znc-1.8.2-bp154.1.31

- Update to 1.8.2:
  * Polish translation
  * List names of translators in TRANSLATORS.md file in source,
    as this contribution isn't directly reflected in git log
  * During --makeconf warn about listening on port 6697 too, not only about 6667 (#1734)
  * webadmin: When confirming deletion of a network and selecting No,
    redirect to the edituser page instead of listusers page (#1751)
  * Make more client command results translateable, which were missed before

- update to 1.8.1:
  * Authenticated users can trigger an application crash
  (with a NULL pointer dereference) if echo-message is not enabled
  and there is no network. (bsc#1172446, CVE-2020-1377)

- Use pristine linker flags
- Use systemd orering to allow working in environments without
  running systemd

- Update to 1.8.0:
  * Output of various commands (e.g. /znc help) was switched from a table to a list
  * Support IP while verifying SSL certificates (#1504)
  * Make it more visible that admins have lots of privileges
  * Fix null dereference on startup when reading invalid config (#1585)
  * Don't show server passwords on ZNC startup (#1599)
  * Fix build with newer OpenSSL (#1688)
  * Fix in-source CMake build
  * Fix echo-message for *status (#1705)
  * controlpanel: Add already supported NoTrafficTimeout User variable to help output
  * Support python 3.9 (#1702)
  * modtcl: Added GetNetworkName (#1658)
  * partyline: Module is removed (#1632)
  * q: Module is removed (#786)
  * route_replies: Handle more numerics (#1421) (#1659) (#1660)
  * sasl: Fix sending of long authentication information (#942)
  * shell: Unblock signals when spawning child processes (#1590)
  * simple_away: Convert to UTC time (#1506)
  * watch: Better support multiple clients (#1701)
  * webadmin: Better wording for TrustPKI setting (#1670) (#1711) (#1713)
  * Refactor the way how SSL certificate is checked to simplify
    future socket-related refactors (#1697)
  * Various improvements for translation CI
  * Normalize variable name sUserName/sUsername (#1546)
  * Make de-escaping less lenient (#1715)

- Update to 1.7.5:
  * modpython: Add support for Python 3.8
  * modtcl: install .tcl files when building with CMake
  * nickserv: report success of Clear commands
  * Update translations, add Italian, Bulgarian, fix name of Dutch
  * Update error messages to be clearer
  * Add a deprecation warning to ./configure to use CMake instead in addition to an already existing warning in README

- Use swig to build bindings

- Update to version 1.7.4:
  * This is a security release to fix CVE-2019-12816 boo#1138572
  * Send "Connected!" messages to client to the correct nick

- Update to version 1.7.3:
  * This is a security release to fix CVE-2019-9917.
  * Docker only: the znc image now supports --user option of docker
    run.
- Drop no longer needed znc-CVE-2019-9917.patch

- Fix boo#1130360 CVE-2019-9917
  * znc-CVE-2019-9917.patch

- Update to version 1.7.2:
  * Fix compilation without deprecated APIs in OpenSSL (#1615)
  * Distinguish Channel CTCP Requests and Replies (#1624)
  * admindebug: Enforce need of TTY to turn on debug mode (#1580)
  * controlpanel: Add missing return to ListNetMods (#1589)
  * webadmin: Fix adding the last allowed network (#1584)

- Update to version 1.7.1:
  * Security critical fixes[edit]
    + CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf.
    + CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name.
  * Core
    + Fix znc-buildmod to not hardcode the compiler used to build ZNC anymore in CMake build (#1536)
    + Fix language selector. Russian and German were both not selectable.
    + Fix build without SSL support (#1554)
    + Fix several broken strings
    + Stop spamming users about debug mode. This feature was added in 1.7.0, now reverted. (#1541)
  * New
    + Add partial Spanish, Indonesian, and Dutch translations
  * Modules
    + adminlog: Log the error message again (regression of 1.7.0) (#1557)
    + admindebug: New module, which allows admins to turn on/off --debug in runtime (#1556)
    + flooddetach: Fix description of commands (#1548)
    + modperl: Fix memory leak in NV handling
    + modperl: Fix functions which return VCString (#1543)
    + modpython: Fix functions which return VCString (#1543)
    + webadmin: Fix fancy CTCP replies editor for Firefox. It was showing the plain version even when JS is enabled
  * Internal
    + Deprecate one of the overloads of CMessage::GetParams(), rename it to CMessage::GetParamsColon()
    + Don't throw from destructor in the integration test
    + Fix a warning with integration test / gmake / znc-buildmod interaction.
- Drop upstream patches:
  * znc-inject2.patch
  * znc-inject.patch
  * znc-traversal.patch

- Fix boo#1101280 CVE-2018-14056
  * znc-traversal.patch
- Fix boo#1101281 CVE-2018-14055
  * znc-inject.patch
  * znc-inject2.patch
- Fix building on Leap-42* by using less strict linker flags

- Define systemd unitdir for cmake

- Update to version 1.7.0:
  * Add CMake build. Minimum supported CMake version is 3.1. For now ZNC can be built with either CMake or autoconf. In future autoconf is going to be removed.
  * Currently znc-buildmod requires python if CMake was used; if that's a concern for you, please open a bug.
  * Increase minimum GCC version from 4.7 to 4.8. Minimum Clang version stays at 3.2.
  * Make ZNC UI translateable to different languages (only with CMake), add partial Russian and German translations. (#1237) (#1354) (#1462)
  * If you want to translate ZNC to your language, please join https://crowdin.com/project/znc-bouncer
  * Configs written before ZNC 0.206 can't be read anymore (#929)
  * Implement IRCv3.2 capabilities away-notify, account-notify, extended-join (#315) (#316)
  * Implement IRCv3.2 capabilities echo-message, cap-notify on the "client side" (#950)
  * Update capability names as they are named in IRCv3.2: znc.in/server-time-iso→server-time, znc.in/batch→batch. Old names will continue working for a while, then will be removed in some future version.
  * Make ZNC request server-time from server when available (#839)
  * Increase accepted line length from 1024 to 2048 to give some space to message tags
  * Separate buffer size settings for channels and queries (#967)
  * Support separate SSLKeyFile and SSLDHParamFile configuration in addition to existing SSLCertFile (#1192)
  * Add "AuthOnlyViaModule" global/user setting (#331)
  * Added pyeval module
  * Added stripcontrols module (#387)
  * Add new substitutions to ExpandString: %empty% and %network%. (#1049) (#1139)
  * Stop defaulting real name to "Got ZNC?" (#818)
  * Make the user aware that debug mode is enabled. (#1446)
  * Added ClearAllBuffers command (#852)
  * Don't require CSRF token for POSTs if the request uses HTTP Basic auth. (#946)
  * Set HttpOnly and SameSite=strict for session cookies (#1077) (#1450)
  * Add SNI SSL client support (#1200)
  * Add support for CIDR notation in allowed hosts list and in trusted proxy list (#207) (#1219)
  * Add network-specific config for cert validation in addition to user-supplied fingerprints: TrustAllCerts, defaults to false, and TrustPKI, defaults to true. (#866)
  * Add /attach command for symmetry with /detach. Unlike /join it allows wildcards.
  * Timestamp format now supports sub-second precision with %f. Used in awaystore, listsockets, log modules and buffer playback when client doesn't support server-time (#1455)
  * Build on macOS using ICU, Python, and OpenSSL from Homebrew, if available (#894)
  * Remove --with-openssl=/path option from ./configure. SSL is still supported and is still configurable
- Update dependencies
- Run spec-cleaner
- Use cmake for building

- Update to version 1.6.6:
  * Fix use-after-free in znc --makepem. It was broken for a long
    time, but started segfaulting only now. This is a useability
    fix, not a security fix, because self-signed (or signed by a
    CA) certificates can be created without using --makepem, and
    then combined into znc.pem.

- Cleanup of spec file with spec-cleaner

- Update project url

- Update to version 1.6.5:
  * Fixed a regression of 1.6.4 which caused a crash in modperl/modpython. (#1283)
  * Fixed the behavior of verbose command in the sasl module. (#1291)

- Drop extra hardening flags

- Slightly trim descriptions.

- Update to version 1.6.4 (boo#1017182):
  * Fixed build with OpenSSL 1.1. (#1310)
  * Fixed build on Cygwin.
  * Fixed a segfault after cloning a user. The bug was introduced in ZNC 1.6.0. (#1340)
  * Fixed a segfault when deleting a user or network which is waiting for DNS during connection. The bug was introduced in ZNC 1.0. (#1342)
  * Fixed a segfault which could be triggered using alias module. (#1347)
  * Fixed an error in controlpanel module when setting the bindhost of another user.
  * Fixed route_replies to not cause client to disconnect by timeout. (#1299)
  * Fixed compatibility with the Gitter IRC bridge. (#1321)
  * Fixed OnInvite for modpython and modperl. (#1283)
  * Fixed external location of GoogleTest for make test.

- Update changelog with missed issue boo#973088 (update to 1.6.3)

- Update to 1.6.3
  * New character encoding is now applied immediately, without
    reconnect.
  * Fixed build with LibreSSL. (#594)
  * Fixed error 404 when accessing the web UI with the configured
    URI prefix, but without the / in the end.
  * znc-buildmod now exits with non-zero exit code when the .cpp
    file is not found. (#1226)
  * Fixed znc-buildmod on Cygwin.
  * ExpandString got expanded.
  * Default quit message is switche
- Small spec file cleanup

- Update to 1.6.2
  * fixes
  + Fixed a use-after-delete in webadmin. It was already
  partially fixed in ZNC 1.4; since 1.4 it has been still
  possible to trigger, but much harder.
  + Fixed a startup failure when awaynick and simple_away were
  both loaded, and simple_away had arguments.
  + Fixed a build failure when using an ancient OpenSSL version.
  + Fixed a build failure when using OpenSSL which was built
  without SSLv3 support.
  + Bindhost was sometimes used as ident.
  + CAP :END wasn't parsed correctly, causing timeout during
  login for some clients.
  + Fixed channel keys if client joined several channels in
  single command.
  + Fixed memory leak when reading an invalid config.
  * autovoice
  + Check for autovoices when we are opped.
  * controlpanel
  + Fixed DelCTCPReply case-insensitivity.
  * dcc
  + Add missing return statement. It was harmless.
  * modpython
  + Fixed a memory leak.
  * modules_online
  + Wrong ident was used before.
  * stickychan
  + Fixed to unstick inaccessible channels to avoid infinite
  join loops.
  * internal changes
  + Fixed the nick passed to CModule::OnChanMsg() so it has
  channel permissions set.
  + Fixed noisy -Winconsistent-missing-override compilation
  warnings.
  + Initialized some fields in constructors of modules before
  OnLoad().
- Make building more verbose
- Partially fixes bsc#956254 - CVE-2014-9043

- Update to 1.6.1:
  * Fixed the problem that channels were no longer removed from the config despite
  of chansaver being loaded.
  * Fixed query buffer size for users who have the default channel buffer size set to 0.
  * Fixed a startup failure when simple_away was loaded after awaynick.
  * Fixed channel matching commands, such as DETACH, to be case insensitive.
  * Specified the required compiler versions in the configure script.
  * Fixed a rare conflict of HTTP-Basic auth and cookies.
  * Hid local IP address from the 404 page.
  * Fixed a build failure for users who have -Werror=missing-declarations in their CXXFLAGS.
  * Fixed CXXFLAGS=-DVERSION_EXTRA="foo" which is used by some distros to package ZNC.
  * Fixed znc-buildmod on Cygwin.
  * Fixed CThreadPool destructor to handle spurious wakeups.
  * Fixed make distclean to remove zncconfig.h.
  * Improved the error message about --datadir.
  * Fixed a compilation warning when HAVE_LIBSSL is not defined.
  * Fixed 'comparision' typos in CString documentation.
  * Added a non-minified version of the jQuery source code to make Linux distributions
  (Debian) happy, even though the jQuery license does not require this.
  * chansaver:
  * Fixed random loading behavior due to an uninitialized member variable.
  * modpython:
  * Fixed access to CUser::GetUserClients() and CUser::GetAllClients().
  * sasl:
  * Improved help texts for the SET and REQUIREAUTH commands. (#875)
  * savebuff:
  * Fixed periodical writes on the disk when the module is loaded after startup. (#868)
  * webadmin:
  * Fixed module checkboxes not to claim that all networks/users have loaded
    a module when there are no networks/users. (#872)
  * Added an explanation that ZNC was built without ICU support, when encoding
    settings are disabled for that reason.
  * Improved the breadcrumbs.
  * Mentioned ExpandString in CTCP replies.
  * Added an explanation how to delete port which is used to access webadmin.

- Update to 1.6.0:
  * Switch versioning scheme to <major>.<minor>.<patch>.  Add settings
  * for which SSL/TLS protocols to use (SSLProtocols),
  which ciphers to enable (SSLCiphers). By default TLSv1+ are enabled,
  SSLv2/3 are disabled. Default ciphers are what Mozilla advices:
  https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29
  * Validate SSL certificates.  Allow clients to specify an ID as part of
  * username
  (user[@identifier][/network]). Currently not used, but modules can
  use it.
  * Add alias module for ZNC-side command interception and processing.
  * Support character encodings with separate settings for networks,
  and for clients. It replaces older charset module, which didn't work
  well with webadmin, log and other modules.
  * Support X-Forwarded-For HTTP header, used with new TrustedProxy
  * setting.  Add URIPrefix option for HTTP listeners, used with reverse
  * proxy.  Store query buffers per query the same way it's done for
  * channels,
  add new option AutoClearQueryBuffer.
  * Add DisableChan command to *status, it was available only in
  webadmin before.
  * Allow wildcards in arguments of Help commands of *status and
  various modules.
  * Support IRCv3.2 batches, used for buffer playbacks.  Support IRCv3.2
  * self-message.  Remove awaynick module. It's considered bad etiquette.
  * Add JoinDelay setting, which allows a delay between
  connection to server, and joining first channel. By default it joins
  immediately after connect.
  * Make Detach, EnableChan and DisableChan commands of *status
  accept multiple channels.
  * znc-buildmod: Build output to the current working directory.  Wrap
  * long lines in tables (e.g. in Help or
  ListAvailMods commands).
  * Support ECDHE if available in OpenSSL.  Report ZNC version more
  * consistently, add HideVersion
  setting, which hides ZNC version from public.
  * Bump compiler requirements to support C++11. This means
  GCC 4.7+, Clang 3.2+, SWIG 3.0.0+.
- Drop support for old distributions since they lack support for
  C++11
- Drop package extra, all modules are now in znc
- Disable colloquy plugin since it fails to build
- Drop init script

- Rename znc-python to znc-python3
- Add signature and znc.keyring
- Reorder source names
- Correct (pre) dependencies for older releases of openSUSE

- Use proper licence
- Some tiny spec file cleanups

- Tighter dependency for perl
- Cleanup specfile

- Update to new version (1.4)
- Split to more packages
- Enable perl, python and tcl modules
- Remove obsolete modules
- Spec file cleanup