Releases: Openwsman/openwsman
Releases · Openwsman/openwsman
Version 2.7.2 - robustness improvements
This release add two "good practice" security fixes and a number of smaller improvements
- Security
- call setgroups before setuid or setgid (kkaempf)
- harden systemd service (https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort)
- Bugfixes
- wsman-win-client-transport: initialize certificate pointer (Alexander Usyskin)
- iniparser: fix buffer size (Alexander Usyskin)
- wsman-win-client-transport: plug leak in error path (Alexander Usyskin)
- memory.c: fix memory cleanup (Alexander Usyskin)
- Improve handling of HTTP 401 Unauthorized (Vitezslav Crhonek)
- Fix serialization tests (kkaempf)
- Fix Ruby bindings warnings (kkaempf)
- Fix Ruby plugin loading test (kkaempf)
- Fix rpm packaging (kkaempf)
- Allow to run tests from 'build' directory (kkaempf)
- Add Python XML test (kkaempf)
- Enable CUNIT tests (kkaempf)
v2.7.1 - bugfix release
- Bugfixes
- msvc build fixes (Alexander Usyskin)
- cleanup passwords after use (Alexander Usyskin)
- drop RANDFILE in owsmangencert.h (kkaempf)
- fix potential NULL pointer dereference (Alexander Usyskin)
- MinGW build enablement (Bastian Germann)
Version 2.7.0 - minor API changes !
- API change
- client_opt: expiry and hearbeat_interval are float (Alexander Usyskin)
wsmc_set_sub_expiry() and wsmc_set_heartbeat_interval() change their
first parameter from int to float - bump so version of libwsman_client from 4 to 5
- new functions for C++ bindings: OpenWsmanClient::GetWithFlags()
and OpenWsmanClient::PutWithFlags to add a 'flags' parameter
(Alexander Usyskin) - add FLAG_SUPRESS_100_CONTINUE to options, fixes #131 to workaround
a curl problem. Reportedly curl 7.69.0 fixes this also in curl.
(Alexander Usyskin) - fixed several compiler warnings (Alexander Usyskin)
- fixed spelling errors (Tomas Winkler)
- client_opt: expiry and hearbeat_interval are float (Alexander Usyskin)
Version 2.6.11 - bugfix update
Version 2.6.10 had a double-free bug in the events error processing. This is fixed by 2.6.11.
Version 2.6.10 - security update
- Pthread usage fixes (Alexander Usyskin)
- Convert sprintf to snprintf and strcpy to strncpy (Tomas Winkler)
- Fix configure for Windows (Alexander Usyskin)
- Fix possible denial of service (Adam Majer, Klaus Kaempf)
CVE-2019-3833:
"Openwsman, versions up to and including 2.6.9, are vulnerable to
infinite loop in process_connection() when parsing specially crafted
HTTP requests. A remote, unauthenticated attacker can exploit this
vulnerability by sending malicious HTTP request to cause denial of
service to openwsman server." - Many potential NULL dereferences fixed (Alexander Usyskin)
Version 2.6.9 - CURL 7.62 adaption, openSSL 1.1.0 support
Main change is build enablement against CURL 7.62 and support for the openSSL 1.1.0 API
Other changes
Version 2.6.8 - security fix
This version disables directory listing in the http(s) component.
Version 2.6.7 - CMake 2.6 support
This release builds with CMake 2.6 (or later)
- Bugfixes
- fix return value check for
SSL_CTX_set_cipher_list()
- fix pam config for local install
- fix return value check for
Version 2.6.6 - OpenSSL 1.1.0 support
This release provides OpenSSL 1.1.0 compatibility
Version 2.6.5 - Python3 and Ruby 2.5
This release supports Python3 and Ruby 2.5 for the bindings component.
- Bugfixes
- Replace obsolete pam modules with standard ones ([email protected])
- Include shttpd_config.h in tarball ([email protected])
- Build with Python 3
- Build with Ruby 2.5