- Never use a bridge or a controller-supplied node as an exit, even
if its exit policy allows it.
- Only build circuits if we have a sufficient threshold of the total
descriptors that are marked in the consensus with the "Exit"
flag.
- Provide controllers with a safer way to implement the cookie
authentication mechanism. With the old method, if another locally
running program could convince a controller that it was the Tor
process, then that program could trick the contoller into telling
it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE"
authentication method uses a challenge-response approach to prevent
this attack.
We are not affected by the openssl vulnerability.
Full release notes:
https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes
ok sthen@ jasper@
- Set REGRESS_DEPENDS = ${FULLPKGPATH} because the test suite needs the
libnetdude package itself to be installed in order to build and run.
- Make the "check" target in test/Makefile actually execute the test
suite, instead of just building the test programs and exiting.
- Change the test suite program (test/lnd-test.c) to include
netinet/if_ether.h instead of net/ethernet.h which does not exist on
OpenBSD.
- Fix the last test to report the correct result.
- Let lnd-test exit with exit code 1 if any tests fail (previously it
would always exit with exit code 0 even if tests fail).
The test suite still fails due to the failure of one test, but at least
it builds and runs now. :)
ok sthen haesbaert henning
- Fix non-response to router-solicitations when router-advertisement
configured, but DHCPv6 not configured.
- Fix a bug which broke DHCPv6/RA with prefix lengths which are not
divisible by 8.
from Brad
check_postgres is a script for monitoring various attributes of
your database (transaction id status, blocked queries, long running
queries, connection status and more). It is designed to work with
Nagios, MRTG, or in standalone scripts.
steps, edit icinga.cfg and change broker_module=/usr/local/bin/idomod.o
to broker_module=/usr/local/lib/idomod.so, this is also mentioned in the
README.
Notable fixes:
- flexible downtimes now last the duration specified once triggered
- avoid insane looping through event list when rescheduling checks
- Fixed bug which caused missing periodic router advertisements with some configurations.
- Cope with router-solict packets which don't have a valid source address.
from Brad