Commits
- Commit:
1a04137e1869781efcd635a1abd4387ccfa6e56d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tag 1.8.3 -- "Lightbulb Sun" bugfix release
gmid 1.8.3 "Lightbulb Sun" bugfix release
=========================================
Released March 27, 2022.
signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC
Bug Fixes
~~~~~~~~~
* fix a possible out-of-bound access in the CGI handling. It was
introduced last October during a refactoring, but due to how
many malloc(3) implementations works this hasn't been found
until now. Otto' malloc is more strict fortunately.
- Commit:
62a46b03c6f911f3674d6cb7b77a49bac8efad42
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tag 1.8.2 -- "Lightbulb Sun" bugfix release
gmid 1.8.2 "Lightbulb Sun" bugfix release
=========================================
Released March 26, 2022.
signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC
Bug Fixes
~~~~~~~~~
* fix a CGI timing issue: if a connection handled by a CGI scripts
is interrupted with the right timing it causes the server
process to exit with "fatal in client_by_id: invalid id X".
New Features
~~~~~~~~~~~~
* add a new block `type { ... }' to define mime types mapping.
Improvements
~~~~~~~~~~~~
* use shell built-in `command' instead of which(1), prodded by
cage and Allen Sobot.
* configure script: allow to set MANDIR from cmdline (Allen Sobot)
* add systemd-sysusers sample file in contrib/ (Nakaya)
* [linux/seccomp] allow fstatat64(2), llseek(2) and sigreturn(2),
needed by glibc on armv7. (Tobias Berger)
* [linux/seccomp] tightens rules by allowing openat(2) only with
the O_RDONLY flag.
- Commit:
9db5e7051ebb37a9078e79ca46daf7f8f8f3f963
- From:
- Omar Polo <op@omarpolo.com>
- Date:
get rid of `which` in the configure too
should have been done already in 12fcba2; reminded by Allen Sobot,
thanks!
- Commit:
5f966fbe41a18d9ad1577d659da5990994c851bc
- From:
- Omar Polo <op@omarpolo.com>
- Date:
configure: allow to set MANDIR from args
diff by Allen Sobot (chilledfrogs at disroot dot org), thanks!
- Commit:
f2dbf375a0d3313a64ac69e882291f237f1ba056
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tag 1.8.1 -- "Lightbulb Sun" bugfix release
gmid 1.8.1 "Lightbulb Sun" bugfix release
=========================================
Released Feb 10, 2022.
signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC
Bug fixes
---------
* fix landlock usage on linux: don't assume that access
capabilities not listed are implicitly denied, because they are
not. Mickaël Salaün, the landlock author, found the same error
on game of trees:
> In a nutshell, the ruleset's handled_access_fs is required for
> backward and forward compatibility (i.e. the kernel and user space may
> not know each other's supported restrictions), hence the need to be
> explicit about the denied-by-default access rights.
In practice this affects only linux and only partially: thanks
to the design of the daemon and the seccomp filter the effects
of this mistake in handling landlock are fortunately limited.
However, in theory at least, gmid could be for e.g. tricked into
truncating existing files, so it's highly suggested to update.
Improvements
------------
All by Anna “CyberTailor”, thanks!
* don't skip unit tests when SKIP_RUNTIME_TEST is set
* add `gg' to the regress target dependencies
* fix the "implicit declaration of asprintf" warning
* sync vim syntax
- Commit:
f525aa55b85d7186f701d74b8a62ca7151ab2e9a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
start new release cycle
- Commit:
a14b9f779f14edee7c22e12f1ad8a4ba2d3134df
- From:
- Omar Polo <op@omarpolo.com>
- Date:
prepare 1.8 release
- Commit:
718c0d6c712666889f75be48108c1fe725d0e714
- From:
- Omar Polo <op@omarpolo.com>
- Date:
work around freebsd' printf
printf: Illegal option -i
this is why we can't have nice things, isn't it?
- Commit:
7c956fefc2035666770958e2cfaf278e20e6472a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
track file dependency using -MMD if available
While here, move the SRCS variable to the configure and add the
-includes in Makefile.local; it de-clutters the Makefile a bit.
- Commit:
34c4ca6ebc5e71f50f5f8d52113b47b26573bfa1
- From:
- Omar Polo <op@omarpolo.com>
- Date:
configure: support --prefix=...
It's like passing PREFIX=... on the command line
- Commit:
eb77afa8d308a2f4f422df2ff19f023b5b2cc591
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't run the test binaries, compilation status is enough
During a cross-compilation we can compile the test binaries but not
run in the host machine. Furthermore, the exit status of the test
isn't really important for the types of check we have, the compilation
status is enough.
Reported by Nikolay Korotkiy (@sikmir) on Github, fixes issue #8
- Commit:
93edd35305508c984cbee45594dfa45808373a61
- From:
- Omar Polo <op@omarpolo.com>
- Date:
master is now 1.8-dev
- Commit:
492a274fd712e4589669254be327897868e44812
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add compat for sys/tree.h
- Commit:
efb6210d7745c9466ab9a16f23d1549523428ef7
- From:
- Omar Polo <op@omarpolo.com>
- Date:
improve libevent2 handling
* add configure check
* change the way the headers are required (copied from tmux)
- Commit:
0d9a5b7a181d1456d3aba46ba75a70317d2e7886
- From:
- Omar Polo <op@omarpolo.com>
- Date:
sync release