openSUSE Build Service

buildservice-autocommit accepted request 1149543 from

Michael Vetter (jubalh) 2 months ago (revision 94)

baserev update by copy to link target

Michael Vetter (jubalh) accepted request 1149503 from

Dominique Leuenberger (dimstar) 2 months ago (revision 93)

Prepare for RPM 4.20

buildservice-autocommit accepted request 1145416 from

Lars Vogdt (lrupp) 3 months ago (revision 92)

baserev update by copy to link target

Lars Vogdt (lrupp) committed 3 months ago (revision 91)

- update to 4.1.0
  ENHANCEMENTS
  + Add support for OpenSSL 3 (and EL9/Debian 11/Ubuntu 22)
  + Allow tcpd/libwrap to be excluded from build when present on the system
  + Allow loading of full certificate chains
  + Change -u (connection issues return UNKNOWN) to include all SSL-layer failures.
  + Disable renegotiation and enforce server cipher order when using SSL
  + Verify that private keys match certificates when using SSL
  FIXES
  + Fixed incorrect default for nasty_metachars in nrpe.cfg
  + Fixed incorrect help text for --use-adh
  + Fixed potential out-of-bound read when used with IPv6
- use system-user-nagios package to create the neccessary 
  user and group
- remove macros for old, unsupported SUSE versions
- refresh patches:
  + nrpe-implicit_declaration.patch
  + nrpe-static_dh_parameters.patch
  + nrpe-4.0.4-silence_wrong_package_version_messages.patch
- remove patches:
  + nrpe-disable-chkconfig_in_Makefile.patch (obsolete)
  + nrpe-improved_help.patch (fixed upstream)
  + nrpe_check_control.patch (better fix inside the spec file 
    and use existing nagios macros)
- remove obsolete nrpe-rpmlintrc

buildservice-autocommit accepted request 1126912 from

Martin Hauke (mnhauke) 5 months ago (revision 90)

baserev update by copy to link target

Martin Hauke (mnhauke) accepted request 1121731 from

Michal Svec (msvec) 5 months ago (revision 89)

- Fixed SLES 12 build

buildservice-autocommit accepted request 1072360 from

Lars Vogdt (lrupp) about 1 year ago (revision 88)

baserev update by copy to link target

Lars Vogdt (lrupp) committed about 1 year ago (revision 87)

- use getent to check if the nrpe port is already added to the 
  services description in post-script (bsc#1205157)
- remove xinetd snipplets on newer (>15.5) distributions: 
  xinetd is not supported any longer

Lars Vogdt (lrupp) committed over 2 years ago (revision 86)

- follow /bin/bash -> /usr/bin/bash in the apparmor profile

buildservice-autocommit accepted request 874407 from

Factory Maintainer (factory-maintainer) about 3 years ago (revision 85)

baserev update by copy to link target

buildservice-autocommit accepted request 871264 from

Factory Maintainer (factory-maintainer) about 3 years ago (revision 84)

baserev update by copy to link target

Ruediger Oertel (oertel) committed about 3 years ago (revision 83)

- fix apparmor profile to allow /run as well as /var/run

Lars Vogdt (lrupp) committed about 3 years ago (revision 82)

- added nrpe-4.0.4-silence_wrong_package_version_messages.patch
  NRPE logs 'packet version was invalid' and 'Could not read request
  from client' if the NRPE version on the client does not match the
  one on the server side. 
  This patch reduces the importance of the log entry to be just 
  informal, which should silent most client logs, while it makes 
  it still available for debugging.

buildservice-autocommit accepted request 867677 from

Factory Maintainer (factory-maintainer) about 3 years ago (revision 81)

baserev update by copy to link target

Lars Vogdt (lrupp) committed over 3 years ago (revision 80)

- update to 4.0.3
  ENHANCEMENTS
  * Added TLSv1.3 and TLSv1.3+ support for systems that have it (Nigel Yong, Rahul Golam)
  * Added IPv6 ip address to list of default allow_from hosts (Troy Lea)
  * Added -D option to disable logging to syslog (Tom Griep, Sebastian Wolf)
  * Added -3 option to force check_nrpe to use NRPE v3 packets
  * OpenRC: provide a default path for nrpe.cfg (Michael Orlitzky)
  * OpenRC: Use RC_SVCNAME over a hard-coded PID file (j-licht)
  FIXES
  * Fixed nasty_metachars not being read from config file (#235) (Sebastian Wolf)
  * Fixed buffer length calculations/writing past memory boundaries
    on some systems (#227, #228) (Andreas Baumann, hariwe, Sebastian Wolf)
  * Fixed use of uninitialized variable when validating requests (#229) (hariwe, Sebastian Wolf)
  * Fixed syslog flooding with CRC-checking errors when both plugin 
    and agent were updated to version 4 (Sebastian Wolf)
  * Checks for '!' now only occur inside the command buffer (Joni Eskelinen)
  * NRPE daemon is more resilient to DOS attacks (Leonid Vasiliev)
  * allowed_hosts will no longer test getaddrinfo records against the
    wrong protocol (dombenson)
  * nasty_metachars will now handle C escape sequences properly when
    specified in the config file (Sebastian Wolf)
  * Calculated packet sizes now struct padding/alignment when sending
    and receiving messages (Sebastian Wolf)
  * Buffer sizes are now checked before use in packet size calculation (Sebastian Wolf)
  * When using include_dir, individual files' errors do not prevent
    the remaining files from being read (Sebastian Wolf)
- refreshed the following patches:
  * nrpe-implicit_declaration.patch
  * nrpe-improved_help.patch
  * nrpe_check_control.patch

buildservice-autocommit accepted request 823539 from

Lars Vogdt (lrupp) over 3 years ago (revision 79)

baserev update by copy to link target

Lars Vogdt (lrupp) accepted request 823190 from

Thorsten Kukuk (kukuk) over 3 years ago (revision 78)

- Don't install SuSEfirewall2 service file, SuSEfirewall2 is gone

buildservice-autocommit accepted request 780480 from

Lars Vogdt (lrupp) about 4 years ago (revision 77)

baserev update by copy to link target

Lars Vogdt (lrupp) committed about 4 years ago (revision 76)

Lars Vogdt (lrupp) committed about 4 years ago (revision 75)

- nrpe.xml firewalld file is handled by firewalld package
- Leap 15.1 is suse_version 1500 (thanks, dimstar)

Places

Revisions of nrpe

Places