public inbox for gnats-devel@sourceware.org
 help / color / mirror / Atom feed
From: "Chad C. Walstrom" <chewie@wookimus.net>
To: help-gnats@gnu.org
Subject: Preparing 4.1...
Date: Fri, 29 Oct 2004 21:33:00 -0000	[thread overview]
Message-ID: <20041029213319.GA14062@wookimus.net> (raw)

Hello, folks.  Well, now that my training as a parent have been
initiated, I think it's time to put my shoulder to the grindstone.

Hans-Albert submitted a change to CVS to fix a couple buffer overflow
problems on September 6th, and we should roll these out into a new
release of gnats sooner than later.  An optimistic goal is to have a
release ready to roll out by Monday.  If you have patches or fixes you
would like incorporated, please let me know ASAP.

Things I still plan on rolling in for the 4.1 release:

  * NEWS: Summarize changes and important security fixes

  * A note in the compilation documentation that bison version 1.35 or
    earlier is required to rebuild getdate.c.

    (Is there anyone versed in using bison to update the getdate.y file
    to use bison 1.875?)

  * install-sid: Either remove or update so that a separate
    configuration (sh) file is generated rather than editing send-pr.

  * send-pr:
    - Source a configuration (sh) file (i.e. /etc/gnats/send-pr.conf)
      and $HOME/.send-pr.conf to override default environment variables
    - Remove or update references/error messages regarding install-sid

  * debian/...: Roll in changes from current debian package

I'm going to hold off on the PAM patch for just a while longer.  Pankaj,
do you think it would be possible to add a cautionary note in gnats.texi
regarding the security problems in exposing the PAM to GNATS
authentictation (i.e. plain-text network protocol sniffing)?  For
example, we should suggest that administrators not authenticate system
accounts through GNATS.  Rather, give suggestions for using other PAM
modules to authenticate against alternate passwd or db format files.

(Is it possible to blacklist pam modules for use w/gnats?)

Once we get a gnutls layer incorporated into the gnats daemon and
libraries, we could update our suggestions to be more permissive.

Note: I do have to purchase and install a new power supply for my
workstation at home, but I hope to have it up and running later tonight.

-- 
Chad Walstrom <chewie@wookimus.net>
http://www.wookimus.net/~chewie


_______________________________________________
Help-gnats mailing list
Help-gnats@gnu.org
http://lists.gnu.org/mailman/listinfo/help-gnats

             reply	other threads:[~2004-10-29 21:33 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-10-29 21:33 Chad C. Walstrom [this message]
2004-10-31 14:03 ` Pankaj Garg
2004-11-01 19:09 ` Pankaj Garg
2004-11-03 22:39   ` Chad C. Walstrom
2004-11-03 22:46 ` Chad C. Walstrom
  -- strict thread matches above, loose matches on Subject: below --
2004-06-10 21:20 CVS, Documentation, TODO Lists, New Maintainer, and Stuff Chad C. Walstrom
2004-06-10 21:44 ` Chad C. Walstrom
2004-06-13  8:51   ` Mel Hatzis
2004-06-13 23:01   ` Andrew Gray
2004-06-11 22:28 ` Yngve Svendsen
2004-06-14 17:07 ` Pankaj K Garg
2004-06-14 17:16   ` Chad C. Walstrom
2004-06-20 17:39     ` PAM Authentication Patch Pankaj K Garg
     [not found]       ` <gargp@earthlink.net>
2004-06-20 17:59         ` Mark D. Baushke
2004-06-21  7:25           ` Chad Walstrom
2004-06-21 15:26             ` Chad Walstrom
     [not found]               ` <chewie@wookimus.net>
2004-06-21 15:34                 ` Mark D. Baushke
2004-11-04  1:27                 ` Preparing 4.1 Mark D. Baushke
2004-11-04  3:15                   ` Chad Walstrom
2004-11-04 19:15                     ` Chad Walstrom
2004-11-17 23:26                       ` Chad Walstrom
2004-06-21 16:13       ` PAM Authentication Patch Chad Walstrom

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20041029213319.GA14062@wookimus.net \
    --to=chewie@wookimus.net \
    --cc=help-gnats@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).