X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=docs%2FNEWS;h=72831f0e86eacce7e5054f303e9b19f5cf202e96;hb=b671bd2201bf8e0a0af9f8da72ae80c3218d3000;hp=4f5e4fc2cd1b3d1bcaef662c1b4cef6e466be973;hpb=2a0700fde1690a8c367e5fcb6d6296bbaec20bed;p=catta

diff --git a/docs/NEWS b/docs/NEWS
index 4f5e4fc..72831f0 100644
--- a/docs/NEWS
+++ b/docs/NEWS
@@ -1,3 +1,165 @@
+Avahi 0.6.20
+============
+
+This is a bugfix release and contains a fix for a low risk security
+vulnerability.
+
+ * Fix a local DoS vulnerability, where an assert() could be hit by
+   passing empty TXT data over D-Bus to the Avahi daemon. (Low Risk)
+ * Solaris/dbm portability fixes
+ * Close all open file descriptors when daemonizing. Is generally
+   safer and fixes a few issues with broken init systems of several
+   distributions.
+ * avahi-autoipd: allow passing the path of the action script on the
+   command line.
+ * Several minor build fixes and other cleanups
+
+This release is backwards compatible with Avahi 0.6.x with x < 20.
+
+Avahi 0.6.19
+============
+
+This is a bugfix release, but also adds a new component "avahi-ui-sharp".
+
+ * Rename zssh/zvnc to bssh/bvnc to avoid a name collision with another
+   free software tool, on request of the Debian developers. I hope
+   this name change early in the life of bssh/bvnc won't be too
+   difficult to handle by the distributors. 
+ * Add man page for bssh/bvnc
+ * avahi-ui: fix segfault when browsing in empty domains
+ * avahi-ui: allow GTK_RESPONSE_OK, _YES and _APPLY besides _ACCEPT as
+   positive dialog response codes
+ * avahi-ui-sharp: Add Mono/C# API wrapper for avahi-ui
+ * Don't pick the first and the last 256 IP addresses from the IPV4LL
+   range in avahi-autoipd, as required by RC3927 section 2.1
+ * No longer publish the Avahi service identification cookie anymore
+   by default. It was a bad idea in the first place. A better
+   replacement will hopefully be made available in Avahi eventually.
+ * Properly set umask before writing to /var/lib/avahi-autoipd
+ * Update .deskop files to work around KDE menu issue
+ * Various build fixes and other minor fixes and updates
+
+This release is backwards compatible with Avahi 0.6.x with x < 19.
+
+Avahi 0.6.18
+============
+
+This is a bugfix release, adds a few new features and includes a new
+component.
+
+ * Add a new library libavahi-ui which contains a standard Gtk dialog
+   for browsing for services, and a new tool "zssh" that makes use of
+   it, which allows browsing for SSH and VNC servers and starts ssh or
+   xvncviewer if one item is selected.
+ * avahi-autoipd has been ported to FreeBSD (original patch from Bruce M Simpson)
+ * Improve OpenBSD, Solaris, MacOS X compatibility
+ * Linux inotify support for monitoring /etc/avahi/services/ and
+   /etc/avahi/hosts for changes. (Original patch from "behanw")
+ * Add the ability to dump the service type database from avahi-browse
+   with the new option "-b".
+ * Enable GCC stack smashing protection if available and working (Patch from tedp)
+ * Improve compatibility with Bonjour's libdns_sd (patch from Chris Rivera)
+ * Various updates to the service type database (based on patches from uws)
+ * Fix a local DoS vulnerability (very low priority, all you can do is 
+   make Avahi hit an assert()); problem identified by "jamesh"
+ * Fix a problem when constantly generating conflict events for an RR
+ * Fix registration of very large RRs (original patch from Sjoerd Simons)
+ * Various minor fixes
+
+This release is backwards compatible with Avahi 0.6.x with x < 18.
+
+Avahi 0.6.17
+============
+
+This is a bugfix release.
+
+ * Don't accept "localhost" as a local mDNS host name
+ * Allow running avahi-bookmarks as CGI script
+ * Improve libdns_sd compatibility
+ * Stability: libdns_sd mutex locking order fix
+ * Publish IPv6 addresses via IPv4 and vice versa
+ * IA64 fixes
+ * A lot of minor cleanups and fixes
+
+This release is backwards compatible with Avahi 0.6.x with x < 17.
+
+Avahi 0.6.16
+============
+
+This is a bugfix release, it fixes one DoS (100% CPU Usage) and a regression
+from the last release
+
+ * Revert previous patch to check nlmsg_pid as it is bogus and breaks in
+   many cases, notably when using NetworkManager (Closes: #72)
+ * Replace with new SO_PASSCRED-based check of the sending UID, which
+   seems to work better (Closes: #72)
+ * Handle some errors in libdns_sd more gracefully the way the real
+   libdns_sd does (Closes: #64)
+ * Apply fix for Linux 2.6.19+ where IFA_RTA / IFLA_RTA is no longer
+   defined (Closes: #86)
+ * Fix doxygen comments for avahi watch, thanks to tedp (Closes: #77)
+ * Make d-bus version detection work for >= 1.0 (Closes: #71)
+ * Dont dbus_connection_close on shared dbus connections (Closes: #68)
+ * Fix potential endless loop in dns label unpacking code (Closes: #84)
+ * Fix bogus assertion in client-publish-service.c example
+ * Mild fix to some doxygen docs for avahi-common/address.h
+ * Fix passing in custom priviledged group (previously ignored setting)
+   (Closes: #85) 
+
+This release is backwards compatible with Avahi 0.6.x with x < 16.
+
+Avahi 0.6.15
+============
+
+This is a bugfix release, this bug is potentially security sensitive
+
+ * Check that netlink messages actually originate from the kernel
+   and not another process.
+ * Fix build on NetBSD (thanks to Daniel S. Haischt)
+ * Fix dbus_service_browser not setting AVAHI_LOOKUP_RESULT_OUR_OWN.
+
+This release is backwards compatible with Avahi 0.6.x with x < 15.
+
+Avahi 0.6.14
+============
+
+This release fixes some bugs and includes a new component.
+
+Changes:
+
+  * Add new daemon "avahi-autoipd" which is an implementation of
+    IPv4LL as defined in RFC3927, a technology for assigning link-local IP
+    addresses without DHCP server. The same functionality has been available on
+    Windows under the name APIPA. While it is not the first implemenatation of
+    this technology for Free operating systems it is clearly the most powerful
+    and hopefully even the most secure. (Because it chroot()s and drops
+    priviliges and suchlike) For more information, especially about packaging
+    this new tool for distributions, please make sure to read:
+    http://avahi.org/wiki/AvahiAutoipd 
+    and of course the man page included in the tarball.  For the rationale for
+    adding this program to the Avahi toolset please read this mailing list
+    thread:
+    http://lists.freedesktop.org/archives/avahi/2006-September/000863.html
+  * Fix a segfault in the code handling static host name registrations
+  * Add a few new entries to the service type database
+  * s/D-?BUS/D-Bus/g
+  * Documentation updates
+  * Fix service type database building on Solaris
+  * Make use of newer D-Bus APIs
+  * Fix random seed initialization
+  * Install SFTP static service file by default
+  * Other minor code cleanups
+
+This release is backwards compatible with Avahi 0.6.x with x < 14.
+
+Please note that this version doesn't compile on NetBSD, patches
+welcome.
+
+Please note that avahi-autoipd is available on Linux only for
+now. Patches welcome. It is recommended to pass --disable-autoipd to
+"configure" on non-Linux operating systems, otherwise the build will
+fail.
+
 Avahi 0.6.13
 ============