Hello community, here is the log from the commit of package socat.3705 for openSUSE:13.1:Update checked in at 2015-04-24 09:44:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/socat.3705 (Old) and /work/SRC/openSUSE:13.1:Update/.socat.3705.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "socat.3705" Changes: -------- New Changes file: --- /dev/null 2015-03-12 01:14:30.992027505 +0100 +++ /work/SRC/openSUSE:13.1:Update/.socat.3705.new/socat.changes 2015-04-24 09:44:36.000000000 +0200 @@ -0,0 +1,230 @@ +------------------------------------------------------------------- +Wed Apr 15 07:12:11 UTC 2015 - [email protected] + +- updated to 1.7.2.4 + * fix stack smashing for ppc and armv7l bnc#927161 + * various other bug and security fixes + +------------------------------------------------------------------- +Tue May 28 13:27:12 UTC 2013 - [email protected] + +- updated to 1.7.2.2 + This release fixes a security issue: Under certain circumstances, + an FD leak occurs and may be misused for denial-of-service attacks + against socat running in server mode (CVE-2013-3571) + +------------------------------------------------------------------- +Mon Mar 4 11:20:27 UTC 2013 - [email protected] + +- license update: SUSE-GPL-2.0-with-openssl-exception and MIT + See README + +------------------------------------------------------------------- +Sat Mar 2 08:13:52 UTC 2013 - [email protected] + +- update license to new format + +------------------------------------------------------------------- +Fri May 25 14:15:08 UTC 2012 - [email protected] + +- udapted to 1.7.2.1 + security fix for READLINE bnc#759859 + +------------------------------------------------------------------- +Wed Dec 21 10:31:49 UTC 2011 - [email protected] + +- remove call to suse_update_config (very old work around) + +------------------------------------------------------------------- +Wed Dec 7 17:49:55 CET 2011 - [email protected] + +- updated to 1.7.2.0 + This release allows tun/tap interfaces without IP addresses and + introduces the options openssl-compress and max-children. It fixes 18 + bugs and has 11 changes for improved platform support, especially Mac + OS X Lion, DragonFly, and Android. +- socat-unixsalen.patch now upstream. + +------------------------------------------------------------------- +Wed Feb 2 18:23:27 CET 2011 - [email protected] + +- Handle case where a AF_LOCAL socket has no name. bnc#668319 + +------------------------------------------------------------------- +Mon Aug 2 08:31:55 UTC 2010 - [email protected] + +- update to 1.7.3: + * a stack overflow vulnerability has been fixed that could be triggered when command line arguments were longer than 512 bytes + +------------------------------------------------------------------- +Mon Jan 11 08:24:32 UTC 2010 - [email protected] + +- upgraded to 1.7.1.2: + + fixes OpenSSL "nonblock" failure + + fixes 64-bit issues and some minor bugs + +- changes from 1.7.1.1: + + fixes a couple of bugs, some of which could crash socat under some + circumstances + +- changes from 1.7.1.0: + + provides a few new address options to better control its closing behavior + +- changes from 1.7.0.1: + * fixes a possible SIGSEGV in listening addresses + * fixes client connections with option connect-timeout failed when the + connections succeeded + * fixes the option end-close "did not apply" to some addresses + * half close of EXEC and SYSTEM addresses might have failed for pipes and + socketpair + +------------------------------------------------------------------- +Thu Oct 16 09:56:41 CEST 2008 - [email protected] + +- upgraded to 1.7.0.0 + - support for SCTP stream sockets, raw interface, and generic sockets. + - A new option escape allows it to interrupt raw terminal connections. + - Listening and receiving sockets can set a couple of environment variables. + - Base control of System V STREAMS has been added. + - Many corrections were performed. + +------------------------------------------------------------------- +Mon Feb 11 10:24:33 CET 2008 - [email protected] + +- Update to version 1.6.0.1. + + exec:...,pty did not kill child process under some circumstances; fixed + by correcting typo in xio-progcall.c + + service name resolution failed due to byte order mistake + + socat would hang when invoked with many file descriptors already opened + fix: replaced FOPEN_MAX with FD_SETSIZE + + fixed bugs where sub processes would become zombies because the master + process did not catch SIGCHLD. this affected addresses UDP-LISTEN, + UDP-CONNECT, TCP-CONNECT, OPENSSL, PROXY, UNIX-CONNECT, UNIX-CLIENT, + ABSTRACT-CONNECT, ABSTRACT-CLIENT, SOCKSA, SOCKS4A + + fixed a bug where sub processes would become zombies because the master + process caught SIGCHLD but did not wait(). this affected addresses + UDP-RECVFROM, IP-RECVFROM, UNIX-RECVFROM, ABSTRACT-RECVFROM + + corrected option handling with STDIO; usecase: cool-write + + configure --disable-pty also disabled option waitlock + + fixed small bugs on systems with struct ip_mreq without struct ip_mreqn +- Update to version 1.6.0.0. + + new addresses IP-DATAGRAM and UDP-DATAGRAM allow versatile broadcast + and multicast modes + + new option ip-add-membership for control of multicast group membership + + new address TUN for generation of Linux TUN/TAP pseudo network + interfaces (suggested by Mat Caughron); associated options tun-device, + tun-name, tun-type; iff-up, iff-promisc, iff-noarp, iff-no-pi etc. + + new addresses ABSTRACT-CONNECT, ABSTRACT-LISTEN, ABSTRACT-SENDTO, + ABSTRACT-RECV, and ABSTRACT-RECVFROM for abstract UNIX domain addresses + on Linux (requested by Zeeshan Ali); option unix-tightsocklen controls + socklen parameter on system calls. + + option end-close for control of connection closing allows FD sharing + by sub processes + + range option supports form address:mask with IPv4 + + changed behaviour of SSL-LISTEN to require and verify client + certificate per default + + options f-setlkw-rd, f-setlkw-wr, f-setlk-rd, f-setlk-wr allow finer + grained locking on regular files + + fixed bug where only first tcpwrap option was applied; fixed bug where + tcpwrap IPv6 check always failed + and fixing this bug) + + filan (and socat -D) could hang when a socket was involved + + corrected PTYs on HP-UX (and maybe others) using STREAMS + + correct bind with udp6-listen + + corrected filan.c peekbuff[0] which did not compile with Sun Studio Pro + + corrected problem with read data buffered in OpenSSL layer + + corrected problem with option readbytes when input stream stayed idle + after so many bytes + + fixed a bug where a datagram receiver with option fork could fork two + sub processes per packet +- Don't call test.sh as it doesn't pass if called as non root. +- Don't remove the buildroot in the install section. +- Remove patch as linux/fs.h is included if HAVE_LINUX_FS_H is available. + +------------------------------------------------------------------- +Thu Mar 22 10:18:31 CET 2007 - [email protected] + +- fix build with newer kernel headers: + some common FS-specific ioctls moved to linux/fs.h + +------------------------------------------------------------------- +Mon Jul 17 12:43:39 CEST 2006 - [email protected] + +- Update to version 1.5.0.0. + + new datagram modes for udp, rawip, unix domain sockets + + socat option -T specifies inactivity timeout + + rewrote lexical analysis to allow nested socat calls + + addresses tcp, udp, tcp-l, udp-l, and rawip now support IPv4 and IPv6 + + socat options -4, -6 and environment variables SOCAT_DEFAULT_LISTEN_IP, + SOCAT_PREFERRED_RESOLVE_IP for control of protocol selection + + addresses ssl, ssl-l, socks, proxy now support IPv4 and IPv6 + + option protocol-family (pf), esp. for openssl-listen + + range option supports IPv6 - syntax: range=[::1/128] + + option ipv6-v6only (ipv6only) + + new tcp-wrappers options allow-table, deny-table, tcpwrap-etc + + FIPS version of OpenSSL can be integrated - initial patch provided by + David Acker. See README.FIPS + + support for resolver options res-debug, aaonly, usevc, primary, igntc, + recurse, defnames, stayopen, dnsrch + + options for file attributes on advanced filesystems (ext2, ext3, + reiser): secrm, unrm, compr, ext2-sync, immutable, ext2-append, nodump, + ext2-noatime, journal-data etc. + + option cool-write controls severeness of write failure (EPIPE, + ECONNRESET) + + option o-noatime + + socat option -lh for hostname in log output + + traffic dumping provides packet headers + + configure.in became part of distribution + + socats unpack directory now has full version, e.g. socat-1.5.0.0/ + + corrected docu of option verify + +------------------------------------------------------------------- +Wed Jan 25 21:41:44 CET 2006 - [email protected] + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Tue Apr 26 15:20:20 CEST 2005 - [email protected] + +- disabled test on ARM (hangs QEMU) + +------------------------------------------------------------------- +Sun Mar 20 20:14:32 CET 2005 - [email protected] + +- Update to version 1.4.2.0. + +------------------------------------------------------------------- +Sun Dec 12 15:51:50 CET 2004 - [email protected] ++++ 33 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.1:Update/.socat.3705.new/socat.changes New: ---- socat-1.7.2.4.tar.bz2 socat.changes socat.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ socat.spec ++++++ # # spec file for package socat # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2010 Pascal Bleser <[email protected]> # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: socat BuildRequires: openssl-devel BuildRequires: procps BuildRequires: readline-devel BuildRequires: tcpd-devel Version: 1.7.2.4 Release: 0 Url: http://www.dest-unreach.org/socat/ Summary: Multipurpose relay for bidirectional data transfer License: SUSE-GPL-2.0-with-openssl-exception and MIT Group: Productivity/Networking/Other # 1.7.2.1: md5 7ddfea7e9e85f868670f94d3ea08358b Source: http://www.dest-unreach.org/socat/download/%{name}-%{version}.tar.bz2 BuildRoot: %{_tmppath}/%{name}-%{version}-build %description socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device (serial line etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 - raw, UDP, TCP), an SSL socket, proxy CONNECT connection, a file descriptor (stdin etc.), the GNU line editor, a program, or a combination of two of these. %prep %setup %build export RPM_OPT_FLAGS="%{optflags} -fno-strict-aliasing" %configure %{__make} all mkdir examples mv daemon.sh ftp.sh mail.sh proxyecho.sh readline.sh examples %install mkdir -p \ ${RPM_BUILD_ROOT}/%{_bindir} \ ${RPM_BUILD_ROOT}/%{_mandir}/man1 %{__make} DESTDIR=${RPM_BUILD_ROOT} install %clean %{?buildroot:%__rm -rf "%{buildroot}"} %files %defattr(-,root,root) %doc BUGREPORTS CHANGES COPYING COPYING.OpenSSL DEVELOPMENT EXAMPLES FAQ FILES PORTING README SECURITY VERSION examples %{_bindir}/socat %{_bindir}/procan %{_bindir}/filan %{_mandir}/man1/socat.1%{ext_man} %changelog
