secnet 0.4.4

Ian Jackson ijackson at chiark.greenend.org.uk
Sun Sep 8 23:06:55 BST 2019 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I am pleased to announce secnet 0.4.4.

secnet 0.4.4 is a bugfix and portability release for secnet 0.4.
Ideally, users would upgrade, but it's not very urgent.  polypath
users who work using poor network links will benefit from upgrading.

0.4.4 can be found here:
  http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git/secnet.git/
  http://www.chiark.greenend.org.uk/~secnet/release/0.4.4/

SHA-256 checksums are listed below.

The .deb is from Debian amd64 stretch (oldstable) and should work on
more recent versions of Debian.

secnet (0.4.4) unstable; urgency=medium

  Security fix:
  * make-secnet-sites: Don't allow setting new VPN-level properties
    when restricted.  This could allow denial of service by
    users with delegated authorisation.  [Mark Wooding]

  Bugfixes for poor network environments:
  * polypath: cope properly with asymmetric routing, by correcting
    the handling of late duplicated packets etc.   Protocol is now
    incompatible with secnet prior to 0.3.0 when either end is mobile.
  * Randomise key setup retry time.

  Other bugfixes:
  * rsa and cbcmac: Fix configuration error messages.  [Mark Wooding]
  * Handle IPv4 addresses properly (ie, not foolishly byte-swapped),
    when IPv6 is not available.  [Mark Wooding]
  * Better logging (and less foolish debug), especially about whether
    key is set up, and about crossed key setup attempts.
  * Internal refactoring and fixes.  [Ian Jackson and Mark Wooding]

  Build system and portability:
  * configure: rerun autogen.sh with autoconf 2.69-10
  * Avoid memset(0,0,0) wrt st->sharedsecret.  (Fixes compiler warning;
    in theory might cause miscompilation.)  [Mark Wooding]

  Documentation:
  * README.make-secnet-sites: new documentation file.  [Mark Wooding]
  * NOTES: Describe current allocation of capability bits.  [Mark Wooding]
  * NOTES: tiny fix tot protocol description.
  * secnet(8): Delete wrong information about dh groups.  [Mark Wooding]

  Administrivia:
  * Fix erroneous GPL3+ licence notices "version d or later" (!)
  * .dir-locals.el: Settings for Python code.  [Mark Wooding]

 -- Ian Jackson <ijackson at chiark.greenend.org.uk>  Sun, 08 Sep 2019 22:53:14 +0100

2796c3589889cb1d7e4e5036aec183055b861e93c4325af1ea9d4de7b5cd7618  secnet_0.4.4.dsc
66908bd7d62ea07c52f61997d4966d44c6b2c7f40d48481eb6a91fee90856c96  secnet_0.4.4.tar.gz
c50311d9122b5fcf6cfdfa7bd47ea69f63373c45d037d8b93f155e6e43888ecd  secnet-dbgsym_0.4.4_amd64.deb
179bee0abcb56c7b3ae88d32ce039ae75a4e2e9d2c72f5a60cc7602fe5c00e24  secnet_0.4.4_amd64.buildinfo
83d3a791b2201a8553dfdd4457aa04aae45e05363aa15de84ba6401e8546f3c7  secnet_0.4.4_amd64.deb
c43bbd8f3455198a3616b6fef5fc5af2d15247ee0e373fb140e80e0ca651923b  secnet_0.4.4_multi.changes
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEVZrkbC1rbTJl58uh4+M5I0i1DTkFAl11ewYACgkQ4+M5I0i1
DTm4lAgAvqVwc0n3Hk2AXwQuar+JwmGP90fbbdI1iALeRfLh05NJ2Psgw4kXZIxY
dB8phhL9laJL4F3pd1mXCj55bmofxCKf/cQOVeKrmspP3gQQSQ84I+RMBbYZ5sc3
dnifu7pU7eiDboLBCw405Luai83vLbZ1O/1YKKyI7MSxMaGhTzA1C9nxnV+QO7VT
h0zrXyXqTzFGRcL+hC7TrguEN6P7PD4eixD5EUTHK89dpga8TbHcMOSF8ZOjpr25
kisQQnPvRDPzUuUK96+JZJBimiQ/Znt3kcnSpivLxUTTJoPYg8LGWkTUQ+2nvA5T
xtkupJI/Fk/nu+bSczl1OjRSEOB3aA==
=0xGR
-----END PGP SIGNATURE-----

-- 
Ian Jackson <ijackson at chiark.greenend.org.uk>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.

More information about the sgo-software-announce mailing list