* Wed Mar 19 2025 Ana Guerrero <ana.guerrero@suse.com>
- Switch to PCRE2
* Tue Sep 24 2024 Jan Engelhardt <jengelh@inai.de>
- Delete /usr/sbin/rc* symlink & specfile housekeeping
- Make atftpd.socket listen on AF_INET6 as well
- Deactivate FORTIFY_SOURCE for the time being due to a glibc bug
* Wed Sep 14 2022 David Anes <david.anes@suse.com>
- Update to version 0.8.0
* test.sh: add MTFTP tests
* Fix MTFTP support for atftp
* Fix multicast download.
* Fix algorithm in case of packet loss in the last window.
* Improve the robustness of the atftp-client in case of package loss or duplication
* Implement PCRE tests.
* Improve upstream test script. Include tests for windowsize option.
* Fix/update minor issues in upstream
* Fix the 'windowsize' option for write requests
* FAQ INSTALL README.CVS README.PCRE: cosmetic and spelling fixes
* *.h: cosmetic and spelling fixes
* configure.ac: more fixes, also for libpcre2 detection
* Port to maintained PCRE2 API
* Changelog: update the recent changes
* autoconf: modify autogen.sh
* atftp.1: add more examples for options
* Add a simple congestion control
* Do some cosmetic changes
* Add windowsize option as described in RFC7440
* Thu Sep 01 2022 Stefan Schubert <schubi@suse.com>
- Migration to /usr/etc: Saving user changed configuration files
in /etc and restoring them while an RPM update.
* Tue Jun 28 2022 Stefan Schubert <schubi@intern>
- Moved logrotate files from user specific directory /etc/logrotate.d
to vendor specific directory /usr/etc/logrotate.d.
* Wed Sep 15 2021 Pedro Monreal <pmonreal@suse.com>
- Update to version 0.7.5 [bsc#1190522, CVE-2021-41054]
* text files: mark/convert all textfiles to UTF-8
* fix some compiler warnings
* fix buffer overflow in atftpd (CVE-2021-41054)
* test.sh: check for root no longer necessary
* tftpd.c: Only drop privs if requested or running as root + check for failure
* fix invalid read of 1 byte in tftp_send_request.
* Check return value of fseek(), abort if != 0
* options.c: Proper fix for the read-past-end-of-array
* configure.ac: Add -std=gnu89 if gcc/clang is detected
* tftpd.c: Fix memleak if thread spawning fails
* atftp: Check return value of fgets, buffer might be uninitialized on NULL
* Fix check for argz support (HAVE_ARGZ -> HAVE_ARGZ_H)
* replace LICENSE with current version
* Remove patches fixed upstream:
- atftp-0.7-sorcerers_apprentice.patch
- atftp-0.7-server_receive_race.patch
- atftp-0.7-ack_heuristic.patch
* Rebase patches:
- atftp-drop_privileges_non-daemon.patch
- atftp-0.7-default_dir_man.patch
- atftp-0.7-default_user_man.patch
* Tue Sep 14 2021 Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s) (bsc#1181400). Modified:
* atftpd.service
* Tue May 25 2021 Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 0.7.4
* fix compile, missing include
* fix compile, add missing defines
* link against libpthread for atftp
* fixed atftp fails to write to /proc/self/fd/1
* Fix for DoS issue CVE-2020-6097
* remove inline keyword from definitions
* remove extern inlines
* sys/cdefs usage
- Drop fixed atftp-CVE-2020-6097.patch
* Thu Jan 21 2021 Thorsten Kukuk <kukuk@suse.com>
- Use system wide tftp user/group, don't create them again
* Wed Oct 21 2020 Pedro Monreal <pmonreal@suse.com>
- Security fix: [bsc#1176437, CVE-2020-6097]
* A specially crafted sequence of RRQ-Multicast requests can
trigger an assert() call resulting denial-of-service.
- Add atftp-CVE-2020-6097.patch