lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1429611726.2694.3.camel@pluto.fritz.box>
Date:	Tue, 21 Apr 2015 18:22:06 +0800
From:	Ian Kent <raven@...maw.net>
To:	autofs@...r.kernel.org
Cc:	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [ANNOUNCE] autofs 5.0.10 release

Hi all,

The thing to watch out for in this release is a change made to program
map execution environments. The standard environment added at program
map execution introduced a security problem when interpreted languages
like python were used. By default, a prefix is now added to these names
to avoid the problem and, for those that wish to force the use of
standard
names, a configuration option has been added to do that.

autofs
======

The package can be found at:

ftp://ftp.kernel.org/pub/linux/daemons/autofs/v5

It is autofs-5.0.10.tar.[gz|xz]

No source rpm is there as it can be produced by using:

rpmbuild -ts autofs-5.0.10.tar.gz

and the binary rpm by using:

rpmbuild -tb autofs-5.0.10.tar.gz

See the README.amd-maps file for information about using amd format
maps.

Here are the entries from the CHANGELOG which outline the updates:

21/04/2015 autofs-5.0.10
=======================
- fix mistake in assignment.
- check for non existent negative entries in lookup_ghost().
- fix reset flex scan buffer on init.
- wait for master map available at start.
- add master read wait option.
- add serialization to sasl init.
- dont allocate dev_ctl_ops too early.
- fix race accessing qdn in get_query_dn().
- fix incorrect round robin host detection.
- fix memory leak in create_client().
- fix memory leak in get_exports().
- fix typo in flagdir configure option.
- clarify multiple mounts description.
- gaurd against incorrect umount return.
- update man page autofs(8) for systemd.
- dont pass sloppy option for other than nfs mounts.
- make service want network-online.
- fix fix master map type check.
- init qdn before use in get_query_dn().
- fix typo in update_hosts_mounts().
- make negative cache update consistent for all lookup modules.
- ensure negative cache isn't updated on remount.
- dont add wildcard to negative cache.
- add a prefix to program map stdvars.
- add config option to force use of program map stdvars.
- fix incorrect check in parse_mount().
- handle duplicates in multi mounts.
- revert special case cifs escapes.
- fix map option parsing for 'strictatime'.
- fix showmount search in auto.net.
- remove obsolete comment in auto.net.
- fix macro usage in lookup_program.c.
- fix gcc5 complaints.
- remove unused offset handling code.
- fix mount as you go offset selection.
- link daemon with pthread library (Debian patch).
- manpage corrections (Debian patch).
- fix manpages hyphenation (Debian patch).

Ian



Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ