--- - branch: MAIN date: Sat Aug 22 19:10:50 UTC 2015 files: - new: '1.120' old: '1.119' path: pkgsrc/news/inn/Makefile pathrev: pkgsrc/news/inn/Makefile@1.120 type: modified - new: '1.34' old: '1.33' path: pkgsrc/news/inn/distinfo pathrev: pkgsrc/news/inn/distinfo@1.34 type: modified id: 20150822T191050Z.227f11ac9f1918cf9e64764e4257adb6d02af9c5 log: "Update to 2.5.5, from Benedek Gergely on pkgsrc-users.\n\n2015-05-23 iulius\n\n\t* innxmit: tidy up GetMessageID buffer handling In theory, if you\n\t could get a message with an empty message-id header through\n\t before anything else, it would call memcpy(NULL, p, 0) which\n\t (surprisingly) has undefined behavior. This doesn't seem a very\n\t likely contingency but I tidied up the code to avoid it and\n\t (hopefully) be clearer anyway.\n\n\t Thanks to Richard Kettlewell for the patch.\n\n\t* storage/cnfs/cnfs.c: don't read uninitialised cycbuffname\n\n\t \ Thanks to Richard Kettlewell for the patch.\n\n2015-05-17 iulius\n\n\t* Fixed alignment issues when storing values\n\n2015-05-14 iulius\n\n\t* Add Richard Kettlewell as a contributor\n\n\t* Correct remap check in tradindexed lookup\n\n\t \ The check was off by one; and when it happened, it invalidated\n\t the 'parent' pointer, causing a use-after-munmap (or\n\t use-after-free) condition.\n\n\t \ Thanks to Richard Kettlewell for the bug report.\n\n\t* Correctly flush CNFS buffers when nfswriter is true in inn.conf\n\n\t* Correct remap check in tradindexed group lookup\n\n\t Previously the remap check had an off-by-one bug and moreover\n\t \ would never be done due to the loop condition (making the\n\t off-by-one bug moot).\n\n\t This one could be a problem in real life; if creating a group\n\t \ causes innd to expand the index then an already-running nnrpd\n\t will not automatically notice, and so won't be able to find the\n\t group.\n\n\t Thanks to Richard Kettlewell for the patch.\n\n\t* nnrpd/commands.c: paranoid checking of AUTHINFO GENERIC reply\n\n\t Check the number of arguments returned by AUTHINFO GENERIC.\n\n\t Thanks to Richard Kettlewell for the patch.\n\n\t* innfeed/connection.c: avoid violating C aliasing rules\n\n\t The object was written as a 'struct sockaddr' but then read as a\n\t 'struct sockaddr_storage', which violates C99 s6.5#7. The fix is\n\t to always access it as a 'struct sockaddr' and use a union to\n\t \ ensure enough space for any possible address type.\n\n\t Thanks to Richard Kettlewell for the patch.\n\n\t* nnrpd/commands.c: correct sense of PERMgeneric reply\n\n\t The comment has always been wrong, as well as the return value\n\t \ for ~15 years...\n\n\t Thanks to Richard Kettlewell for the patch.\n\n\t* nnrpd/perm.c: don't dereference a null pointer if there are no\n\t access groups\n\n\t Thanks to Richard Kettlewell for the patch.\n\n\t* nnrpd/article.c: A wrong variable was used for vhost feature.\n\n\t Since these are created by the local innd, the error should not\n\t normally occur.\n\n\t Thanks to Richard Kettlewell for the patch.\n\n\t* Verify that setuid() and setgid() actually succeed\n\n\t \ See: https://lwn.net/Articles/451985/ for a discussion of the\n\t issues in this area.\n\n\t The checks in newuser.c are probably unnecessary due to the\n\t \ subsequent tests. rnews.c is straight-up broken though.\n\n\t Thanks to Richard Kettlewell for the patch.\n\n2015-05-02 iulius\n\n\t* expire/fastrm.c: Fix a dereferencing issue\n\n\t* configure.ac: Build fix for current Mac OS X versions\n\n\t \ The build was failing with recent versions of Mac OS X:\n\n\t clang: error: no such file or directory:\n\t '/usr/local/news/lib/libinn.3.dylib' make[1]: *** [libinn.la]\n\t Error 1 make: *** [all-lib] Error 2\n\n\t The reason is the '-multiply_defined'-part of the command line.\n\t This switch is marked as obsolete in ld(1):\n\n\t -multiply_defined treatment Previously provided a way to warn or\n\t error if any of the sym- bols used from a dynamic library were\n\t \ also available in another linked dynamic library. This option is\n\t obsolete.\n\n\t \ Thanks to Dennis Preiser for the report.\n\n\t* innfeed/imap_connection.c: fix support of Cyrus SASL 2.1.25 and\n\t later\n\n\t Fix how sasl_callback_ft, added with Cyrus SASL 2.1.25, was\n\t handled by innfeed. See revision [9381] for more information.\n\n\t Thanks to Dennis Preiser for the report.\n\n\t* innd/art.c: Fix a dereferencing issue when parsing\n\t Injection-Info: header field\n\n\t \ Thanks to David Binderman for the patch.\n\n2015-05-01 iulius\n\n\t* Bump version number in FAQ for new INN 2.5.5 release\n\n\t Also remove link to Elena Samsonova's web site that appears to be\n\t defunct.\n\n2015-04-23 iulius\n\n\t* mailpost: add new -t flag to specify the default temporary\n\t directory\n\n\t Check that the database directory and the temporary directory are\n\t writable when mailpost is run, and otherwise die with an error.\n\n\t Two paths are now tried by default for the temporary directory:\n\t pathtmp, and then /var/tmp if pathtmp is not writable.\n\n\t* Fix GCC 5.1.0 warning for incompatible pointer type\n\n\t Rename the \"U\" macro used by two tests to \"SUC\" (casting to\n\t String of Unsigned Chars) because it otherwise conflicts with how\n\t Unicode strings are declared in ISO C11, the new default mode for\n\t the GCC 5 series.\n\n2015-04-20 iulius\n\n\t* Update TODO with references to existing patches\n\n2015-04-05 iulius\n\n\t* Mention required TLS ciphers for interoperability\n\n\t* Update TODO with current state of INN 2.6.0\n\n2015-04-02 iulius\n\n\t* Update changelog to mention other changes for INN 2.5.5\n\n\t* Use Sys::Hostname Perl core module instead of calling\n\t \ /bin/hostname\n\n2015-03-24 iulius\n\n\t* Add two missing contrib programs in the exceptions of mkmanifest\n\n\t* Typo in POD formatting\n\n\t* Update copyright years (add 2015)\n\n\t* Update config.guess and config.sub to upstream versions from\n\t 2015-03-08\n\n\t* Update control.ctl to upstream version from 2014-06-17\n\n2015-03-21 \ iulius\n\n\t* scanlogs: Limit the number of lines to show from error log files\n\n\t \ When lots of lines are present in error log files, they appear in\n\t the news.daily verbatim, and the resulting email is so large it\n\t is bouncing.\n\n\t Restrict the number of lines to 50 (the default value for unknown\n\t lines from news.notice).\n\n\t \ Thanks to Jeffrey M. Vinocur for the bug report.\n\n\t* nnrpd: Count write time stats when using SASL\n\n\t* Improve the count of sleeping channels\n\n\t The highest file descriptor of sleeping channels was not always\n\t properly updated. A new CHANresetlastsleeping() function now does\n\t the job when called.\n\n\t \ Also prevent innd from crashing if a channel is supposed to sleep\n\t but does not have a Waker set.\n\n\t Thanks to Petr Novopashenniy for the bug report.\n\n\t* readers.conf: improve the first example to disambiguate its\n\t effect against loca l connections\n\n2015-03-18 iulius\n\n\t* pullnews: when giving a port along with a server name, check\n\t there is only one \":\"\n\n\t Otherwise, it is very likely that the given server name is an\n\t IPv6 address, and therefore its end should not be interpreted as\n\t a port.\n\n2015-01-21 iulius\n\n\t* Fix the unsignedness of TMRgettime when printed\n\n2015-01-10 eagle\n\n\t* http://www.imc.org/ietf-usefor/ appears to be gone\n\n\t Replace this link in HACKING with a link to the usefor mailing\n\t list archives and to my Usenet article format pages.\n\n2015-01-10 \ iulius\n\n\t* Do not mention that TLS compression will be disabled in the next\n\t \ INN release\n\n\t As the CRIME attack is not exploitable in NNTP, disabling TLS\n\t compression by default is pointless. No vulnerability in TLS\n\t compression is currently known as far as NNTP is concerned.\n\n\t* Add a cast to fix a gcc warning\n\n2015-01-07 iulius\n\n\t* Regenerate Makefile dependencies with gcc 4.7.2\n\n\t Also adapt support/makedepend to keep the two leading spaces, as\n\t \ in previous versions of gcc.\n\n\t Backport commit [9566].\n\n\t* Cleanup in include stuff\n\n\t - Add missing BEGIN_DECLS/END_DECLS, and also use them instead of\n\t their expansion.\n\n\t - Add missing inclusion of .\n\n2015-01-04 \ eagle\n\n\t* Remove dead link to nnrpkrb5auth\n\n2014-12-16 iulius\n\n\t* nnrp.access2readers.conf: add default username when none is\n\t specified\n\n2014-12-14 iulius\n\n\t* Add new contrib/nnrp.access2readers.conf.in script\n\n\t This script converts old-style nnrp.access to readers.conf.\n\n\t Thanks to Jeffrey M. Vinocur for his contribution.\n\n2014-12-07 iulius\n\n\t* Update Russ's mail address\n\n\t* Fix typos\n\n2014-12-01 iulius\n\n\t* Add support for choosing the elliptic curve to use with TLS\n\t support\n\n\t The new tlseccurve parameter in inn.conf takes the name of a\n\t curve OpenSSL knows about, to use for ephemeral key exchanges.\n\n\t \ Thanks to Christian Mock for the patch.\n\n2014-11-23 iulius\n\n\t* m4/sendmail.m4: add missing brackets\n\n\t The configure script was failing when running that part of code.\n\n2014-11-12 iulius\n\n\t* inn.conf: Improve documentation about tlsprotocols and\n\t tlscompression\n\n2014-11-11 iulius\n\n\t* Improve tuning of the SSL/TLS configuration\n\n\t nnrpd's TLS support is basically using OpenSSL's defaults WRT\n\t issues such as protocol support and cipher suites. In these days\n\t of POODLEs and other vulnerabilities, it should be useful to be\n\t \ able to have better control over what's offered. So this patch\n\t adds a few options to inn.conf:\n\n\t - tlsprotocols: allows to select the SSL/TLS versions that are\n\t supported\n\n\t - tlsciphers: allows to give an OpenSSL cipher string to tailor\n\t the cipher suites that are offered to clients\n\n\t - tlspreferserverciphers: switches on the server-side selection\n\t of the cipher suite (TLS default is \"client chooses\")\n\n\t - tlscompression: allows to turn off TLS compression (because of\n\t the CRIME attack) if the OpenSSL version supports this.\n\n\t \ Many thanks to Christian Mock for his patch.\n\n2014-11-09 iulius\n\n\t* Mention PyClean as a Python-based variant of Cleanfeed.\n\n2014-10-28 iulius\n\n\t* Update default paths for Debian and Fedora\n\n\t* Fix a dependency in a build rule\n\n2014-10-03 \ iulius\n\n\t* innwatch: report an error when the control file is missing\n\n2014-09-24 \ iulius\n\n\t* rc.news: no longer explicitly sleep before starting innwatch and\n\t \ cnfsstat\n\n\t Instead, make these two scripts sleep by themselves.\n\n\t Also update documentation: improve the list of actions done by\n\t rc.news, and no longer mentions that innd should be throttled\n\t before being stopped (this is not true - the shutdown process\n\t already does the actions throttling does).\n\n\t* innwatch: add -i flag to specify how many seconds to sleep at\n\t startup\n\n\t \ - Also fix previous commit [9651] that did not totally fix the\n\t issue it was supposed to fix.\n\n\t - Fix the behaviour of the -f flag (it wasn't doing anything).\n\n\t - Fix how the -l flag was parsed (a space was required between -l\n\t and its argument, whils it should not have been required).\n\n\t - Add new POD documentation for innwatch, and update it at the\n\t same time: document new -i flag, and document already existing -f\n\t flag.\n\n\t* cnfsstat: add -i flag to specify how many seconds to sleep at\n\t startup\n\n\t Update documentation, and homogenize POD syntax at the same time.\n\n2014-09-24 eagle\n\n\t* Re-add second $(LIBSTORAGE) when linking backends\n\n\t Backend commands (such as nntpget) linked with both history and\n\t storage libraries list $(LIBSTORAGE) in the link line twice. This\n\t isn't a mistake; there are some unfortunate circular dependencies\n\t that require listing $(LIBSTORAGE) both before and after\n\t \ $(LIBINNHIST) in the link line or static linking will fail.\n\n2014-09-22 iulius\n\n\t* Fix build issues on AIX 7.1\n\n\t mmap is redefined to mmap64 when large file support is enabled.\n\n2014-09-21 iulius\n\n\t* Fixed a warning and an unnecessary sys/stropts.h header\n\n\t* Typos\n\n\t* Fix build of contrib/respool.c\n\n\t \ Remove an unused variable.\n\n\t Add a link to libhistory.\n\n\t* Fix build of contrib/reset-cnfs.c\n\n\t Add correct include header files.\n\n\t Use the right DO_LARGEFILES variable instead of LARGE_FILES.\n\n\t Reformat the code (remove tabulations).\n\n\t Properly exit with the right status code.\n\n\t* Fix a few warnings, and update svn:ignore for contrib\n\n\t* Fix build of contrib/expirectl.c\n\n\t \ Add correct include header files, and fix a few warnings in\n\t printf() calls.\n\n\t \ Add portability code for statfs/statvfs support.\n\n\t* Add compilation rules for contrib/auth_pass.c and\n\t contrib/expirectl.c\n\n\t Use the right socklen_t type, and add crypt.h header if\n\t available.\n\n\t* FAQ: add how to feed articles arrived between two dates to\n\t another server\n\n2014-09-11 iulius\n\n\t* innupgrade: fix its execution\n\n\t On a few systems like AIX, innupgrade failed to run during an\n\t upgrade because \"perl -T\" was not explicitly called. Failure was:\n\t \"-T\" is on the #! line, it must also be used on the command line\n\n\t \ Thanks to The Doctor for his bug report.\n\n2014-09-07 iulius\n\n\t* Add missing dependency for libtest.o during the build of\n\t nnrpd/auth-ext.t\n\n2014-09-05 \ iulius\n\n\t* Fix typos in INN_HAVE_SYS_BITYPES_H and\n\t INN_MACRO_IN6_ARE_ADDR_EQUAL names\n\n2014-08-30 iulius\n\n\t* libinn documentation: update the name of the fdflag functions\n\n\t* pullnews: improve logging when an error occurs during GROUP\n\n\t Also rewrite a ternary condition to improve readability.\n\n\t Patch from Geraint A. Edwards.\n\n\t* pullnews: new -a flag (hashfeed ability)\n\n\t \ Add a new feature to pullnews: hashfeed to split feeds. It uses\n\t MD5 and is Diablo-compatible.\n\n\t Thanks to Geraint Edwards for the patch.\n\n\t* pullnews: new -B flag (header-only feeding)\n\n\t Add a new feature to pullnews: header-only feeding.\n\n\t If the article does not already have a Bytes: header field, one\n\t \ is added. Bodies are kept only for control articles.\n\n\t Thanks to Geraint Edwards for the patch.\n\n\t* pullnews: bug fix to rnews when -O; improved rnews reporting\n\n\t Thanks to Geraint Edwards for the patch.\n\n\t* pullnews: improve wording\n\n\t * When pullnews runs for the first time against a newsgroup, say\n\t \ \"never\" instead of January, 1st 1970 as the last run date. *\n\t Improve spaces, uppercase characters and singular forms when 1\n\t article is retrieved. * Update the config file even when the\n\t group is empty.\n\n\t* pullnews: remove headers matching (or not) a given regexp\n\n\t Enable the -m flag to remove headers matching (or not) a given\n\t regexp.\n\n\t Thanks to Geraint Edwards for the patch.\n\n2014-08-09 iulius\n\n\t* innwatch: no longer creates a child process for sleeping\n\n\t innwatch creates a child process only for sleeping and then waits\n\t on that process. The forked-off process is not killed by 'rc.news\n\t \ stop' (only its parent is), and will only die after it's done\n\t sleeping. If running under SMF on illumos/Solaris, this causes\n\t the service to likely drop into maintenance state (since not all\n\t processes die within timeout).\n\n\t \ Thanks to Lauri Tirkkonen for the patch.\n\n2014-06-04 iulius\n\n\t* Bump version number to 2.5.5 for STABLE.\n" module: pkgsrc subject: 'CVS commit: pkgsrc/news/inn' unixtime: '1440270650' user: wiz