pkgsrc.se | The NetBSD package collection

./www/neon, HTTP and WebDAV client library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2009Q2, Version: 0.29.0, Package name: neon-0.29.0, Maintainer: pkgsrc-users

neon is an HTTP and WebDAV client library. It provides lower-level
interfaces which directly implement new HTTP methods, and higher-level
interfaces so that you don't have to worry about the lower-level
stuff.

Required to run:
[textproc/expat]

Required to build:
[devel/libtool-base] [devel/pkg-config]

Master sites:

http://www.webdav.org/neon/ (Download)

SHA1: 8d2e1609b2a3b13a6e68e58c26b1d708302e05ef
RMD160: 338f6ff1589a01dee66cd31a72c45f3a57914ab8
Filesize: 858.58 KB

Version history: (Expand)

(2009-09-16) Updated to version: neon-0.29.0
(2009-07-09) Package has been reborn
(2009-07-08) Package added to pkgsrc.se, version neon-0.28.3 (created)

CVS history: (Expand)

2009-09-15 15:32:04 by S.P.Zeidler | Files touched by this commit (4) | Package updated

Log message:
Pullup ticket 2894 - requested by tron
security update

Revisions pulled up:
- pkgsrc/www/neon/Makefile		by patch
- pkgsrc/www/neon/PLIST			by patch
- pkgsrc/www/neon/distinfo		by patch

Files added:
pkgsrc/www/neon/patches/patch-ab	by patch

   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Mon Sep 14 16:48:44 UTC 2009

   Modified Files:
           pkgsrc/www/neon: Makefile PLIST distinfo
           pkgsrc/www/neon/patches: patch-ab
   Removed Files:
           pkgsrc/www/neon/patches: patch-aa

   Log message:
   Update "neon" package to version 0.29. Changes since version 0.28.5:
   * Interface changes:
     o none, API and ABI backwards-compatible with 0.28.x and 0.27.x
   * New interfaces and features:
     o added NTLM auth support for Unix builds (Kai Sommerfeld,
       Daniel Stenberg)
     o ne_auth.h: added NE_AUTH_GSSAPI and NE_AUTH_NTLM auth protocol codes
     o added ne_acl3744.h, updated WebDAV ACL support (Henrik Holst)
     o added built-in SOCKS v4/v4a/v5 support: ne_socket.h:ne_sock_proxy(),
       and ne_session.h:ne_session_socks_proxy()
     o added support for system-default proxies: ne_session_system_proxy(),
       implemented using libproxy where available
     o ne_session.h: added NE_SESSFLAG_EXPECT100 session flag,
       SSL verification failure bits extended by NE_SSL_BADCHAIN and
       NE_SSL_REVOKED, better handling of failures within the cert chain
       (thanks to Ludwig Nussel)
     o ne_socket.h: ne_sock_writev() (Julien Reichel), ne_sock_set_error(),
       ne_iaddr_raw(), ne_iaddr_parse()
     o ne_string.h: ne_buffer_qappend(), ne_strnqdup()
   * Deprecated interfaces:
     o ne_acl.h is obsoleted by ne_acl3744.h (but is still present)
     o obsolete feature "NE_FEATURE_SOCKS" now never marked present
   * Other changes:
     o fix handling of "stale" flag in RFC2069-style Digest auth challenge
     o ne_free() implemented as a function on Win32 (thanks to Helge Hess)
     o symbol versioning used for new symbols, where supported
     o ensure SSL connections are closed cleanly with OpenSSL
     o fix build with OpenSSL 1.0 beta
     o updated Polish (pl) translation (Arfrever Frehtes Taifersar Arahesis)
   * SECURITY (CVE-2009-2473): Fix "billion laughs" attack against expat;
     could allow a Denial of Service attack by a malicious server.
   * SECURITY (CVE-2009-2474): Fix handling of an embedded NUL byte in a
     certificate subject name; could allow an undetected MITM attack against
     an SSL server if a trusted CA issues such a cert.

   Tested by Daniel Horecki with SVN client.

   To generate a diff of this commit:
   cvs rdiff -u -r1.48 -r1.49 pkgsrc/www/neon/Makefile
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/neon/PLIST
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/neon/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/www/neon/patches/patch-aa
   cvs rdiff -u -r1.1 -r1.2 pkgsrc/www/neon/patches/patch-ab