Revisions of keepalived
- Make sure we pull in the libraries we need for dlopen, by following the symlinks from the .so symlinks with the requires_file macro.
buildservice-autocommit
accepted
request 867084
from
Dirk Mueller (dirkmueller)
(revision 65)
baserev update by copy to link target
- Update to 2.2.1 https://www.keepalived.org/release-notes/Release-2.2.1.html https://www.keepalived.org/release-notes/Release-2.2.0.html https://www.keepalived.org/release-notes/Release-2.1.5.html https://www.keepalived.org/release-notes/Release-2.1.4.html https://www.keepalived.org/release-notes/Release-2.1.3.html https://www.keepalived.org/release-notes/Release-2.1.2.html https://www.keepalived.org/release-notes/Release-2.1.1.html https://www.keepalived.org/release-notes/Release-2.1.0.html - enable systemd integration via libsystemd (new BR: libsystemd) - switch to systemd_ordering instead of systemd_requires - sync configure options with the configure script
buildservice-autocommit
accepted
request 784642
from
Tomáš Chvátal (scarabeus_iv)
(revision 63)
baserev update by copy to link target
Fix encoding error in changes file
buildservice-autocommit
accepted
request 746145
from
Tomáš Chvátal (scarabeus_iv)
(revision 61)
baserev update by copy to link target
- new BR pkgconfig(libnftnl) to fix nftables support - update to 2.0.19 Fix minor IPVS features support. Extend BFD to support more than one BFD instance with a neighnour. Extend nftable support. Script timeout extension. Properly filter IGMP/MLD packets on VMAC interface. Refer to ChangeLog for more infos. https://keepalived.org/changelog.html - changes from 2.0.18 Add support to IPVS new GUE tunnel type. New feature 'weight reverse' available in all trackers. Resolve all outstanding coverity issues. Some fixes and performance extensions. Refer to ChangeLog for more infos. https://keepalived.org/changelog.html
buildservice-autocommit
accepted
request 718020
from
Tomáš Chvátal (scarabeus_iv)
(revision 59)
baserev update by copy to link target
Update to 2.0.17
buildservice-autocommit
accepted
request 695462
from
Tomáš Chvátal (scarabeus_iv)
(revision 57)
baserev update by copy to link target
- added systemd-after-snmp.patch: If you want to use the snmp support the masterx socket needs be available otherwise the snmp support is broken strictly speaking we would need to use BindsTo= here but that would require that add a Requires for net-snmp to the keepalived package. to be discussed. - update to 2.0.15
buildservice-autocommit
accepted
request 691307
from
Lars Vogdt (lrupp)
(revision 55)
baserev update by copy to link target
- add buildrequires for file-devel - used in the checker to verify scripts - update to 2.0.14
buildservice-autocommit
accepted
request 687165
from
Tomáš Chvátal (scarabeus_iv)
(revision 53)
baserev update by copy to link target
- update to 2.0.13
buildservice-autocommit
accepted
request 667290
from
Tomáš Chvátal (scarabeus_iv)
(revision 51)
baserev update by copy to link target
- fix build on 42.3/sle12 by disabling http regexp check support - add nftables to the BR - cleanup BR support for sle11, moved almost all BR to pkgconfig style - disable dbus instance creation support as it is marked as dangerous - update to 2.0.11
buildservice-autocommit
accepted
request 652407
from
Tomáš Chvátal (scarabeus_iv)
(revision 49)
baserev update by copy to link target
- update to 2.0.10 - Fix compiling on Alpine Linux. - Stop printf compiler warning on Alpine Linux due to rlim_t. - manpage cosmetic. - Fix removing snmpd read threads when snmpd becomes unavailable. - Update to support libipset version 7. - Use ipset_printf for ipset messages so can go to log. - When opening files for write, ensure files can only be read by root. Issue #1048 referred to CVE-2018-19046 regarding files used for debugging purposes could potentially be read by non root users. This commit ensures that such log files cannot be opened by non root users. - Disable fopen_safe() append mode by default If a non privileged user creates /tmp/keepalived.log and has it open for read (e.g. tail -f), then even though keepalived will change the owner to root and remove all read/write permissions from non owners, the application which already has the file open will be able to read the added log entries. Accordingly, opening a file in append mode is disabled by default, and only enabled if --enable-smtp-alert-debug or --enable-log-file (which are debugging options and unset by default) are enabled. This should further alleviate security concerns related to CVE-2018-19046. - vrrp: add support to constant time memcmp. Just an update to use best practise security design pattern. While comparing password or hmac you need to ensure comparison function is time constant in order to figth against any timing attacks. We turn off potential compiler optimizations for this particular function to avoid any short circuit. - Make sure a non privileged user cannot read keepalived file output Ensure that when a file such as /tmp/keepalived.data is written, no non privileged can have a previous version of that file already open, thereby allowing them to read the data. This should fully resolve CVE-2018-19046. - drop b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch: included in update
- update to 2.0.9
Displaying revisions 21 - 40 of 86