- Repeated output for 'dpctl' CLI command
- Iperf ignoring interrupt from CLI
- DPID value not passed to switch(4) nodes for assignment
- switch(4) nodes with control channels created later in startup won't have
their channels forwarded to a remote controller
- ping tests waiting forever when controller is explicitly disabled
- local forwarding controller not correctly tracked for teardown
- trying to log to extraneous file for switchd(8) node
- wrong method used for getting bridge(4) node info
- manpage for mn not generated properly
OK jca@ phessler@
OK for earlier version of diffs jasper@ sthen@
remove the maintainer convenience target for geolite databases as there
will be no more updates to these. update MESSAGE-main.
Users should switch to geolite2 and adapt programs to using libmaxminddb
if they want to continue with the free databases. There are still a few
months left on commercial updates for geolite 1.
other fixes);
dhcpcd-7.0.0, 7.0.1 and 7.0.2 are vulnerable to the DHCP6 issue where the
message is copied from the DHCP6 option into a buffer, but is NULL terminated
beyond the size of the buffer.
dhcpcd-6 is not vulnerable.
ChangeLog:
https://dnsdist.org/changelog.html#change-1.3.0
Port changes:
- activate DNS-over-TLS and DNSCrypt support
- tweak rc script to handle the removal of --daemon
- fix config file installation
From maintainer Peter van Dijk with PLIST tweaks by me.
naddy@ found that net/ocserv failed to build during his latest amd64
package bulk build. Specifically, configure appears to pick up GeoIP if
installed, but there is no dependency on net/GeoIP.
OK naddy@, sthen@
CVE-2018-6532: By sending specially crafted requests, authenticated and
unauthenticated, an attacker can exhaust a lot of memory on the server
side, triggering the OOM killer.
CVE-2018-6534: By sending specially crafted messages, an attacker can
cause a NULL pointer dereference, which can cause Icinga2 to crash.
CVE-2018-6535: Lack of a constant-time password comparison function can
disclose the password to an attacker.
Detailed write-up and simple crashers for the above at
https://hansmi.ch/articles/2018-03-icinga2-security
(CVE-2017-16933 and CVE-2018-6536 also in this release relate to the
init scripts that we don't use).
