File _patchinfo of Package patchinfo.18527

<patchinfo incident="18527">
  <issue tracker="jsc" id="SLE-15909"/>
  <issue tracker="bnc" id="1154167">AUDIT-FIND: dehydrated: LPE from dehydrated user to root</issue>
  <issue tracker="bnc" id="1178927">security:dehydrated - no support for module access_compat</issue>
  <packager>dmolkentin</packager>
  <rating>moderate</rating>
  <category>recommended</category>
  <summary>Recommended update for dehydrated</summary>
  <description>This update for dehydrated fixes the following issues:

Update to dehydrated 0.7.0 (jsc#SLE-15909)

- Added

  - Support for external account bindings
  - Special support for ZeroSSL
  - Support presets for some CAs instead of requiring URLs
  - Allow requesting preferred chain (--preferred-chain)
  - Added method to show CAs current terms of service (--display-terms)
  - Allow setting path to domains.txt using cli arguments (--domains-txt)
  - Added new cli command --cleanupdelete which deletes old files instead of archiving them

- Fixed

  - No more silent failures on broken hook-scripts
  - Better error-handling with KEEP_GOING enabled
  - Check actual order status instead of assuming it's valid
  - Don't include keyAuthorization in challenge validation (RFC compliance)

- Changed

  - Using EC secp384r1 as default certificate type
  - Use JSON.sh to parse JSON
  - Use account URL instead of account ID (RFC compliance)
  - Dehydrated now has a new home: https://github.com/dehydrated-io/dehydrated
  - Added OCSP_FETCH and OCSP_DAYS to per-certificate configurable options

- dehydrated-apache2: Check for mod_compat (bsc#1178927) 

- Update maintainer file and package description, remove features
  that are better described in the (upstream maintained) man page.

- Remove potentially harmful scriptlet (bsc#1154167). 

- Removed lighttpd 1.x integration package. If you still would like
  to use lighttpd with dehydrated, follow the instructions in the
  README.maintainers file.
</description>
</patchinfo>