Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libneon-devel-0.32.2-1.2 RPM for aarch64

From OpenSuSE Ports Tumbleweed for aarch64

Name: libneon-devel Distribution: openSUSE Tumbleweed
Version: 0.32.2 Vendor: openSUSE
Release: 1.2 Build date: Fri Apr 22 11:10:20 2022
Group: Development/Libraries/Other Build host: obs-arm-11
Size: 464056 Source RPM: neon-0.32.2-1.2.src.rpm
Summary: An HTTP and WebDAV Client Library
neon is an HTTP and WebDAV client library with a C interface.






* Sun Jan 23 2022 Andreas Stieger <>
  - update to 0.32.2:
    * Fix auth handling for request-target of "*"
* Sat Dec 11 2021 Andreas Stieger <>
  - update to 0.32.1:
    * Fix configure CFLAGS handling in Kerberos detection.
  - includes changes from 0.32.0:
    * NE_AUTH_DIGEST now only enables RFC 2617/7616 auth by default;
      to enable weaker RFC 2069 Digest, use NE_AUTH_LEGACY_DIGEST
      (treated as a security enhancement, not an API/ABI break)
    * Interface additions and bug fixes
  - drop patches:
    * neon-0.31.2-sha1-tests.patch
    * neon-0.31.2-CA-tests.patch
* Thu Oct 08 2020 Pedro Monreal Gonzalez <>
  - Disable tests fail_ca_* that fail since OpenSSL update to 1.1.1h.
    * Upstream report:
  - Add neon-0.31.2-CA-tests.patch
* Thu Oct 08 2020 Pedro Monreal Gonzalez <>
  - Disable fail_nul_* tests broken with OpenSSL configured to reject
    certificates created with a SHA1.
  - Add neon-0.31.2-sha1-tests.patch
* Fri Aug 21 2020 Dirk Mueller <>
  - update to 0.31.2:
    * Fix ne_md5_read_ctx() with OpenSSL on big-endian architectures.
    * Fix GCC 10 warning in PKCS#11 build.
    * Fix OpenSSL build w/o deprecated APIs (Rosen Penev).
    * Fix unnecessary MD5 test for non-Digest auth (Sebastian Reschke).
    * Fix hang on SSL connection close with IIS (issue #11).
    * Fix ar, ranlib detection when cross-compiling (Sergei Trofimovich).
* Mon Jun 01 2020 Vítězslav Čížek <>
  - Update to 0.31.1
    ADMIN: The neon website has moved to
    Restore ne_md5_read_ctx() in OpenSSL build.
    Fix gcc warnings on Ubuntu (Jan-Marek Glogowski).
    Fix various spelling mistakes in docs and headers (thanks to FOSSIES).
    Fix ne_asctime_parse() (Eugenij-W).
    Fix build with LibreSSL (Juan RP).
    Interface changes:
      none, API and ABI backwards-compatible with 0.27.x and later
    New interfaces and features:
      add more gcc “nonnull” attributes to ne_request_* functions.
      for OpenSSL builds, ne_md5 code uses the OpenSSL implementation
      add NE_SESSFLAG_SHAREPOINT session flag which enables workarounds
      for RFC non-compliance issues in Sharepoint
      ne_uri.h: add ne_path_escapef() in support of above
      ne_207.h: add ne_207_set_flags() likewise in support of above
    API clarification:
      ne_version_match() behaviour now matches actual 0.27+ ABI history
    Bug fixes:
      fixes for OpenSSL 1.1.1 and TLSv1.3 support
      fix crash with GnuTLS in client cert support (Henrik Holst)
      fix possible crash in ne_set_request_flag()
      fix build with libxml2 2.9.10 and later
      fix handling lock timeouts >LONG_MAX (Giuseppe Castagno)
  - Upstream has moved to
    * tarball checksums are no longer provided
  - Drop upstreamed patches:
    * neon-0.30.2-nulcert.patch
    * neon-0.30.2_ssl-fix_timeout_retvals.patch
* Thu Sep 12 2019 Vítězslav Čížek <>
  - Drop unnecessary requirement for OpenSSL 1.1.1
  - Apply neon-0.30.2_ssl-fix_timeout_retvals.patch only when building
    with OpenSSL 1.1.1 (bsc#1149792)
* Mon Aug 19 2019 Ludwig Nussel <>
  - fix testsuite fail due to expired nulcerts (neon-0.30.2-nulcert.patch)
* Fri Oct 19 2018 Ismail Dönmez <>
  - BuildRequires libopenssl-1_1-devel >= 1.1.1 becase build fails with
* Fri Oct 19 2018 Jan Engelhardt <>
  - Remove pointless --with-pic (because of --disable-static)
* Thu Oct 18 2018 Jason Sikes <>
  - Disabled some tests due to behavior change in underlying OpenSSL.
  - Replaced error message string to match new message from OpenSSL.
  - Add neon-0.30.2_ssl-fix_timeout_retvals.patch implementing these
    two changes.
* Mon Oct 01 2018 Jason Sikes <>
  - replaced libopenssl-devel with libopenssl-1_1-devel
* Tue Mar 20 2018
  - Install license
  - replace named links with symlinks
    and stop using fdupes as it just linked linked manpages
* Mon Mar 19 2018
  - fixed flaky timeout tests for ppc64le (bsc#1085850)
    * fix_timeout_tests_for_ppc64le.patch
* Wed Aug 23 2017
  - Update to 0.30.2
    Add support for OpenSSL 1.1.x (Kurt Roeckx).
    Fix PKCS#11 support under GnuTLS 3.x.
      PKCS#11 API no longer supported with GnuTLS 2.x
  - cleaned the .spec
* Wed Mar 04 2015
  - Cleanup spec file with spec-cleaner
  - Add gpg signature
  - Enable tests
  - Use fdupes to remove duplicates
  - Update to 0.30.1
    * small changes, for details see included ChangeLog
* Wed Aug 21 2013
  - version 0.30.0
    * drop neon-openssl-version.patch
    * API and ABI backwards-compatible with 0.27.x and later
    * ne_path_escape: fix excessive memory allocation
    * added  ne_ssl_clicert_import, ne_ssl_context_get_flag,
    ne_set_addrlist2, added ne_addr_canonical..
    * support chunked bodies with negative length passed to
* Wed Aug 21 2013
  - permanently drop neon-aes-ni.patch which is not applied
    and obsolete, bug in openSSL already fixed and the ENGINE
    loading issue addressed in a different fashion.
* Wed Jun 06 2012
  - disable explicit openssl version check. openssl 1.0 is stable
    api wise. [bnc#764906]
* Fri May 04 2012
  - don't  use ca-bundle.pem. neon correctly uses openssl's default
    instead (ie the /etc/ssl/certs directory)
* Mon Jan 30 2012
  - build with libproxy
  - make expat explicit in configure
  - pass ca-bundle.pem to configure
* Mon Jan 30 2012
  - build with NE_FEATURE_TS_SSL (thread-safe SSL)
* Mon Nov 21 2011
  - Remove redundant/unwanted tags/section (cf. specfile guidelines)
* Sun Nov 20 2011
  - add libtool as buildrequire to avoid implicit dependency
* Tue Oct 18 2011
  - remove neon-aes-ni.patch temporarily (bnc#720601)
* Mon Sep 05 2011
  - test suite hangs or fails in the OBS, but works locally
    disable it.
* Mon Sep 05 2011
  - Load openssl engines as well, needed to support
    AES-NI, fast/hardware provided hash functions and Ivy bridge's
    RDRAND instruction.
* Thu Jul 21 2011
  - update to 0.29.6:
    * Don't abort SSL handshake with GnuTLS if a client cert is
    requested but none is configured/available
    * Fix GnuTLS build with Nettle
    * Fix the method string passed to create_request hooks to
    have the same lifetime as the request object
    * Docs updates.
    * Fix GnuTLS handshakes failures with 'TLS warning alert'
    * Fix SNI support
    * Fix possible Solaris linker errors if building static library
    * Fix error handling when pulling a request body from an file
    * Fix ne_request_dispatch() return value for SOCKS proxy failure cases
    * Tighten SSL cert ID checks to deny a wildcard match against an IP address
* Thu May 12 2011
  - Obsoletes: neon must be in the lib package. Otherwise
    libneon-devel gets installed as replacement for neon on distro
    upgrade, drawing in lots of other devel stuff.
* Sun Aug 22 2010
  - Update to version 0.29.3
    + Change ne_sock_close() to no longer wait for SSL closure alert
    + Fix memory leak with GnuTLS
    + API clarification in ne_sock_close()
  - Changes from version 0.29.2:
    + Fix spurious 'certificate verify failed' errors with OpenSSL
    + Fix unnecessary re-authentication with SSPI
  - Changes from version 0.29.1:
    + Fixes for (Unix) NTLM implementation:
    - fix handling of session timeout
    - fix possible crash
    + Build fixes for Win32:
    + Fix build with versions of GnuTLS older than 2.8.0.
  - Changes from version 0.29.0:
    + New interfaces and features:
    - added NTLM auth support for Unix builds
    - ne_auth.h: added NE_AUTH_GSSAPI and NE_AUTH_NTLM auth protocol
    - added ne_acl3744.h, updated WebDAV ACL support
    - added built-in SOCKS v4/v4a/v5 support:
      ne_socket.h:ne_sock_proxy(), and
    - added support for system-default proxies:
      ne_session_system_proxy(), implemented using libproxy
    - ne_session.h: added NE_SESSFLAG_EXPECT100 session flag, SSL
      verification failure bits extended by NE_SSL_BADCHAIN and
      NE_SSL_REVOKED, better handling of failures within the cert
    - ne_utils.h: added feature code NE_FEATURE_SYSPROXY
    - ne_socket.h: ne_sock_writev(), ne_sock_set_error(),
      ne_iaddr_raw(), ne_iaddr_parse()
    - ne_string.h: ne_buffer_qappend(), ne_strnqdup()
  - Changes from version 0.28.6:
    + SECURITY (CVE-2009-2473): Fix "billion laughs" attack against
    + SECURITY (CVE-2009-2474): Fix handling of an embedded NUL byte
      in a certificate subject name with OpenSSL;
    + Changes from version 0.28.5:
    + Enable support for X.509v1 CA certificates in GnuTLS.
    + Fix handling of EINTR in connect() calls.
    + Fix use of builds with SOCK_CLOEXEC support on older Linux
  - Add libproxy-devel BuildRequires
  - Clean spec file using spec-cleaner.
  - Drop upstream included patches:
    + neon-0.28.4-CVE-2009-2473,2474.patch
    + neon-openssl.patch
  - Drop the main package. It avoids the lib from being installed in
    different versions and generally only contained coders doc.
    => provide / obsolete neon by libneon-devel.
* Sun Apr 18 2010
  - take patch from upstream to fix openssl linkage
* Mon Feb 01 2010
  - package baselibs.conf
* Thu Sep 10 2009
  - fixed CVE-2009-2473 and CVE-2009-2474 [bnc#528370]
* Thu May 07 2009
  - updated to 0.28.4
    * GnuTLS support fixes:
    - fix handling of PKCS#12 client certs with multiple certs or keys
    - fix crash with OpenPGP certificate
    - use pkg-config data in configure, in preference to libgnutls-config
    * Add PKCS#11 support for OpenSSL builds (where pakchois is available)
    * Fix small memory leak in PKCS#11 code
  - enabled kerberos support (by adding krb5-devel to BuildRequires)
* Wed Jan 07 2009
  - obsolete old -XXbit packages (bnc#437293)
* Thu Aug 21 2008
  - updated to 0.28.3
    * SECURITY (CVE-2008-3746): Fix potential NULL pointer dereference in
      Digest domain parameter support; could allow a DoS by a malicious server
    * Fix parsing of *-Authenticate response header with LWS after quoted value
    * Fix ne_set_progress(, NULL, ) to match pre-0.27 behaviour (and not crash)
    * Fix to disable Nagle on Win32 with newer toolchain (thanks to Stefan Küng)
    * Fix build on Netware (Guenter Knauf)
    * Document existing ne_uri_parse() API postcondition and ne_uri_resolve()
      pre/postconditions regarding the ->path field in ne_uri structures
    * Mark ne_{,buffer_}concat with sentinel attribute for GCC >= 4.
    * Distinguish the error message for an SSL handshake which fails after a
    client cert was requested.
    * Compile with PIC flags by default even for static library builds
* Tue Jun 03 2008
  - require COPYING package
* Sun May 18 2008
  - fix rename of xxbit packages
* Thu Apr 10 2008
  - added baselibs.conf file to build xxbit packages
    for multilib support
* Thu Apr 03 2008
  - updated to 0.28.2
    * Support "Proxy-Connection: Keep-Alive" for compatibility with HTTP/1.0
      proxies which require persistent connections for NTLM authentication
    * Fix an fd leak in ne_ssl_{,cli}cert_read (GnuTLS only)
    * Enable fast initialization in GnuTLS.
    (changes from 0.28.1)
    * Fix build on SCO OpenServer 5.0.x (thanks to Nico Kadel-Garcia)
    * Fix handling of Digest domain parameter values without a trailing slash
    * Fix build against apr-util's bundled in Subversion
    * Add --without-pakchois to configure (Arfrever Frehtes Taifersar Arahesis)
    * zh message catalog renamed to zh_CN, translation updated (Dongsheng Song)
  - disable make check, does not build on all archs
  - dropped patch:
    * digest.patch (included in update)
* Mon Mar 03 2008
  - fix bug in digest domain parameter handling to fix svn commit
* Thu Feb 28 2008
  - run the test suite to detect any possible regression
* Fri Feb 15 2008
  - version 0.28.0
  - Interface changes:
    * none, API and ABI backwards-compatible with 0.27.x
  - New interfaces:
    * ne_pkcs11.h: added basic PKCS#11 support (requires GnuTLS and pakchois)
    * ne_auth.h: added NE_AUTH_ALL and NE_AUTH_DEFAULT constants
    * ne_socket.h: added ne_sock_peer(), ne_sock_prebind(), ne_sock_cipher()
    * ne_session.h: NE_SESSFLAG_TLSSNI flag added; TLS SNI support is enabled by default, where supported; ne_set_localaddr() added
    * ne_request.h: added close_conn hooks (Robert J. van der Boon)
    * ne_basic.h: added ne_options2()
  - Other changes:
    * add Polish (pl) translation (Arfrever Frehtes Taifersar Arahesis)
    * add support for the 'domain' parameter in Digest authentication
    * fix fd leak in ne_sock_connect() error path (Andrew Teirney)
    * the FD_CLOEXEC flag is set on socket fds
    * fix timezone handling in ne_dates for more platforms (Alessandro Vesely)
    * fix ne_simple_propfind() to print XML namespaces in flat property values
    * fix ne_get_range() for unspecified end-range case (Henrik Holst)
    * fix ne_strclean() to be locale-independent and avoid possible Win32 crash
    * fix ne_get_error() to not "clean" localized error strings
    * fix ne_ssl_clicert_read() to fail for client certs missing cert or key
* Mon Nov 26 2007
  - version 0.27.2
    * Fix crash in GSSAPI Negotiate response header verification.
  - Cleanup excessive dependencies on -devel package.
* Thu Oct 11 2007
  - add provides/obsoletes for neon-devel in libneon-devel
    after package rename
* Tue Sep 25 2007
  - update do 0.27.1
    * New interfaces:
    - ne_session.h: ne_fill_proxy_uri() retrieves configured proxy,
      ne_hook_post_headers() adds a hook after response headers are read,
      ne_set_connect_timeout() sets session connection timeout,
    - ne_socket.h: ne_sock_connect_timeout() sets connection timeout,
      ne_iaddr_reverse() performs reverse DNS lookup
    - ne_string.h: ne_buffer_snprintf() prints to a buffer object
    - ne_xml.h: ne_xml_resolve_nspace() resolves namespace prefixes
    * Interface changes:
    - ne_set_notifier() replaces ne_set_status(); finer-grained and type-safe
      connection status information now provided; obsoletes ne_set_progress()
    - ne_xml_dispatch_request() now only invokes the XML parser for
      response entities with an XML content-type, following RFC 3023 rules
    - ne_acl_set() now takes a "const" entries array
    - LFS compatibility functions *64 removed: all functions taking an
      off_t now take an ne_off_t which is off64_t for LFS builds
    * GnuTLS support now mostly feature-complete with OpenSSL support:
    - greatly improved SSL distinguished name handling with GnuTLS >= 1.7.8
    * Other changes:
    - descriptive error messages for authentication failures
    - SSPI support uses canonical DNS server name (Yves Martin)
    - fixes for handling of "stale" parameter in Digest authentication
    - added support for URIs in SSL server certificate subjectAltName field
    - fix compiler warnings with expat 2.x
    - fix handling of "Transfer-Encoding: identity" responses from privoxy
    * Fix regression in response progress counter for notifier/progress callbacks
    * Fix interface description for ne_set_notifier() callback;
      is set to -1 not 0 for an indeterminate response length
* Tue Jul 17 2007
  - update to 0.26.4
    * Fix Negotiate Authentication-Info response header verification with GSSAPI
    * Fix multiple handlers with ne_add_{server,proxy}_auth (Werner Baumann)
    * Fix SSPI build with some versions of MinGW (Gisle Vanem)
    * Fix for SSPI segfault in response header verification (Mike DiCuccio)
    * Fix error strings for CONNECT SSL proxy tunnel request failure
    * Fix install-nls for VPATH builds (Hans Meine)
    * Fix use of unencrypted client certs with GnuTLS
    * Fix ne_lock* If: header insertion to use CRLF-terminated headers
    * Fix test suite failures on QNX by working around send() length limit
    * Fix handling of POSIX strerror_r failure case in ne_strerror
    * Fix alignment issues in test suite MD5 code
* Fri Apr 27 2007
  - fix buildrequires
* Tue Apr 17 2007
  - updated spec file to reflect expat package split
* Sat Mar 31 2007
  - add zlib-devel BuildRequires
* Wed Jan 24 2007
  - update to 0.26.3
    * build fix for platforms without libintl.h
    * use Libs.private in neon.pc for newer versions of pkg-config
    * fix error reported for LOCK responses lacking a Lock-Token header
    * security fix CVE-2007-0157: fix buffer under-read in URI parser
    * fix handling of "nextnonce" parameter in Digest authentication
  - drop obsoleted patch from Jan 15 (included in update)
* Mon Jan 15 2007
  - do not cast char pointers into int pointers (CVE-2007-0157 / #235083)
* Thu Jul 20 2006
  - update to 0.26.1
    new API
  - neon-devel requires openssl-devel zlib-devel expat
* Wed Jan 25 2006
  - converted neededforbuild to BuildRequires
* Wed Jun 29 2005
  - build with expat instead of libxml2, should speed up svn checkout
    of large files (#94606)
* Wed Feb 02 2005
  - fix build with gcc4, added 2 sentinel mark ups.
* Sun Oct 17 2004
  - remove .so link from main package, its already in -devel
* Sat Sep 25 2004
  - update for gcc4, -Wimplicit-prototypes and inline
* Tue Jul 06 2004
  - update to 0.24.7
* Sun May 09 2004
  - add neon-CAN-2004-0398.patch (#39774)
* Thu Apr 01 2004
  - add CAN-2004-0179.diff (#37716)
* Thu Jan 22 2004
  - update for gcc3.4, -Wimplicit-prototypes and inline
* Sat Jan 10 2004
  - add %defattr and %run_ldconfig
* Fri Nov 28 2003
  - updated to 0.24.4, some highlights:
    * Major changes to XML interface
    * Major changes to SSL interface
    * Add a pkg-config file
    * Tons of fixes
* Wed Apr 23 2003
  - update to 0.23.9
    Changes in release 0.23.9:
    * neon-config exports includes needed for OpenSSL given by
    * ne_redirect_location will return NULL if redirect hooks have
      not been registered for the session (Ralf Mattes <>).
    Changes in release 0.23.8:
    * On Linux, skip slow lookup for IPv6 addresses when IPv6 support
      is not loaded in kernel (thanks to Daniel Stenberg for this
    * Update to autoconf 2.57 and libtool 1.4.3.
* Sat Mar 01 2003
  - apply security fix from 0.23.8
    * SECURITY: Prevent control characters from being included in the
      reason_phrase field filled in by ne_parse_statusline(), and in
      the session error string.
    * Fix digest auth response verification for >9 responses in session
      (bug manifests as "Server was not authenticated correctly" error).
* Tue Jan 28 2003
  - update to 0.23.7
    Changes in release 0.23.7:
    * Fix for handling EINTR during write() call (Sergey N Ushakov).
    * When available, use pkg-config to determine compiler flags
      needed to use OpenSSL headers and libraries.
* Tue Jan 21 2003
  - update to 0.23.6
* Sat Oct 12 2002
  - update to 0.23.5
    move interface documentation to -devel
* Thu Sep 19 2002
  - update to 0.23.4, enable build with -g
* Sat Aug 31 2002
  - update to 0.22.0, needed by subversion
* Fri Aug 09 2002
  - devel requires base package
* Fri Jul 26 2002
  - fix neededforbuild
* Sun Jun 23 2002
  - update to 0.21.3
* Sat May 04 2002
  - initial SuSE package, version 0.20.0



Generated by rpm2html 1.8.1

Fabrice Bellet, Wed May 18 00:12:48 2022