Hello community,
here is the log from the commit of package perl-Net-SSLeay for openSUSE:Factory checked in at 2019-06-01 09:43:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-Net-SSLeay (Old)
and /work/SRC/openSUSE:Factory/.perl-Net-SSLeay.new.5148 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-Net-SSLeay"
Sat Jun 1 09:43:23 2019 rev:31 rq:705653 version:1.88
Changes:
--------
--- /work/SRC/openSUSE:Factory/perl-Net-SSLeay/perl-Net-SSLeay.changes 2019-03-13 09:09:57.999419333 +0100
+++ /work/SRC/openSUSE:Factory/.perl-Net-SSLeay.new.5148/perl-Net-SSLeay.changes 2019-06-01 09:43:24.807448958 +0200
@@ -1,0 +2,133 @@
+Mon May 27 11:29:57 UTC 2019 - Pedro Monreal Gonzalez
+
+- Update to 1.88
+ 1.88 2019-05-10
+ - New stable release incorporating all changes from developer
+ releases 1.86_01 to 1.86_11.
+ - From this release, Net-SSLeay is switching to an "odd/even"
+ developer/stable release version numbering system, like that of
+ many core modules (e.g. ExtUtils::MakeMaker): developer releases
+ will have an odd minor version number (and the usual "_xx" suffix),
+ and stable releases will have an even minor version number. This
+ means there is no Net-SSLeay 1.87.
+ - Summary of major changes since version 1.85:
+ - Mike McCauley has stepped down as maintainer. The new maintainers
+ are Chris Novakovic, Heikki Vatiainen and Tuure Vartiainen.
+ - The source code has moved from the now-defunct Debian Subversion
+ server (alioth.debian.org) to GitHub
+ (https://github.com/radiator-software/p5-net-ssleay).
+ - Net-SSLeay is provided under the terms of the Artistic License
+ 2.0 - this has been the case since version 1.66, but references
+ to other licenses remained in the source code, causing ambiguity.
+ - Perl 5.8.1 or newer is now required to use Net-SSLeay. This has
+ already been the case for some time in practice, as the test
+ suite hasn't fully passed on Perl 5.6 for several years.
+ - Much-improved compatibility with OpenSSL 1.1.1, and improved
+ support for TLS 1.3.
+ - Fixed a long-standing bug in cb_data_advanced_put() that caused
+ memory leaks when callbacks were frequently added and removed.
+ - Support in the test suite for "hardened" OpenSSL configurations
+ that set a default security level of 2 or higher (e.g., in the
+ OpenSSL packages that ship with recent versions of Debian, Fedora
+ and Ubuntu).
+
+ 1.86_11 2019-05-08
+ - Clarified Net-SSLeay's licensing terms: the module distribution has
+ been released under the terms of the Artistic License 2.0 since
+ version 1.66; references to other licenses have been removed. Fixes
+ RT#106314. Thanks to Kent Fredric for pointing out the ambiguity.
+ - Replace the HTTPS hosts in the external tests (some of which were
+ no longer online) with more resilient ones. Closes issue #26.
+
+ 1.86_10 2019-05-04
+ - Use locally-generated certificate chain in local tests rather
+ than the Twitter one, which changes regularly and breaks the
+ test suite unnecessarily. Fixes RT#129201. Thanks to Petr Písař
+ for the report and patch, and Steffen Ullrich for an alternative
+ patch suggestion.
+ - In t/local/09_ctx_new.t, rather than checking that the functions
+ (CTX_)get_min_proto_version and (CTX_)get_max_proto_version return
+ 0x0000 (indicating the lowest and highest versions supported by
+ libssl respectively, which is not the case if a run-time
+ configuration is enforcing a different minimum or maximum), just
+ check whether the returned value is one of those mentioned on the
+ SSL_CTX_set_min_proto_version(3) man page. Partially fixes
+ RT#128025. Thanks to Slaven Rezić and Dmytro Zagashev for the
+ downstream reports.
+ - Move from 1024-bit keys/certificates to 2048-bit keys/certificates
+ across the entire test suite. This removes the need to manually
+ set the security level to 1 in tests that used the old keys, and
+ fixes large numbers of test failures on modern Linux distributions
+ that set the minimum OpenSSL security level to 2. Fixes RT#126270
+ and the remainder of RT#128025. Thanks to Petr Písař and Slaven
+ Rezić for the downstream reports.
+ - In t/local/06_tcpecho.t and t/local/07_sslecho.t, connect to
+ 127.0.0.1 instead of localhost. This fixes these tests when
+ executed inside a network sandbox that disrupts the behaviour of
+ gethostbyname(). Fixes RT#128207. Thanks to Kent Fredric for the
+ downstream report.
+
+ 1.86_09 2019-03-12
+ - Add missing files to MANIFEST that prevented tests from passing
+ when installing from the 1.86_08 release tarball.
+
+ 1.86_08 2019-03-12
+ - Add and fix functions needed to properly implement client
+ side session reuse for TLS 1.3 with using
+ CTX_sess_set_new_cb. Newly exposed functions:
+ SSL_SESSION_dup and SSL_SESSION_up_ref.
+ Fixed functions: i2d_SSL_SESSION and d2i_SSL_SESSION.
+ Thanks to Steffen Ullrich.
+ - Add functions functions to allow reading multiple pems from
+ file and creating untrusted chain: These functions allow you
+ to:
+ - Read in a PEM file with multiple certificates as a
+ STACK_OF(X509_INFO)
+ - Determine the size of the STACK_OF(X509_INFO) and value at
+ an index, which allows you to loop over the stack.
+ - Retrieve the X509 structure from each X509_INFO structure
+ in the stack.
+ Then you can create a new STACK_OF(X509) and push the X509
+ structures onto the new stack. You can then pass this
+ STACK_OF(X509) to X509_STORE_CTX_init which will allow you
+ to add additional untrusted certificates to the chain for
+ verification. Exposed functions are:
+ PEM_X509_INFO_read_bio
+ sk_X509_INFO_num
+ sk_X509_INFO_value
+ sk_X509_INFO_free
+ sk_X509_new_null
+ sk_X509_free
+ sk_X509_push
+ New function implemented by Net::SSLeay:
+ P_X509_INFO_get_x509
+ Thanks to Marc Reisner.
+ - Add functions and constants that are necessary to verify a
+ certificate using a hash directory outside of an SSL/TLS
+ connection. Newly exposed functions:
+ X509_STORE_CTX_init
+ X509_STORE_CTX_free
+ X509_STORE_new
+ X509_STORE_free
+ X509_STORE_add_lookup
+ X509_LOOKUP_hash_dir
+ X509_LOOKUP_add_dir
+ Newly exposed constants:
+ X509_FILETYPE_ASN1
+ X509_FILETYPE_DEFAULT
+ X509_FILETYPE_PEM
+ Thanks to Marc Reisner.
+ - Declare n_a in ssleay_set_psk_client_callback_invoke and
+ ssleay_ctx_set_psk_client_callback_invoke to avoid a compilation
+ error with Perl versions below 5.8.8. Fixes RT#128030. Thanks to
+ Graham Ollis for the report.
+ - Add X509_get0_serialNumber. Thanks to Marc Reisner.
+ - Enable Travis CI for LibreSSL 2.2.1, 2.7.5, 2.8.3 and 2.9.0
+ on Perl 5.20 and more recent.
+ - Expose the following functions for curve and group selection:
+ - CTX_set_ecdh_auto, set_ecdh_auto
+ - CTX_set1_curves_list, set1_curves_list
+ - CTX_set1_groups_list, set1_groups_list
+ Thanks to Steffen Ullrich.
+
+-------------------------------------------------------------------
Old:
----
Net-SSLeay-1.86_07.tar.gz
New:
----
Net-SSLeay-1.88.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-Net-SSLeay.spec ++++++
--- /var/tmp/diff_new_pack.BXZ8Jp/_old 2019-06-01 09:43:25.211448820 +0200
+++ /var/tmp/diff_new_pack.BXZ8Jp/_new 2019-06-01 09:43:25.211448820 +0200
@@ -18,14 +18,13 @@
%define cpan_name Net-SSLeay
Name: perl-Net-SSLeay
-Version: 1.86_07
+Version: 1.88
Release: 0
Summary: Perl extension for using OpenSSL
License: Artistic-2.0
Group: Development/Libraries/Perl
-URL: http://search.cpan.org/dist/Net-SSLeay/
-#Source: http://www.cpan.org/modules/by-module/Net/Net-SSLeay-%{version}.tar.gz
-Source: https://cpan.metacpan.org/authors/id/R/RA/RADIATOR/%{cpan_name}-%{version}.tar.gz
+URL: https://metacpan.org/release/%{cpan_name}
+Source0: https://cpan.metacpan.org/authors/id/C/CH/CHRISN/%{cpan_name}-%{version}.tar.gz
BuildRequires: libopenssl-devel
BuildRequires: openssl
BuildRequires: perl
++++++ Net-SSLeay-1.86_07.tar.gz -> Net-SSLeay-1.88.tar.gz ++++++
++++ 4583 lines of diff (skipped)