OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neon?expand=0&rev=2

neon-0.26.1.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6ab0f5f2cf04e663a7df872edc34e2419e3a12d8edbd58d4785159e381c6f51e
-size 566067

neon-0.26.3.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9894b2a442c4bd600eceeb2b1918293b1d8271c1a09f0f4bf63fb2515fcca10e
+size 576215

neon.changes

@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Wed Jan 24 13:56:36 CET 2007 - prusnak@suse.cz
+
+- update to 0.26.3
+  * build fix for platforms without libintl.h
+  * use Libs.private in neon.pc for newer versions of pkg-config
+  * fix error reported for LOCK responses lacking a Lock-Token header
+  * security fix CVE-2007-0157: fix buffer under-read in URI parser
+  * fix handling of "nextnonce" parameter in Digest authentication
+- drop obsoleted patch from Jan 15 (included in update)
+
 -------------------------------------------------------------------
 Mon Jan 15 14:53:06 CET 2007 - olh@suse.de
 

neon.spec

@@ -1,5 +1,5 @@
 #
-# spec file for package neon (Version 0.26.1)
+# spec file for package neon (Version 0.26.3)
 #
 # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
@@ -13,14 +13,13 @@
 Name:           neon
 BuildRequires:  expat openssl-devel
 Summary:        An HTTP and WebDAV Client Library
-Version:        0.26.1
+Version:        0.26.3
-Release:        26
+Release:        1
 License:        GNU General Public License (GPL)
 Group:          Development/Libraries/Other
 URL:            http://www.webdav.org/neon
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Source:         http://www.webdav.org/neon/neon-%{version}.tar.bz2
-Patch1:         neon.uri_lookup.patch
 
 %description
 neon is an HTTP and WebDAV client library with a C interface.
@@ -71,7 +70,6 @@ Authors:
 
 %prep
 %setup -q
-%patch1 -p1
 
 %build
 rm -f aclocal.m4 ltmain.sh
@@ -120,6 +118,14 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/pkgconfig/neon.pc
 
 %changelog -n neon
+* Wed Jan 24 2007 - prusnak@suse.cz
+- update to 0.26.3
+  * build fix for platforms without libintl.h
+  * use Libs.private in neon.pc for newer versions of pkg-config
+  * fix error reported for LOCK responses lacking a Lock-Token header
+  * security fix CVE-2007-0157: fix buffer under-read in URI parser
+  * fix handling of "nextnonce" parameter in Digest authentication
+- drop obsoleted patch from Jan 15 (included in update)
 * Mon Jan 15 2007 - olh@suse.de
 - do not cast char pointers into int pointers (CVE-2007-0157 / #235083)
 * Thu Jul 20 2006 - olh@suse.de

neon.uri_lookup.patch

@@ -1,22 +0,0 @@
-CVE-2007-0157
-http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723
-
-do not cast char pointers to int pointers
-
----
- src/ne_uri.c |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Index: neon-0.26.1/src/ne_uri.c
-===================================================================
---- neon-0.26.1.orig/src/ne_uri.c
-+++ neon-0.26.1/src/ne_uri.c
-@@ -110,7 +110,7 @@ static const unsigned int uri_chars[256]
- /*   Fx */ OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT
- };
- 
--#define uri_lookup(ch) (uri_chars[(unsigned)ch])
-+#define uri_lookup(ch) (uri_chars[(unsigned char)ch])
- 
- char *ne_path_parent(const char *uri) 
- {