libssh-0.8.7-bp152.3.4

- Fix CVE-2019-14889: arbitrary command execution; (bsc#1158095)
  * Add CVE-2019-14889.patch

- Fix the typo in Obsoletes for -devel-doc subpackage
- Actually remove the description for -devel-doc subpackage

- Add support for new AES-GCM encryption types; (bsc#1134193)
  * Add 0001-libcrypto-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
  * Add 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
  * Add 0001-tests-Add-aes-gcm-ciphers-tests.patch

- Avoid build cycle between curl and libssh by using obs hint to
  prefer curl-mini

- Update to version 0.8.7
  * Fixed handling extension flags in the server implementation
  * Fixed exporting ed25519 private keys
  * Fixed corner cases for rsa-sha2 signatures
  * Fixed some issues with connector

- Drop doxygen from dependencies to avoid buildcycle
  * the documentation is available online anyway for anyone to
    consume and consult http://api.libssh.org

- Added the tests in a multiple build description file *test* to
  break the cycle for cmocka, curl, doxygen and libssh.

- Update to version 0.8.6
  * Fixed compilation issues with different OpenSSL versions
  * Fixed StrictHostKeyChecking in new knownhosts API
  * Fixed ssh_send_keepalive() with packet filter
  * Fixed possible crash with knownhosts options
  * Fixed issus with rekeying
  * Fixed strong ECDSA keys
  * Fixed some issues with rsa-sha2 extentions
  * Fixed access violation in ssh_init() (static linking)
  * Fixed ssh_channel_close() handling

- Update to version 0.8.5
  * Added support to get known_hosts locations with ssh_options_get()
  * Fixed preferred algorithm for known hosts negotiations
  * Fixed KEX with some server implementations (e.g. Cisco)
  * Fixed issues with MSVC
  * Fixed keyboard-interactive auth in server mode
    (regression from CVE-2018-10933)
  * Fixed gssapi auth in server mode (regression from CVE-2018-10933)
  * Fixed socket fd handling with proxy command
  * Fixed a memory leak with OpenSSL

- Update to version 0.8.4
  * Fixed CVE-2018-10933; (bsc#1108020)
  * Fixed building without globbing support
  * Fixed possible memory leaks
  * Avoid SIGPIPE on sockets

- Update to version 0.8.3
  * Added support for rsa-sha2
  * Added support to parse private keys in openssh container format
    (other than ed25519)
  * Added support for diffie-hellman-group18-sha512 and
    diffie-hellman-group16-sha512
  * Added ssh_get_fingerprint_hash()
  * Added ssh_pki_export_privkey_base64()
  * Added support for Match keyword in config file
  * Improved performance and reduced memory footprint for sftp
  * Fixed ecdsa publickey auth
  * Fixed reading a closed channel
  * Added support to announce posix-rename@openssh.com and
    hardlink@openssh.com in the sftp server
- Removed patch: 0001-poll-Fix-size-types-in-ssh_event_free.patch

- Update to version 0.8.2
  * Added sha256 fingerprints for pubkeys
  * Improved compiler flag detection
  * Fixed race condition in reading sftp messages
  * Fixed doxygen generation and added modern style
  * Fixed library initialization on Windows
  * Fixed __bounded__ attribute detection
  * Fixed a bug in the options parser
  * Fixed documentation for new knwon_hosts API
- Added patch: 0001-poll-Fix-size-types-in-ssh_event_free.patch
  * Fix compiler warning on SLE12

- Add missing zlib-devel dependency which was previously pulled in
  by libopenssl-devel

- Remove the libssh_threads.so symlink

- Update to version 0.8.1
  * Fixed version number in the header
  * Fixed version number in pkg-config and cmake config
  * Fixed library initialization
  * Fixed attribute detection

- Update to version 0.8.0
  * Removed support for deprecated SSHv1 protocol
  * Added new connector API for clients
  * Added new known_hosts parsing API
  * Added support for OpenSSL 1.1
  * Added support for chacha20-poly1305 cipher
  * Added crypto backend for mbedtls crypto library
  * Added ECDSA support with gcrypt backend
  * Added advanced client and server testing using cwrap.org
  * Added support for curve25519-sha256 alias
  * Added support for global known_hosts file
  * Added support for symbol versioning
  * Improved ssh_config parsing
  * Improved threading support
- Removed 0001-libcrypto-Remove-AES_ctr128_encrypt.patch
- Removed 0001-libcrypto-Introduce-a-libcrypto-compat-file.patch
- Removed 0001-libcrypto-Use-newer-API-for-HMAC.patch
- Removed 0001-libcrypto-Use-a-pointer-for-EVP_MD_CTX.patch
- Removed 0001-libcrypto-Use-a-pointer-for-EVP_CIPHER_CTX.patch
- Removed 0001-pki_crypto-Use-getters-and-setters-for-opaque-keys-a.patch
- Removed 0001-threads-Use-new-API-call-for-OpenSSL-CRYPTO-THREADID.patch
- Removed 0001-cmake-Use-configure-check-for-CRYPTO_ctr128_encrypt.patch
- Removed 0001-config-Bugfix-Dont-skip-unseen-opcodes.patch

- Disable timeout testing on slow build systems (bsc#1084713)
  * 0001-disable-timeout-test-on-slow-buildsystems.patch

- Add patch to fix parsing of config files (boo#1067782):
  * 0001-config-Bugfix-Dont-skip-unseen-opcodes.patch

- add support for building with OpenSSL 1.1 (bsc#1055266)
  * added patches:
  * 0001-cmake-Use-configure-check-for-CRYPTO_ctr128_encrypt.patch
  * 0001-libcrypto-Introduce-a-libcrypto-compat-file.patch
  * 0001-libcrypto-Remove-AES_ctr128_encrypt.patch
  * 0001-libcrypto-Use-a-pointer-for-EVP_MD_CTX.patch
  * 0001-libcrypto-Use-a-pointer-for-EVP_CIPHER_CTX.patch
  * 0001-libcrypto-Use-newer-API-for-HMAC.patch
  * 0001-pki_crypto-Use-getters-and-setters-for-opaque-keys-a.patch
  * 0001-threads-Use-new-API-call-for-OpenSSL-CRYPTO-THREADID.patch

- add package keyring and verify source signature