Marcus Rueckert
f66bbcc1d4
DoS when printing out keys to be deleted in verbose mode Upstream bug 306 (CVE-2013-0179) OBS-URL: https://build.opensuse.org/package/show/network:utilities/memcached?expand=0&rev=18
328 lines
13 KiB
Plaintext
328 lines
13 KiB
Plaintext
-------------------------------------------------------------------
|
|
Tue Jan 15 11:44:05 UTC 2013 - mrueckert@suse.de
|
|
|
|
- added memcached-1.4.x_delete_verbose_mode_dos.patch (bnc#798458)
|
|
DoS when printing out keys to be deleted in verbose mode
|
|
Upstream bug 306 (CVE-2013-0179)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 20 07:51:02 UTC 2012 - dimstar@opensuse.org
|
|
|
|
- Fix useradd invocation: -o is useless without -u and newer
|
|
versions of pwdutils/shadowutils fail on this now.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 7 20:47:22 UTC 2012 - chris@computersalat.de
|
|
|
|
- update to version 1.4.15
|
|
* Add some mild thread documentation
|
|
* README.md was missing from dist tarball
|
|
* Issue 286 : --disable-coverage drops "-pthread" option
|
|
* Reduce odds of getting OOM errors in some odd cases
|
|
- rebase use-endian_h, autofoo patch and 1.4.5.dif
|
|
- fix build <= 1140
|
|
* export LIBEVENT_CFLAGS and LIBEVENT_LIBS so we dont need
|
|
pkgconfig check for libevent on <= 1140
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 7 19:58:59 UTC 2012 - mrueckert@suse.de
|
|
|
|
- fix build on older distros
|
|
- memcached-autofoo.patch: removed no-dist-gzip dist-xz
|
|
- added new conditional to guard all the systemd stuff and
|
|
guarded the general bcond_without with an suse_version > 12.2
|
|
- export LIBEVENT_CFLAGS and LIBEVENT_LIBS so we dont need
|
|
pkgconfig check for libevent on sles11
|
|
- use makeinstall instead of make_install
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 14 02:50:12 UTC 2012 - crrodriguez@opensuse.org
|
|
|
|
- Update to version 1.4.14
|
|
* Avoid race condition in test during pid creation by blind retrying
|
|
* Fixed issue with invalid binary protocol touch command expiration time
|
|
|
|
- If the test suite fails, package must fail build.
|
|
|
|
- Use byteswapping macros from endian.h and not some ad-hoc/slow
|
|
function.
|
|
|
|
- Add systemd units.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 3 00:54:39 UTC 2012 - tabraham@novell.com
|
|
|
|
- removed fix-strict-aliasing.patch deprecated by this release
|
|
|
|
- Update to version 1.4.13
|
|
* Fix inline issue with older compilers (gcc 4.2.2)
|
|
* Better detection of sasl_callback_ft
|
|
|
|
- Changes from version 1.4.12
|
|
Fixes:
|
|
* fix glitch with flush_all (exptime)
|
|
* Skip SASL tests unless RUN_SASL_TESTS is defined.
|
|
* Look around for saslpasswd2 (typically not in the user's path).
|
|
* build fix: Define sasl_callback_ft on older versions of sasl.
|
|
* fix segfault when sending a zero byte command
|
|
* fix warning in UDP test
|
|
* properly detect GCC atomics
|
|
* tests: loop on short binary packet reads
|
|
* fix slabs_reassign tests on 32bit hosts
|
|
|
|
- Changes from version 1.4.11
|
|
Fixes:
|
|
* bug237 : Don't compute incorrect argc for timedrun
|
|
* fix 'age' stat for stats items
|
|
* binary deletes were not ticking stats counters
|
|
* Fix a race condition from 1.4.10 on item_remove
|
|
* close some idiotic race conditions
|
|
* initial slab automover
|
|
* slab reassignment
|
|
* clean do_item_get logic a bit. fix race.
|
|
* clean up the do_item_alloc logic
|
|
* shorten lock for item allocation more
|
|
* Fix to build with cyrus sasl 2.1.25
|
|
New features:
|
|
* Slab page reassignment and bug fixes over 1.4.10.
|
|
|
|
- Changes from version 1.4.10
|
|
Fixes:
|
|
* Disable issue 140 's test.
|
|
* Push cache_lock deeper into item_alloc
|
|
* Use item partitioned lock for as much as possible
|
|
* Remove the depth search from item_alloc
|
|
* Move hash calls outside of cache_lock
|
|
* Use spinlocks for main cache lock
|
|
* Remove uncommon branch from asciiprot hot path
|
|
* Allow all tests to run as root
|
|
New features:
|
|
* tested improvements in speed between 3 and 6 worker
|
|
threads (-t 3 to -t 6) More than 6 reduced speed
|
|
|
|
- Changes from version 1.4.9
|
|
* Add a systemd service file
|
|
* Fix some minor typos in the protocol doc
|
|
* Issue 224 - check retval of main event loop
|
|
* Fix -c so maxconns can be raised above default.
|
|
|
|
- Changes from version 1.4.8
|
|
Fixes:
|
|
* Fix to write correct pid from start-memcached
|
|
* Fix to enable LRU when using binary protocol
|
|
* Upgrade stats items counters to 64bit
|
|
* Add new stats expired_unfetched, evicted_unfetched
|
|
* Allow setting initial size of the hash table
|
|
* Expose stats for the internal hash table
|
|
* bug220 : incr would sometimes return the previous item's CAS
|
|
* Fixed bug on multi get processing
|
|
* Experimental maxconns_fast option
|
|
* Add an ASCII touch command
|
|
* Add binary GATK/GATKQ
|
|
* Backport binary TOUCH/GAT/GATQ commands
|
|
* Issue 221 : Increment treats leading spaces as 0
|
|
* Fix compile error on OS X
|
|
New features:
|
|
* touch commands
|
|
* fast connection limit handling
|
|
* internal hash table
|
|
* expored_unfetched, evicted_unfetched
|
|
|
|
- Changes from version 1.4.7
|
|
Fixes:
|
|
* Use a monotonically increasing timer
|
|
* Immediately expire items when given a negative expiration time
|
|
* fix memcached-tool to print about all slabs
|
|
* Properly daemonize memcached for debian
|
|
* Don't permanently close UDP listeners on error
|
|
* Allow memcached-init to start multiple instances (not recommended)
|
|
* Issue 214 : Search for network libraries before searching for libevent
|
|
* Issue 213 : Search for clock_gettime in librt
|
|
* Issue 115 : accont for CAS in item_size_ok
|
|
* Fix incredibly slim race for maxconns handler. Should no longer hang ever
|
|
* Issue 183 - Reclaim items dead by flush_all
|
|
* Issue 200 : Don't fire dtrace probe as the last thing in a function
|
|
New features:
|
|
* monotonic clock
|
|
|
|
- Changes from version 1.4.6
|
|
* Gcc on Solaris sparc wants -R and not -rpath
|
|
* Issue 121 : Set the runtime path when --with-libevent is used
|
|
* Fix autogen failure when unable to find supported command.
|
|
* fix race crash for accepting new connections
|
|
* fix incr/decr race conditions for binary prot
|
|
* fix incr/decr race conditions for ASCII prot
|
|
* Compile fix (-Werror=unused-but-set-variable warnings)
|
|
* Bind each UDP socket to an a single worker thread in multiport env
|
|
* Add support for using multiple ports
|
|
* Issue 154 : pid file out of sync (created before socket binding)
|
|
* Issue 163 : Buggy mem_requested values
|
|
* Fix cross compilation issues in configure
|
|
* Issue 140 - Fix age for items stats
|
|
* Issue 131 - ChangeLog is outdated
|
|
* Issue 155 : bind to multiple interface
|
|
* Issue 161 incorrect allocation in cache_create
|
|
* Fix type-punning issues exposed with GCC 4.5.1
|
|
* Simplify stats aggregation code
|
|
* Reverse backward expected/actual params in test
|
|
* Issue 152 : Fix error message from mget
|
|
* Refuse to start if we detect libevent 1.12
|
|
* Fix compilation issue on Solaris 9 wrt isspace() macro - Resolves
|
|
issue 111
|
|
New features:
|
|
* multiple port binding
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 27 12:41:52 UTC 2011 - coolo@novell.com
|
|
|
|
- follow fedora's lead and remove Werror
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 6 12:03:59 UTC 2010 - freitag@novell.com
|
|
|
|
- update to version 1.4.5:
|
|
This is a maintenance release with some build fixes, doc fixes, and one new stat.
|
|
Fixes:
|
|
* Properly detect CPU alignment on ARM. bug100
|
|
* Remove 1MB assertion. bug 119
|
|
* More automake versions supported.
|
|
* Compiler warning fixes for OpenBSD.
|
|
* potential buffer overflow in vperror
|
|
* Report errors opening pidfiles using vperror
|
|
New Features::
|
|
* New stat: reclaimed
|
|
* sasl_pwdb for more simple auth deployments
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 5 03:19:40 CEST 2009 - mrueckert@suse.de
|
|
|
|
- update to version 1.2.8:
|
|
- make -b command actually work
|
|
- *critical bugfix*. In 1.2.7 under multithreaded mode, memcached
|
|
would never restart accepting connections after hitting the
|
|
maximum connection limit.
|
|
- remove 'stats maps' command, as it is a potential information
|
|
leak, usable if versions prior to 1.2.8 ever have buffer
|
|
overflows discovered. (bnc#501656) CVE-2009-1494
|
|
- additional changes from version 1.2.7
|
|
- reset new stats with 'stats reset'
|
|
- Slew of new tests. (misc, mostly Dustin Sallings)
|
|
- Minor bug fixes. (misc, mostly Dustin Sallings, some Dormando)
|
|
(see git history for full list)
|
|
- -b command for setting the tcp listen backlog (Chris Goffinet)
|
|
- Workaround for a more major bug that very rarely makes
|
|
memcached stop allowing new data to be set. (Dormando)
|
|
- Print why a key was expired in -vv mode (Dormando)
|
|
- cmd_flush stat (Dormando)
|
|
- listen_disabled_num stat for determining if you've hit the
|
|
maxconns limit (Dormando)
|
|
- Display error status on listen failures (Dormando)
|
|
- Remove managed instance code. Incomplete/etc. (Dormando)
|
|
- Handle broken IPV6 stacks better (Brian Aker)
|
|
- Generate warnings on setsockopt() failures (Brian Aker)
|
|
- Fix some indentation issues (Brian Aker)
|
|
- UDP/TCP can be disabled by setting their port to zero (Brian
|
|
Aker)
|
|
- Zero out libevent thread structures before use (Ricky Zhou)
|
|
- New stat: Last accessed time for last evicted item per slab
|
|
class. (Dormando)
|
|
- Use a dedicated socket accept thread (Facebook)
|
|
- Add -R option. Limit the number of requests processed by a
|
|
connection at once. Prevents starving other threads if bulk
|
|
loading. (Facebook)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 28 16:05:33 CET 2008 - ro@suse.de
|
|
|
|
- ignore test suite results for the moment
|
|
(will not work without networking support in build environment)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 16 18:25:33 CEST 2008 - mrueckert@suse.de
|
|
|
|
- require libevent-devel on 11.1 or newer
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Sep 6 18:25:44 CEST 2008 - mrueckert@suse.de
|
|
|
|
- Update to version 1.2.6:
|
|
Major crash fixes, DTrace support, minor updates. If you have
|
|
stability issues with any previous release, please upgrade to
|
|
this one.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 19 17:10:34 CEST 2008 - mrueckert@suse.de
|
|
|
|
- Update to version 1.2.5:
|
|
Minor bugfixes, build support for opensolaris, ipv6 support,
|
|
"noreply" mode for many commands, largepage support for solaris.
|
|
Made out of memory errors more clear and added eviction/OOM
|
|
tracking per slab class.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 29 18:52:05 CET 2008 - mrueckert@suse.de
|
|
|
|
- Update to version 1.2.4:
|
|
Many bug and platform fixes since 1.2.2. New threading support
|
|
for stat queries. New commands 'append', 'prepend', 'gets', and
|
|
'cas'.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Aug 4 07:43:52 CEST 2007 - mrueckert@suse.de
|
|
|
|
- fixed a few rpmlint warnings
|
|
|
|
-------------------------------------------------------------------
|
|
Sat May 26 11:25:32 CEST 2007 - mrueckert@suse.de
|
|
|
|
- Update to version 1.2.2:
|
|
Memcached can be configured to support multithreading. Big code
|
|
cleanup with performance improvements. Memcached now collects
|
|
eviction and per-object-type statistics.
|
|
- synced with memcached-unstable
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Dec 5 23:06:59 CET 2006 - mrueckert@suse.de
|
|
|
|
- Update to version 1.2.1:
|
|
o mainly fixes a stability issue reported on the mailinglist
|
|
o a few optimization fixes
|
|
- removed autoreconf -fi for now
|
|
- build debuginfo
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 15 16:18:18 CET 2006 - mrueckert@suse.de
|
|
|
|
- added Conflicts: memcached-unstable
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Nov 12 18:54:14 CET 2006 - lmuelle@suse.de
|
|
|
|
- Fix typo in sysconfig file.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Sep 10 12:00:00 CET 2006 - mrueckert@suse.de
|
|
|
|
- Update to version 1.1.13:
|
|
o test suite (make test)
|
|
o better libevent detection
|
|
o 64 bit support (passes test suite at least now)
|
|
o off-by-one errors in expirations fixed
|
|
o bug fixes
|
|
o start of "vbuckets" project. instead of clients hashing
|
|
a key onto a memcached instance, they map onto one of
|
|
16k or so virtual bucket numbers, each bucket of which
|
|
is owned by an instance and w/ a particular generation number.
|
|
no client or tracker exists yet, but low-level stuff is there.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 25 21:38:14 CET 2006 - mls@suse.de
|
|
|
|
- converted neededforbuild to BuildRequires
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 18 15:59:43 CEST 2005 - mrueckert@suse.de
|
|
|
|
- Initial package with version 1.1.12
|
|
|