[Bug 1334832] [NEW] Update to upstream 2.4.7 for Utopic

Thu, 26 Jun 2014 13:16:23 -0700 

Public bug reported:

A few bug fixes and new features:

2.4.7
- Bugfixes
  - file authenticator: allow password hash of up to 128 characters
  - libu: don't exit() on malloc errors

2.4.6
- Features
  - Support large hashes (like SHA512) in file authentication
  - use constant-time password compare to prevent brute-force attacks
  - Create server-plugin-ruby as separate RPM
  - Add Unisys namespace and CIM class prefix 'SPAR'
  - Alias openwsman and openwsmand systemd services
  - Also create respective rc-commands: rcopenwsman, rcopenwsmand
    (SUSE only)
- Bugfixes
  - Fix crash on invalide resource URI  
  - Fix resource namespace for DCIM_ classes

2.4.5
- Features
  - enforce SSL operation in systemd service
  - Add /usr/sbin/rcopenwsman for systemd environments
  - New environment variable 'OPENWSMAN_CURL_TRANSPORT_SSLVERSION' to
    select SSL protocol version. Set it to 'tlsv1.2' for TLS-v1.2
    (anstein)
- Bugfixes
  - Fix memory leaks in redirect plugin (Praveen K Paladugu)
  - shttpd: Improve error reporting if SSL context fails
  - Builds on Fedora 20 now

2.4.4
- Security update
  - ws_xml_make_default_prefix() can overflow buf parameter via sprintf()
  - ws_xml_make_default_prefix() can overflow buf parameter via sprintf()
  - wsmc_create_request() potential buf[20] overflow via WSMAN_ACTION_RENEW
  - LocalSubscriptionOpUpdate() unchecked fopen()
  - Incorrect order of sanity guards in wsman_get_fault_status_from_doc()
  - Unchecked memory allocation in wsman_init_plugins(), p->ifc
  - Unchecked memory allocation in mem_double(), newptr
  - Unchecked memory allocation in dictionary_new(), d, d->val, d->key, d->hash
  - Unchecked memory allocation in u_error_new(), *error
  - sighup_handler() in wsmand.c uses unsafe functions in a signal handler
- Features
  - add rcopenwsman command to systemd environments
  - add rcopenwsmand command for backwards compatibility
- Bindings
  - support rdoc 2.1 in Ruby bindings
  - cmake: use PYTHON_INCLUDE_DIRS

** Affects: openwsman (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1334832

Title:
  Update to upstream 2.4.7 for Utopic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openwsman/+bug/1334832/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to