openconnect-devel-7.08-lp151.6.9.1 4>$  Ap_M/=„S:xdGOt4^AzMf\tņHZEU^+|y(˗].(㱨.B{%b4p+sl泼֤VYZ tpXPWgj+sbBcK&iۧZ=Mqmw /N4y^9qFJZ_sMq :6oD6i39W&Ǿi}ٖޟfkഘ9щo Fn/'U"с8de0822c72aea3c0496ef789fa2d969b57384d4d9725403e66e46b8a16112cb1abbbef71e1bf9a7178b5fb5c0afe11f7064b0b2c3F_M/=„Jvr "Aol<D!^sfH ->M.#[xW5h dž>n e<<T4piC / 4Qf~Q>Vȣ;T{FEy΃Vta;N:5LĠV/*uM:Xm?ME4!^\pA!?!d % S  #Cms|    # @L[jR(}89:!FGHIXY\]^3bcc d e f l u v w x!y! z!@!P!T!_!`!d!j!Copenconnect-devel7.08lp151.6.9.1Development files and headers for openconnectThis package provides a client for Cisco's "AnyConnect" VPN, which uses HTTPS and DTLS protocols. AnyConnect is supported by the ASA5500 Series, by IOS 12.4(9)T or later on Cisco SR500, 870, 880, 1800, 2800, 3800, 7200 Series and Cisco 7301 Routers, and probably others. This packages provides development files and headers needed to build packages against openconnect_Ccloud128iopenSUSE Leap 15.1openSUSELGPL-2.1-or-laterhttp://bugs.opensuse.orgDevelopment/Libraries/C and C++http://www.infradead.org/openconnect.htmllinuxx86_64h8_@_@_@f6613421dd6923d41a9711f39f72f246d4ad2f116fa8d3eb2f4b90c1684fe1276bf165cbad64e979e831fda1a44330f9c0441db850061f392a885c45dcf29fb2libopenconnect.so.5.4.0rootrootrootrootrootrootopenconnect-7.08-lp151.6.9.1.src.rpmopenconnect-developenconnect-devel(x86-64)pkgconfig(openconnect)@@@@@@@@@@    /usr/bin/pkg-configopenconnectpkgconfig(gnutls)pkgconfig(liblz4)pkgconfig(libpcsclite)pkgconfig(libproxy-1.0)pkgconfig(libpskc)pkgconfig(libxml-2.0)pkgconfig(p11-kit-1)pkgconfig(stoken)pkgconfig(zlib)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)7.083.0.4-14.6.0-14.0-15.2-14.14.1^@^]mZlZ*~YXS@WWU@U.@T,@TZ@T@T5TLJonathan Kang Jonathan Kang Jonathan Kang fcrozat@suse.comdimstar@opensuse.orgsckang@suse.comi@marguerite.sufativi@gmail.comfativi@gmail.comidonmez@suse.comidonmez@suse.comidonmez@suse.comidonmez@suse.comrsalevsky@suse.comrsalevsky@suse.comrsalevsky@suse.com- Add openconnect-CVE-2020-12823.patch: gnutls: prevent buffer overflow in get_cert_name(bsc#1171862, CVE-2020-12823, gl#openconnect/openconnect!108).- Add openconnect-CVE-2020-12105.patch: Use OpenSSL X509_check_host() and X509_check_ip() correctly(bsc#1170452, CVE-2020-12105).- Add openconnect-CVE-2019-16239.patch: Fix buffer overflow with chunked HTTP handling(bsc#1151178, CVE-2019-16239).- Add BuildRequires pkgconfig(libpcsclite/libpskc) to enable liboath (TOTP/HOTP) and yubikey support.- Add explicit python2-base and python2-xml BuildRequires: the buildsystem checks for python2 and disables building the documentation if not found. Buildinf the documentation in plus depends on the xml modules. So far we relied on other packages pulling in python2 for us.- Drop vpnc dependency by including vpnc-script from vpnc package (fate#323497).- update to version 7.08 (bsc#1056389) * Add SHA256 support for server cert hashes. * Enable DHE ciphers for Cisco DTLS. * Increase initial oNCP configuration buffer size. * Improve support for point-to-point routing on Windows. * Check for non-resumed DTLS sessions which may indicate a MiTM attack. * Fix compatibility with Pulse Secure 8.2R5. * Support DTLS automatic negotiation. * Support --key-password for GnuTLS PKCS#11 PIN. * Support automatic DTLS MTU detection with OpenSSL. * Update OpenSSL to allow TLSv1.2, improve compatibility options. * Remove --no-cert-check option. It was being (mis)used. * Fix OpenSSL support for PKCS#11 EC keys without public key. * Fix polling/retry on "tun" socket when buffers full. * Fix AnyConnect server-side MTU setting. * Fix ESP replay detection. * Add certificate torture test suite. * Support PKCS#11 PIN via pin-value= and --key-password for OpenSSL. * Fix integer overflow issues with ESP packet replay detection. * Add --pass-tos option as in OpenVPN. * Support role selection form in Juniper VPN. * Support DER-format certificates, add certificate format torture tests. * For OpenSSL >= 1.0.2, fix certificate validation when only an intermediate CA is specified with the --cafile option. * Support Juniper "Pre Sign-in Message". - dropped juniper-fix-for-upstream-sources.patch, upstreamed- Upgraded to 7.07, included fix for Juniper vpn- Update to version 7.0.7 * More fixes for OpenSSL 1.1 build. * Support Juniper "Post Sign-in Message". * Add --protocol option. * Fix ChaCha20-Poly1305 cipher suite to reflect final standard. * Add ability to disable IPv6 support via library API. * Set groups appropriately when using setuid(). * Automatic DTLS MTU detection. * Support SSL client certificate authentication with Juniper servers. * Revamp SSL certificate validation for OpenSSL and stop supporting OpenSSL older than 0.9.8. * Fix handling of multiple DNS search domains with Network Connect. * Fix handling of large configuration packets for Network Connect. * Enable SNI when built with OpenSSL (1.0.1g or later). * Add --resolve and --local-hostname options to command line. - juniper-fix-for-upstream-sources.patch included to fix upgraded Juniper servers * Submitted to upstream, not yet included in release- Update to version 7.0.6 * Fix openconnect.pc breakage after liboath removal. * Refactor Juniper Network Connect receive loop. * Fix some memory leaks. * Add Bosnian translation.- Update to version 7.0.5 * Fix alignment issue which broke LZS compression on ARM etc. * Support HTTP authentication to servers, not just proxies. * Add SHA256/SHA512 support for OATH. * Remove liboath dependency. * Support DTLS v1.2 and AES-GCM with OpenSSL 1.0.2. * Add OpenSSL 1.0.2 to known-broken releases (RT#3703, RT#3711). * Fix build with OpenSSL HEAD (OpenSSL 1.1.x). * Preliminary support for Juniper SSL VPN.- Update to Version 7.04 * Change default behaviour to enable only stateless compression. * Add --compression argument and openconnect_set_compression_mode(). * Add support for LZS compression * Add support for LZ4 compression - Add liblz4-devel dependency for LZ4 compression support.- Update to Version 7.03 * Clean up handling of incoming packets. * Fix issue with two-stage (i.e. NetworkManager) connection to servers with trick DNS (rh#1179681). * Stop using static variables for received packets.- Update to Version 7.02 * Add PKCS#11 support for OpenSSL. * Fix handling of select options in openconnect_set_option_value().- Update to Version 7.01 * Try harder to find a PKCS#11 key to match a given certificate. * Handle 'Connection: close' from proxies correctly. * Warn when MTU is set too low (<1280) to permit IPv6 connectivity. * Add support for X-CSTP-DynDNS, to trigger DNS lookup on each reconnec- Update to Version 7.00 * Add support for GnuTLS 3.4 system: keys including Windows certificate store. * Add support for HOTP/TOTP keys from Yubikey NEO devices. * Add ---no-system-trust option to disable default certificate authorities. * Improve libiconv and libintl detection. * Stop calling setenv() from library functions. * Support utun driver on OS X. * Change library API so string ownership is never transferred. * Support new NDIS6 TAP-Windows driver shipped with OpenVPN 2.3.4. * Support using PSKC (RFC6030) token files for HOTP/TOTP tokens. * Support for updating HOTP token storage when token is used. * Support for reading OTP token data from a file. * Add full character set handling for legacy non-UTF8 systems (including Windows). * Fix legacy (i.e. not XML POST) submission of non-ASCII form entries (even in UTF-8 locales). * Avoid retrying without XML POST, when we failed to even reach the server. * Fix off-by-one in parameter substitution in error messages. * Improve reporting when GSSAPI auth requested but not compiled in. * Fix parsing of split include routes on Windows. * Fix crash on invocation with --token-mode but no --token-secret.cloud128 15948222117.08-lp151.6.9.17.08-lp151.6.9.17.08openconnect.hlibopenconnect.soopenconnect.pc/usr/include//usr/lib64//usr/lib64/pkgconfig/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:13329/openSUSE_Leap_15.1_Update/5c61902b9095563f5356b26e3013642c-openconnect.openSUSE_Leap_15.1_Updatecpioxz5x86_64-suse-linuxC source, UTF-8 Unicode textpkgconfig file PRRR RRRR RRRf.asyX$$XJpkg-configutf-8d7fafc9c247847c1494279ed281c6b7fa45684a4a3b9b2521f20d3b9c1787c7f?7zXZ !t/k N] crv(vX0? kOT. A9;#y1l8QO rMh/DC"O^+ V6 ^Nhq=hҊ$`\!er,F("'(x~g:a ;OÞq;(K;(fQ[4pS.WxW(.z"͟Vc+K/.HJEpnmH%rs "3<Ѝ,F 4[TsWo:+C^q'y |?{njY%T[O=:Hk\ɺ-! z;?c:Kn9Db"R?1"YRO6GܜY1 RvvLo| J6cI҄@LD 7f.w=&%Ɲn/@m)N='; 5he.K 'Mybft#BwOp6亏=vS^'ՙP/!`GI-DUB"9Q9 ʠZT\īL-4W)̒Y׍f@i<@cuPW>9kuh}7-iPm%{Iv l+ݣ:(el%٨hJk2-0RN׵aO! z1HO(7 MldJF%fiw!+ms}2 cb?pE6mvHsdX.ӖK8˽"i:-n ;p嵱s,%{dpɰ}) q'3+p `óbWzW1WY TSTM^4BCk=y! ܱ||JF77tۣ3`ؽ,#"⛽`ᥘH,0wA#ON}t7)Q^&UAV+H䁁n(*yth􆡘q&jpFtʝ>Y& 9{t^1`Uha3Zo]"\:{g$_I»wN_v<4kO+b L "QXISf5kOlFI !+ ^? [j&d9\T+ |_$}~,e0GEa|=8:0m4 |m&%13` Vl icu8BX:[AY892D2&fE?FPsCTN= f.g^WwQ6 Sa 5x-nH;Ԟ2lk@#=gvk3/3OVtj@`blsbҲԨqgvbMU ?0þ 6Uݙ8F'(3<vb#E+/H@~a/+R@P"ro֥#SaAl4&ǻPGl@kotk\忐i)?.P9 SJԵ tge@Hٖ/s̟Vi&~d$Z\3vk+]] JAsV[K VZP"}|NӼj BwXz[ mܶU$ioʚw+/[AsgC/L.6"@k}O46zc\"#㜡3r ^LIӬEMQz:?`g +ڮ:0x0K専G{VRsKjd qqZZ:yf@ynH$FyQx^+ؑ]^|EO'U,J2@A#Gdi婯~3dwnu ]'\5?ޯ"ZU,aq (JwlN:#fs\m}oH3JW䋹45z2CŃͮ!҆kiwWK[m'$Z 6gilI.MJ#$$B7Њ:# hyYA"oj}j񃩊/sdDEϳ(fw'Dfګ$*LYD_i lD,;PmKsCrhl]x:2. z'mqԳ8Nُ>u^#xgw^ Q:- {OM\q-m+){/lQx:R6d#bF2383kD:֌ty{ D/a^ġ<&NL>&9 5M~'vmIo]] BKe8qIۍVPWl3m5Q77r$eie^Ey`um(B #NB cAagLF ,ME#OÀK, t uX]3}TF,x . {}ȓߓ:݆}0ki6kXJ>G:P d z8 -7ey&Rp6gj(*]:X''l[)̜6yXQ#59s1JqCh#Ցu{}N`ƦE?~-HTFoɾ|^rvL~pUʵ籛,t!ko+4MXd%yv7o*AF.BWR : 鶜jN1#s18uyVSk1 DZ^ uc%Kr@)H F?5?Ed,-B ͝ks$℠ڡ˄*Q C @urj/V@߀}׭ ?o AC]؛mΏ)­dZnϴ"^<"O^2:U%Wd׫?`ywL.>A\rlr 7bf BթD~. TѨL#\ACCL9RD cG9xhv6/}Rex~>tbn;UOBe, R@F}m^Dޑ>1`0ur 6Nk7[*8v{QT)+ w0)[4<▨;V=ʂ-w#ϐ։@:OXVN0mn^+/<v\"k1O+{6d-S?/LڋwFq"_K\JT7d/~հHA7kRѓsSl RLRSHPK{pNBڧ!\ f'b5o.! 6Wޭw4jߗ~WADĮSZwSޡЩ+Ls%db[%y\ hW*7 yJlIŖTsMv͹A @:`uGkLyΜ8qk:K)c38$ٖ_tYHlǴ[I?xb2RiYS7:2.ED9Q ̧GyP[v_{3R*ݦ|\`ț ()>?}˲k}\XaJھ#t%M-L6PH3 VfQD9-/?b}xکX$cS^-f F>lA!09kWZDmj@ g^Cy*E:==i SRҐ cFT<,bձ$^DKrr{a“ƘT|R7C j]ҳљ9$;e '5_VG\o% *UxML'k:}S@-GNLƳ~B,HSq2iWq0"U))iڇ] lGHC6t[-LVsX[yS/ErEvbp&/wi]j\T&EQ&ܼ NX'$<@Ʀ$?z pAɼʳv׬÷6= dZg=3EA!U1P6j#ލ繃 hK +@py".6!]]ט?~`)ڸ  Uaٕc%R4WdA0|JV{5#e6BIbS.s!t@*v,R%OҬ/%R+9Ou1f‘r12@U-hi,]sӘ:&KNZLdqA#64-ZP >u͞2Uto34F .eH '}y$<qyht|lѶCC=ehTVμt p(?zA*j;Z(۹<rq CeƑF|Xplb!uM,͇ &zJڻ.f53$5J [ͲX"V3/JRuL<5DKo孠ug0̪6.V6x/]Z`ɯ0%9 01䉜]w ݠ>p_ @?ҡ7VF 8OIC:1"WCn5я #X>?px5#%ɺam|zU'ɀ[x5ϧy-О੡IDΟq8{!`GIu^cjb%8A\f=-PğKfC՟]LR̡+|2+z_r2#)b*ShE^_9Ͷ-uiC*?9tϟE`cK|Bgx)ٸ|=?14y}=i.^udPBH?¢:#V?b[T^;/jynPD`#ʿxM L|CH+@xN7;/R6(=}IML ؛9t!:;8::gw!Z*/8RVqx8+ӕȻV"Mx(D-))\BgmZău` Ҟb/q7I+;ih|uzUf4a&, YhFW}ֵ.#3jJ~JA$ֶ(kw-mpJ!#U'"^o 칸i_N2fK fz}C/` B5ALmH&ZZ3MP]8PB&뤈̐4Ί&4Urw쫵:ыAHqcǬ]zx%**%Dk& 6u9<5@ZTvdUUĺ̜ڧ#^5ܼ/ZM3˄d 1[ߓC h;rFBJտx|H-b$aNHSHLo#uiϸQf$8X73ݑqQh\QQf)E*`sLLJF0>y]/F} (7`9<0W Lq])AxyťnXAbHtk4ke +[ː\/@c[r}YhG)b%JK&;bG݁wB#׋s^<(ξCv;P_++Ԟ2$kaYA ._]hXO0}f["yʂ+n]1]jpeM.ܨU>[3!@4MM{L6LD@跩9$f`ttfMZCpk; ,و2ϛwt{4׆vJDrӔt ߆9'p4F/J'e+;/nGw9jBw=j:P *Lmr5F2Ld S s-OJNf@TX֕㤄{^޳7ݭ@f#=]ErSKZ+eM$O53̯SPM8hV'ye!H~ۧm 5YrAȫnd/Ȏ}|fz"#=pjB2 OIJJ6Zx̫#q8;WBp ՙ.1px=mmS }I/b4WGcUmk cE+l /%I]@o"n ~KA\-pxK/(x b6EX-@QoF봲#x~ZLL @c~;u[/ jio.-wpi'B^*!pN&FoX=tI|B\4QA૯ ެ0