Version 2.7.2 - robustness improvements

This release add two "good practice" security fixes and a number of smaller improvements

• Security
  • call setgroups before setuid or setgid (kkaempf)
  • harden systemd service (https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort)
• Bugfixes
  • wsman-win-client-transport: initialize certificate pointer (Alexander Usyskin)
  • iniparser: fix buffer size (Alexander Usyskin)
  • wsman-win-client-transport: plug leak in error path (Alexander Usyskin)
  • memory.c: fix memory cleanup (Alexander Usyskin)
  • Improve handling of HTTP 401 Unauthorized (Vitezslav Crhonek)
  • Fix serialization tests (kkaempf)
  • Fix Ruby bindings warnings (kkaempf)
  • Fix Ruby plugin loading test (kkaempf)
  • Fix rpm packaging (kkaempf)
  • Allow to run tests from 'build' directory (kkaempf)
  • Add Python XML test (kkaempf)
  • Enable CUNIT tests (kkaempf)

v2.7.1 - bugfix release

• Bugfixes
  • msvc build fixes (Alexander Usyskin)
  • cleanup passwords after use (Alexander Usyskin)
  • drop RANDFILE in owsmangencert.h (kkaempf)
  • fix potential NULL pointer dereference (Alexander Usyskin)
  • MinGW build enablement (Bastian Germann)

Version 2.7.0 - minor API changes !

• API change
  • client_opt: expiry and hearbeat_interval are float (Alexander Usyskin)
    wsmc_set_sub_expiry() and wsmc_set_heartbeat_interval() change their
    first parameter from int to float
  • bump so version of libwsman_client from 4 to 5
  • new functions for C++ bindings: OpenWsmanClient::GetWithFlags()
    and OpenWsmanClient::PutWithFlags to add a 'flags' parameter
    (Alexander Usyskin)
  • add FLAG_SUPRESS_100_CONTINUE to options, fixes #131 to workaround
    a curl problem. Reportedly curl 7.69.0 fixes this also in curl.
    (Alexander Usyskin)
  • fixed several compiler warnings (Alexander Usyskin)
  • fixed spelling errors (Tomas Winkler)

Version 2.6.11 - bugfix update

Version 2.6.10 had a double-free bug in the events error processing. This is fixed by 2.6.11.

Version 2.6.10 - security update

• Pthread usage fixes (Alexander Usyskin)
• Convert sprintf to snprintf and strcpy to strncpy (Tomas Winkler)
• Fix configure for Windows (Alexander Usyskin)
• Fix possible denial of service (Adam Majer, Klaus Kaempf)
  CVE-2019-3833:
  "Openwsman, versions up to and including 2.6.9, are vulnerable to
  infinite loop in process_connection() when parsing specially crafted
  HTTP requests. A remote, unauthenticated attacker can exploit this
  vulnerability by sending malicious HTTP request to cause denial of
  service to openwsman server."
• Many potential NULL dereferences fixed (Alexander Usyskin)

Version 2.6.9 - CURL 7.62 adaption, openSSL 1.1.0 support

Main change is build enablement against CURL 7.62 and support for the openSSL 1.1.0 API

Other changes

• fix build on VS2017 (#114)
• warn on empty ssl_cipher_list (#111)
• improve winrs compatibility (#83)

Version 2.6.8 - security fix

This version disables directory listing in the http(s) component.

Version 2.6.7 - CMake 2.6 support

This release builds with CMake 2.6 (or later)

• Bugfixes
  • fix return value check for SSL_CTX_set_cipher_list()
  • fix pam config for local install

Version 2.6.6 - OpenSSL 1.1.0 support

This release provides OpenSSL 1.1.0 compatibility

Version 2.6.5 - Python3 and Ruby 2.5

This release supports Python3 and Ruby 2.5 for the bindings component.

• Bugfixes
  • Replace obsolete pam modules with standard ones (kukuk@suse.de)
  • Include shttpd_config.h in tarball (olaf@aepfle.de)
  • Build with Python 3
  • Build with Ruby 2.5