Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

openconnect-devel-9.12-2.1 RPM for s390x

From OpenSuSE Ports Tumbleweed for s390x

Name: openconnect-devel Distribution: openSUSE:Factory:zSystems
Version: 9.12 Vendor: openSUSE
Release: 2.1 Build date: Thu Oct 12 00:14:42 2023
Group: Development/Libraries/C and C++ Build host: s390zl25
Size: 35214 Source RPM: openconnect-9.12-2.1.src.rpm
Packager: https://bugs.opensuse.org
Url: http://www.infradead.org/openconnect.html
Summary: Development files and headers for openconnect
 
This package provides a multi-protocol client for a number of SSL
VPNs, including Cisco's "AnyConnect" VPN.

This packages provides development files and headers needed to build
packages against openconnect.

Provides

Requires

License

LGPL-2.1-or-later

Changelog

* Sat May 20 2023 Andrea Manzini <andrea.manzini@suse.com>
  - Update to release 9.12:
    * Explicitly reject overly long tun device names.
    * Increase maximum input size from stdin (#579).
    * Ignore 0.0.0.0 as NBNS address (!446, vpnc-scripts#58).
    * Fix stray (null) in URL path after Pulse authentication (4023bd95).
    * Fix config XML parsing mistake that left GlobalProtect ESP non-working in v9.10 (!475).
    * Fix case sensitivity in GPST header matching (!474).
* Mon May 08 2023 Andrea Manzini <andrea.manzini@suse.com>
  - Update to release 9.10:
    * Fix external browser authentication with KDE plasma-nm < 5.26.
    * Always redirect stdout to stderr when spawning external browser.
    * Increase default queue length to 32 packets.
    * Fix receiving multiple packets in one TLS frame, and single packets split across multiple TLS frames, for Array.
    * Handle idiosyncratic variation in search domain separators for all protocols
    * Support region selection field for Pulse authentication
    * Support modified configuration packet from Pulse 9.1R16 servers
    * Allow hidden form fields to be populated or converted to text fields on the command line
    * Support yet another strange way of encoding challenge-based 2FA for GlobalProtect
    * Add --sni option (and corresponding C and Java API functions) to allow domain-fronting connections in censored/filtered network environments
    * Parrot a GlobalProtect server's software version, if present, as the client version (!333)
    * Fix NULL pointer dereference that has left Android builds broken since v8.20 (!389).
    * Fix Fortinet authentication bug where repeated SVPNCOOKIE causes segfaults (#514, !418).
    * Support F5 VPNs which encode authentication forms only in JSON, not in HTML.
    * Support simultaneous IPv6 and Legacy IP ("dual-stack") for Fortinet .
    * Support "FTM-push" token mode for Fortinet VPNs .
    * Send IPv6-compatible version string in Pulse IF/T session establishment
    * Add --no-external-auth option to not advertise external-browser authentication
    * Many small improvements in server response parsing, and better logging messages and documentation.
* Thu Dec 15 2022 Andrea Manzini <andrea.manzini@suse.com>
  - Update to release 9.01:
    * Add support for AnyConnect "Session Token Re-use Anchor Protocol" (STRAP)
    * Add support for AnyConnect "external browser" SSO mode
    * Bugfix RSA SecurID token decryption and PIN entry forms, broken in v8.20
    * Support Cisco's multiple-certificate authentication
    * Revert GlobalProtect default route handling change from v8.20
    * Suppo split-exclude routes for Fortinet
    * Add webview callback and SAML/SSO support for AnyConnect, GlobalProtect
* Mon Apr 18 2022 Jan Engelhardt <jengelh@inai.de>
  - Update to release 8.20:
    * Support non-AEAD ciphersuites in DTLSv1.2 with AnyConnect.
    * Emulated a newer version of GlobalProtect official clients,
      5.1.5-8; was 4.0.2-19
    * Support Juniper login forms containing both password and 2FA
      token
    * Explicitly disable 3DES and RC4, unless enabled with
    - -allow-insecure-crypto
    * Allow protocols to delay tunnel setup and shutdown (!117)
    * Support for GlobalProtect IPv6
    * SIGUSR1now causes OpenConnect to log detailed connection
      information and statistics
    * Allow --servercert to be specified multiple times in order to
      accept server certificates matching more than one possible
      fingerprint
    * Demangle default routes sent as split routes by GlobalProtect
    * Support more Juniper login forms, including some SSO forms
    * Restore compatibility with newer Cisco servers, by no longer
      sending them the X-AnyConnect-Platform header
    * Add support for PPP-based protocols, currently over TLS only.
    * Add support for two PPP-based protocols, F5 with
    - -protocol=f5 and Fortinet with --protocol=fortinet.
    * Add support for Array Networks SSL VPN.
    * Support TLSv1.3 with TPMv2 EC and RSA keys, add test cases
      for swtpm and hardware TPM.
* Tue Nov 23 2021 Robert Munteanu <rombert@apache.org>
  - Import the latest version of the vpnc-script, revision
    1d35a8527e5422967514dd1d47350ff2ede55903 (boo#1140772)
    * This brings a lot of improvements for non-trivial network setups, IPv6 etc
* Fri Jan 08 2021 olaf@aepfle.de
  - Build with --without-gnutls-version-check
* Fri May 15 2020 Martin Hauke <mardnh@gmx.de>
  - Update to version 8.10:
    * Install bash completion script to
      ${datadir}/bash-completion/completions/openconnect.
    * Improve compatibility of csd-post.sh trojan.
    * Fix potential buffer overflow with GnuTLS describing local
      certs (CVE-2020-12823, bsc#1171862,
      gl#openconnect/openconnect!108).
* Fri May 01 2020 Martin Hauke <mardnh@gmx.de>
  - Fix CVE-2020-12105 (boo#1170452)
  - Introduce subpackage for bash-completion
  - Update to 8.09:
    * Add bash completion support.
    * Give more helpful error in case of Pulse servers asking for
      TNCC.
    * Sanitize non-canonical Legacy IP network addresses.
    * Fix OpenSSL validation for trusted but invalid certificates
      (CVE-2020-12105).
    * Convert tncc-wrapper.py to Python 3, and include modernized
      tncc-emulate.py as well. (!91)
    * Disable Nagle's algorithm for TLS sockets, to improve
      interactivity when tunnel runs over TCP rather than UDP.
    * GlobalProtect: more resilient handling of periodic HIP check
      and login arguments, and predictable naming of challenge forms.
    * Work around PKCS#11 tokens which forget to set
      CKF_LOGIN_REQUIRED.
  - Update to 8.0.8:
    * Fix check of pin-sha256: public key hashes to be case sensitive
    * Don't give non-functioning stderr to CSD trojan scripts.
    * Fix crash with uninitialised OIDC token.
  - Update to 8.0.7:
    * Don't abort Pulse connection when server-provided certificate
      MD5 doesn't match.
    * Fix off-by-one in check for bad GnuTLS versions, and add build
      and run time checks.
    * Don't abort connection if CSD wrapper script returns non-zero
      (for now).
    * Make --passtos work for protocols that use ESP, in addition
      to DTLS.
    * Convert tncc-wrapper.py to Python 3, and include modernized
      tncc-emulate.py as well.
* Wed Jan 08 2020 Tomáš Chvátal <tchvatal@suse.com>
  - Remove tncc-wrapper.py script as it is python2 only bsc#1157446
* Mon Nov 04 2019 Tomáš Chvátal <tchvatal@suse.com>
  - No need to ship hipreport-android.sh as it is intented for
    android systems only

Files

/usr/include/openconnect.h
/usr/lib64/libopenconnect.so
/usr/lib64/pkgconfig/openconnect.pc

Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 9 12:50:11 2024