Marcus Meissner
b0cbc9b8f9
OBS-URL: https://build.opensuse.org/package/show/network:utilities/socat?expand=0&rev=64
423 lines
17 KiB
Plaintext
423 lines
17 KiB
Plaintext
-------------------------------------------------------------------
|
||
Wed May 1 18:50:03 UTC 2024 - Georg Pfuetzenreuter <mail+rpm@georg-pfuetzenreuter.net>
|
||
|
||
- Update to 1.8.0.0:
|
||
* Support for network namespaces (option netns)
|
||
* TCP client now automatically tries all addresses (IPv4 and IPv6) provided by nameserver until success
|
||
* Implementation of POSIX message queue (mq) control and access on Linux (addresses POSIXMQ-READ and following)
|
||
* New wrapper script socat-chain.sh allows to stack two addresses, e.g.HTTP proxy connect over SSL
|
||
* New script socat-mux.sh allows n-to-1 / 1-to-n communications
|
||
* New script socat-broker.sh allows group communications
|
||
* Experimental socks5 client feature
|
||
* Address ACCEPT-FD for systemd "inetd" mode
|
||
* UDP-Lite and DCCP address types
|
||
* Addresses SOCKETPAIR and SHELL
|
||
* New option bind-tmpname allows forked off children to bind UNIX domain client sockets to random unique pathes
|
||
* New option retrieve-vlan (with INTERFACE addresses) now makes kernel keep VLAN tags in incoming packets
|
||
* Simple statistics output with Socat option --statistics and with SIGUSR1
|
||
* A couple of new options, many fixes and corrections, see file CHANGES
|
||
|
||
- Drop socat-common-fixes.patch (no longer necessary)
|
||
- Refactor socat-ignore-tests-failure-boo1078346.patch (test suite no longer exits at this stage)
|
||
- Add socat-test-dhparam fixture (reduce build load and time)
|
||
- Add socat-test-without-tty.patch for testing without tty.
|
||
|
||
- Note: This version introduces "socat1", linking to "socat"
|
||
- Note: This version introduces additional shell scripts, those are shipped in a new "socat-extra" subpackage
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Dec 6 13:46:41 UTC 2022 - Paolo Stivanin <info@paolostivanin.com>
|
||
|
||
- Update to 1.7.4.4:
|
||
* FIX: In error.c msg2() there was a stack overflow on long messages: The
|
||
terminating \0 Byte was written behind the last position.
|
||
* FIX: UDP-RECVFROM with fork sometimes terminated when multiple packets
|
||
arrived.
|
||
* FIX: a couple of weaknesses and errors when accessing invalid or
|
||
incompatible file system entries with UNIX domain, file, and generic
|
||
addresses.
|
||
* FIX: bad parser error message on "socat /tmp/x\"x/x -"
|
||
- Drop socat-fix-asan-error.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Apr 13 07:41:15 UTC 2022 - Martin Liška <mliska@suse.cz>
|
||
|
||
- Use autosetup
|
||
- Add socat-fix-asan-error.patch that is offered to upstream
|
||
and that fixes an ASAN error seen for 'test 313 NESTEDOVFL'.
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Jan 22 20:54:21 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||
|
||
- update to 1.7.4.3:
|
||
* fixes the TCP_INFO issue that broke building on non-Linux platforms.
|
||
* building on AIX works again.
|
||
* A few more corrections and improvements have been added
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Nov 1 18:46:42 UTC 2021 - Martin Hauke <mardnh@gmx.de>
|
||
|
||
- Update to version 1.7.4.2:
|
||
* Fixes a lot of bugs, e.g., for options -r and -R.
|
||
* Further bugfixes, see the CHANGES file
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 11 22:24:07 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
||
|
||
- update to 1.7.4.1:
|
||
Security:
|
||
* Buffer size option (-b) is internally doubled for CR-CRLF conversion,
|
||
but not checked for integer overflow. This could lead to heap based buffer
|
||
overflow, assuming the attacker could provide this parameter.
|
||
* Many further bugfixes and new features, see the CHANGES file
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Apr 17 06:58:23 UTC 2020 - Martin Pluskal <mpluskal@suse.com>
|
||
|
||
- Update to version 1.7.3.4:
|
||
* bugfix release, see the CHANGES file for all changes
|
||
- Refresh patches:
|
||
* socat-common-fixes.patch
|
||
* socat-ignore-tests-failure-boo1078346.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 4 12:41:58 UTC 2020 - Marcus Meissner <meissner@suse.com>
|
||
|
||
- socat-common-fixes.patch: include tcpd.h where needed to fix
|
||
-fno-common bsc#1160293
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Apr 6 13:34:11 UTC 2019 - Martin Hauke <mardnh@gmx.de>
|
||
|
||
- Update to version 1.7.3.3:
|
||
* bugfix release, see the CHANGES file for all changes
|
||
- Drop patch:
|
||
* socat-openssl-1.1-tests.patch (not longer needed)
|
||
- Run spec-cleaner
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Sep 10 12:14:48 UTC 2018 - Jan Engelhardt <jengelh@inai.de>
|
||
|
||
- Replace old variables by modern counterparts.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Aug 30 16:32:32 UTC 2018 - crrodriguez@opensuse.org
|
||
|
||
- We HAVE_SSLv23_*_method, just not as functions, but macros
|
||
add the relevant defines in the command line so support for
|
||
autonegotiation of the highest TLS version is restored.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 3 13:53:32 CEST 2018 - kukuk@suse.de
|
||
|
||
- Use %license instead of %doc [bsc#1082318]
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Feb 2 06:50:32 UTC 2018 - normand@linux.vnet.ibm.com
|
||
|
||
- Add socat-ignore-tests-failure-boo1078346.patch
|
||
flaky test failures PowerPC and s390 , bypass boo#1078346
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Aug 17 13:42:49 UTC 2017 - meissner@suse.com
|
||
|
||
- socat-openssl-1.1-tests.patch: make tests work on openssl1. (bsc#1042674)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 10 14:56:19 UTC 2017 - sweet_f_a@gmx.de
|
||
|
||
- update to 1.7.3.2, bug fixes:
|
||
* fixes uninterruptable hang / CPU loop on host resolution
|
||
problems
|
||
* some compile problems, and lots of other bugs and porting
|
||
issues
|
||
- remove fix-linux-errqueue.h-not-found.patch, this build issue
|
||
was fixed by upstream
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 2 12:19:40 UTC 2016 - sweet_f_a@gmx.de
|
||
|
||
- update to 1.7.3.1, security fixes:
|
||
* Socat security advisory 7 and MSVR-1499: "Bad DH p parameter in
|
||
OpenSSL" (bnc#938913 and CVE-2015-4000).
|
||
* Socat security advisory 8: "Stack overflow in arguments parser"
|
||
(bnc#964844)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 20 05:54:10 UTC 2015 - sweet_f_a@gmx.de
|
||
|
||
- test-suite, use a small but safe subset of all tests
|
||
- don't remove "example" scripts from builddir, they are needed for
|
||
tests
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 14 15:57:19 UTC 2015 - sweet_f_a@gmx.de
|
||
|
||
- remove socat-remove_date.patch, export BUILD_DATE instead
|
||
(new feature since 1.7.2.4)
|
||
- run tests, don't abort yet
|
||
- require tcpd-devel only on SUSE systems at build time
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Mar 25 15:29:21 UTC 2015 - p.drouand@gmail.com
|
||
|
||
- Update to version 1.7.3.0
|
||
* Too many changes to list; please read the CHANGES file for news
|
||
- Remove redundant %clean section
|
||
- Update fix-linux-errqueue.h-not-found.patch and socat-remove_date.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Oct 25 06:53:21 UTC 2014 - coolo@suse.com
|
||
|
||
- correctly apply the patch
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Oct 24 10:02:01 UTC 2014 - javier@opensuse.org
|
||
|
||
- Add fix-linux-errqueue.h-not-found.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 11 07:05:34 UTC 2014 - meissner@suse.com
|
||
|
||
- updated to 1.7.2.4: minor bugfixes:
|
||
This version contains fixes for most of the bugs and porting issues
|
||
reported or found in more than two years.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 3 19:35:45 UTC 2014 - andreas.stieger@gmx.de
|
||
|
||
- mention patch in changelog entry, annotate patch
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Feb 02 10:09:04 UTC 2014 - pascal.bleser@opensuse.org
|
||
|
||
- update to 1.7.2.3: security fix:
|
||
* CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer
|
||
overflow with data from command line (see socat-secadv5.txt)
|
||
- added esocat-remove_date.patch to prevent unneccessary rebuilds,
|
||
fixes W: file-contains-date-and-time
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 28 13:27:12 UTC 2013 - meissner@suse.com
|
||
|
||
- updated to 1.7.2.2
|
||
This release fixes a security issue: Under certain circumstances,
|
||
an FD leak occurs and may be misused for denial-of-service attacks
|
||
against socat running in server mode (CVE-2013-3571)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 4 11:20:27 UTC 2013 - cfarrell@suse.com
|
||
|
||
- license update: SUSE-GPL-2.0-with-openssl-exception and MIT
|
||
See README
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Mar 2 08:13:52 UTC 2013 - coolo@suse.com
|
||
|
||
- update license to new format
|
||
|
||
-------------------------------------------------------------------
|
||
Fri May 25 14:15:08 UTC 2012 - meissner@suse.com
|
||
|
||
- udapted to 1.7.2.1
|
||
security fix for READLINE bnc#759859
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Dec 21 10:31:49 UTC 2011 - coolo@suse.com
|
||
|
||
- remove call to suse_update_config (very old work around)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Dec 7 17:49:55 CET 2011 - meissner@suse.de
|
||
|
||
- updated to 1.7.2.0
|
||
This release allows tun/tap interfaces without IP addresses and
|
||
introduces the options openssl-compress and max-children. It fixes 18
|
||
bugs and has 11 changes for improved platform support, especially Mac
|
||
OS X Lion, DragonFly, and Android.
|
||
- socat-unixsalen.patch now upstream.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Feb 2 18:23:27 CET 2011 - meissner@suse.de
|
||
|
||
- Handle case where a AF_LOCAL socket has no name. bnc#668319
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 2 08:31:55 UTC 2010 - pascal.bleser@opensuse.org
|
||
|
||
- update to 1.7.3:
|
||
* a stack overflow vulnerability has been fixed that could be triggered when command line arguments were longer than 512 bytes
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 11 08:24:32 UTC 2010 - pascal.bleser@opensuse.org
|
||
|
||
- upgraded to 1.7.1.2:
|
||
+ fixes OpenSSL "nonblock" failure
|
||
+ fixes 64-bit issues and some minor bugs
|
||
|
||
- changes from 1.7.1.1:
|
||
+ fixes a couple of bugs, some of which could crash socat under some
|
||
circumstances
|
||
|
||
- changes from 1.7.1.0:
|
||
+ provides a few new address options to better control its closing behavior
|
||
|
||
- changes from 1.7.0.1:
|
||
* fixes a possible SIGSEGV in listening addresses
|
||
* fixes client connections with option connect-timeout failed when the
|
||
connections succeeded
|
||
* fixes the option end-close "did not apply" to some addresses
|
||
* half close of EXEC and SYSTEM addresses might have failed for pipes and
|
||
socketpair
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 16 09:56:41 CEST 2008 - meissner@suse.de
|
||
|
||
- upgraded to 1.7.0.0
|
||
- support for SCTP stream sockets, raw interface, and generic sockets.
|
||
- A new option escape allows it to interrupt raw terminal connections.
|
||
- Listening and receiving sockets can set a couple of environment variables.
|
||
- Base control of System V STREAMS has been added.
|
||
- Many corrections were performed.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 11 10:24:33 CET 2008 - lmuelle@suse.de
|
||
|
||
- Update to version 1.6.0.1.
|
||
+ exec:...,pty did not kill child process under some circumstances; fixed
|
||
by correcting typo in xio-progcall.c
|
||
+ service name resolution failed due to byte order mistake
|
||
+ socat would hang when invoked with many file descriptors already opened
|
||
fix: replaced FOPEN_MAX with FD_SETSIZE
|
||
+ fixed bugs where sub processes would become zombies because the master
|
||
process did not catch SIGCHLD. this affected addresses UDP-LISTEN,
|
||
UDP-CONNECT, TCP-CONNECT, OPENSSL, PROXY, UNIX-CONNECT, UNIX-CLIENT,
|
||
ABSTRACT-CONNECT, ABSTRACT-CLIENT, SOCKSA, SOCKS4A
|
||
+ fixed a bug where sub processes would become zombies because the master
|
||
process caught SIGCHLD but did not wait(). this affected addresses
|
||
UDP-RECVFROM, IP-RECVFROM, UNIX-RECVFROM, ABSTRACT-RECVFROM
|
||
+ corrected option handling with STDIO; usecase: cool-write
|
||
+ configure --disable-pty also disabled option waitlock
|
||
+ fixed small bugs on systems with struct ip_mreq without struct ip_mreqn
|
||
- Update to version 1.6.0.0.
|
||
+ new addresses IP-DATAGRAM and UDP-DATAGRAM allow versatile broadcast
|
||
and multicast modes
|
||
+ new option ip-add-membership for control of multicast group membership
|
||
+ new address TUN for generation of Linux TUN/TAP pseudo network
|
||
interfaces (suggested by Mat Caughron); associated options tun-device,
|
||
tun-name, tun-type; iff-up, iff-promisc, iff-noarp, iff-no-pi etc.
|
||
+ new addresses ABSTRACT-CONNECT, ABSTRACT-LISTEN, ABSTRACT-SENDTO,
|
||
ABSTRACT-RECV, and ABSTRACT-RECVFROM for abstract UNIX domain addresses
|
||
on Linux (requested by Zeeshan Ali); option unix-tightsocklen controls
|
||
socklen parameter on system calls.
|
||
+ option end-close for control of connection closing allows FD sharing
|
||
by sub processes
|
||
+ range option supports form address:mask with IPv4
|
||
+ changed behaviour of SSL-LISTEN to require and verify client
|
||
certificate per default
|
||
+ options f-setlkw-rd, f-setlkw-wr, f-setlk-rd, f-setlk-wr allow finer
|
||
grained locking on regular files
|
||
+ fixed bug where only first tcpwrap option was applied; fixed bug where
|
||
tcpwrap IPv6 check always failed
|
||
and fixing this bug)
|
||
+ filan (and socat -D) could hang when a socket was involved
|
||
+ corrected PTYs on HP-UX (and maybe others) using STREAMS
|
||
+ correct bind with udp6-listen
|
||
+ corrected filan.c peekbuff[0] which did not compile with Sun Studio Pro
|
||
+ corrected problem with read data buffered in OpenSSL layer
|
||
+ corrected problem with option readbytes when input stream stayed idle
|
||
after so many bytes
|
||
+ fixed a bug where a datagram receiver with option fork could fork two
|
||
sub processes per packet
|
||
- Don't call test.sh as it doesn't pass if called as non root.
|
||
- Don't remove the buildroot in the install section.
|
||
- Remove patch as linux/fs.h is included if HAVE_LINUX_FS_H is available.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Mar 22 10:18:31 CET 2007 - ssommer@suse.de
|
||
|
||
- fix build with newer kernel headers:
|
||
some common FS-specific ioctls moved to linux/fs.h
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 17 12:43:39 CEST 2006 - lmuelle@suse.de
|
||
|
||
- Update to version 1.5.0.0.
|
||
+ new datagram modes for udp, rawip, unix domain sockets
|
||
+ socat option -T specifies inactivity timeout
|
||
+ rewrote lexical analysis to allow nested socat calls
|
||
+ addresses tcp, udp, tcp-l, udp-l, and rawip now support IPv4 and IPv6
|
||
+ socat options -4, -6 and environment variables SOCAT_DEFAULT_LISTEN_IP,
|
||
SOCAT_PREFERRED_RESOLVE_IP for control of protocol selection
|
||
+ addresses ssl, ssl-l, socks, proxy now support IPv4 and IPv6
|
||
+ option protocol-family (pf), esp. for openssl-listen
|
||
+ range option supports IPv6 - syntax: range=[::1/128]
|
||
+ option ipv6-v6only (ipv6only)
|
||
+ new tcp-wrappers options allow-table, deny-table, tcpwrap-etc
|
||
+ FIPS version of OpenSSL can be integrated - initial patch provided by
|
||
David Acker. See README.FIPS
|
||
+ support for resolver options res-debug, aaonly, usevc, primary, igntc,
|
||
recurse, defnames, stayopen, dnsrch
|
||
+ options for file attributes on advanced filesystems (ext2, ext3,
|
||
reiser): secrm, unrm, compr, ext2-sync, immutable, ext2-append, nodump,
|
||
ext2-noatime, journal-data etc.
|
||
+ option cool-write controls severeness of write failure (EPIPE,
|
||
ECONNRESET)
|
||
+ option o-noatime
|
||
+ socat option -lh for hostname in log output
|
||
+ traffic dumping provides packet headers
|
||
+ configure.in became part of distribution
|
||
+ socats unpack directory now has full version, e.g. socat-1.5.0.0/
|
||
+ corrected docu of option verify
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 25 21:41:44 CET 2006 - mls@suse.de
|
||
|
||
- converted neededforbuild to BuildRequires
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 26 15:20:20 CEST 2005 - uli@suse.de
|
||
|
||
- disabled test on ARM (hangs QEMU)
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Mar 20 20:14:32 CET 2005 - lmuelle@suse.de
|
||
|
||
- Update to version 1.4.2.0.
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Dec 12 15:51:50 CET 2004 - lmuelle@suse.de
|
||
|
||
- Update to version 1.4.1.0.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 26 23:18:18 CEST 2004 - lmuelle@suse.de
|
||
|
||
- Update to version 1.4.0.3.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Sep 27 00:26:39 CEST 2004 - lmuelle@suse.de
|
||
|
||
- Update to version 1.4.0.2.
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Aug 28 15:33:21 CEST 2004 - lmuelle@suse.de
|
||
|
||
- Add readline.sh to the examples.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 27 16:25:49 CEST 2004 - lmuelle@suse.de
|
||
|
||
- Update to version 1.4.0.1.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jun 14 15:21:13 CEST 2004 - lmuelle@suse.de
|
||
|
||
- Add openssl-devel, readline-devel, and tcpd-devel to neededforbuild/
|
||
BuildRequires.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jun 14 12:30:55 CEST 2004 - lmuelle@suse.de
|
||
|
||
- Inital SuSE RPM based on source tar ball spec file.
|