- Update to 1.8.0.2:
- Security fix for readline.sh: arbitrary file overwrite via predictable /tmp
directory (bsc#1225462 CVE-2024-54661)
- Update to 1.8.0.1:
- Bug fixes
- UDP-SENDTO, UDPLITE-SENDTO, and IP-SENDTO addresses now select an IPv4
address in case the server name resolves to both IPv4 and IPv6 addresses.
- Guard applyopts_termios_value() with WITH_TERMIOS.
- In some situations xioclose() was called nested what could cause hanging
of OpenSSL in pthread_rwlock_wrlock().
- socat 1.8.0.0 with addresses of type RECVFROM and option fork, where the
second address failed to connect/open in the child process, entered a
fork loop that was only stopped by FD exhaustion caused by FD leak.
- socat 1.8.0.0 had an FD leak with addresses of type RECVFROM with fork.
- With version 1.8.0.0, options ipv6-join-group and ipv6-join-source-group
did not work.
- IP-SENDTO and option pf (protocol-family) with protocol name (vs.numeric
argument) failed with message: E retropts_int(): trailing garbage in
numerical arg of option "protocol-family".
- Fixed a possible buffer overrun with long log lines. In fact it does not
write beyond end of buffer but lets pass excessive data to the write()
function.
- Reworked domain name resolution, centralized IPv4/IPv6 sorting.
- Print warning about not checking CRLs in OpenSSL only in the first child
process.
- Features
- Total inactivity timeout option -T 0 now means 0.0 seconds;
- Changed socat-chain.sh, socat-mux.sh, and socat-broker.sh to work with
older Socat versions.
- socat-mux.sh and socat-broker.sh, when run as root, now internally use (forwarded request 1230098 from wfrisch)
OBS-URL: https://build.opensuse.org/request/show/1230116
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/socat?expand=0&rev=48
- Update to 1.8.0.2:
- Security fix for readline.sh: arbitrary file overwrite via predictable /tmp
directory (bsc#1225462 CVE-2024-54661)
- Update to 1.8.0.1:
- Bug fixes
- UDP-SENDTO, UDPLITE-SENDTO, and IP-SENDTO addresses now select an IPv4
address in case the server name resolves to both IPv4 and IPv6 addresses.
- Guard applyopts_termios_value() with WITH_TERMIOS.
- In some situations xioclose() was called nested what could cause hanging
of OpenSSL in pthread_rwlock_wrlock().
- socat 1.8.0.0 with addresses of type RECVFROM and option fork, where the
second address failed to connect/open in the child process, entered a
fork loop that was only stopped by FD exhaustion caused by FD leak.
- socat 1.8.0.0 had an FD leak with addresses of type RECVFROM with fork.
- With version 1.8.0.0, options ipv6-join-group and ipv6-join-source-group
did not work.
- IP-SENDTO and option pf (protocol-family) with protocol name (vs.numeric
argument) failed with message: E retropts_int(): trailing garbage in
numerical arg of option "protocol-family".
- Fixed a possible buffer overrun with long log lines. In fact it does not
write beyond end of buffer but lets pass excessive data to the write()
function.
- Reworked domain name resolution, centralized IPv4/IPv6 sorting.
- Print warning about not checking CRLs in OpenSSL only in the first child
process.
- Features
- Total inactivity timeout option -T 0 now means 0.0 seconds;
- Changed socat-chain.sh, socat-mux.sh, and socat-broker.sh to work with
older Socat versions.
- socat-mux.sh and socat-broker.sh, when run as root, now internally use
OBS-URL: https://build.opensuse.org/request/show/1230098
OBS-URL: https://build.opensuse.org/package/show/network:utilities/socat?expand=0&rev=68
- Update to 1.8.0.0:
* Support for network namespaces (option netns)
* TCP client now automatically tries all addresses (IPv4 and IPv6) provided by nameserver until success
* Implementation of POSIX message queue (mq) control and access on Linux (addresses POSIXMQ-READ and following)
* New wrapper script socat-chain.sh allows to stack two addresses, e.g.HTTP proxy connect over SSL
* New script socat-mux.sh allows n-to-1 / 1-to-n communications
* New script socat-broker.sh allows group communications
* Experimental socks5 client feature
* Address ACCEPT-FD for systemd "inetd" mode
* UDP-Lite and DCCP address types
* Addresses SOCKETPAIR and SHELL
* New option bind-tmpname allows forked off children to bind UNIX domain client sockets to random unique pathes
* New option retrieve-vlan (with INTERFACE addresses) now makes kernel keep VLAN tags in incoming packets
* Simple statistics output with Socat option --statistics and with SIGUSR1
* A couple of new options, many fixes and corrections, see file CHANGES
- Drop socat-common-fixes.patch (no longer necessary)
- Refactor socat-ignore-tests-failure-boo1078346.patch (test suite no longer exits at this stage)
- Add socat-test-dhparam fixture (reduce build load and time)
- Add socat-test-without-tty.patch for testing without tty.
- Note: This version introduces "socat1", linking to "socat"
- Note: This version introduces additional shell scripts, those are shipped in a new "socat-extra" subpackage
- Update to 1.7.4.4:
* FIX: In error.c msg2() there was a stack overflow on long messages: The
terminating \0 Byte was written behind the last position.
* FIX: UDP-RECVFROM with fork sometimes terminated when multiple packets
arrived.
* FIX: a couple of weaknesses and errors when accessing invalid or
incompatible file system entries with UNIX domain, file, and generic
addresses.
OBS-URL: https://build.opensuse.org/request/show/1171319
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/socat?expand=0&rev=46
- Update to 1.8.0.0:
* Support for network namespaces (option netns)
* TCP client now automatically tries all addresses (IPv4 and IPv6) provided by nameserver until success
* Implementation of POSIX message queue (mq) control and access on Linux (addresses POSIXMQ-READ and following)
* New wrapper script socat-chain.sh allows to stack two addresses, e.g.HTTP proxy connect over SSL
* New script socat-mux.sh allows n-to-1 / 1-to-n communications
* New script socat-broker.sh allows group communications
* Experimental socks5 client feature
* Address ACCEPT-FD for systemd "inetd" mode
* UDP-Lite and DCCP address types
* Addresses SOCKETPAIR and SHELL
* New option bind-tmpname allows forked off children to bind UNIX domain client sockets to random unique pathes
* New option retrieve-vlan (with INTERFACE addresses) now makes kernel keep VLAN tags in incoming packets
* Simple statistics output with Socat option --statistics and with SIGUSR1
* A couple of new options, many fixes and corrections, see file CHANGES
- Drop socat-common-fixes.patch (no longer necessary)
- Refactor socat-ignore-tests-failure-boo1078346.patch (test suite no longer exits at this stage)
- Add socat-test-dhparam fixture (reduce build load and time)
- Note: This version introduces "socat1", linking to "socat"
- Note: This version introduces additional shell scripts, those are shipped in a new "socat-extra" subpackage
OBS-URL: https://build.opensuse.org/request/show/1171181
OBS-URL: https://build.opensuse.org/package/show/network:utilities/socat?expand=0&rev=63
- Update to 1.7.4.4:
* FIX: In error.c msg2() there was a stack overflow on long messages: The
terminating \0 Byte was written behind the last position.
* FIX: UDP-RECVFROM with fork sometimes terminated when multiple packets
arrived.
* FIX: a couple of weaknesses and errors when accessing invalid or
incompatible file system entries with UNIX domain, file, and generic
addresses.
* FIX: bad parser error message on "socat /tmp/x\"x/x -"
- Drop socat-fix-asan-error.patch
OBS-URL: https://build.opensuse.org/request/show/1040684
OBS-URL: https://build.opensuse.org/package/show/network:utilities/socat?expand=0&rev=62
- update to 1.7.3.1, security fixes:
* Socat security advisory 7 and MSVR-1499: "Bad DH p parameter in
OpenSSL"
* Socat security advisory 8: "Stack overflow in arguments parser"
- test-suite, use a small but safe subset of all tests
- don't remove "example" scripts from builddir, they are needed for
tests
- remove socat-remove_date.patch, export BUILD_DATE instead
(new feature since 1.7.2.4)
- run tests, don't abort yet
- require tcpd-devel only on SUSE systems at build time
OBS-URL: https://build.opensuse.org/request/show/357374
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/socat?expand=0&rev=31
