Hello everybody, version 5.6.3 of collectd is available. This is going to be the last release of the 5.6 line since we're getting ready to release 5.8 soon.
This release fixes a DoS vulnerability in the Network plugin that can be triggered remotely (CVE-2017-7401). We strongly recommand to upgrade to this release (unless you're running 5.7). Download -------- The new version is available in source-code form from collectd's download page. The direct download links are: * http://collectd.org/files/collectd-5.6.3.tar.bz2 SHA-256: 8a97161b354456ed91ec02dd5f47658197f7e18388f3af9d636aae506f795304 Thanks ------ Thanks to everybody who contributed to this version. In particular, this release includes code contributions by: * Denys Fedoryshchenko * Ed Ravin * Florian Forster * Iain Buclaw * Krzysztof Matczak * Marc Fournier * Neil Wilson * Pavel Rochnyack * Ruben Kerkhof * Sebastian Harl ChangeLog --------- 2017-10-06, Version 5.6.3 * collectd: support for boolean string config values has been reintroduced. Thanks to Sebastian Harl. #2083, #2098 * collectd: The capability checking has been changed to use "cap_get_proc()". Thanks to Marc Fournier. #2151 * Documentation: A section documenting ignore lists has been added to collectd.conf(5). Thanks to Florian Forster. * AMQP plugin: The "ExchangeType" option is now also valid for publishers. Thanks to Florian Forster. #2286 * Apache, Ascent, BIND, cURL, cURL-JSON, cURL-XML, nginx, Write HTTP plugins: Handling of URLs that redirect elsewhere has been fixed. Thanks to Pavel Rochnyack. #2328 * BIND plugin: Fix parsing of the sample time provided by BIND. Previously, the time was assumed to be in the local time zone when in fact it was in UTC. Thanks to Ed Ravin. #1268 * BIND plugin: Memory leaks have been fixed. Thanks to Ruben Kerkhof. #2303 * Chrony plugin: Build flags have been fixed. Thanks to Thomas Jost and Marc Fournier. #2133 * cURL-JSON plugin: The timeout value has been changed to default to the collection interval. This fixes a regression. Thanks to Marc Fournier. * cURL-JSON plugin: Handling of arrays has been fixed. Thanks to Florian Forster. #2266 * DBI plugin: Memory leaks at shutdown have been fixes. Thanks to Pavel Rochnyack and Florian Forster. * E-Mail, Exec, UnixSock plugins: Group ID lookup on systems with many groups has been fixed. Thanks to Ruben Kerkhof and Florian Forster. #2208 * IPC plugin: A compilation error on AIX has been fixed. Thanks to Pavel Rochnyack. #2305 * LogFile plugin: If writing to the file fails, print log messages on "STDERR" instead. Thanks to Marc Fournier. * Log Logstash plugin: If writing the log entry fails, print it to "STDERR" instead. Thanks to Marc Fournier. * memcachec, Tail plugins: A resource leak in the matching infrastructure has been fixed. Thanks to Krzysztof Matczak. #2192 * MQTT plugin: Invalid symbols in topic names are now replaced and a resource leak has been fixed. Thanks to Denys Fedoryshchenko. #2123 * Network plugin: A potential endless-loop has been fixed. This can be triggered remotely by sending a signed network packet to a server which is not set up to check signatures. Thanks to Marcin Kozlowski and Pavel Rochnyack. #2174, #2233, CVE-2017-7401 * Network plugin: A use-after-free has been fixed. Thanks to Pavel Rochnyack. #2375 * Notify Email plugin: The plugin is no longer explicitly linked against libssl and libcrypto, relies on libesmtp being linked correctly. Thanks to Marc Fournier. Debian#852924 * NTPd plugin: Calculation of loop offset and error has been fixed. Thanks to Neil Wilson. #2188 * OpenLDAP plugin: An incorrect use of the ldap library, leading to a crash, has been fixed. Thanks to Marc Fournier. #2331 * Perl plugin: A potential double-free has been fixed. Thanks to Florian Forster. #2278 * Perl plugin: Print an error when an incorrect configuration is encountered. Thanks to Pavel Rochnyack. #927 * RRDtool plugin: Incorrect handling of the flushes timeout option has been fixed. Handling of the "RandomTimeout" has been fixed. Thanks to Pavel Rochnyack. #2363 * SMART plugin: Some warning messages have been removed and the code has been cleaned up. Thanks to Florian Forster. #2062 * SMART plugin: A check for the "CAP_SYS_RAWIO" capability has been added. Thanks to Marc Fournier. * SNMP plugin: A double free has been fixed. Thanks to Pavel Rochnyack. #2291 * Write Graphite plugin: Error handling in the case that calculating a metric's rate fails has been improved. Previously, the raw counter values were sent to Graphite. Thanks to Iain Buclaw. #2209 * Write Kafka plugin: A 32 bit random number is now used when formatting a random key. Thanks to Florian Forster. #2074 Best regards, —octo -- collectd – The system statistics collection daemon Website: http://collectd.org Google+: http://collectd.org/+ GitHub: https://github.com/collectd Twitter: http://twitter.com/collectd
signature.asc
Description: Digital signature
_______________________________________________ collectd mailing list [email protected] https://mailman.verplant.org/listinfo/collectd
