Changelog for
gsasl-2.2.1-lp160.7.4.x86_64.rpm :
* Wed Feb 07 2024 Jan Engelhardt
- Update to release 2.2.1
* All obsolete APIs were dropped, as was the abandoned KERBEROS_V5 mechanism.
* New APIs gsasl_mechanism_name_p() and gsasl_property_free().
* Support for the libgssglue GSS-API library were added.
* GSSAPI client: don\'t use AUTHID as fallback for AUTHZID.
* GSSAPI server: don\'t set AUTHZID to empty string when absent.
* Support new \"tls-exporter\" channel binding.
* Base64 encoding/decoding now rejects non-conforming data.
* SCRAM server: Add support for GSASL_SCRAM_SALTED_PASSWORD.- Rename libgsasl SRPM to gsasl- gsasl command-line utility packaged first time- Remove --with-pic, this only has an effect with --enable-static.- Delete 0001-Fix-build-issues-with-GCC-12-s-Werror-address.patch (merged), build-fix-old-gcc.patch (merged), boundary-check-CVE-2022-2469.patch (merged)
* Tue May 30 2023 Adam Majer - Remove URLs from keyring and generated patch as these can change at whim of upstream servers. Keep the references in comments so they are still references for the humans- fixes compilation on s390x by not turning on additional compilation warnings which in turn results in -fanalyze resulting false analysis
* Tue Oct 25 2022 Dirk Müller - refresh keyring
* Tue Sep 27 2022 Dirk Müller - add build-fix-old-gcc.patch for older dists
* Mon Sep 12 2022 Dirk Müller - add boundary-check-CVE-2022-2469.patch (bsc#1201715)- avoid duplicate packaging of license
* Mon Jan 31 2022 Dirk Müller - add 0001-Fix-build-issues-with-GCC-12-s-Werror-address.patch
* Sat Jan 02 2021 Andreas Stieger - update to 1.10.0:
* SCRAM-SHA-256 and SCRAM-SHA-256-PLUS (RFC 7677)
* New SCRAM crypto helper APIs
* SCRAM server: Support for password-less usage
* SCRAM: Sets SCRAM_ITER/SCRAM_SALT/SCRAM_SALTED_PASSWORD
* SCRAM, GS2, and GSSAPI no longer retrieve the TLS channel binding data (property GSASL_CB_TLS_UNIQUE) during gsasl_client_start() or gsasl_server_start()
* A number of legacy and less secure interfaces deprecated
* New APIs for hex encoding/decoding- add upstream signing key and validate source signature- refresh spec file- build with all warnings and treat them as errors
* Fri Mar 13 2020 David Mulder - Re-enable GSSAPI by explicitly choosing mit kerberos.
* Tue Feb 04 2020 Bjørn Lie - Update to version 1.8.1:
* gsasl: IMAP client code now permits empty SASL tokens prefixed with \'+\'. Normally servers should send \'+ \'. Buggy servers include Microsoft Exchange.
* GSSAPI client: - Now retrieves GSASL_AUTHZID for authorization identity. - Can now transmit an empty/missing authorization identity. - See lib/NEWS for more information.
* Build fixes: Update of gnulib, including how it is bootstrapped.
* Updated translations.- Run spec-cleaner, modernize spec.- No longer recommend -lang: supplements are in use.
* Mon Apr 04 2016 kukukAATTsuse.de- Remove unused buildrequires for libgssglue-devel
* Tue Oct 27 2015 meissnerAATTsuse.com- run \"make check\"
* Sun Feb 08 2015 p.drouandAATTgmail.com- Update to version 1.8.0
* SAML20 support following RFC 6595.
* OPENID20 support following RFC 6616.
* Various cleanups, portability and other bug fixes. See the NEWS entries during the 1.7.x branch for details- Use %lang_package macro instead of manually defined -lang package- Remove libgsasl-stdio.h.patch; fixed- Remove fix-arm.patch; fixed- Use download Url as source
* Thu May 02 2013 jengelhAATTinai.de- \"Recommends\" is not understood by RHEL6ish
* Thu Mar 21 2013 dmuellerAATTsuse.com- fix build on aarch64 by applying fix-arm.patch
* Mon Feb 11 2013 ajAATTsuse.com- Change lang package Requires to Recommends since it is not mandatory at runtime.
* Thu Aug 16 2012 agrafAATTsuse.com- fix-arm.patch: Add hack to fix compiling on ARM
* Mon Aug 13 2012 cfarrellAATTsuse.com- license update: LGPL-2.1+ and GPL-3.0+ contains numerous GPL-3.0+ licensed test files
* Sat Aug 11 2012 jengelhAATTinai.de- Have package compile on RHEL6ish.
* Fri Jul 27 2012 ajAATTsuse.de- Fix build with missing gets declaration (glibc 2.16)
* Sun Mar 25 2012 jengelhAATTmedozas.de- Enable building against libntlm (now that it exists in factory)
* Sun Mar 25 2012 jengelhAATTmedozas.de- Parallel build with %_smp_mflags; strip redundant spec sections
* Thu Jul 07 2011 vuntzAATTopensuse.org- Stop using source service to download the tarball, as Factory will move away from this.
* Fri May 27 2011 vuntzAATTopensuse.org- Update to version 1.6.1: + Add a Libs.private to libgsasl.pc. + Updated translations.
* Fri Apr 29 2011 dimstarAATTopensuse.org- Update to version 1.6.0: + SCRAM: General fixes and support for SCRAM-SHA-1-PLUS with channel bindings. + GS2-KRB5: New mechanism GS2 with support for Kerberos V5. + GSSAPI/GS2-KRB5: Support for MIT Kerberos for Windows GSS-API library. + DIGEST-MD5: The server code now returns GSASL_OK after the final token. + Added property for tls-unique channel binding. + No longer require the same or newer libgcrypt it was built with. + Several doc improvements. + Update gnulib files.- Use source services: download_url, recompress and set_Version.
* Thu Mar 25 2010 vuntzAATTopensuse.org- Update to version 1.4.4: + SCRAM: Fix build error on platforms without strnlen.- Changes from version 1.4.3: + SCRAM: Don\'t read out of bounds when parsing tokens.
* Tue Mar 16 2010 dimstarAATTopensuse.org- Update to version 1.4.2: + SCRAM: Encode and decode username/authzid properly. Before any username/authzid that contained \'=\' or \',\' would not work. + Fix typo in error message for GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR. + Updated translations.
* Wed Feb 17 2010 dimstarAATTopensuse.org- Update to version 1.4.1: + gsasl: Improve application data throughput + Improve MinGW builds + Updated translations.
* Wed Dec 02 2009 vuntzAATTopensuse.org- Update to version 1.4.0: + Fix Visual Studio project files to work with SCRAM. + Properly increment libtool version to reflect newly added ABIs. This was accidentally forgotten in the last release. + Export gsasl_sha1 and gsasl_hmac_sha1 in linker version script. This was accidentally forgotten in the last release. + Fix crash in SCRAM-SHA-1 client when the application provides a value for GSASL_SCRAM_SALTED_PASSWORD. + Fix detection of libgcrypt during builds. + Updated translations. + Add libgcrypt-devel BuildRequires.
* Fri Nov 13 2009 vuntzAATTopensuse.org- Update to version 1.3: + libgsasl: Implement SCRAM-SHA-1. New properties are GSASL_SCRAM_ITER, GSASL_SCRAM_SALT, andGSASL_SCRAM_SALTED_PASSWORD. + libgsasl: Add helper APIs for SHA-1 and HMAC-SHA-1. New functions are gsasl_sha1 and gsasl_hmac_sha1.
* Sun Jun 14 2009 vuntzAATTnovell.com- Update to version 1.2: + The library needs at most around 250 bytes of stack frame size. This is useful for embedded platforms with limited amount of RAM. + Obsolete gsasl_md5pwd_get_password rewritten to use modern API. + Include a copy of the GPLv3 license in the archive. Some parts, such as the gnulib self-tests, are licensed under the GPLv3. The library remains licensed under LGPLv2.1+ though.- Package COPYING.LIB instead of COPYING: there\'s no GPLv3 file in the built package (the GPLv3 files are only in the tarball).
* Wed Jun 10 2009 dmuellerAATTsuse.de- Add Requires for lang package to libgsasl7.
* Thu May 07 2009 vuntzAATTnovell.com- Review package.- Update to version 1.1: + DIGEST-MD5 client: Add support for client integrity layer. + DIGEST-MD5: Decoding of integrity protected sessions now works better. + libgsasl: Add new property GSASL_QOPS. + libgsasl: Add new property GSASL_QOP. + DIGEST-MD5 client: Now queries application for QOP value + DIGEST-MD5 server: Now queries application for QOP values. + DIGEST-MD5 server: No longer advertises support for integrity by default. + libgsasl: Added C pre-processor expressions for version handling. + libgsasl: Use a LD version script on platforms where it is supported. + libgsasl: Compiled with -fvisibility=hidden by default if supported.- Remove unneeded libxml2-devel BuildRequires.- Add a note about libntlm that doesn\'t exist in openSUSE.- Do not make libgsasl7 Provide/Obsolete libgsasl.
* Mon Mar 16 2009 novellAATTmirell.de- initial SUSE package
