socat-1.8.0.2-160000.2.3

- Update to 1.8.0.2:
  - Security fix for readline.sh: arbitrary file overwrite via predictable /tmp
    directory (bsc#1225462 CVE-2024-54661)
- Update to 1.8.0.1:
  - Bug fixes
  - UDP-SENDTO, UDPLITE-SENDTO, and IP-SENDTO addresses now select an IPv4
    address in case the server name resolves to both IPv4 and IPv6 addresses.
  - Guard applyopts_termios_value() with WITH_TERMIOS.
  - In some situations xioclose() was called nested what could cause hanging
    of OpenSSL in pthread_rwlock_wrlock().
  - socat 1.8.0.0 with addresses of type RECVFROM and option fork, where the
    second address failed to connect/open in the child process, entered a
    fork loop that was only stopped by FD exhaustion caused by FD leak.
  - socat 1.8.0.0 had an FD leak with addresses of type RECVFROM with fork.
  - With version 1.8.0.0, options ipv6-join-group and ipv6-join-source-group
    did not work.
  - IP-SENDTO and option pf (protocol-family) with protocol name (vs.numeric
    argument) failed with message: E retropts_int(): trailing garbage in
    numerical arg of option "protocol-family".
  - Fixed a possible buffer overrun with long log lines. In fact it does not
    write beyond end of buffer but lets pass excessive data to the write()
    function.
  - Reworked domain name resolution, centralized IPv4/IPv6 sorting.
  - Print warning about not checking CRLs in OpenSSL only in the first child
    process.
  - Features
  - Total inactivity timeout option -T 0 now means 0.0 seconds;
  - Changed socat-chain.sh, socat-mux.sh, and socat-broker.sh to work with
    older Socat versions.
  - socat-mux.sh and socat-broker.sh, when run as root, now internally use
    low (512..1023) UDP ports to increase security.
  - Added option ai-all (sets AI_ALL flag of getaddrinfo() resolver)
  - Socks5 now also allows syntax without socks port, and supports option
    socksport.
- Removed 0004-udp-listen-bind4.patch (fixed by upstream socat-1.8.0.1).
- Refreshed socat-test-without-tty.patch to match socat-1.8.0.1.

- 0004-udp-listen-bind4.patch: fixed a UDP listen error (bsc#1226459)

- Update to 1.8.0.0:
  * Support for network namespaces (option netns)
  * TCP client now automatically tries all addresses (IPv4 and IPv6) provided by nameserver until success
  * Implementation of POSIX message queue (mq) control and access on Linux (addresses POSIXMQ-READ and following)
  * New wrapper script socat-chain.sh allows to stack two addresses, e.g.HTTP proxy connect over SSL
  * New script socat-mux.sh allows n-to-1 / 1-to-n communications
  * New script socat-broker.sh allows group communications
  * Experimental socks5 client feature
  * Address ACCEPT-FD for systemd "inetd" mode
  * UDP-Lite and DCCP address types
  * Addresses SOCKETPAIR and SHELL
  * New option bind-tmpname allows forked off children to bind UNIX domain client sockets to random unique pathes
  * New option retrieve-vlan (with INTERFACE addresses) now makes kernel keep VLAN tags in incoming packets
  * Simple statistics output with Socat option --statistics and with SIGUSR1
  * A couple of new options, many fixes and corrections, see file CHANGES
- Drop socat-common-fixes.patch (no longer necessary)
- Refactor socat-ignore-tests-failure-boo1078346.patch (test suite no longer exits at this stage)
- Add socat-test-dhparam fixture (reduce build load and time)
- Add socat-test-without-tty.patch for testing without tty.
- Note: This version introduces "socat1", linking to "socat"
- Note: This version introduces additional shell scripts, those are shipped in a new "socat-extra" subpackage

- Update to 1.7.4.4:
  * FIX: In error.c msg2() there was a stack overflow on long messages: The
    terminating \0 Byte was written behind the last position.
  * FIX: UDP-RECVFROM with fork sometimes terminated when multiple packets
    arrived.
  * FIX: a couple of weaknesses and errors when accessing invalid or
   incompatible file system entries with UNIX domain, file, and generic
    addresses.
  * FIX: bad parser error message on "socat /tmp/x\"x/x -"
- Drop socat-fix-asan-error.patch

- Use autosetup
- Add socat-fix-asan-error.patch that is offered to upstream
  and that fixes an ASAN error seen for 'test 313 NESTEDOVFL'.

- update to 1.7.4.3:
  * fixes the TCP_INFO issue that broke building on non-Linux platforms.
  * building on AIX works again.
  * A few more corrections and improvements have been added

- Update to version 1.7.4.2:
  * Fixes a lot of bugs, e.g., for options -r and -R.
  * Further bugfixes, see the CHANGES file

- update to 1.7.4.1:
  Security:
  * Buffer size option (-b) is internally doubled for CR-CRLF conversion,
    but not checked for integer overflow. This could lead to heap based buffer
    overflow, assuming the attacker could provide this parameter.
  * Many further bugfixes and new features, see the CHANGES file

- Update to version 1.7.3.4:
  * bugfix release, see the CHANGES file for all changes
- Refresh patches:
  * socat-common-fixes.patch
  * socat-ignore-tests-failure-boo1078346.patch

- socat-common-fixes.patch: include tcpd.h where needed to fix
  - fno-common bsc#1160293