Back to netcat-openbsd PTS page

Accepted netcat-openbsd 1.218-5 (source) into unstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 11 Mar 2022 21:54:15 +0100
Source: netcat-openbsd
Architecture: source
Version: 1.218-5
Distribution: unstable
Urgency: low
Maintainer: Guilhem Moulin <guilhem@debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Changes:
 netcat-openbsd (1.218-5) unstable; urgency=low
 .
   [ Dirk Jagdmann ]
   * Add support for abstract namespace sockets in the AF_UNIX family.
 .
   [ Guilhem Moulin ]
   * d/t/client-server: Add a simple test for sockets in the AF_UNIX family,
     including those in the abstract namespace on Linux.  We were only checking
     sockets in the AF_INET family before.
   * d/p/abstract-unix-domain-socket.patch: Some fixes and improvements upon
     Dirk's patch.
   * d/checks: Ensure sockets in the AF_UNIX family are usable up to the
     sizeof(sun_path) limit, and rejected with ENAMETOOLONG when they exceed it.
   * d/checks: Add tests for abstract namespace sockets in the AF_UNIX family,
     incl. for source datagram UNIX domain sockets.
   * d/p/abstract-unix-domain-socket.patch: Always reject the empty pathname
     sockets, which on Linux was read as the NUL abstract socket before.  The
     empty abstract socket is still allowed however, and is specified as "@".
   * d/p/misc-failures-and-features.patch: Remove double warning in
     unix_connect().
   * d/p/misc-failures-and-features.patch: Remove leftover union{}, obsolete
     since 1.190-1.
   * d/p/misc-failures-and-features.patch: Factor out Makefile changes to
     d/p/port-to-linux-with-libbsd.patch.
   * d/p/misc-failures-and-features.patch: Remove redundant errx() call in
     unix_connect().
   * d/p/misc-failures-and-features.patch: Improve error message for UNIX-domain
     datagram sockets.
   * d/checks: Use '--' marker to avoid breakage on socket pathnames starting
     with '-'.
   * d/checks/netcat: Set LC_ALL=C.
   * Add d/NEWS entry mentioning abstract sockets support and its implications.
   * d/p/*: Consolidate usage of '#if defined(FOO)' vs. '#ifdef FOO'.
   * d/p/build-without-TLS-support.patch: Rename '-DTLS' to the less generic
     '-DHAVE_TLS'.
   * d/p/port-to-linux-with-libbsd.patch: Use automatic Makefile variables.
   * d/checks/02-connect: Check default temporary socket name for datagram
     sockets.
   * d/tests/client-server: Check that the socket path is left behind.
   * Rather than using mkstemp(3) to create unique names for default source
     datagram UNIX domain sockets, use mkdtemp(3) to create a new empty
     directory (with mode 0700) and use it to store a fixed socket name.  This
     fixes a file descriptor leak and a race condition where a new file would be
     created by an attacker between the unlink(2) and bind(2) calls.  We don't
     use an abstract socket here since it would open a race condition with the
     possibility for a local attacker to inject fake server responses.
   * d/p/*: Minor formatting fixes.
   * d/p/*: Improve Subject: lines.
   * d/copyright: Update copyright years.
Checksums-Sha1:
 aa91a8f4ed56d6888aa47d8d20c8e8a0791995e5 2003 netcat-openbsd_1.218-5.dsc
 254f17106666d8e85f2bc03702ca970a08a3be08 52052 netcat-openbsd_1.218-5.debian.tar.xz
 f675654300e38f6d114bfe131339c7de4f425072 6558 netcat-openbsd_1.218-5_amd64.buildinfo
Checksums-Sha256:
 cc7fdc7d3f153a5b61514d8883d167958579e951d152e1cc99abd566ce73f0bc 2003 netcat-openbsd_1.218-5.dsc
 1bbe193c2762aa884152667316c4e1f08877699e7e2dedd27975cb0a69815796 52052 netcat-openbsd_1.218-5.debian.tar.xz
 49a0327ec294f197814cd8501d93d57ed7a0edc6c9c317a2c2865d7a694f6620 6558 netcat-openbsd_1.218-5_amd64.buildinfo
Files:
 4f511750618213d24978b07f1e73d999 2003 net important netcat-openbsd_1.218-5.dsc
 bc25ac470685533fd2289ae9325d241f 52052 net important netcat-openbsd_1.218-5.debian.tar.xz
 3cec86e7f528956a12a116609736d32a 6558 net important netcat-openbsd_1.218-5_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmIruiwACgkQ05pJnDwh
pVL0KA/8DJdANczHQKJAlqNwbl7N7DtV2a4lzVPPvV200xosqx4leiOUuWPi1e2v
1xfas1/ISG/JVrvBNV3RwLOG1xPTCuIq/p3EnPwdzs0ew5g9ywd38nnBgBNmmDKY
hltkN6G9ScbL8riE+SVbm3lN0INkPq7+hEZ8qYE3e2ilODZN7YO1IDQ2jhEphrhr
Va/xwS7ASg1lKc8vVc4mulS+ncgA4AIl8ltWlZze6Dpp4qL3QLNxkO6ovelEs5JE
CvStdVfY/k13hYtpQPkB0usuPlltyu6a5F0vJw+Z44D1ypy1mAatwkuaR7BGswHe
eZ1JHf1n8GDU0L56u0JiPOfyOxWTHNIlDdMNWwALASfmoLdMdyclB2QKd9CJZwLy
6R5ZDZhB5m7cta+CaI+e3pE1UFNwos59pnU9Gdtp4iGVduvNmH2qekQKbq6kmOKC
r0rJXd2QxTiGwMAqGjqetcpJvayhF0lPQE9MNgBFAbOo7ZjyNf3XXq/7b3r72ffH
XOtHsL/kSLz5MHJrKO8xe+GYGJ9xfkdNSxAbEsDRRIEwp0K85vBaD4Ji9jrhs2CK
GJOvIcdQFatT/1xHTEo7WLLbiypcdfs5jcnN4OQS/iz3wj3xwHJj+FxeNW8EAkBz
ellkpge9wHj9eGbkyAXlj88Nl2gaSM4+IiJEHa+UWy7DEWRExBY=
=G9i5
-----END PGP SIGNATURE-----