* Wayland client: use wl_keyboard to determine active state
- Add patch to fix crashes triggered by unintentional actions when
showing a window (kde#421700):
* 0001-Client-Avoid-processing-of-events-when-showing-windo.patch
==== librsvg ====
Version update (2.52.4 -> 2.52.5)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0
- Update to version 2.52.5:
+ Fix mangled output in rsvg-convert when redirecting output to
a pipe on Windows.
+ When outputting to SVG, rsvg-convert now uses the width/height
units specified in the command line; it always used pixels
before.
+ Fix incorrect top/left margins for SVG/PS/EPS/PDF output.
+ Fix incorrect placement of glyphs when text has non-uniform
scaling in the X/Y axes. This is not a librsvg bug, but is
fixed by Pango 1.49.3 and later. Hopefully Pango 1.48.11 will
be released soon with this fix as well. Note that this release
of librsvg cannot increase the minimum Pango version to 1.48.11
because it is not released yet.
+ Miscellaneous: Updated crate dependencies: assert_cmd, cast,
clap cssparser, float-cmp, itertools, nalgebra, png, proptest,
rctree, selectors, system-deps.
==== libstorage-ng ====
Version update (4.4.66 -> 4.4.68)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#851
- updated pot and po files
- 4.4.68
- merge gh#openSUSE/libstorage-ng#850
- extended callbacks for probing problems
- 4.4.67
==== live555 ====
Version update (2021.11.23 -> 2021.12.18)
Subpackages: libBasicUsageEnvironment1 libUsageEnvironment3 libgroupsock30 libliveMedia102
- Update to version 2021.12.18:
+ Fixed a bug in the way that "RTSPClient" handles its two
separate TCP connections when it does RTSP-over-HTTP.
+ Updated "RTPInterface::sendDataOverTCP()" so that if it's
necessary to do a blocking send(), we call
"makeSocketNonBlocking()" immediately after the call to
"send()".
+ Performed the annual update of the copyright years near the
start of each file.
- update to 2021.12.07:
- Added #ifndef NO_OPENSSL/#endif around "#include