secnet 0.6.1 - bugfixes
Ian Jackson
ijackson at chiark.greenend.org.uk
Sun May 24 22:50:40 BST 2020
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
I am pleased to announce secnet 0.6.1.
secnet 0.6.1 is a bugfix release, containing mostly fixes for bugs
introduced in 0.6.0 and 0.5.x.
Users trying to set up 0.6.0 will want to upgrade.
Users with a working 0.6.0 might as well stick with it.
Users with 0.4.x and earlier should upgrade, especially when
using make-secnet-sites on not-wholly-trusted input.
Users with 0.5.x: 0.6.x has a fix affecting mobile sites on IPv6
public networks amongst its many substantial changes. See the 0.6.0
release announcement for full details:
https://www.chiark.greenend.org.uk/pipermail/sgo-software-announce/2020/000048.html
0.6.0 can be found here:
https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git/secnet.git/
https://www.chiark.greenend.org.uk/~secnet/release/0.6.0/
SHA-256 checksums are listed below.
The .deb is from Debian amd64 stretch (oldstable) and should work on
more recent versions of Debian and on many Debian derivatives.
secnet (0.6.1) unstable; urgency=medium
Logging bugfixes:
* Fix completely broken startup logging. Config errors would not
be repoorted other than via the exit status! (Broken in 0.6.0.)
* Suppress various uninteresting messages during startup, to
avoid noise during successful startup.
* Move "starting" message earlier.
make-secnet-sites bugfixes:
* Fix error handling if caller is in wrong group.
* Fix regressions in handling of delegated sites file fragments
(especially wrt the optional group parameter to `location').
Broken since security fixes in 0.5.0.
Fixes to example config file:
* Use new name-prefixed format for map(site...) runes. Old runes
were desupported by make-secnet-sites security fix (in 0.5.0).
* Fix "transform" syntax (broken since 0.3.0).
Other bugfixes and improvements:
* rsa: Do not crash if private key file is not accessible when
running --just-check-config. (Broken since 0.6.0.)
* rsa: Print errno value if we fail to open key file.
* config parsing: When closure is of wrong type, give details.
* Use CLOCK_MONOTONIC for all our timing needs (but only when
built against an as-yet-unpublished adns feature).
Supporting changes:
* Tests for some of the changes.
* Minor internal refactorings and improvements.
* Merge subdirmk 1.0.
-- Ian Jackson <ijackson at chiark.greenend.org.uk> Sun, 24 May 2020 22:14:26 +0100
9d732b280fbd9f33447e7e6498549c20ad3199e120d88a5e24457a2baf87d763 secnet_0.6.1.dsc
526ffdf56182f8e232a17cd94066a8c10d094ac12e382f49fe5989ea148017dd secnet_0.6.1.tar.gz
eaf976d0a413f53e09a5240c5a0801d785b1c1f6a2b3e5c9bf2f492ba78172a1 secnet-dbgsym_0.6.1_amd64.deb
e99f0ef12ccd04d534d527175a6055d13f5a6ba1fb0a7d9c698b6667ded1f176 secnet_0.6.1_amd64.buildinfo
e1adb7536aaae0cfe6aa5aa2206eee08f71250882343fd07a90d35eea781f3a8 secnet_0.6.1_amd64.deb
fb91ba019fb51573190f02d6aedeaa81b7edf75ab079efc39d26b21230a66368 secnet_0.6.1_multi.changes
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEVZrkbC1rbTJl58uh4+M5I0i1DTkFAl7K68oACgkQ4+M5I0i1
DTlrMQf9FXvGJQIcdnrd97s9RUZpLHq/3cNxiiDsxANg+f/0tpwnL/FJHPnhnmbq
vksHsHUv2/kWT20eLnV7ci1AbZP/cjqZFafSFGYBWzGtHemIyiqhs+ylyFMAgKQ1
lyOTmwulCgPlgNLFQQSE/gUT5hSLjPNh9KDdTxa7uaqeU4x5URItuJQEsymdHGbp
+CRL+u5geohpIbcYGYOTUPCGI7M4qug2bAlVrVDrNmBwx3aoWFc5aDegiuaj62l+
fJgqx5M8b+PyHbvGVIUXHRDhqOL+34uh9QPujP0ADNv7lchg0+pwoCwCou7E7iA2
tyO6sLXxINwEpaitx0ucBOlPH9OYLA==
=3gN4
-----END PGP SIGNATURE-----
More information about the sgo-software-announce
mailing list