info-gnu
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

userv (security boundary tool) 1.0.5 released


From: Ian Jackson
Subject: userv (security boundary tool) 1.0.5 released
Date: Tue, 6 Jun 2006 22:12:04 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

GNU userv 1.0.5 is now released.

userv (pronounced `you-serve') is, in the words of the specification,
      a Unix system facility to allow one program to invoke another
      when only limited trust exists between them.

userv is a one-of-a-kind systems programming and system administration
tool, which can be used to avoid setuid programs, special daemons, or
the need for doubtful `helper' programs.

For more information, including the on-line specification and the
distribution files, visit
 http://www.chiark.greenend.org.uk/~ian/userv/
If you have queries, please join the userv-discuss mailing list in
preference to mailing the author.  Thank you.

This is a maintenance release.  It fixes a number of minor bugs and
portability problems, but none of the changes are believed to be
security-critical.

There is also an associated non-GNU package userv-utils, which
contains a collection of miscellaneous userv services, which can serve
as examples and programs in their own right.  Note that the
documentation and probably quality of these leave a lot to be desired.
Contributions of documentation, installation instructions,
improvements, etc, for parts of userv-utils would be very welcome.
userv-utils can be found alongside GNU userv's distribution files.

========================================

MD5 checksums:
1a39116f5a65361d3234e7f1cf63cb83  userv-1.0.5.tar.gz
9e5e5a19a9a60d23544a42bd879681fe  userv-utils-0.3.tar.gz

SHA-1 checksum:
eb6d8b86dcc37e576972f1d65652db951e0c7319  userv-1.0.5.tar.gz
723393fc19deecedf1e3d20e3071cf75284359fa  userv-utils-0.3.tar.gz

========================================

Changes to userv since 1.0.3:

userv (1.0.5) unstable; urgency=low

  Bugfixes (thanks to report from Nelson Beebe):
  * Do not call `assert' on expressions whose side-effects we need (!)
    Thanks to report from Nelson Beebe.
  * Correct an erroneous assert() argument so that it would actually
    detect failure of the assertion.
  * alarm(2) returns unsigned and can never fail.

  Packaging changes:
  * Reran flex (flex Debian 2.5.31-31).
  * Use install -g 0 instead of -g root.  This is more portable, I hope.
  * Detect missing vsnprintf and mention URL from Nelson Beebe in err msg.
  * Remove obsolete `buildship' script from top level directory.  We use
    cvs-buildpackage nowadays.

 -- Ian Jackson <address@hidden>  Sat,  8 Apr 2006 13:17:14 +0100

userv (1.0.4) unstable; urgency=low

  Bugfixes:
  * Close client socket fd in spawned cats (avoids some service-side hangs
    when client terminates).  Thanks to report from Simon Tatham.

  Minor portability fixes:
  * Missing #include <string.h> and <stdlib.h>  } Thanks to report
  * getgroups returns int, not gid_t (!).       }  from Peter Benie.
  * Dummy `check' target in Makefile.in.              } Thanks to
  * Bogus strsignal emulation for broken platforms.   } report from
  * Bogus WCOREDUMP emulation for broken platforms.   } Nelson Beebe
  
  Packaging improvements (including Debian packaging fixes):
  * Compress uservd(8) manpage.  Closes: #244735.
  * spec.tex and spec.html are autogenerated: clean and .cvsignore them.
  * SHELL=/bin/bash in debian/rules; use of install(8).  Closes: #263979.
  * Reran autoconf/autoheader (autoconf Debian 2.13-54).
  * Updated copyright notices.

 -- Ian Jackson <address@hidden>  Fri,  7 Apr 2006 20:04:29 +0100

userv (1.0.3-2) unstable; urgency=low

  Debian packaging improvements (only):
  * type -p invoke-rc.d changed to type, in postinst and prerm.

 -- Ian Jackson <address@hidden>  Sat,  1 Nov 2003 16:59:38 +0000

========================================

Changes to userv-utils since 0.2.3:

userv-utils (0.3) unstable; urgency=medium

  dyndns:
  * New dyndns service.

  ucgi:
  * add HTTP_REFERER.
  * Fix path in www-cgi userv service default configuration.

  ipif/udptunnel:
  * Use slip, not cslip (!)
  * service MAXEXROUTES increased from 5 to 50.
  * Set default max clock skew to 45/45, not 10/30.
  * Allow config file to override default clock skew and lag.
  * Report nonzero death of m4 better.
  * Add a few missing #include's of <string.h>.
  * Minor fixes to INSTALL.

  groupmanage:
  * new name-regexp feature.
  * admin-group is understood in config file but currently ignored.
  * file locations configurable.
  * groupmanage: do not claim that root doesn't exist.
  * groupmanage: configurable group name length limit.
  (Thanks to reports and patches from Ben Harris at Cambridge University.)

  Packaging changes:
  * Debianisation.
  * New Makefiles in various directories; still not wonderful.
  * Removed some common stuff from */Makefile to settings.make.
  * Copyright notices updated.
  * Moved changelog to debian/changelog.

 -- Ian Jackson <address@hidden>  Tue,  6 Jun 2006 22:02:17 +0100

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iQCVAwUBRIXvmcMWjroj9a3bAQKHaQP9GtfA3ME9uEn6bZoZMPxBRj6h2aHn54Ss
nQLmH7QS0t9kdQ2F4APM6Mnp5RwPURNMNm8jp+anyRl2lskbIAUh7QmruP3C3UdJ
E0pYfSFlpV9cBAVGzVUMYSTgnJIJZwKOYDB5DuE236yUGUV+ZSsVmgbiAaw8Zhbn
fTbj2MgIpgI=
=q26E
-----END PGP SIGNATURE-----




reply via email to

[Prev in Thread] Current Thread [Next in Thread]