[SECURITY] [DLA 575-2] collectd regression update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: collectd Version: 5.1.0-3+deb7u2 Debian Bug : 833013 The previous upload of collectd surfaced a problem in the way the network plugin initializes gcrypt preventing the plugin from being loaded when packet signing or encryption is enabled. Previously, this may have led to program crashes. For Debian 7 "Wheezy", these problems have been fixed in version 5.1.0-3+deb7u2. We recommend that you upgrade your collectd packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJXotoGAAoJEMwFfnIvH/zHCTIQAIrplkk46lTT30FnSkLor/CF SrSW4QFyjV4xkmlR4O93vGqNGD26i+/jL+ud7sZCXS7m4oMwp06m8AknUHQm/HR5 AWHOAXRvI5GOvKXpVNS3iUDGnC1q5aKcmaFNwPXgdj1hV8LYU/jAAOiZJOLfvgyO 1nS99kqyLlLrOiYAqKG05lFezx3bNJuKw8Vnt0EbBCeERsqGZg8f71L3r8MfJ0HT WL5xnPpkgfyLwf5wqHBkhwMUGilnoN3ksaLnfutLAHoObJn62tHlrk1y3Ywhoz/1 EzIyv3FyJa8ompeYzWl+dqfG9VgIE3XCflVcDKNn7IhPNOyWmPKnFEyEWFP7Z9Kx wr0EM3mb7cXFY61b1kb9e1AToqJFG2+M9LqlVCMJUp1q3HXDQmUZRwCWZCeP0K5y Djf1POAinpTLWdsyxm/Yz3pLkoBIKzx2FJAqaL5osCe4kLzz8X+NtdVMEVXjMhkp 3XqkghsH730z4ZNB7B33b44mMzIx3WOEw81WT8BHZp8q+47ZTy3PBnXrWgOx0/j2 7sUvm2Vtbw40ZYW/XYqcOpB8VaYf0VyDrB5YzOWjsUPgZ5Gm6uQleKp4EwZIlsUP lHdM5H55vcbm6LcqMvTP6ZyWBcCwnDqT90ieqDZM6kRxWv5dOH5PV/cNHsR+z06i F5owV7zRtavGuENzN7e5 =e/E4 -END PGP SIGNATURE-
Accepted collectd 5.1.0-3+deb7u2 (source i386 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 03 Aug 2016 22:59:23 +0200 Source: collectd Binary: collectd-core collectd collectd-utils collectd-dbg collectd-dev libcollectdclient-dev libcollectdclient0 Architecture: source i386 all Version: 5.1.0-3+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Sebastian Harl <tok...@debian.org> Changed-By: Sebastian Harl <tok...@debian.org> Description: collectd - statistics collection and monitoring daemon collectd-core - statistics collection and monitoring daemon (core system) collectd-dbg - statistics collection and monitoring daemon (debugging symbols) collectd-dev - statistics collection and monitoring daemon (development files) collectd-utils - statistics collection and monitoring daemon (utilities) libcollectdclient-dev - client library for collectd's control interface (development file libcollectdclient0 - client library for collectd's control interface Closes: 833013 Changes: collectd (5.1.0-3+deb7u2) wheezy-security; urgency=high . * debian/patches/bts833013-gcry-init.dpatch: Fix initialization of libgcrypt: Initialize the library before using any other functions to ensure that thread-safety is set up appropriately. This fixes potential crashes of the network plugin and a regression introduced in 5.1.0-3+deb7u1 which ultimately surfaced the issue. Thanks to Antoine Sirinelli for reporting this. (Closes: #833013) Checksums-Sha1: 397e44acf8c0ca0f81a5f28507c6f25b8c474c91 3303 collectd_5.1.0-3+deb7u2.dsc 2b785348a72ff40f2fed82c81bbceba80e265c7e 72722 collectd_5.1.0-3+deb7u2.diff.gz 25720951624714fc29d31381482ff23611b80dad 912834 collectd-core_5.1.0-3+deb7u2_i386.deb 00c18429d1628dce4914b121116290d58ff239eb 76838 collectd_5.1.0-3+deb7u2_i386.deb 62a3a443bb9f7f567557fed364b69d869a3f83fd 87692 collectd-utils_5.1.0-3+deb7u2_i386.deb d436126bcda96a56ac93e62b43f5e27bb9f6abcb 1278328 collectd-dbg_5.1.0-3+deb7u2_i386.deb ae73615a7afba9f39419c6fbb57695268c4aee29 71482 libcollectdclient-dev_5.1.0-3+deb7u2_i386.deb cfb157f9bdd62cf2f80e01718968da15ce51542c 78500 libcollectdclient0_5.1.0-3+deb7u2_i386.deb af203f59664cf26cb11416b1ab03fc49fb3d0f92 114576 collectd-dev_5.1.0-3+deb7u2_all.deb Checksums-Sha256: 2dec8d70b9c456c6731d959ff28bdd395b51b8119c0c8522cc9bba0da03db31a 3303 collectd_5.1.0-3+deb7u2.dsc 5832a3156a87ea5ab1779399c1b1900f3a74bbf71f7db46d3a402bc6356afeda 72722 collectd_5.1.0-3+deb7u2.diff.gz 15cd58bf41a398e26fd9120ad73389ef2bb1e1893532d2e85c8a6c00990f1848 912834 collectd-core_5.1.0-3+deb7u2_i386.deb 0919e59c077cfd819df4bf15ca3f660302654dfb5a5772cbcb61e252b33cce24 76838 collectd_5.1.0-3+deb7u2_i386.deb 898415431fec2c9bf01762a4f623464480a19fc51e872a636754b7d17a8ecff7 87692 collectd-utils_5.1.0-3+deb7u2_i386.deb b8f623cde75950952449ce4ac234d307916b6eafc7f8aa1fc1c2277db607b4a9 1278328 collectd-dbg_5.1.0-3+deb7u2_i386.deb 127c78213058b024f49238f6a01b7af66aaffb1eca3efd6c4e9ea982c3e68cac 71482 libcollectdclient-dev_5.1.0-3+deb7u2_i386.deb 9e0d7aee7b3ba9f4c79ee42a0b829bb36729efb7605ba20595336f734a1392aa 78500 libcollectdclient0_5.1.0-3+deb7u2_i386.deb 6543791b0d9cd0ef5e238dcc993f42220aead7dc54c76da4608974d05d6c9861 114576 collectd-dev_5.1.0-3+deb7u2_all.deb Files: faa2105cd8a490b7b9760091750fc16b 3303 utils optional collectd_5.1.0-3+deb7u2.dsc ea015ac709074d3d8eb96be4defccf11 72722 utils optional collectd_5.1.0-3+deb7u2.diff.gz 48de278f59b0c9d577cd5d796530970e 912834 utils optional collectd-core_5.1.0-3+deb7u2_i386.deb d4f4daf71fcde73d09118940efb90caf 76838 utils optional collectd_5.1.0-3+deb7u2_i386.deb a4bb2a1138c4e4a817b6ad5ad1d624c1 87692 utils optional collectd-utils_5.1.0-3+deb7u2_i386.deb 70930e28adaa778c4020a028b94cb10a 1278328 debug extra collectd-dbg_5.1.0-3+deb7u2_i386.deb f2cc3e117a43ca5e60871dda9cfe5e28 71482 libdevel optional libcollectdclient-dev_5.1.0-3+deb7u2_i386.deb 75de15e04995cb68f30e02716375ffd1 78500 libs optional libcollectdclient0_5.1.0-3+deb7u2_i386.deb 30f0562ce06ca09251db94e574ca 114576 utils optional collectd-dev_5.1.0-3+deb7u2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJXonIoAAoJEMwFfnIvH/zHJ4MQALfPrqzgELvbjOHwyekf63iU 1/BYuxXu9pxyDnN606SvC8JC2CIALSaBCVX6i73zkEcHsQiVnefD3YFmSQ+o+2DT fmh4uoOGyDcY7KYBjF4On0/o2+zvg6VaLBxHQUbHUdhPUkshjdA/1ZTjdbIJ1pWG 0int7dRit2DujLppXJw27ZfxODxJNysiSIa/vhvaFbVYe+vOPX+/8VrhgfGxDebt aIrsdVVbJyvW+pDPbEPVGN4pUCWOzkPYRNoStmejDLRsuZbMe6nEzj2U4yo7aejC OxUFeCKNmNm2zjgt8dnYYbxHMQERss65QUPbyB0TRo930NPOIG35n0ANf4Wxvuyn Eg4pyCPdfPTzXS7B5CUj+59A6tB+j01vi0vIi8VNbfGPJ2nZWBD4wsOhBhS9p0m+ cbAhEcYMji8If98xxWzdHyqUTah1EABVJVO+E3kVPPJjDSLiHY+1A7cQcOeGDrqj kvbSrIqAgqQSYu/fUKLk4p2c1O0iuEwgvLFy2Dd6WC2xZMPZVSMFLMlS/OLgF4lv 1BqU4GTOnGLPMt9xjeCeauePrlFFCfBti6kQQGCo2U9Cycj3TtI6BYw6E92WVn2T knGTVm7hn4WSa4CSOt+x58uq7Qv8GtL6VCZFVuwXX0Fnta3T16xtDBHy2/Ba+hFp r/5ADHOTTSRILFSUepGK =OMMS -END PGP SIGNATURE-
Re: Wheezy update of collectd?
Hi again, On Fri, Jul 29, 2016 at 09:43:39AM -0300, Lucas Kanashiro wrote: > On 07/28/2016 05:55 PM, Lucas Kanashiro wrote: > > On 07/28/2016 05:02 PM, Sebastian Harl wrote: > >> Thanks. I updated dla-needed. > >> > >> The fixed packages are ready for upload now. Please find the full > >> debdiff (source and binary) attached to this email. Note that the > >> (seemingly) added dependency on libxtables7 is a no-op. It's a virtual > >> package provided by iptables (which is a dependency already). > >> Apparently, there was some change after the original wheezy upload > >> that's causing this to now show up. > >> > >> Similar, the new dependency on zlib1g shouldn't make a difference > >> either. The package has priority=required. Not sure why it's now showing > >> up in the dependencies but didn't previously. > >> > >> I'll wait for your "Go" to actually upload the package. > > Sure, until tomorrow I'll try to test it and give you a feedback. > > > > LGTM, I rebuilt the package and tested the upgrade in a clean wheezy > chroot and worked well. I used the package a little bit and seems good. > I did not try to exploit the vulnerabilities. It turns out this introduced a regression in Wheezy (#833013) which, in turn, uncovered a somewhat serious underlying issue. I'll go ahead to prepare a +deb7u2 upload to fix that issue (which will then also fix the regression). Do you want to review the debdiff before the upload? Based on the LTS documentation, I'll then send out a -2 DLA. Cheers, Sebastian -- Sebastian "tokkee" Harl +++ GnuPG-ID: 0x2F1FFCC7 +++ http://tokkee.org/ Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin signature.asc Description: Digital signature
Accepted collectd 5.1.0-3+deb7u1 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 28 Jul 2016 20:52:12 +0200 Source: collectd Binary: collectd-core collectd collectd-utils collectd-dbg collectd-dev libcollectdclient-dev libcollectdclient0 Architecture: source amd64 all Version: 5.1.0-3+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Sebastian Harl <tok...@debian.org> Changed-By: Sebastian Harl <tok...@debian.org> Description: collectd - statistics collection and monitoring daemon collectd-core - statistics collection and monitoring daemon (core system) collectd-dbg - statistics collection and monitoring daemon (debugging symbols) collectd-dev - statistics collection and monitoring daemon (development files) collectd-utils - statistics collection and monitoring daemon (utilities) libcollectdclient-dev - client library for collectd's control interface (development file libcollectdclient0 - client library for collectd's control interface Closes: 832507 832577 Changes: collectd (5.1.0-3+deb7u1) wheezy-security; urgency=high . * debian/patches/CVE-2016-6254.dpatch: Fix heap overflow in the network plugin. Emilien Gaspar has identified a heap overflow in parse_packet(), the function used by the network plugin to parse incoming network packets. Thanks to Florian Forster for reporting the bug in Debian. (Closes: #832507, CVE-2016-6254) * debian/patches/bts832577-gcry-control.dpatch: Fix improper usage of gcry_control. A team of security researchers at Columbia University and the University of Virginia discovered that GCrypt's gcry_control is sometimes called without checking its return value for an error. This may cause the program to be initialized without the desired, secure settings. (Closes: #832577) Checksums-Sha1: 64747c23eae5eb7bc8f35db2cc239f041311d055 3303 collectd_5.1.0-3+deb7u1.dsc 55f17b17a10710641a9bf4e8c5332cef661cafcd 1630323 collectd_5.1.0.orig.tar.gz 9d6b74cf6787c65de447b87f755bdd9db90efdb3 71842 collectd_5.1.0-3+deb7u1.diff.gz 8b927cb22580623f421f3a955b03dd00d2451934 920374 collectd-core_5.1.0-3+deb7u1_amd64.deb 18b84f4911ac99f466c978e30a2bfa29654079ec 76722 collectd_5.1.0-3+deb7u1_amd64.deb 3b6c299b1c15bc03ddeb2b4ffb73530b541c3a46 88328 collectd-utils_5.1.0-3+deb7u1_amd64.deb 3275cd70e383366031c6f3635784e8be195482d0 1348782 collectd-dbg_5.1.0-3+deb7u1_amd64.deb 863208f7ff2c5946991b0ab7dddcd47c4464fb2b 71308 libcollectdclient-dev_5.1.0-3+deb7u1_amd64.deb 0676fefeb907e5e30daf0612e0f0e8b4d8c37b96 78338 libcollectdclient0_5.1.0-3+deb7u1_amd64.deb 2bc4a45c6a9486e873e74edfde4226f9b2bea3ce 114422 collectd-dev_5.1.0-3+deb7u1_all.deb Checksums-Sha256: 7635d9a3981b78dde6a9e58e99836ba45166434f41bac2f7875a7e3309de1b31 3303 collectd_5.1.0-3+deb7u1.dsc 8e06c03c5467f3021565570fc86c931a43579aa6dad25ca5999d66850cd19927 1630323 collectd_5.1.0.orig.tar.gz dc924d44e65302e17512cbca3361cf4c3a1ff41431a25ab19711e0b6cda4dca2 71842 collectd_5.1.0-3+deb7u1.diff.gz f031ec20e79100b9feae404df31a9848e1afd6b83be3bd47e73a58c14997484f 920374 collectd-core_5.1.0-3+deb7u1_amd64.deb 5bea8af8dc991d7e23f374ae44b7ada1e61cd6a1a5cbf7006f13e29d508f4c8b 76722 collectd_5.1.0-3+deb7u1_amd64.deb ca032e55d0cf251fe554ae835aac57150b5c7aec8d42daba6497463499b077d5 88328 collectd-utils_5.1.0-3+deb7u1_amd64.deb a1fdb6926a408d381bc2c8894980ba693fb13596ec0e639819225a0067018479 1348782 collectd-dbg_5.1.0-3+deb7u1_amd64.deb c627d6682efe4e8ce92c25a025e97ca95a097938132c6459e6663d126f4690ec 71308 libcollectdclient-dev_5.1.0-3+deb7u1_amd64.deb af08e5e13b013bee5c54e7b6e7ca44f98a188b34dde663f62d31459eb350a259 78338 libcollectdclient0_5.1.0-3+deb7u1_amd64.deb 4cfc3ca2e6d40af92e11d01041c1a3e9c9f3fda35b5163c066d2144f20fc1b0c 114422 collectd-dev_5.1.0-3+deb7u1_all.deb Files: ec071b3432a457be7aa92ddb40f19c45 3303 utils optional collectd_5.1.0-3+deb7u1.dsc adc58a0d448a359ecf737da9398898c6 1630323 utils optional collectd_5.1.0.orig.tar.gz ab73adf73860a69a8364df763cc12f74 71842 utils optional collectd_5.1.0-3+deb7u1.diff.gz 528422ef617cf31a6574bd5e45078416 920374 utils optional collectd-core_5.1.0-3+deb7u1_amd64.deb b47a4d2cef9e24eb4f4cff095a1e06ed 76722 utils optional collectd_5.1.0-3+deb7u1_amd64.deb b7581b8b7fdb55310b6347b37b3cb1af 88328 utils optional collectd-utils_5.1.0-3+deb7u1_amd64.deb 57a731459c918d1f50cec11c5eaec64a 1348782 debug extra collectd-dbg_5.1.0-3+deb7u1_amd64.deb 90eebe78d6a2121ee0e4d74a70827e6c 71308 libdevel optional libcollectdclient-dev_5.1.0-3+deb7u1_amd64.deb 2cce4f4bed850b8083686d30de1707bf 78338 libs optional libcollectdclient0_5.1.0-3+deb7u1_amd64.deb 0f0da4202c516238a9f02a669e4f51ef 114422 utils optional collectd-dev_5.1.0-3+deb7u1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJXmmCIAAoJEMwFfnIvH/zHkaMQAMRbJZhsmhkxMAPBJ8OpoXPq 9c1+NBsE88PJeLz8tS5CR7oZdn0At3uDy51lrsTFQhFeAnVBEPFkLuCbxw6mrquW MNPi9wlRDIT4aKScd4Rngt62cGDpvT9kPPplwhtxngy4hUPYTrdmq/K8QLLlsT2+ oV+TqAzPvJn+UoZB9n
Re: Wheezy update of collectd?
On Fri, Jul 29, 2016 at 09:43:39AM -0300, Lucas Kanashiro wrote: > On 07/28/2016 05:55 PM, Lucas Kanashiro wrote: > > On 07/28/2016 05:02 PM, Sebastian Harl wrote: > >> Thanks. I updated dla-needed. > >> > >> The fixed packages are ready for upload now. Please find the full > >> debdiff (source and binary) attached to this email. Note that the > >> (seemingly) added dependency on libxtables7 is a no-op. It's a virtual > >> package provided by iptables (which is a dependency already). > >> Apparently, there was some change after the original wheezy upload > >> that's causing this to now show up. > >> > >> Similar, the new dependency on zlib1g shouldn't make a difference > >> either. The package has priority=required. Not sure why it's now showing > >> up in the dependencies but didn't previously. > >> > >> I'll wait for your "Go" to actually upload the package. > > Sure, until tomorrow I'll try to test it and give you a feedback. > > > > LGTM, I rebuilt the package and tested the upgrade in a clean wheezy > chroot and worked well. I used the package a little bit and seems good. > I did not try to exploit the vulnerabilities. Cheers! Uploaded to security-master. Sebastian -- Sebastian "tokkee" Harl +++ GnuPG-ID: 0x2F1FFCC7 +++ http://tokkee.org/ Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin signature.asc Description: Digital signature
Re: Wheezy update of collectd?
Hi,
On Thu, Jul 28, 2016 at 11:08:46AM -0300, Lucas Kanashiro wrote:
> On 07/27/2016 11:16 AM, Sebastian Harl wrote:
> > On Wed, Jul 27, 2016 at 04:14:25PM +0200, Sebastian Harl wrote:
> >> On Wed, Jul 27, 2016 at 10:40:13AM -0300, Lucas Kanashiro wrote:
> >>> But we want your opinion. Would you like to take care of this yourself?
> >> I'm happy to take care of this myself. I'm already working on updates
> >> for stable and unstable and was just about to reach out to you anyway.
> > I see that you already claimed the package in dla-needed. I'm happy to
> > take that over or do whatever makes most sense ;-) Let me know what
> > you'd prefer.
>
> I claimed in dla-needed before your feedback, you can handle it. You
> just need to follow the LTS workflow [0].
Thanks. I updated dla-needed.
The fixed packages are ready for upload now. Please find the full
debdiff (source and binary) attached to this email. Note that the
(seemingly) added dependency on libxtables7 is a no-op. It's a virtual
package provided by iptables (which is a dependency already).
Apparently, there was some change after the original wheezy upload
that's causing this to now show up.
Similar, the new dependency on zlib1g shouldn't make a difference
either. The package has priority=required. Not sure why it's now showing
up in the dependencies but didn't previously.
I'll wait for your "Go" to actually upload the package.
Then, I'd go ahead to claim an DLA as documented. Should I wait for and
synchronize with the DSA or should I come up with my own text?
Thanks,
Sebastian
--
Sebastian "tokkee" Harl +++ GnuPG-ID: 0x2F1FFCC7 +++ http://tokkee.org/
Those who would give up Essential Liberty to purchase a little Temporary
Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin
diff -u collectd-5.1.0/debian/changelog collectd-5.1.0/debian/changelog
--- collectd-5.1.0/debian/changelog
+++ collectd-5.1.0/debian/changelog
@@ -1,3 +1,19 @@
+collectd (5.1.0-3+deb7u1) wheezy-security; urgency=high
+
+ * debian/patches/CVE-2016-6254.dpatch: Fix heap overflow in the network
+plugin. Emilien Gaspar has identified a heap overflow in parse_packet(),
+the function used by the network plugin to parse incoming network packets.
+Thanks to Florian Forster for reporting the bug in Debian.
+(Closes: #832507, CVE-2016-6254)
+ * debian/patches/bts832577-gcry-control.dpatch: Fix improper usage of
+gcry_control. A team of security researchers at Columbia University and
+the University of Virginia discovered that GCrypt's gcry_control is
+sometimes called without checking its return value for an error. This may
+cause the program to be initialized without the desired, secure settings.
+(Closes: #832577)
+
+ -- Sebastian Harl <tok...@debian.org> Thu, 28 Jul 2016 20:52:12 +0200
+
collectd (5.1.0-3) unstable; urgency=low
* debian/patches/migrate-4-5-df.dpatch, debian/collectd-core.postinst:
diff -u collectd-5.1.0/debian/patches/00list
collectd-5.1.0/debian/patches/00list
--- collectd-5.1.0/debian/patches/00list
+++ collectd-5.1.0/debian/patches/00list
@@ -1,3 +1,5 @@
+CVE-2016-6254.dpatch
+bts832577-gcry-control.dpatch
rrd_filter_path.dpatch
collection_conf_path.dpatch
bts559801_plugin_find_fix.dpatch
only in patch2:
unchanged:
--- collectd-5.1.0.orig/debian/patches/bts832577-gcry-control.dpatch
+++ collectd-5.1.0/debian/patches/bts832577-gcry-control.dpatch
@@ -0,0 +1,45 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## bts832577-gcry-control.dpatch by Florian Forster <o...@collectd.org>
+## Backported to 5.1.0 by Sebastian Harl <tok...@debian.org>
+##
+## DP: network plugin, libcollectdclient: Check return value of gcry_control().
+##
+## Upstream commit:
+## https://github.com/collectd/collectd/commit/8b4fed99
+## Upstream report:
+## https://github.com/collectd/collectd/issues/1665
+
+@DPATCH@
+
+diff a/src/network.c b/src/network.c
+--- a/src/network.c
b/src/network.c
+@@ -3342,6 +3342,7 @@
+ static int network_init (void)
+ {
+ static _Bool have_init = 0;
++ gcry_error_t err;
+
+ /* Check if we were already initialized. If so, just return - there's
+* nothing more to do (for now, that is). */
+@@ -3350,8 +3351,18 @@
+ have_init = 1;
+
+ #if HAVE_LIBGCRYPT
+- gcry_control (GCRYCTL_SET_THREAD_CBS, _threads_pthread);
+- gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
++ err = gcry_control (GCRYCTL_SET_THREAD_CBS, _threads_pthread);
++ if (err)
++ {
++ ERROR ("network plugin: gcry_control (GCRYCTL_SET_THREAD_CBS)
failed: %s", gcry_strerror (err));
++ return (-1);
++ }
++ err = gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
++ if (err)
++ {
++ ERROR ("network plugin: gcry_control (GCRYCTL_INIT_SECMEM)
failed: %s", gcry_strerror (err));
++
Re: Wheezy update of collectd?
On Wed, Jul 27, 2016 at 04:14:25PM +0200, Sebastian Harl wrote: > On Wed, Jul 27, 2016 at 10:40:13AM -0300, Lucas Kanashiro wrote: > > But we want your opinion. Would you like to take care of this yourself? > > I'm happy to take care of this myself. I'm already working on updates > for stable and unstable and was just about to reach out to you anyway. I see that you already claimed the package in dla-needed. I'm happy to take that over or do whatever makes most sense ;-) Let me know what you'd prefer. Cheers, Sebastian -- Sebastian "tokkee" Harl +++ GnuPG-ID: 0x2F1FFCC7 +++ http://tokkee.org/ Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin signature.asc Description: Digital signature
