X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=ChangeLog;h=0e24da7b5229975354ef9ba7f1b4090e2e65ff9c;hb=refs%2Fheads%2Fproxy-state;hp=8758650f8fb3a977644b9ac749430716a6f6ea41;hpb=40e8d53c3878a24f78b2a7d5b359b7bfbefb6f59;p=radsecproxy.git diff --git a/ChangeLog b/ChangeLog index 8758650..0e24da7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,44 @@ -2011-04-27 1.6 +Changes between 1.6.2 and the master branch + + Enhancements: + - Threads are allocated with a 32 KB stack rather than what + happens to be the default. Patch by Fabian Mauchle. + - On systems with mallopt(3), freed memory is returned to the + system more aggressively. Patch by Fabian Mauchle. + + Bug fixes: + - radsecproxy-hash(1) no longer prints the hash four times. + Reported by Simon Lundström and jocar. + - Escaped slashes in regular expressions now works. Reported by + Duarte Fonseca. (RADSECPROXY-51) + - The duplication cache is purged properly. Patch by Fabian + Mauchle. + - Stop freeing a shared piece of memory manifesting itself as a + crash when using dynamic discovery. Patch by Fabian Mauchle. + - Closing and freeing TLS clients properly. Patch by Fabian + Mauchle. + - Timing out on TLS clients not closing the connection properly. + Patch by Fabian Mauchle. + +2012-10-25 1.6.2 + Bug fixes (security): + - Fix the issue with verification of clients when using multiple + 'tls' config blocks (RADSECPROXY-43) for DTLS too. Fixes + CVE-2012-4566 (CVE id corrected 2012-11-01, after the release of + 1.6.2). Reported by Raphael Geissert. + +2012-09-14 1.6.1 + Bug fixes (security): + - When verifying clients, don't consider config blocks with CA + settings ('tls') which differ from the one used for verifying the + certificate chain. Reported by Ralf Paffrath. (RADSECPROXY-43, + CVE-2012-4523). + + Bug fixes: + - Make naptr-eduroam.sh check NAPTR type case insensitively. + Fix from Adam Osuchowski. + +2012-04-27 1.6 Incompatible changes: - The default shared secret for TLS and DTLS connections change from "mysecret" to "radsec" as per draft-ietf-radext-radsec-12