Package Release Info

inn-2.6.5-bp155.1.38

Update Info: Base Release
Available in Package Hub : 15 SP5

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

inn
inn-devel
mininews

Change Logs

* Thu Jul 14 2022 Michael Ströder <michael@stroeder.com>
- Update to version 2.6.5:
  * A new step in INN development has been achieved with the migration of
    the INN project to GitHub.
  * An up-to-date nocem.ctl file is provided with this release.  You
    should manually update your nocem.ctl file with the new information
    recorded about NoCeM issuers, and make sure the right PGP keys are
    present on your system.
  * Up-to-date control.ctl and moderators files are provided with this
    release.  You should manually update them (notably for the fido7.*
    hierarchy).
  * Added a stricter validation of article numbers given in NNTP commands
    so that numbers superior to 2^31 are correctly considered invalid.
    Thanks to Richard Kettlewell for the patch.
  * Added a check in rc.news for the existence of the *pathrun* directory.
    INN won't start until this directory is writable.  Previously, it
    bailed out quickly after starting, without clear logs about why it
    failed.
  * Fixed parallel builds using "make -j".  Thanks to Richard Kettlewell
    for the path.
  * nnrpd now properly gathers timer statistics when a compression layer
    is active.
  * nnrpd now properly discards data received from a news client after a
    timeout when a TLS layer is active.  It previously tried to read
    incoming data before closing the socket, leading to decoding errors
    from an underlying compression or SASL layer.
  * innfeed and ovdb_stat now generate status reports in valid HTML
    syntax.
  * Fixed a bug in the buffindexed overview that prevented it from working
    on several systems, amongst them FreeBSD.  Unsupported, and useless,
    permission bits were given to semaphores.
  * Fixed the detection of library paths at configure time: multilib
    directories (lib32 or lib64) are now also used if they exist, even it
    the system does not use multilib.  It will notably fix the detection
    of the OpenSSL 3.0.0 library.
  * The *tlscertfile* parameter in inn.conf now permits the use of a
    complete certificate chain, instead of necessarily having to use
  * tlscafile* for additional certificates.
  * Added support for the new OpenSSL 3.0.0 API, which deprecated a few
    functions.
  * The inn.conf default value for *tlsprotocols* no longer contains TLS
    versions 1.0 and 1.1, which have been deprecated by RFC 8996.
  * A new inn.conf parameter has been added to tune the length of the
    queue of pending connections to innd, nnrpd and the "ovdb" overview
    storage method: the *maxlisten* parameter now permits configuring
    their listen backlog, whose previously hard-coded values were 128 for
    nnrpd and 25 for the others, which was not high enough for some uses.
    The default value is now 128 for all of them, and configurable in
    inn.conf.  Thanks to Kevin Bowling for the patch.
  * The name of seven man pages for routines built in libinn(3) are now
    prefixed with libinn_ so as not to consume namespace and conflict with
    other packages (notably, the list(3) and uwildmat(3) man pages are now
    named libinn_list(3) and libinn_uwildmat(3)).
  * Other minor bug fixes and documentation improvements, notably a
    revised installation checklist and a section summarizing the most used
    configuration at the beginning of a few complex man pages.
- delete inn-2.6.4.diff patch
- add inn-2.6.5.diff patch instead
* Wed Dec 01 2021 Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 2.6.4:
  + Bug Fix: nnrpd now adapts the length of the DH parameter used
    during a DHE key exchange so as to comply with the security
    level OpenSSL 1.1.0 or later expects.
  + New Features:
  * Added support for systemd notifications and socket
    activation. Use of more features provided by systemd,
    including more notifications, will come in future releases.
  * cnfsstat now also returns information about retired CNFS
    buffers: buffers mentioned in cycbuff.conf as a cycbuff but
    not declared in a metacycbuff.
  * Switch default innreport behaviour to the common practice of
    externalizing CSS into a separate file. Its name can be
    configured with the html_css_url parameter in innreport.conf.
    If this parameter is unset, the default innreport.css file
    name will be used and innreport will generate this CSS file
    for you. Previously generated reports are kept untouched,
    though, and will still contain inline CSS if you had not
    already set the html_css_url parameter in previous INN
    versions.
  * sm can now read and store any number of articles given in
    wire format on its standard input when both -s and -R are
    used. Only native format was previously possible.
  * Added new -a flag to rnews to disallow, if needed, the use of
    additional unpackers from the rnews.libexec sub-directory of
    pathbin (as set in inn.conf); only rnews and cunbatch will
    then be recognized as valid batch commands.
  * Added new -b flag to rnews to save rejected articles in the
    bad sub-directory of pathincoming (as set in inn.conf).
    Otherwise, rnews just logs and discards any articles that are
    rejected or cannot be parsed for some reason.
  * Added new -d flag to rnews to log via syslog the message-ID
    and the Path header body of each article rejected as a
    duplicate.
  * Added new --enable-hardening-flags configure-time option,
    enabled by default, to use hardening build flags like -fPIE
    and -fstack-protector-strong. This option can easily be
    disabled if the compiler or the platform does not support
    them well. More hardening build flags will eventually be
    added in future releases.
- Rename inn-2.6.3.diff to inn-2.6.4.diff.
- Use url in sources as far as possible.
* Wed Sep 22 2021 Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s) (bsc#1181400). Modified:
  * inn.service
Version: 2.6.3-bp154.1.78
* Mon Jul 12 2021 Steve Kowalik <steven.kowalik@suse.com>
- Switch BuildRequires to python3-devel, to build using Python 3.
* Sun Dec 20 2020 Callum Farmer <gmbr3@opensuse.org>
- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
* Mon Nov 09 2020 mls@suse.de
- rename the list.3 manpage to list-inn.3 as it conflicts with the
  list.3 manpage from the man-pages 5.09 package [bnc#1178534]
* Sun Jun 14 2020 Lars Vogdt <lars@linux-schulserver.de>
- update to inn-2.6.3
  + Fixed the selection of the elliptic curve to use with OpenSSL 1.1.0 or
    later; NIST P-256 was enforced instead of using the most secure curve.
  + A new inn.conf parameter has been added to fine-tune the cipher suites
    to use with TLS 1.3:  the *tlsciphers13* now permits configuring them.
    A separate cipher suite configuration parameter is needed for TLS 1.3
    because TLS 1.3 cipher suites are not compatible with TLS 1.2, and
    vice-versa.  In order to avoid issues where legacy TLS 1.2 cipher
    suite configuration configured in the *tlsciphers* parameter would
    inadvertently disable all TLS 1.3 cipher suites, the inn.conf
    configuration has been separated out.
  + Fixed a regression since INN 2.6.1 that prevented articles with
    internationalized header fields (that is to say encoded in UTF-8) from
    being posted.
  + Support for Python 3 has been added to INN.  Embedded Python filtering
    and authentication hooks for innd and nnrpd can now use version 3.3.0
    or later of the Python interpreter.  In the 2.x series, version 2.3.0
    or later is still supported.
  + When configuring INN with the --with-python flag, the "PYTHON"
    environment variable, when set, is used to select the interpreter to
    embed.  Otherwise, it is searched in standard paths.
  + In case you change the Python interpreter to embed, make sure that the
    Python scripts you use are written in the expected syntax for that
    version of the Python interpreter.  Notably, buffer objects have been
    replaced with memoryview objects in Python 3, and UTF-8 encoding now
    really matters for string literals (Python 3 uses bytes and Unicode
    objects).
  + INN documentation and samples of Python hooks have been updated to
    provide more examples.
  + When a Python or Perl filter hook rejects an article, innd now
    mentions the reason in response to CHECK and TAKETHIS commands.
    Previously, the reason was given only for the IHAVE command.
  + nnrpd now properly logs the hostname of clients whose connection
    failed owing to an issue during the negotiation of a TLS session or
    high load average.
- renamed and refreshed inn-2.6.2.diff to inn-2.6.3.diff
- fix upstream URL
- (build)require openssl-devel and python-devel and build with
  - -with-python and --with-openssl support
- remove outdated/unknown configure options:
  - -enable-dual-socket, --enable-ipv6 and --with-etc-dir
- use 'Development/Languages/C and C++' as RPM group for the -devel
  package
- require appropriate -devel packages for -devel package installs
* Thu Jun 11 2020 Paolo Stivanin <info@paolostivanin.com>
- Add -fcommon to allow building against GCC10
Version: 2.6.2-bp152.2.8.1
* Thu May 27 2021 mls@suse.de
- change user to news before calling innupgrade
  [bnc#1182321] [CVE-2021-31998]
Version: 2.6.2-bp152.1.51
* Tue Sep 10 2019 Christophe Giboudeaux <christophe@krop.fr>
- Use -ffat-lto-objects when building static libraries.
* Fri Dec 14 2018 mls@suse.de
- update to inn-2.6.2
  * support for compressed newsfeeds
  * many bug fixes and documentation improvements
  * dropped patch: inn-2.5.4.diff
  * new patch: inn-2.6.2.diff
- use native systemd service [#1116017]
  * new file: inn.service
Version: 2.5.4-bp151.4.6.1
* Fri Jul 24 2020 mls@suse.de
- change file owners in /usr/lib/news to root
  [bnc#1172573] [CVE-2020-8026]
Version: 2.5.4-bp151.4.3.1
* Fri Jan 24 2020 mls@suse.de
- change user to news before touching files in /var/log/news
  [bnc#1154302] [CVE-2019-3692]
Version: 2.5.4-bp150.2.5
* Tue Feb 21 2017 kukuk@suse.de
- Add directories formerly owned by filesystem
- Require group and user news
- Require group uucp
* Wed Oct 26 2016 kukuk@suse.de
- Fix tmpfiles.d usage to give it at least a chance to work
* Sat Dec 13 2014 Led <ledest@gmail.com>
- fix bashisms
- updated patches:
  + inn-2.5.4.diff
* Thu Dec 11 2014 mls@suse.de
- enable IPv6
- get rid of gpg-offline as we nowadays check signatures in
  the source validator
* Wed Jul 16 2014 mls@suse.de
- update to inn-2.5.4
  * updated control.ctl file
  * improved signature checking in pgpverify
  * new "htmlstatus" config option
  * many bugs fixed
  * removed patches: inn-linereset.diff
  * renamed patches: inn-2.5.2.diff -> inn-2.5.4.diff
- fix innbind file mode
- fix empty history database on 64bit [bnc#876287]
* Mon Sep 09 2013 mls@suse.de
- make /usr/lib/news/bin owned by root
* Thu Sep 05 2013 mls@suse.de
- add libperl_requires, as we link against libperl and thus
  need a specific version of perl
* Tue Nov 27 2012 sbrabec@suse.cz
- Verify GPG signature.
* Mon Sep 17 2012 coolo@suse.com
- fix ownership of directories so subpackages can be installed with
  rpm 4.10
* Tue Sep 04 2012 mls@suse.de
- fix starttls command injection issue [bnc#776967]
- fix /var/run/news permission and handling.
* Tue Jun 19 2012 aj@suse.de
- Use set_permissions instead of run_permissions.
- Handle /var/run on tmpfs.
* Thu Mar 22 2012 cfarrell@suse.com
- license update: GPL-2.0+ and BSD-4-Clause
  SPDX format and also include *.in files from control/ as BSD-4-Clause
* Fri Mar 16 2012 lmuelle@suse.de
- require perl-MIME-tools
* Wed May 19 2010 mls@suse.de
- adapt innbind modes to permissions file
* Thu Apr 08 2010 mls@suse.de
- compile with largefile support
* Wed Apr 07 2010 mls@suse.de
- update to inn-2.5.2
  * implement CAPABILITIES command
  * decent parser for NNTP commands
  * multiple LIST commands allow pattern matching
* Fri Sep 04 2009 mls@suse.de
- fix fd leak [bnc#525827]
* Sun Aug 30 2009 coolo@novell.com
- provide Patch0
* Thu Jul 10 2008 mls@suse.de
- fix segfault in perl_call_argv [bnc#405186]
* Thu Jun 19 2008 werner@suse.de
- Add missing Provides to the init script