From afdccceefa30306cf720a27efd5a29bcc5a916c9 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 4 Dec 2008 14:09:38 +0100 Subject: security fix: imudp emitted a message when a non-permitted sender... ...tried to send a message to it. This behaviour is operator-configurable. If enabled, a message was emitted each time. That way an attacker could effectively fill the disk via this facility. The message is now emitted only once in a minute (this currently is a hard-coded limit, if someone comes up with a good reason to make it configurable, we will probably do that). --- ChangeLog | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index ee9de415..501c9ff1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,16 @@ --------------------------------------------------------------------------- -Version 3.20.1 [v3-stable] (rgerhards), 2008-112-04 +Version 3.20.2 [v3-stable] (rgerhards), 2008-12-04 +- re-release of 3.20.1 with an additional fix, that could also lead + to DoS; 3.20.1 has been removed from the official download archives +- security fix: imudp emitted a message when a non-permitted sender + tried to send a message to it. This behaviour is operator-configurable. + If enabled, a message was emitted each time. That way an attacker could + effectively fill the disk via this facility. The message is now + emitted only once in a minute (this currently is a hard-coded limit, + if someone comes up with a good reason to make it configurable, we + will probably do that). +--------------------------------------------------------------------------- +Version 3.20.1 [v3-stable] (rgerhards), 2008-12-04 - security bugfix: $AllowedSender was not honored, all senders were permitted instead - enhance: regex nomatch option "ZERO" has been added -- cgit