Releases: cdpxe/WendzelNNTPd
v2.1.3
2.1.3-stable "Friedrichroda" : 17-Apr-2021:
As usual, every new release gets named after a nice travel location.
This time it is Friedrichroda, Germany.
FIXES:
- Do not exit on SIG_PIPE (broken pipe) *** security fix (DoS) ***.
This would be exploitable easily by "echo | telnet hostname port"!
This fix requires support for the send() flag MSG_NOSIGNAL. Seems
to be present in *BSD and Linux (at least). - Modified regex checks during POST command:
- Prevent postings to Newsgroups: ,,,
- Prevent sender '@'
- Prevent \r\n\t in subjects
- Unified structure of regex tests with macros
- Minor fix in documentation for ACL management.
ADDED FEATURES:
- Created the manpages
wendzelnntpd(8)andwendzelnntpadm(8). - The make target "install" now installs manpages, too.
MISC:
- Listen on ::1 per default, too (in addition to 127.0.0.1).
- Slackware build script does not require
make installanymore,
which makes the whole process much cleaner. Also, this is quicker. - Added additional meta-data for https://slackbuilds.org compatibility (beta).
- Applied several adjustments and improvements from SBo's repository.
- Improved some comments in the code.
v2.1.2
2.1.2-current "Sydney/Waverton" : 29-Mar-2021
ADDED_FEATURES:
- Slackware package for amd64 was added (beta!)
- Added support for parameters -h and -v now to check for the version.
- init (rc.d) script is now patched to desired DESTDIR in configure.
FIXES: - Incorrect path for database files from create_code_pkg.sh was used
in the last tarball (support for this script now dropped; see MISC).
MISC: - Improved wording/fixed some typos.
- Dropped create_code_pkg.sh because of path inconsistency; we now
use github for this job.
v2.1.1
This is just a tiny improvement of the documentation of v.2.1.0. No actual changes were made in the code. This release is named Crows Nest, after one of my favorite parts of Sydney during the years when I was a regular visitor of NSW.
2.1.1-stable "Sydney/Crows Nest" : 05-Jan-2021
MISC:
- Updated documentation to better reflect the new 2.1 sub-version.
- Tiny adjustments of provided text files.
- Removed "OSE (Open Source Edition)" string as there is (nor ever
was!) a non-free edition of this software.
v2.1.0
2.1.0-alpha "Sydney (Post-NYE Release 2021)" : 04-Jan-2021
FIXES:
- Improved error handling in database.c:
- Removed a memory leak and unclosed file handles in case of errors
- Improved error handling in db_sqlite3.c:
- Explicitly use zero body length if length of body is zero
(should not be possible but this makes the code safer).
- Explicitly use zero body length if length of body is zero
ADDED_FEATURES:
- Finally, passwords are saved using a hash function (SHA2, 256 bits).
The hashed string is a concatenation of a configurable system-wide
salt, the username and the password. This is not a perfect solution
since it would be better to have unique salts per user (currently
the "unique salt" is just the username), but it is at least a start.
MISC:
- Improved documentation, thanks to @deavmi
- Default max size for postings is now 20 MBytes in config file.
- Tiny improvements of coding style
WendzelNNTPd-2.0.9 (Christmas Release 2017)
Please note that this is a minor clean-up release. No upgrades are necessary.
2.0.9-stable "Bergen, Christmas Releae 2017" : 18-Dec-2017
FIXES:
- 'configure' script did not check whether the `install' tool is
present. The tool's presence is now also checked.
MISC:
- Old RFC 850 mentions YY (two-digit) yearly format. However, INNd
uses YYYY (four-digit) yearly format. WendzelNNTPd now does the
same.
- Tiny code cleanup (removed two doubled prototype definitions).
- Ran WendzelNNTPd with lib efence, just to see whether memory leaks
would be detected. Executed (hopefully) all possible NNTP commands.
No memory leaks were revealed. However, tested only Sqlite3 setup,
not MySQL.
WendzelNNTPd-2.0.8
This new minor release is basically just an improvement for those who are new to WendzelNNTPd. The documentation was improved and the code now compiles a bit easier under FreeBSD. No bugs were discovered or fixed and an update from v.2.0.7 is not necessary.
2.0.8-stable "Oslo" : 31-Jan-2017
ADDED_FEATURES:
- *BSD support: Add comment how to install WendzelNNTPd under FreeBSD
and other BSD derivates in documentation and also adjust the Makefile
accordingly since group "root" is called "wheel" there. Now use 0:0
instead of root:root in install/upgrade targets of the Makefile.
MISC:
- Slight improvement of the documentation (how to start/stop/restart
the service and how to install the startup script) and in the expla-
nation of the default config file (wendzelnntpd.conf).
- Slight improvement of help output and comments in configure script
and Makefile.
- Tiny code e-mail address clean-up
WendzelNNTPd v2.0.7
This new release fixes a problem with the XHDR command that led to problems with some Usenet clients (e.g. claws-mail). Additional tiny improvements were made to improve the error reporting.
No security fixes were applied but it is recommended to upgrade from all v2.0.x releases to v2.0.7 in order to prevent NNTP protocol problems with clients using XHDR.
As usual: Enjoy the new release!
WendzelNNTPd v2.0.6
This is the release of WendzelNNTPd-2.0.6. This release integrates a new feature to configure the max. allowed size of postings plus several tiny cleanups and improvements (especially in the documentation).
This release contains no security updates or bug fixes. If you run v2.0.5, no update will be required.
As usual: Have a lot of fun with this server!
WendzelNNTPd v2.0.5
This is the release of WendzelNNTPd-2.0.5, which was shifted from SourceForge (after many years!) to GitHub now. Have a lot of fun with this server!