search for: msg00128

...online here: +L<https://github.com/libguestfs/libnbd/blob/master/SECURITY> + +=head2 CVE-2019-14842 +protocol downgrade attack when using LIBNBD_TLS_REQUIRE + +See the full announcement and links to mitigation, tests and fixes +here: +https://www.redhat.com/archives/libguestfs/2019-September/msg00128.html + +=head1 SEE ALSO + +L<libnbd(1)>. + +=head1 AUTHORS + +Eric Blake + +Richard W.M. Jones + +=head1 COPYRIGHT + +Copyright (C) 2019 Red Hat Inc. diff --git a/docs/libnbd.pod b/docs/libnbd.pod index 7bd59f5..e4810f6 100644 --- a/docs/libnbd.pod +++ b/docs/libnbd.pod @@ -830,6 +830,7 @@ L&...

...S (as opposed to my personal CVS) if Josh doesn't mind some additional tagging and branching, and the debian/ directory would be omitted from the official releases. There is yet another iteration of this argument happening on debian-devel as we speak: http://lists.debian.org/debian-devel-0106/msg00128.html -- - mdz

...online here: +L<https://github.com/libguestfs/libnbd/blob/master/SECURITY> + +=head2 CVE-2019-14842 +protocol downgrade attack when using LIBNBD_TLS_REQUIRE + +See the full announcement and links to mitigation, tests and fixes +here: +https://www.redhat.com/archives/libguestfs/2019-September/msg00128.html + +=head1 SEE ALSO + +L<libnbd(1)>. + +=head1 AUTHORS + +Eric Blake + +Richard W.M. Jones + +=head1 COPYRIGHT + +Copyright (C) 2019 Red Hat Inc. diff --git a/docs/libnbd.pod b/docs/libnbd.pod index 7bd59f5..e4810f6 100644 --- a/docs/libnbd.pod +++ b/docs/libnbd.pod @@ -830,6 +830,7 @@ L&...

On Fri, Jun 15, 2001 at 11:33:15AM -0700, Josh Coalson wrote: > > it's hard enough for the average user to find out how to compile > > source > > packages and checkout from CVS. The Ogg sources also includes a > > debian/ > > dir and it was much easier to build deb packages from this. Sorry, I'm just coming in in the middle of this, but I second any

...e branch. Upgrading is highly advisable. CVE-2019-14842 protocol downgrade attack when using "LIBNBD_TLS_REQUIRE" See the full announcement and links to mitigation, tests and fixes here: https://www.redhat.com/archives/libguestfs/2019-September/msg00128.html remote code execution vulnerability See the full announcement here: https://www.redhat.com/archives/libguestfs/2019-October/msg00060.html New APIs nbd_can_fast_zero(3) Test support by the server for fast zeroing (Eric Blake). nbd_connect_soc...

Rebased filters patch. Requires current git master + the locks / thread model fix (https://www.redhat.com/archives/libguestfs/2018-January/msg00128.html) So a few changes here since last time: The "introduce filters" and "implement filters" patches are squashed together. I introduced a concept of .prepare and .finalize. These run before and after the data serving phase respectively. They're not a lot of use for plu...