-
Notifications
You must be signed in to change notification settings - Fork 46
/
Copy pathNEWS
216 lines (192 loc) · 9.84 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
munge-0.5.16 (2024-03-15):
- Fixed connect failure retry for full socket listen queue. (f528358)
- Added --listen-backlog cmdline opt. (#139)
munge-0.5.15 (2022-06-22):
- Added support for OpenSSL 3.0. (#110)
- Fixed "make install" conflict with systemd RuntimeDirectory. (#82)
- Fixed big-endian bug causing failures on s390x. (#91)
- Fixed systemd service unit conf to wait until network is online. (#93)
- Fixed excessive logging of "suspended new connections". (#94)
- Fixed test suite failure for origin addr on Debian kfreebsd-i386. (77ff682)
- Fixed gcry_check_version(GCRYPT_VERSION) bug reported by Debian. (0c37cc0)
- Fixed sending repeated SIGTERMs to signal stop. (dbe6dcc)
- Fixed bugs where unlink() could be interrupted by signals on FreeBSD. (be183e2)
- Fixed failure to clean up socket or create seedfile having relative path. (1245cd3)
- Fixed test suite to clean up errant processes from failed tests. (7baed04)
- Fixed rpm not creating "/run/munge" directory on CentOS 7. (5f3b1bf)
munge-0.5.14 (2020-01-14):
- Added mungekey command for key generation via HKDF. (5fc870e)
- Added negative caching of user lookups for processing supplementary groups. (#26, d51fec8)
- Added munged --origin cmdline opt. (#69, #23)
- Added munged --stop cmdline opt. (06306b8)
- Added unmunge --numeric cmdline opt. (171abe2)
- Added configure --with-logrotateddir opt and logrotate config. (2d35713)
- Added configure --with-munge-socket opt. (565db69)
- Added configure --with-pkgconfigdir opt. (9abebcd)
- Added configure --with-runstatedir opt. (25eef52)
- Added configure --with-sysconfigdir opt. (9abebcd)
- Added configure --with-systemdunitdir opt. (9abebcd)
- Added configure --with-sysvinitddir opt. (9abebcd)
- Added systemd EnvironmentFile to set sysconfig options. (#68, #64)
- Added systemd RuntimeDirectory to replace tmpfiles.d conf. (3eed37e)
- Added GPG verification of source to RPM specfile. (5bb8912, 24f18a1)
- Added "make check" test suite.
- Changed logging of non-existent users to only log once for a given user. (#26, 7b00d81)
- Changed default name of munged seedfile. (df8c22a)
- Fixed pidfile corruption when starting new daemon while socket still in use. (258b67e)
- Fixed munged signal handlers to be async-signal-safe. (be39512)
- Fixed "Logging stopped due to error" behavior for transient errors. (6176b42)
- Fixed misleading "Lockfile not found" error message. (34fcdb6)
- Fixed conversion-specifier / argument mismatch in error message. (0079630)
- Fixed installation directory variable substitution. (2affe07)
- Fixed manpage variable substitution. (a8ff2fe)
- Removed autotools-generated files from version control. (46dd77b)
munge-0.5.13 (2017-09-26):
- Added support for OpenSSL 1.1.0. (#54)
- Added support for UID/GID values >= 2^31.
- Added support for getentropy() and getrandom().
- Added --trusted-group cmdline opt to munged.
- Added --log-file and --seed-file cmdline opts to munged. (#57)
- Changed default MAC algorithm to SHA-256.
- Fixed autoconf installation directory variable substitution. (#47)
- Fixed all gcc, clang, and valgrind warnings.
- Improved resilience and unpredictability of PRNG.
- Improved hash table performance.
- Removed libmissing dependency from libmunge. (#49)
munge-0.5.12 (2016-02-25):
- Changed project homepage to <https://dun.github.io/munge/>.
- Changed RPM specfile from sysvinit to systemd. (#33)
- Added --max-ttl cmdline opt to munged. (#28)
- Added --pid-file cmdline opt to munged. (#41)
- Added support for "make dist" and "make distcheck". (#45)
- Fixed group-writable permissions error for logfile on Ubuntu. (#31)
- Fixed packaging with missing pkgconfig munge.pc file. (#25)
- Fixed packaging with missing systemd service & tmpfiles.d config. (#34)
- Fixed recursive make command in makefiles. (#40)
munge-0.5.11 (2013-08-27):
- Added --mlockall cmdline opt to munged.
- Added --syslog cmdline opt to munged.
- Added --uid and --gid cmdline opts to munge.
- Added numeric timezone to unmunge timestamp output.
- Added timer to munged for periodically stirring PRNG entropy pool.
- Added support for pkg-config.
- Added support for systemd.
- Changed timer thread to better accommodate misbehaving system clocks.
- Changed behavior of munge --string cmdline opt to not append newline.
- Changed init script chkconfig priority levels to start after ntpd/ntpdate.
- Changed init script so munged runs as munge user by default.
- Fixed HMAC validation timing attack vulnerability.
- Fixed bug with munged being unable to restart if daemon not cleanly shutdown.
- Fixed bug with large groups triggering "numerical result out of range" error.
- Fixed bug causing high CPU utilization on FreeBSD when processing group info.
- Fixed bug causing IPv6-only hosts to exit due to failed hostname resolution.
- Fixed autoconf check that was not portable across shells.
- Fixed init script LSB Header on openSUSE.
- Replaced perl build-time dependency with awk.
munge-0.5.10 (2011-02-25):
- Changed project homepage to <http://munge.googlecode.com/>.
- Fixed bug where munged could deadlock if clients blocked.
- Fixed bug where munged could crash while processing supplementary groups.
- Fixed bug with CFLAGS at configure-time nullifying --enable-debug.
- Fixed bug with VPATH builds failing to install init script.
- Fixed RPM spec file for openSUSE & SLES.
munge-0.5.9 (2010-03-23):
- Changed license to GPLv3+/LGPLv3+.
- Fixed bug with failed Linux builds under glibc-2.8+.
- Fixed bug with failed daemon starts after clearing /var/run.
- Moved selection of authentication method into configure script.
- Added support for LOCAL_PEERCRED auth (Darwin, FreeBSD, GNU/kFreeBSD).
- Added support for SHA-512 message digest.
munge-0.5.8 (2007-02-05):
- Fixed bug causing stack corruption on amd64 when using Libgcrypt.
munge-0.5.7 (2006-12-23):
- Improved performance of caching supplementary group info.
- Added munged sighup handler to update supplementary group info.
- Added --group-check-mtime and --group-update-time cmdline opts to munged.
- Made errors at exit nonfatal to work around Debian libc6 bug #400960.
munge-0.5.6 (2006-11-22):
- Fixed bug causing build using Libgcrypt to fail without OpenSSL headers.
munge-0.5.5 (2006-11-14):
- Added support for Libgcrypt.
- Added support for AES-256 cipher.
- Added support for SHA-256 message digest.
- Added check for minimum key length.
- Reduced replay cache memory usage.
munge-0.5.4 (2006-09-26):
- Changed project homepage to <http://home.gna.org/munge/>.
- Fixed bug leaking credential information on decode error.
- Fixed bug preventing munged from terminating on various platforms.
- Fixed bug building 32-bit & 64-bit libs on AIX with gcc.
- Fixed RPM spec file so both shared & static libs are built on AIX.
- Changed RPM spec file to create munge.key during install if not found.
- Changed munged behavior to return fatal errors to shell if possible.
- Changed init script so munged runs as daemon user instead of root.
- Changed default paths to allow munged to own its directories.
- Changed ownership & permissions of munged directories.
- Added ownership & permission checks for files & directories.
- Added compile-time defaults to munged help message.
- Added support for SunOS 5.10 (getpeerucred).
- Added support for Darwin (Mac OS X).
- Improved security of file-descriptor-passing authentication mechanism.
- Replaced --auth-pipe-dir with --auth-server-dir & --auth-client-dir opts.
munge-0.5.3 (2006-05-17):
- Added pidfile.
- Improved multilib support for AIX.
- Added support for AIX (32-bit, 64-bit, multiarch) to RPM spec file.
- Added support for configure installation dir vars to alter defaults.
- Added support for AIX, Debian, FreeBSD, and SunOS to init script.
munge-0.5.2 (2006-03-07):
- Fixed RPM spec file so munge-devel & munge-libs files are properly perm'd.
munge-0.5.1 (2006-02-28):
- Changed created logfile permissions to 640.
munge-0.5 (2006-01-24):
- Added multilib support.
- Fixed bug with credential compression header not being protected by MAC.
- Changed credential format to v3.
- Changed client/server protocol (apps will need to relink).
- Fixed miscellaneous bugs.
- Changed default cipher to AES-128 if present.
munge-0.4.3 (2005-10-31):
- Fixed init script to work with RedHat's RHEL4-U1 chkconfig.
munge-0.4.2 (2005-07-20):
- Updated default paths to comply with the Filesystem Hierarchy Standard.
- Fixed libtool bug causing libmunge to be incorrectly linked on AIX.
- Fixed init script start behavior on RedHat.
- Added munge-devel & munge-libs RPM subpackages.
munge-0.4.1 (2004-12-21):
- Fixed bug in init script preventing chkconfig from setting priorities.
munge-0.4 (2004-12-07):
- Added persistent pool of threads.
- Added retry for failed requests.
- Added libtool version-info.
- Added --key-file, --num-threads, and --auth-pipe-dir cmdline opts to munged.
- Added munge_ctx opt to limit maximum request length.
- Added timer to periodically re-parse group info.
- Added remunge benchmark/stress-test utility.
- Added munge enums (munge_enum).
- Added manpages.
- Added support for configure to locate OpenSSL installation.
- Added support for file-descriptor-passing over ramdisks.
- Added support for SuSE/LSB to init script.
- Added support for C++.
- Improved support for AIX.
- Optimized memory usage.
- Optimized performance.
- Changed libmunge.so to only export public symbols.
- Changed client/server protocol (apps will need to relink).
munge-0.3 (2004-04-30):
- Added support for AIX, FreeBSD, and SunOS.
- Added compression (bzlib, zlib).
- Added replay detection/prevention.
- Added ability to restrict decoding based on UID/GID.
- Changed credential format to v2.
- Changed client/server protocol.
munge-0.2 (2003-10-24):
- Added support for ia64.
- Added TTL and origin IP address to credential header.
munge-0.1 (2003-04-30):
- Added full client/server support.
- Added full cryptographic support.
- Added munge contexts (munge_ctx).
munge-0.0 (2002-12-20):
- Initial support for munge_encode, munge_decode, and munge_strerror.