Upgraded Port: mail/dcc-dccd to 1.3.30
Changes in this release:
o Fix leak in dccd blacklist.
o Change client-server protocol so that `cdcc clients`
gets more than 16 bits of NOP counts.
o updatedcc and fetchblack try two FTP and HTTP servers.
o do not use stdio to parse whiteclnt files to deal with
Solaris' 255 limit on stdio file descriptors.
o add /var/dcc/libexec/uninstalldcc
For the record:
--- forwarded mail begins here ---
From: Vernon Schryver <firstname.lastname@example.org>
Subject: Re: leak in dccd blacklist
Date: Sun, 5 Mar 2006 07:42:10 -0700 (MST)
(I'm sending this to the DCC mailing list with a bcc: to the person who asked)
> > Fix leak in dccd blacklist.
> Is there maybe a detailed advisory available? I am trying to figure out
> how severe this leak is and whether we should advise FreeBSD users with
> an VuXML advisory.
Before 1.3.30, loading the blacklist was delayed until about 30 seconds
after dccd started. If a hyper-active clients whose IP address is in
the blacklist made a request during those first 30 seconds, not only
would the request be answered, but future requests would also be answered
until the blacklist changed and dccd noticed and loaded the new version.
Only the public DCC servers use the blacklist of bad DCC clients. Only
the largest blacklisted clients of the public DCC servers such as utk.edu
Vernon Schryver email@example.com
--- forwarded mail ends here ---
GnuPG key id: 0x55E67774 Download: http://pgp.mit.edu:11371
Key fingerprint: 17B3 FD8F BA68 4AB4 10FD A9D1 AD52 6588 55E6 7774
is dcc/libexec/uninstalldcc really relevant for the FreeBSD user?