Update to 2.084

- New upstream release 2.084
  - Various fixes for edge cases and build: GH#136, GH#141, GH#142, GH#143,
    GH#145
  - Update documentation to reflect default SSL_version

IO-Socket-SSL-2.084-use-system-default-SSL-version.patch

@@ -10,7 +10,7 @@
      SSL_verify_callback => undef,
      SSL_verifycn_scheme => undef,  # fallback cn verification
      SSL_verifycn_publicsuffix => undef,  # fallback default list verification
-@@ -2438,7 +2437,7 @@ sub new {
+@@ -2445,7 +2444,7 @@ sub new {
  
      my $ssl_op = $DEFAULT_SSL_OP;
  
@@ -21,17 +21,17 @@
  	or croak("invalid SSL_version specified");
 --- lib/IO/Socket/SSL.pod
 +++ lib/IO/Socket/SSL.pod
-@@ -1043,11 +1043,12 @@ All values are case-insensitive.  Instea
- 'TLSv1_3' one can also use 'TLSv11', 'TLSv12', and 'TLSv13'.  Support for
- 'TLSv1_1', 'TLSv1_2', and 'TLSv1_3' requires recent versions of Net::SSLeay
- and openssl.
+@@ -1044,11 +1044,12 @@ All values are case-insensitive.  Instea
+ versions are actually supported depend on the versions of OpenSSL and
+ Net::SSLeay installed, but modern protocols like TLS 1.3 are supported by these
+ for many years now.
 +The default SSL_version is defined by the underlying cryptographic library.
  
  Independent from the handshake format you can limit to set of accepted SSL
  versions by adding !version separated by ':'.
  
--The default SSL_version is 'SSLv23:!SSLv3:!SSLv2' which means, that the
-+For example, 'SSLv23:!SSLv3:!SSLv2' means that the
- handshake format is compatible to SSL2.0 and higher, but that the successful
- handshake is limited to TLS1.0 and higher, that is no SSL2.0 or SSL3.0 because
- both of these versions have serious security issues and should not be used
+-The default SSL_version is 'SSLv23:!TLSv1:!TLSv1_1:!SSLv3:!SSLv2'. This means,
++For example, 'SSLv23:!TLSv1:!TLSv1_1:!SSLv3:!SSLv2' means
+ that the handshake format is compatible to SSL2.0 and higher, but that the
+ successful handshake is limited to TLS1.2 and higher, that is no SSL2.0, SSL3.0,
+ TLS 1.0 or TLS 1.1 because these versions have serious security issues and

IO-Socket-SSL-2.084-use-system-default-cipher-list.patch

@@ -15,7 +15,7 @@
  my %DEFAULT_SSL_CLIENT_ARGS = (
 --- lib/IO/Socket/SSL.pod
 +++ lib/IO/Socket/SSL.pod
-@@ -1070,9 +1070,8 @@ ciphers for TLS 1.2 and lower. See the O
+@@ -1071,9 +1071,8 @@ ciphers for TLS 1.2 and lower. See the O
  for more details.
  
  Unless you fail to contact your peer because of no shared ciphers it is

perl-IO-Socket-SSL.spec

@@ -7,14 +7,14 @@
 %endif
 
 Name:		perl-IO-Socket-SSL
-Version:	2.083
-Release:	3%{?dist}
+Version:	2.084
+Release:	1%{?dist}
 Summary:	Perl library for transparent SSL
 License:	(GPL-1.0-or-later OR Artistic-1.0-Perl) AND MPL-2.0
 URL:		https://metacpan.org/release/IO-Socket-SSL
 Source0:	https://cpan.metacpan.org/modules/by-module/IO/IO-Socket-SSL-%{version}.tar.gz
-Patch0:		IO-Socket-SSL-2.082-use-system-default-cipher-list.patch
-Patch1:		IO-Socket-SSL-2.082-use-system-default-SSL-version.patch
+Patch0:		IO-Socket-SSL-2.084-use-system-default-cipher-list.patch
+Patch1:		IO-Socket-SSL-2.084-use-system-default-SSL-version.patch
 # A test for Enable-Post-Handshake-Authentication-TLSv1.3-feature.patch,
 # bug #1632660, requires openssl tool
 Patch2:		IO-Socket-SSL-2.080-Test-client-performs-Post-Handshake-Authentication.patch
@@ -126,6 +126,12 @@ make test
 %{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3*
 
 %changelog
+* Tue Nov  7 2023 Paul Howarth <paul@city-fan.org> - 2.084-1
+- Update to 2.084
+  - Various fixes for edge cases and build: GH#136, GH#141, GH#142, GH#143,
+    GH#145
+  - Update documentation to reflect default SSL_version
+
 * Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.083-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
 

sources

@@ -1 +1 @@
-SHA512 (IO-Socket-SSL-2.083.tar.gz) = a3fb70148eabc7b972c9b7a132b2a3f3ef23877606670c19ebffe40c82fc462431337ab498bca98b823b89ade8e2288d37fdb677ae154461de8f9f24e7568e4a
+SHA512 (IO-Socket-SSL-2.084.tar.gz) = 348e71cda3b0f6c06f9e72a9cd332e5c747feec82b6e74fe508ef294fdca85f9318bdda2e369b1dd1f0f2c857bfba89f52f09a3088c9906326cda5f43a91b6b5