nghttp2-python-1.39.2-bp152.2.4

- Require correct library from devel package - boo#1125689

- Update to version 1.39.2 (bsc#1146184, bsc#1146182):
  * This release fixes CVE-2019-9511 ?Data Dribble? and CVE-2019-9513
  ?Resource Loop? vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2
  frames cause Denial of Service by consuming CPU time. Check out
  https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
  for details. For nghttpx, additionally limiting inbound traffic by
  - -read-rate and --read-burst options is quite effective against
  this kind of attack.
  * Add nghttp2_option_set_max_outbound_ack API function
  * nghttpx: Fix request stall

- Update to version 1.39.1:
  * This release fixes the bug that log-level is not set with
    cmd-line or configuration file. It also fixes FPE with default
    backend.
- Changes for version 1.39.0:
  * libnghttp2 now ignores content-length in 200 response to
    CONNECT request as per RFC 7230.
  * mruby has been upgraded to 2.0.1.
  * libnghttp2-asio now supports boost-1.70.
  * http-parser has been replaced with llhttp.
  * nghttpx now ignores Content-Length and Transfer-Encoding in 1xx
    or 200 to CONNECT.
- Drop no longer needed boost170.patch

- Update to 1.38.0:
  * This release fixes the bug that authority and path altered by per-pattern mruby script can affect backend selection on retry.
  * It also fixes the bug that HTTP/1.1 chunked request stalls.
  * Now nghttpx does not log authorization request header field value with -LINFO.
  * This release fixes possible backend stall when header and request body are sent in their own packets.
  * The backend option gets weight parameter to influence backend selection.
  * This release fixes compile error with BoringSSL.
- Add patch from upstream to build with new boost bsc#1134616:
  * boost170.patch

- Update to 1.36.0
  * build: disable shared library if ENABLE_SHARED_LIB is off
  * third-party: use http-parser to v2.9.0 (GH-1294)
  * third-party: Update mruby to 2.0.0
  * nghttpx: Pool h1 backend connection per address (GH-1292)
  * nghttpx: Randomize backend address round robin order per thread
    (GH-1291)
  * nghttpx: Fix getting long SNs for openssl < 1.1 (GH-1287)
  * h2load: add an option to write per-request logs (GH-1256)
  * asio: added access to # of the current server port (GH-1257)

- Use multibuild to not pull in python3 in first build, nghttp2
  is low in the system

- Update to version 1.35.1:
  * nghttpx: Fix broken trailing slash handling (GH-1276)
- Changes for version 1.35:
  * build: cmake: Fix libevent version detection (Patch from Jan Kundrát) (GH-1238)
  * lib: Use __has_declspec_attribute for shared builds (Patch from Don) (GH-1222)
  * src: Require C++14 language feature
  * nghttpx: Write mruby send_info early
  * nghttpx: Fix assertion failure on mruby send_info with HTTP/1 frontend
  * h2load: Handle HTTP/1 non-final response (GH-1259)
  * h2load: Clarify that time for connect includes TLS handshake

- Update to version 1.34.0: (bsc#1112438, FATE#326776)
  * lib: Implement RFC 8441 :protocol support
  * nghttpx: Add read/write-timeout parameters to backend option
  * nghttpx: Fix mruby parameter validation in backend option
  * nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2
  * nghttpx: Update neverbleed to fix OpenSSL 1.1.1 issues
  * nghttpx: Update mruby 1.4.1
  * nghttpx: Add mruby env.tls_handshake_finished
  * nghttpx: Add --tls13-ciphers and --tls-client-ciphers options
  * nghttpx: Add RFC 8470 Early-Data header field support
  * nghttpx: Add RFC 8446 TLSv1.3 0-RTT early data support

- Update to version 1.33.0:
  * lib: Tweak nghttp2_session_set_stream_user_data
  * lib: Fix handling of SETTINGS_MAX_CONCURRENT_STREAMS.
  * lib: Implement ORIGIN frame
  * asio: support definition of local endpoint for cleartext
    client session
  * integration: Remove remaining SPDY code from the integration tests
  * nghttpx: Fix worker process crash with neverbleed write error
  * nghttpx: Support per-backend mruby script
  * nghttpx: Fix stream reset if data from client is arrived before
    dconn is attached

- Update to version 1.32.0:
  * lib: Ignore all input after calling session_terminate_session
  * lib: Fix treatment of padding
  * lib: Don't allow 101 HTTP status code because HTTP/2 removes
    HTTP Upgrade
  * build: add ENABLE_STATIC_LIB option to build static lib
  * third-party: Upgrade neverbleed to the latest master
  * asio: Support client side SNI
  * src: Compile with libressl 2.7.2
  * src: Allow building without NPN
  * h2load: -r and --duration are mutually exclusive

- Version umpdate to 1.31.1:
  * Fix bsc#1088639 CVE-2018-1000168
  * https://nghttp2.org/blog/2018/04/12/nghttp2-v1-31-1/

- Version update to 1.31.0:
  * lib: Add nghttp2_session_set_user_data() public API function (GH-1137)
  * src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro (GH-1128)
  * nghttpx: Close listening socket on graceful shutdown
  * nghttpx: Add an option to accept expired client certificate (GH-1126)
  * nghttpx: Add mruby tls_client_not_before, and tls_client_not_after (GH-1123)
  * nghttpx: Fix potential memory leak
  * lib: Allow PING frame to be sent after GOAWAY (GH-1103)
  * nghttpx: Fix bug that h1 backend idle timeout expires sooner
  * nghttpx: Stop overwrite of first header on mruby call to env.req.set_header(..) (Patch from Dylan Plecki) (GH-1119)
  * nghttpx: Add upgrade-scheme parameter to backend option (GH-1099)
  * nghttpx: Fix missing ALPN validation (--npn-list) (GH-1094)
  * nghttpx: Remember which resource is pushed for RFC 8297 (GH-1101)

- Drop spdylay dependency as it is deprecated since version 1.28.0
  and removed from cofnigure.ac since 1.29.0

- Use %license (boo#1082318)

- Update to version 1.29.0:
  * lib: Use NGHTTP2_REFUSED_STREAM for streams which are closed by
    GOAWAY
  * build: Remove SPDY
  * build: Fix CMAKE_MODULE_PATH
  * nghttpx: Revert "nghttpx: Use an existing h2 backend connection
    as much as possible"
  * nghttpx: Write API request body in temporary file
  * nghttpx: Increase api-max-request-body
  * nghttpx: Faster configuration loading with lots of backends
  * nghttpx: Fix crash with --backend-http-proxy-uri option

- Export PYTHON=/usr/bin/python3 before running configure: allow to
  build without (comnplete) python2 in the buildroot. In any case
  we only ship python3-bindings already.

- Upodate to version 1.28.0:
  * lib: Add nghttp2_error_callback2
  * build: Add deprecation warning when spdylay support is enabled
  * Switch to clang-format-5.0
  * examples: Make client and server work with libevent-2.1.8
  * third-party: Update neverbleed
  * integration: Fix issues reported by the go vet tool.
  * nghttpx: Fix affinity retry
  * nghttpx: Fix stalled backend connection on retry
  * nghttpx: Cookie based session affinity
  * nghttpx: Expose additional TLS related variables to mruby and
    accesslog

- Drop forgotten python2 build dependency

- Update to version 1.27.0:
  * h2load: Print out h2 header fields with --verbose option
  * nghttpx: Send non-final response to HTTP/1.1 or HTTP/2 client
    only
- Changes for version 1.26.0:
  * docs: Fix some typos in the nghttpx how-to
  * h2load: Fix bug that timing script stalls with -m1
  * h2load: Reservoir sampling (GH-984)
  * h2load: Add timing-based load-testing in h2load
- Switch to python3 support

- Don't use jemalloc on ppc or %arm, where it is broken.