| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libcpp-httplib0_38 | Distribution: openSUSE Tumbleweed |
| Version: 0.38.0 | Vendor: openSUSE |
| Release: 1.1 | Build date: Wed Mar 18 12:52:46 2026 |
| Group: Unspecified | Build host: reproducible |
| Size: 987531 | Source RPM: cpp-httplib-0.38.0-1.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://github.com/yhirose/cpp-httplib | |
| Summary: A C++11 HTTP/HTTPS library | |
This is a multi-threaded HTTP library with blocking I/O. There is no support for non-blocking mode.
MIT
* Wed Mar 18 2026 Marius Grossu <marius.grossu@suse.com>
- Update to 0.38.0:
* Filename sanitization for path traversal prevention — Added sanitize_filename() to prevent path traversal attacks via malicious filenames in multipart uploads
* Symlink protection in static file server — Static file serving now detects and rejects symlinks that point outside the mount directory, preventing symlink-based directory traversal
* Brotli compression support — Added Brotli (br) as a supported content encoding alongside gzip and deflate
* Accept-Encoding quality parameter parsing — The server now parses q= quality values in the Accept-Encoding header and selects the best encoding accordingly
* SSL proxy connection support — SSLClient can now establish connections through HTTPS proxies, with a new setup_proxy_connection method for cleaner proxy handling
* WebSocket ping interval runtime configuration — WebSocket ping interval can now be configured at runtime instead of only at compile time
* Benchmark test suite — Added benchmark tests and configurations for performance evaluation
* Unicode path component decoding tests — Added test coverage for Unicode characters in decode_path_component
* Documentation updates — Enhanced TLS backend documentation with platform-specific certificate handling details; clarified progress callback usage and user data handling in examples
* Fix port conflict in test — Fixed port number in OpenStreamMalformedContentLength test to avoid conflicts
* Removed large data tests for GzipDecompressor and SSLClientServerTest that caused memory issues
* Enabled BindDualStack test
- 0.37.2:
* Fix TLS cert verification bypass on proxy redirect introduced in #2165 by @yhirose in #2396
* Various security fixes
- 0.37.1:
* Remove 32-bit limitation
- 0.37.0
* Use doc.yml to generate document site
* Fix problem with alternate file name check
- 0.36.0
* Documentation Site on GitHub Pages
* [CMake] New compoments MbedTLS and wolfSSL
* Removed unused local variable by @hqo998
* Fix #2383
- 0.35.0
* Make loading system certificates from the Keychain on macOS an opt-out feature
- 0.34.0
* Added make_file_body function to send file binaries
* Revised description of file upload using make_file_provider
* Updated Crow library version from v1.2.0 to v1.3.1 (for benchmark code)
* Fixed bugs caused by the recent performance improvement
- 0.33.1
* Fix C++11 compatibility problem
- 0.33.0:
* Offline test (Resolve #2356)
* Use iptables to disable network
* Parallel test on CI by
* Remove macOS select() fallback
* Fix comparison of integers of different signs warning when compiling with BoringSSL
* WebSocket and Dynamic Thread Pool support
* Add wolfSSL support
- 0.32.0:
* Move stream and sse implementations from the decl area to the implementation area
* Add support for mbedtls to meson
* Correct sign comparison error with sk_X509_OBJECT_num
* Fix compilation on BoringSSL by replacing ASN1_TIME_to_tm
* Bypass new 100MB payload limit when a content_receiver
- 0.31.0:
* Abstract TLS API support (Resolve #2309)
* Add C++ modules support
* Fix memory leak
* Old: std::numeric_limits<size_t>::max() (effectively unlimited)
* New: 100 * 1024 * 1024 (100MB)
* Code that receives payloads larger than 100MB will now fail with ExceedMaxPayloadSize error
* Mbed TLS can now be used by defining CPPHTTPLIB_MBEDTLS_SUPPORT
* Request::ssl (SSL* type) has been removed and replaced with Request::ssl (tls::const_session_t type)
* ClientConnection::ssl has similarly been changed to tls::session_t
* Constructors and methods that directly use OpenSSL types (X509*, EVP_PKEY*, etc.) are now deprecated
* SSLServer: X509*/EVP_PKEY* constructors → migrate to SSLServer(PemMemory) or SSLServer(ContextSetupCallback)
* SSLClient: ssl_context() → use tls_context() instead
* Client: set_server_certificate_verifier(std::function<SSLVerifierResponse(SSL*)>) → use set_server_certificate_verifier(tls::VerifyCallback) instead
* Result: ssl_openssl_error() → use ssl_backend_error() instead
* Request: req.ssl (OpenSSL SSL*) → req.ssl (tls::const_session_t) + use req.peer_cert() / req.sni()
- 0.30.2:
* Problem with CI test on Windows without OpenSSL
* Fix zstd detection when zstd_FOUND is true but target is missing
* timegm api absent in AIX
* Fix set_ca_cert_store() to skip system certs like set_ca_cert_path()
* case insensitive hostname validation
Prevent redefinition of ssize_t
- 0.30.0:
* Apple frameworks: match CoreFoundation and CFNetwork linkage
- 0.29.0:
* chore: fix some typos in comments
* Optimize ThreadPool and MatcherBase constructors
* New Stream API Support
* Implement ETag and Last-Modified support for static file responses and If-Range requests
* Update split.py file
* Use std::move for content_provider in adapter
* Use std::move for boundary in set_boundary method
* Fix linker error on macOS when using CMake
* Remove unnecessary copies for AcceptEntry
* Change single char string literals to chars
* Remove another unnecessary string copy
* Use move semantics for auth key and value
* Replace httpbin.org with httpcan.org
* Add Zstd support through meson
* Verify Host header omits default ports per RFC 7230
* Implement SSEClient
* Avoid unnecessary copying of request and response in proxy/redirect
* Use std::move for request redirection
* Add another missing std::move for base_dirs_ vector
- Skip arch-specific test failures in %check: 32-bit time_t/size_t overflow
on ix86/arm (ETagTest, WebSocketIntegrationTest)
- Add OpenStreamMalformedContentLength.patch: Fix out-of-range Content-Length
- Upstream release includes fixes for:
CVE-2026-22776 (bsc#1256518)
CVE-2026-21428 (bsc#1255835)
CVE-2026-29076 (bsc#1259373)
CVE-2026-28435 (bsc#1259220)
CVE-2026-28434 (bsc#1259221)
CVE-2026-32627 (bsc#1259723)
* Mon Dec 22 2025 Antonio Teixeira <antonio.teixeira@suse.com>
- Update to 0.28.0
* Fix HTTP 414 errors hanging until timeout
* CMake: Add HTTPLIB_SHARED option, don't define BUILD_SHARED_LIBS
* Add Client methods with both content provider and receiver
* Fix struct member initialization issue in getaddrinfo_with_timeout
* Add #undef _res after including resolv.h to prevent macro conflicts
- 0.27.0 changes
* SSL Error Reporting Improvements
* SSL Client Certificate Authentication
* IPv6 Host Header Support
* Memory Safety Fix
* EventDispatcher Stability
* Threading Issues
* Build System Enhancements
* For full changelog see https://github.com/yhirose/cpp-httplib/releases/tag/v0.27.0
- 0.26.0 changes
* Initialize start time for server to improve timing accuracy
* Addressed an unspecified issue reported in #2217
* Fix: handle EAI_ALLDONE from gai_suspend in getaddrinfo_with_timeout
* Fix #2223: Resolved issue as discussed in #2224
* Fix inconsistent use of macro TARGET_OS_OSX on macOS
* build(meson): Corrected new build option names for Meson build system
* Make code sample compilable
* Fix 32-bit MSVC compiler error due to unknown command #warning
- Upstream release includes fixes for:
CVE-2025-66570 (boo#1254734)
CVE-2025-66577 (boo#1254735)
- Add netcfg build requirement to fix tests
* The "SNI_AutoDetectionTest.SNI_Logic" test fails if localhost only resolves
to 127.0.0.1 (ipv4-only). netcfg provides the needed /etc/hosts config with
the ::1 localhost ipv6 entry.
* Tue Aug 12 2025 Marius Grossu <marius.grossu@suse.com>
- updated version to 0.25.0
* ErrorLogger Support
* Changed 32-bit Windows support from #error to #warning
* Unified _WIN64 macros to _WIN32 for better compatibility
* Improved Windows environment support
* CMake Pointer Size Check #2197
* Winndows Version Requirements #2191, #2192
* Better build-time compatibility detection
* Fixed Chocolatey OpenSSL compatibility issues
* Improved SSL functionality stability on Windows
* Resolved Windows version check problems
* Enhanced platform detection
* Mon Aug 04 2025 Andreas Stieger <andreas.stieger@gmx.de>
- 0.24.0:
* URL Encoding/Decoding Improvements
* Accept Header Quality Value Parsing Exception Handling
* Missing Client::set_max_timeout Method Implementation
- fix incorrect version in openSUSE package specific .pc file
* Tue Jul 22 2025 Marius Grossu <marius.grossu@suse.com>
- version update to 0.23.1
* Fix issue with HTTP handling #2021
* Fix specific bug addressed in this release #2111
* Resolve issue #366
* Resolve issue #1264
* Fix getaddrinfo stalling issue when network is down
* Fix proxy-related issues
* Fix #1656: Improve logging before compression #1656
* Add URL encoding helpers for user input in GET requests #2170
* Add SSL error access functionality #2169
* Cleaner API: API improvements #2166
* Add POST with content receiver feature #cfb56c0
* Add Params support for PUT/DELETE methods #b2bf172
* Complete removal of Windows 8 or lower support #2177
* Removal of 32-bit environment support (64-bit only) #2173
* Improve form field access methods #2171
* Tue Jun 24 2025 Marius Grossu <marius.grossu@suse.com>
- version update to 0.22.0
* Fix ranges that are not in the form 0-n do not work #2157
* Fix windows req/res very slow compared to Linux #1777
* Add CPPHTTPLIB_HEADER_MAX_COUNT
* Windows ::isdigit compilation error #2135
* Specify version in meson.build #2139
* Detect if afunix.h exists #2145
* Feature request: let the Request& know which route matched #2101
* Feature/multipart headers #2152
* Mon May 19 2025 Jan Engelhardt <jengelh@inai.de>
- Add dependency from cpp-httplib-devel to libzstd-devel
to workaround cmake wanting it in all cases unconditionally.
* Mon May 12 2025 pgajdos@suse.com
- version update to 0.20.1
0.20.1 (CVE-2025-46728 [bsc#1242777])
* Add AF_UNIX support on windows #2115
* Support zstd also via pkg-config #2121
* Fix #2113
* Fix "Unbounded Memory Allocation in Chunked/No-Length Requests"
0.20.0
* server_certificate_verifier extended to reuse built-in verifier #2064
* Assertion failed when destroying httplib::Client
* #2068
* Spaces incorrectly allowed in header field names #2096
* build(meson): copy MountTest.MultibytesPathName files #2098
* Remove SSLInit #2102
* Add zstd support #2088
* Question the behavior of method read_content_without_length #2109
* Crash when calling std::exit while server running or client requests in flight #2097
0.19.0
* Global timeout feature (same as "--max-time" curl option) #2034
* Fix check for URI length to prevent incorrect HTTP 414 errors
0.18.7
* Potential memory corruption in stream_line_reader #2028
- deleted patches
- cpp-httplib-test-issue2004-online.patch (upstreamed)
* Thu Feb 06 2025 pgajdos@suse.com
- version update to 0.18.6
* Resolve #2033
* Port/Address re-use #2011
* Invalid Content-Length values should be rejected #2014
* Feature request: ability to check if the connection is still alive #2017
* Changed to use non-blocking socket in is_ssl_peer_could_be_closed (258992a)
* Treat out-of-range last_pos as the end of the content #2009
* fix:set_file_content with range request return 416. #2010
* Fix HTTP Response Splitting Vulnerability (9c36aae)
- added patches
fix https://github.com/yhirose/cpp-httplib/issues/2042
+ cpp-httplib-test-issue2004-online.patch
* Mon Jan 20 2025 Pedro Monreal <pmonreal@suse.com>
- Update to 0.18.3:
* Bug fixes:
- Regression: Client keep-alive subsequent requests very slow #1997
- 304 Not Modified response stalls until timeout #1998
- Update to 0.18.2:
* Bug fixes:
- Fix the problem that CreateFile2 in mmap::open fails to... #1973
- Default Accept-Encoding header for the client #1975
- SSLClientReconnection fails on Windows #1980
- delay in keep_alive due to sleep #1969
- missing query pararm in httplib::Client::send #1985
* Wed Oct 30 2024 Pedro Monreal <pmonreal@suse.com>
- Update to 0.18.1:
* SSLClientServerTest.* tests fail with OpenSSL 3.2.1 (#1798)
* Feat: add CPack support (#1950)
* Keep alive is slowing down shutdown (#1959)
* Allow empty header values (#1965)
* Fri Sep 27 2024 Alexey Svistunov <svalx@svalx.net>
- Small specfile refactoring
* Sun Sep 22 2024 Richard Rahl <rrahl0@opensuse.org>
- update to 0.18.0:
* httplib.h: support LibreSSL
* Nice way to call "handle_file_request" from user code
* How to diagnose the infamous read error 4
* Made default server and client read/write timeout settings separately
* Slow performance caused by get_remote_ip_and_port and get_local_ip_and_port
* Provides a way to ignore host verify
* add API support for verify certificate manually
- update to 0.17.3:
* Accessing Directory
* ‘constexpr’ error
* Only match path params that span full path segment
* Fix KeepAliveTest.SSLClientReconnectionPost problem
- update to 0.17.2:
* Fix incorrect handling of Expect: 100-continue
* Peformance improvement by removing tolower function call
- update to 0.17.1:
* Header parser incorrectly accepts NUL and CR within header values
* Fix problem with Abstract Namespace Unix Domain
* Fix SIGINT problem in Docker image
- update to 0.17.0:
* Changed CPPHTTPLIB_KEEPALIVE_MAX_COUNT to 100
* Add Dockerfile for static file server
* Breaking Change!: get_header_ methods on Request and Response now take…
* Add sleep in handle_EINTR
* Added set_ipv6_v6only method
* impossible to shut down the server safely
* Performance: reserve body to avoid frequent reallocations and copies
- update to 0.16.3:
* Fixed set_connection_timeout() unexpected results
* Fix KeepAliveTest.SSLClientReconnectionPost
- update to 0.16.2:
* threadsafe CLOEXEC on platforms that support it
* BoringSSL compatibility fixes
- update to 0.16.1:
* detail::is_socket_alive() is not work for https connection
* avoid memory leaks if linked with static openssl libs
* Allow hex for ipv6 literal addr in redirect
* Fix build on Windows with no WINAPI_PARTITION_APP support
* test: fix GetRangeWithMaxLongLength on 32 bit machines
* Require a minimum of TLS 1.2
- update to 0.16.0:
* Use final keyword for devirtualization
* FindBrotli cleanup & fixes
* client can't open the encrypted private key
* build(meson): generate new test PEMs
* Fix range parser when parsing too many ranges
* fix: increase default receive buffer to 16kb
* Removed excess usage of std::move
* Merge branch 'HerrCai0907-fix'
* Highlight notes using markdown features
* Added progress to POST, PUT, PATCH and DELETE requests
* Tweak CI & fix macOS prefix
* New function SSLServer::update_certs. Allows to update certificates while server is running
* Change library name to cpp-httplib
- update to 0.15.3:
* Breaking change in handling requests with Range in v0.15.1 and v0.15.2
- update to 0.15.2:
* Severe directory traversal vulnerability (dotdotslash)
- switch to cmake build system
* Fri Feb 02 2024 Alexey Svistunov <svalx@svalx.net>
- Update to version 0.15.1:
* Malicious requests for many overlapping byte ranges of large files risk OOM #1766
* Add missing #include for strcasecmp #1744
* ThreadPool: optional limit for jobs queue (#1741)
* Fix #1628 (OpenSSL 1.1.1 End of Life on September 11, 2023)
* Fix Windows std::max macro problem #1750
* Fix select() return code for fd >= 1024 (#1757)
* Add a getter for a bearer token from a request (#1755)
* Support move semantics for Response::set_content() (#1764)
* Treat paths with embedded NUL bytes as invalid (#1765)
* Fix usage of rand() is not seeded and depends on seeding by parent program #1747
* Fix check request range and fix response Content-Range. #1694
* Fix: Query parameter including query delimiter ('?') not being parsed properly (#1713)
* Fix #1736
* Fix #1665
* Change some of status messages based on RFC 9110 (#1740)
* Add StatusCode enum (#1739)
* Fix #1738
* Fix #1685
* Fix #1724
* Add optional user defined header writer #1683
* Fix CPPHTTPLIB_ALLOW_LF_AS_LINE_TERMINATOR (#1634)
* Avoid a -Warray-bounds false positive in GCC 13. (#1639)
* Fix #1638
* Removed unnecessary CRLF at the end of multipart ranges data
* Fix #1559
* Use memory mapped file for static file server (#1632)
* Fix #1519
* Fix #1590 (#1630)
* Fix #1619
* Fix #1624
* Compiler freezes on Debian 10 (buster) with GCC 8.3.0 #1613
* Don't overwrite the last redirected location (#1589) # This is a breaking change.
* Fix #1607
* Add named path parameters parsing (Implements #1587) (#1608)
* Result: allow default constructor (#1609)
* Add support for zOS (#1581)
* Provide a CMake option to disable C++ exceptions (#1580)
* Load in-memory CA certificates (#1579)
- Requires OpenSSL version to 3.0 or later
* Wed May 31 2023 Alexey Svistunov <svalx@svalx.net>
- Update to version 0.12.5:
* Add HTTPLIB_INSTALL CMake option (#1575)
* Fix more CRLF injection problems
* Don't loading system certs from Keychain on iOS (#1546)
* Initialize sockaddr_un to fix valgrind uninitialised byte message. (#1547, #1547)
* Using set_content_provider with length of 0 makes it infinitely loop (#1545)
* How to check if server is running successfully in another thread? (#1548)
* Fix leaked handle in create_socket (#1554)
* Fix "Location" header url corrupted by percent-unescaping in redirect… (#1459)
* Trailing headers not handled (#1486)
* SSL access through a proxy causes SIGSEGV (#1533)
* System certs support on macOS (#1474)
* Add Request::get_file_values method (#1495)
* Fix: assert socket_requests_are_from_thread_ std::this_thread::get_id() (#1498)
* Fix: multipart Content-Type headers with both boundary and charset parameters (#1516)
* Thu Feb 16 2023 Alexey Svistunov <svalx@svalx.net>
- Move examples to devel subpackage
- Drop headers-only flavor and remove aliases for pkg-config files
(gh#yhirose/cpp-httplib#1491)
* Thu Feb 09 2023 Alexey Svistunov <svalx@svalx.net>
- Update to version 0.12.0:
* Removed is_writable() from DataSink (Resolve #1478, too) (#1483)
* Fix #1479
* Removed incorrect comment
* Support CTest (#1468)
* Issue 52666: cpp-httplib:server_fuzzer: Timeout in server_fuzzer
* add to_human_string (#1467)
* Wed Feb 08 2023 Alexey Svistunov <svalx@svalx.net>
- Switch to meson tests
- Add examples to headers package
* Mon Feb 06 2023 Alexey Svistunov <svalx@svalx.net>
- For an explicit choice when buildtime dependencies resolving
added an unique pkgconfig files aliases for both shipped library
flavors: cpp-httplib-headers.pc and cpp-httplib-shared.pc
- Enable tests performing for compiled flavor
* Tue Jan 24 2023 Alexey Svistunov <svalx@svalx.net>
- Migrate from obscpio to classical tar.gz sources archive for properly
debugsource package building
* Tue Jan 17 2023 Alexey Svistunov <svalx@svalx.net>
- Update to version 0.11.4:
* add support for requests with both MultipartFormDataItems and Content Providers (#1454)
* Add EINTR and EAGAIN judge for accept (#1438)
* Updated unit test
* std::condition_variable::notify_one/all() should be called after unlocking mutex (#1448)
* Support LOCAL_ADDR and LOCAL_PORT header in client Request (#1450)
* Fix #1442
* Removed code for upsupported OpenSSL
- Combined multibuild cpp-httplib and cpp-httplib-headers packages
- Remove unneeded BuildRequires for cpp-httplib-headers
* Mon Jan 16 2023 Alexey Svistunov <svalx@svalx.net>
- Move LICENSE file to the library package
- Drop cmake BuildRequires and linker additional "-s" flag
* Mon Jan 02 2023 Jan Engelhardt <jengelh@inai.de>
- Redo description so it does not rely on monospace formatting.
/usr/lib64/libcpp-httplib.so.0.38 /usr/lib64/libcpp-httplib.so.0.38.0 /usr/share/licenses/libcpp-httplib0_38 /usr/share/licenses/libcpp-httplib0_38/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Mar 28 22:34:06 2026