xmlsec1-1.2.37-150400.14.3.4

- switch to pkgconfig(zlib) to allow alternative providers as well

- update to 1.2.37:
  Fixed two regressions from 1.2.36 release

- Update to 1.2.36:
  * Retired the XMLSec mailing list "xmlsec@aleksey.com" and the
    XMLSec Online Signature Verifier.
- Update to 1.2.35:
  * Migration to OpenSSL 3.0 API (based on PR by @snargit). Note
    that OpenSSL engines are disabled by default when XMLSec
    library is compiled against OpenSSL 3.0. To re-enable OpenSSL
    engines, use "--enable-openssl3-engines" configure flag (there
    will be a lot of deprecation warnings).
  * The OpenSSL before 1.1.0 and LibreSSL before 2.7.0 are now
    deprecated and will be removed in the future versions of
    XMLSec Library.
  * Refactored all the integer casts to ensure cast-safety. Fixed
    all warnings and enabled "-Werror" and "-pedantic" flags on
    CI builds.
  * Added configure flag to use size_t for xmlSecSize (currently
    disabled by default for backward compatibility).
  * Moved all CI builds to GitHub actions.

- Add export CFLAGS/CXXFLAGS="-Wno-error=deprecated-declarations"
  inbefore configure. We pass --enable-werror to configure, and
  that leads to warnings about deprecations failing build. As
  deprecations is mainly a consern for upstream, stop failing on
  those.

- update to 1.2.34:
  * Support for OpenSSL compiled with OPENSSL_NO_ERR.
  * Full support for LibreSSL 3.5.0 and above
  * Several other small fixes

- update to 1.2.33:
  * Fix decrypting session key for two recipients
  * Added --privkey-openssl-engine option to enhance openssl engine support

- update to 1.2.32:
  + Remove MD5 for NSS 3.59 and above
  + Fix PKCS12_parse return code handling
  + Fix OpenSSL lookup
  + xmlSecX509DataGetNodeContent(): don't return 0 for non-empty
    elements - fix for LibreOffice
- add upstream signing key and validate source signature
- put license text into all subpackages
- treat all compiler warnings as errors

- Relax the crypto policies for the test-suite. This allows the
  tests using certificates with small key lengths to pass.

- Update to version 1.2.31:
  + Unload error strings in OpenSSL shutdown.
  + Make userData available when executing preExecCallback
    function.
  + Add an option to use secure memset.
- Pass --disable-md5 to configure: The cryptographic strength of
  the MD5 algorithm is sufficiently doubtful that its use is
  discouraged at this time. It is not listed as an algorithm in
  [XMLDSIG-CORE1]
  https://www.w3.org/TR/xmlsec-algorithms/#bib-XMLDSIG-CORE1

- Update to 1.2.30:
  * Enabled XML_PARSE_HUGE for all xml parsers.
  * Various build and tests fixes and improvements.
  * Move remaining private header files away from xmlsec/include/ folder.

- Version update to 1.2.25:
  * Various small fixes
  * Coverity cleanups
  * Removed support for old openssl

- Version update to 1.2.24:
  * Added ECDSA-SHA1, ECDSA-SHA256, ECDSA-SHA512 support
  for xmlsec-nss.
  * Fixed XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS
  handling.
  * Disabled external entities loading by xmlsec utility app by
  default to prevent XXE attacks.
  * Improved OpenSSL version and features detection.
  * Cleaned up, simplified, and standardized internal error
  reporting.
  * Fixed a few Coverity-discovered bugs.
  * Marked as deprecated all the functions in xmlsec/soap.h file
  and a couple other functions no longer required by xmlsec.
  These functions will be removed in the future releases.
  * Several other small fixes (see commit log for more details).

- Fixed dependencies with libraries (bsc#1012246):
  * libxmlsec1-openssl.so
  * libxmlsec1-gcrypt.so
  * libxmlsec1-gnutls.so
  * libxmlsec1-nss.so

- Version update to 1.2.23:
  * Full support for OpenSSL 1.1.0
  * Several other small fixes

- Version update to 1.2.22 (fate#320861):
  * see the ChangeLog for most detailed output
  * openssl 1.1 support
  * Few features from libreoffice for integrated
  * Run the testsuite

- update to 1.2.20:
  * fix a number of miscellaneous bugs
  * update expired or soon-to-be-expired certificates in test suite

- Initial packaging of xmlsec1 for SUSE

- Update to 1.2.28:
  * Added BoringSSL support (chenbd).
  * Added gnutls-3.6.x support (alonbl).
  * Added DSA and ECDSA key size getter for MSCNG (vmiklos).
  * Added --enable-mans configuration option (alonbl).
  * Added coninuous build integration for MacOSX (vmiklos).
  * Several other small fixes (more details).

- Make sure to recommend at least one backend when you install
  just xmlsec1

- Drop the gnutls backend as based on the tests it is quite borked:
  * We still have nss and openssl backend for people to use

- Version update to 1.2.27:
  * Added AES-GCM support for OpenSSL and MSCNG (snargit).
  * Added DSA-SHA256 and ECDSA-SHA384 support for NSS (vmiklos).
  * Added RSA-OAEP support for MSCNG (vmiklos).
  * Continuous build integration in Travis and Appveyor.
  * Several other small fixes (more details).

- Add rplintrc to avoid bogus errors:
  * xmlsec1-rpmlintrc

- Fixed (bsc#1104876).  Added: Requires: %{libname} = %{version} to each module
  in the spec file. This will ensure that when one of the modules is installed
  the corresponding version of libxmlsec1-1 will also be installed/upgraded.

- Version update to 1.2.26:
  * Added xmlsec-mscng module based on Microsoft Cryptography API: Next
    Generation
  * Added support for GOST 2012 and fixed CryptoPro CSP provider for GOST R
    34.10-2001 in xmlsec-mscrypto
  * Added LibreSSL 2.7 support
  * Upgraded documentation build process to support the latest gtk-doc