Subject: CVS commit: [pkgsrc-2005Q1] pkgsrc/news/leafnode
To: None <pkgsrc-changes@NetBSD.org>
From: Soren Jacobsen <firstname.lastname@example.org>
Date: 06/13/2005 05:36:28
Module Name: pkgsrc
Committed By: snj
Date: Mon Jun 13 05:36:28 UTC 2005
pkgsrc/news/leafnode [pkgsrc-2005Q1]: Makefile distinfo
Pullup ticket 550 - requested by Lubomir Sedlacik
security update for leafnode
Revisions pulled up:
- pkgsrc/news/leafnode/Makefile 1.26
- pkgsrc/news/leafnode/distinfo 1.15
Module Name: pkgsrc
Committed By: salo
Date: Thu Jun 9 18:21:23 UTC 2005
pkgsrc/news/leafnode: Makefile distinfo
Update to version 1.11.3
### SECURITY BUGFIXES
- Fetchnews did not detect timeouts while it was downloading an article
header, which malicious upstream servers could exploit to mount
a denial of service attack against the fetchnews client. See
leafnode-SA-2005-02.txt. CVE Name: CAN-2005-1911
- Bugfix sed expression in makesubst script. (Reported by Jeff Zacharias.)
- texpire now tags the message.id expired count with "message.id" rather
than "total:" to avoid misleading the user who assumes that "total:"
would have to be the sum of the group counts. See also the FAQ change
below. SourceForge bug #1215453.
- When debugmode and verbose mode are set, leafnode programs now print a
warning to stdout that the user should check syslog.conf and the
syslog output rather than the screen print for debugging and sleeps for
- Add FAQ entry to explain discrepancies between texpire group counts
and message.id expired articles counts.
- Add FAQ entry to explain influence of Gnus' gnus-read-active-file
setting on lost subscriptions, and extend stop fetchnews from
unsubscribing FAQ. Debian bug #307685.
- Drop FAQ entry on license issues as some parts of leafnode are in fact
- Drop FAQ entry on why old articles aren't posted, obsolete since
- INSTALL and INSTALL_de have been polished.
- Add a hint that syslog.conf must be edited to config.example.
- leafnode(8) mentions that LIST ACTIVE keeps an existing subscription
To generate a diff of this commit:
cvs rdiff -r220.127.116.11 -r18.104.22.168 pkgsrc/news/leafnode/Makefile
cvs rdiff -r22.214.171.124 -r126.96.36.199 pkgsrc/news/leafnode/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.