secnet 0.5.1 - build fixes, security-related make-secnet-sites fixes
ijackson at chiark.greenend.org.uk
Fri Nov 22 23:26:17 GMT 2019
-----BEGIN PGP SIGNED MESSAGE-----
It is a mixed pleasure to announce secnet 0.5.1.
secnet 0.5.1 contains build fixes, including portability fixes for
GCC9 and fixes for make-secnet-sites's tests for various secnet
versions. And it contains a fix to a bug with make-secnet-sites -P
option, which did not work properly in 0.5.0.
It also contains a currently mostly prophylactic change to the way
sites.conf is generated by make-secnet-sites. Normal installations
should not see any trouble but abnormal ones may need to adjust their
If you have already updated to 0.5.0 and it works for you there is no
particularly compelling reason to urgently upgrade to 0.5.1. At some
point you will have to deal with the make-secnet-sites prefixing
change, but that can be done at your leisure.
If you have not yet updated to 0.5.0 (which contains a critical
security fix for make-secnet-sites, when that program is run with
untrusted input) then 0.5.1 is probably a better plan.
This release also contains a complete overhaul of the build systme. I
think it is much improved but of course there may be new bugs, rather
than just removed old bugs.
I appreciate that these releases containing a mixture of substantial
overhauls and important fixes are not very convenient. I would be
happy to support a volunteeer who wanted to do backports.
0.5.1 can be found here:
SHA-256 checksums are listed below.
The .deb is from Debian amd64 stretch (oldstable) and should work on
more recent versions of Debian.
secnet (0.5.1) unstable; urgency=medium
POTENTIALLY INCOMPATIBLE CHANGE. Some security implications.
* make-secnet-sites: Prefix names when writing secnet sites.conf file.
make-secnet-sites must copy names (vpn, location and site names) from
the input sites file (which is not wholly trusted) to the secnet
config file. Prior to this release, naming a location or site the
same as a secnet predefined name could generate a broken sites.conf
which secnet would reject. (With the existing featureset,
malfunctions other than rejection, eg privilege escalation, are not
make-secnet-sites now adds a prefix to these names when writing
sites.conf. This will not affect configurations which use the
make-secnet-sites-provided `all-sites' key, as is usual. Other
configurations will break unless the references in the static part of
the config are adjusted.
Previous behaviour can be restored with the --no-conf-key-prefix
option. (Planned future enhancements to secnet are likely to make use
of that option, with untrusted input, dangerously insecure.)
other changes to make-secnet-sites:
* Fix argument parsing. Fixes a regression affecting -P in 0.5.0,
and also fixes new facilities introduced in 0.5.0.
* Sort the properties on output (and adjust the test case expected
outputs). Tests now pass on (at least) Python 2.7.13, 3.5.3, 3.7.5.
* Delete some unused code.
* Change one idiom to avoid a warning from GCC9. No functional change.
build system - MAJOR CHANGES:
* Fix out-of-tree builds. (Broken in 0.5.0)
* Replace recursive make with use of the new subdirmk system.
This represents a fairly comprehensive overhaul of the makefiles.
Several bugs (esp. involving dependencies between files in different
directories) are fixed.
* Drop `make check' from `make all'. (Otherwise there is no way
to ask for `all' without `check'.)
* Suppress two unhelpful new compiler warnings from GCC9.
* Release checklist update.
* Creit Mark Wooding properly in CREDITS.
* Include DEVELOPER-CERTIFICATE.
* Locations now have different names to sites.
* Somewhat better debugging output from mtest.
* Do not run msgcode-test except with `make fullcheck'.
* Other minor bugfixes and improvments.
* stest: Suppress unhelpful -Wno-unused-result (needed for stretch).
-- Ian Jackson <ijackson at chiark.greenend.org.uk> Fri, 22 Nov 2019 23:13:14 +0000
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the sgo-software-announce