INN 2.2.3, recommandé si vous n'avez pas
verifycancel off
dans votre config.
From: [EMAIL PROTECTED]
Subject: [ANNOUNCE] INN 2.2.3 available
Date: 21 Jul 2000 21:30:34 +0200
Message-ID: <[EMAIL PROTECTED]>
The Internet Software Consortium is pleased to announce that a new bug-fix
release of INN is available at:
ftp://ftp.isc.org/isc/inn/inn-2.2.3.tar.gz
The MD5 checksum of this release is:
0c0f71d79cc2b4fbd5bad4a7f093f53f
A PGP signature will soon be available in the same directory. There is a
patch from 2.2.2 to 2.2.3 available there as well.
This is primarily a security and bug-fix release over 2.2.2. Among other
things, this fixes the widely-reported security hole in verifycancels.
Anyone running INN 2.0 or later is strongly encouraged to upgrade to this
release (INN 1.7 and earlier is not vulnerable to that hole). Upgrading
an existing INN 2.2.x installation is as simple as building INN 2.2.3 and
running make update.
Changes from 2.2.2 are:
* INN no longer installs inews setgid news or rnews setuid root by
default. If you need the old behavior, --enable-uucp-rnews and/or
--enable-setgid-inews must be given to configure. See INSTALL
for more information.
* A security hole when verifycancels is turned on in inn.conf (not
the default) was fixed.
* Message IDs are now limited to 250 octets to prevent
interoperability problems with other servers.
* Various other security paranoia fixes have been made.
* Embedded Perl filters fixed to work with Perl 5.6.0.
* Lots of bug fixes.
This will be the final release of the INN 2.2.x series, barring major
security holes. INN 2.3.0 will be released shortly, and features a
significantly different internal architecture. Development has already
begun on the INN 2.4.x series.
Please submit all bug reports to [EMAIL PROTECTED] Please send all
patches to [EMAIL PROTECTED]
Russ Allbery
Katsuhiro Kondou
[EMAIL PROTECTED]
--
Pour poster une annonce: [EMAIL PROTECTED]
