Upgraded Port: mail/dcc-dccd to 1.3.30 Changes in this release: o Fix leak in dccd blacklist. o Change client-server protocol so that `cdcc clients` gets more than 16 bits of NOP counts. o updatedcc and fetchblack try two FTP and HTTP servers. o do not use stdio to parse whiteclnt files to deal with Solaris' 255 limit on stdio file descriptors. o add /var/dcc/libexec/uninstalldcc
Responsible Changed From-To: freebsd-ports-bugs->ehaupt Take.
For the record: --- forwarded mail begins here --- From: Vernon Schryver <vjs@calcite.rhyolite.com> To: dcc@calcite.rhyolite.com Subject: Re: leak in dccd blacklist Date: Sun, 5 Mar 2006 07:42:10 -0700 (MST) (I'm sending this to the DCC mailing list with a bcc: to the person who asked) > > Fix leak in dccd blacklist. > > Is there maybe a detailed advisory available? I am trying to figure out > how severe this leak is and whether we should advise FreeBSD users with > an VuXML advisory. Before 1.3.30, loading the blacklist was delayed until about 30 seconds after dccd started. If a hyper-active clients whose IP address is in the blacklist made a request during those first 30 seconds, not only would the request be answered, but future requests would also be answered until the blacklist changed and dccd noticed and loaded the new version. Only the public DCC servers use the blacklist of bad DCC clients. Only the largest blacklisted clients of the public DCC servers such as utk.edu were leaked. Vernon Schryver vjs@rhyolite.com --- forwarded mail ends here --- -- GnuPG key id: 0x55E67774 Download: http://pgp.mit.edu:11371 Key fingerprint: 17B3 FD8F BA68 4AB4 10FD A9D1 AD52 6588 55E6 7774
is dcc/libexec/uninstalldcc really relevant for the FreeBSD user?
State Changed From-To: open->closed Committed, thanks!