Send Linux-ha-cvs mailing list submissions to
linux-ha-cvs@lists.linux-ha.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.community.tummy.com/mailman/listinfo/linux-ha-cvs
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
You can reach the person managing the list at
[EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Linux-ha-cvs digest..."
Today's Topics:
1. Linux-HA CVS: linux-ha by alan from
(linux-ha-cvs@lists.linux-ha.org)
2. Linux-HA CVS: lib by alan from (linux-ha-cvs@lists.linux-ha.org)
3. Linux-HA CVS: linux-ha by alan from
(linux-ha-cvs@lists.linux-ha.org)
4. Linux-HA CVS: lib by alan from (linux-ha-cvs@lists.linux-ha.org)
5. Linux-HA CVS: crm by andrew from
(linux-ha-cvs@lists.linux-ha.org)
----------------------------------------------------------------------
Message: 1
Date: Sun, 13 Aug 2006 22:22:05 -0600 (MDT)
From: linux-ha-cvs@lists.linux-ha.org
Subject: [Linux-ha-cvs] Linux-HA CVS: linux-ha by alan from
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
linux-ha CVS committal
Author : alan
Host :
Module : linux-ha
Dir : linux-ha
Modified Files:
heartbeat.spec.in
Log Message:
Final changes for 2.0.7. Well known to the congnescenti.
===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/heartbeat.spec.in,v
retrieving revision 1.195
retrieving revision 1.196
diff -u -3 -r1.195 -r1.196
--- heartbeat.spec.in 8 Aug 2006 11:42:33 -0000 1.195
+++ heartbeat.spec.in 14 Aug 2006 04:22:04 -0000 1.196
@@ -1,4 +1,4 @@
-# $Id: heartbeat.spec.in,v 1.195 2006/08/08 11:42:33 alan Exp $
+# $Id: heartbeat.spec.in,v 1.196 2006/08/14 04:22:04 alan Exp $
%define _unpackaged_files_terminate_build 1
%define _missing_doc_files_terminate_build 1
@@ -88,6 +88,10 @@
etc) in the CRM configuration have valid id attributes, or set the
ignore_dtd option to true. Otherwise, the new version will refuse
to start.
+ + SECURITY FIX:
+ - Remote Denial of Service attack (#195068, CVE-2006-3121).
+ - Local Denial of Service attack (#194444, CVE-2006-3815).
+ (actually fixed in 2.0.6)
+ Enhancements:
- Improved log messages.
- ptest can now read compressed XML directly. Do not include
------------------------------
Message: 2
Date: Sun, 13 Aug 2006 22:22:05 -0600 (MDT)
From: linux-ha-cvs@lists.linux-ha.org
Subject: [Linux-ha-cvs] Linux-HA CVS: lib by alan from
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
linux-ha CVS committal
Author : alan
Host :
Project : linux-ha
Module : lib
Dir : linux-ha/lib/clplumbing
Modified Files:
cl_netstring.c
Log Message:
Final changes for 2.0.7. Well known to the congnescenti.
===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/lib/clplumbing/cl_netstring.c,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -3 -r1.29 -r1.30
--- cl_netstring.c 18 Dec 2005 07:57:52 -0000 1.29
+++ cl_netstring.c 14 Aug 2006 04:22:05 -0000 1.30
@@ -284,7 +284,7 @@
sp ++;
}
- if (sp >= smax ){
+ if (sp >= smax) {
return(HA_FAIL);
}
@@ -293,6 +293,9 @@
*data = sp;
sp += (*len);
+ if (sp >= smax) {
+ return(HA_FAIL);
+ }
if (*sp != ','){
return(HA_FAIL);
}
------------------------------
Message: 3
Date: Sun, 13 Aug 2006 22:27:22 -0600 (MDT)
From: linux-ha-cvs@lists.linux-ha.org
Subject: [Linux-ha-cvs] Linux-HA CVS: linux-ha by alan from
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
linux-ha CVS committal
Author : alan
Host :
Module : linux-ha
Dir : linux-ha
Modified Files:
Tag: STABLE_1_2
heartbeat.spec.in
Log Message:
Supplied a fix which was well known to the congnescenti.
===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/heartbeat.spec.in,v
retrieving revision 1.80.2.33
retrieving revision 1.80.2.34
diff -u -3 -r1.80.2.33 -r1.80.2.34
--- heartbeat.spec.in 3 Aug 2006 15:47:39 -0000 1.80.2.33
+++ heartbeat.spec.in 14 Aug 2006 04:27:22 -0000 1.80.2.34
@@ -1,4 +1,4 @@
-# $Id: heartbeat.spec.in,v 1.80.2.33 2006/08/03 15:47:39 lars Exp $
+# $Id: heartbeat.spec.in,v 1.80.2.34 2006/08/14 04:27:22 alan Exp $
# Workaround for a change in RPM 4.1.x; needs proper fixing soon!
%define _unpackaged_files_terminate_build 1
@@ -78,8 +78,9 @@
+ Version 1.2.5 (stable)
- ldirectord enhancements.
- Bugfixes to cl_status.
- - Fix local Denial of Service attack during Heartbeat startup.
- (CVE-2006-3815)
+ - Fix Remote Denial of Service attack (#195068, CVE-2006-3121).
+ - Fix Local Denial of Service attack (#194444, CVE-2006-3815).
+ - Fix remote Denial of Service attack (CVE-2006-3121)
- Various portability enhancements.
* Mon Oct 31 2005 Dave Blaschke <[EMAIL PROTECTED]> (see doc/AUTHORS file)
------------------------------
Message: 4
Date: Sun, 13 Aug 2006 22:27:22 -0600 (MDT)
From: linux-ha-cvs@lists.linux-ha.org
Subject: [Linux-ha-cvs] Linux-HA CVS: lib by alan from
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
linux-ha CVS committal
Author : alan
Host :
Project : linux-ha
Module : lib
Dir : linux-ha/lib/clplumbing
Modified Files:
Tag: STABLE_1_2
cl_netstring.c
Log Message:
Supplied a fix which was well known to the congnescenti.
===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/lib/clplumbing/cl_netstring.c,v
retrieving revision 1.5.2.4
retrieving revision 1.5.2.5
diff -u -3 -r1.5.2.4 -r1.5.2.5
--- cl_netstring.c 31 Oct 2005 21:53:40 -0000 1.5.2.4
+++ cl_netstring.c 14 Aug 2006 04:27:22 -0000 1.5.2.5
@@ -248,7 +248,7 @@
sp ++;
}
- if (sp >= smax ){
+ if (sp >= smax) {
return(HA_FAIL);
}
@@ -257,6 +257,9 @@
*data = sp;
sp += (*len);
+ if (sp >= smax) {
+ return(HA_FAIL);
+ }
if (*sp != ','){
return(HA_FAIL);
}
------------------------------
Message: 5
Date: Mon, 14 Aug 2006 02:37:55 -0600 (MDT)
From: linux-ha-cvs@lists.linux-ha.org
Subject: [Linux-ha-cvs] Linux-HA CVS: crm by andrew from
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
linux-ha CVS committal
Author : andrew
Host :
Project : linux-ha
Module : crm
Dir : linux-ha/crm/admin
Modified Files:
Makefile.am
Added Files:
cluster.py crm_commands.py crm_utils.py
Log Message:
A largely self-documenting shell/meta-CLI for controlling the CRM.
Mostly it's just a framework right now but it does do one or two useful things
===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/crm/admin/Makefile.am,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -3 -r1.34 -r1.35
--- Makefile.am 7 Jun 2006 12:46:57 -0000 1.34
+++ Makefile.am 14 Aug 2006 08:37:54 -0000 1.35
@@ -38,7 +38,7 @@
$(LIBRT)
-hasbin_SCRIPTS = crm_primitive.py
+hasbin_PYTHON = crm_primitive.py cluster.py crm_utils.py
crm_commands.py
## binary progs
hasbin_PROGRAMS = crmadmin cibadmin ccm_tool crm_diff crm_mon
iso8601 \
crm_master crm_standby crm_failcount crm_attribute \
------------------------------
_______________________________________________
Linux-ha-cvs mailing list
Linux-ha-cvs@lists.linux-ha.org
http://lists.community.tummy.com/mailman/listinfo/linux-ha-cvs
End of Linux-ha-cvs Digest, Vol 33, Issue 13
********************************************
