[collectd] Version 5.5.2 available.
Florian Forster
octo at collectd.org
Tue Jul 26 08:43:19 CEST 2016
Hello everybody,
we're proud to announce the availability of collectd 5.5.2. As a bugfix
release, this new version only closes existing problems and does not
introduce new features.
This release fixes an issue in the Network plugin that can be triggered
remotely and is potentially exploitable (CVE-2016-6254). We urge all
users of the Network plugin to upgrade ASAP. An update to the 5.4 branch
is coming up.
Download
--------
The new version is available in source-code form from collectd's
download page. The direct download links are:
* http://collectd.org/files/collectd-5.5.2.tar.bz2
SHA-256: 017f3a4062187e594d8ab6af685655fb82a8a942dc574668e68242bdb8ba820f
* http://collectd.org/files/collectd-5.5.2.tar.gz
SHA-256: 8013ae74df2b90ec8a8e7ac5da7638e165199021eca5f423ff8ee19feac649ba
Thanks
------
Thanks to everybody who contributed to this version. In particular:
* Andrés J. Díaz
* Brandon Arp
* @ciomaire
* Corey Kosak
* Emilien Gaspar
* Eric Sandeen
* Jim Quinn
* Marc Falzon
* Pavel Rochnyack
* Thomas Guthmann
* Tolga Ceylan
* @yujokang
Special thanks to Ruben Kerkhof and Marc Fournier who did most of the
work for this release!
ChangeLog
---------
2016-07-25, Version 5.5.2
* collectd: A division by zero has been fixed in the
"plugin_dispatch_multivalue()" function. Thanks to Corey Kosak.
* collectd: The address of the Free Software Foundation has been fixed
in GPL license headers. Thanks to Ruben Kerkhof.
* Build system: Detection and handling of librrd 1.6 and later has been
fixed. Thanks to Ruben Kerkhof.
* Apache plugin: A warning about a possible misconfiguration has been
added. Thanks to Marc Fournier.
* cURL, cURL-JSON and cURL-XML plugins: A memory leak when allocating
more memory fails has been fixed. Thanks to Brandon Arp.
* DF plugin: A build issue on DragonFlyBSD has been fixed. Thanks to
Ruben Kerkhof. #1575
* Ethstat plugin: Code to strip leading whitespace from device names.
This works around an issue in the VMXNet3 driver. Thanks to Thomas
Guthmann. #1059
* Exec plugin: A problem in the error handling of an fdopen() failure
has been fixed. Thanks to @ciomaire.
* Modbus plugin: The debug output has been disabled by default. It is
now only enabled when building with "--enable-debug". Thanks to Eric
Sandeen and Marc Fournier.
* Network plugin: A check for the initialization of secure memory has
been added. Previously, failure to initialize this memory was
ignored. Thanks to @yujokang. #1665
* Network plugin: A heap overflow has been fixed in the server code.
This issue can be triggered remotely and is potentially exploitable.
Thanks to Emilien Gaspar. CVE-2016-6254
* Perl plugin: Init callbacks have been changed to run essentially
single-threaded to avoid race conditions by init functions which
create additional threads. Thanks to Pavel Rochnyack. #1706
* Processes plugin: A compilation error on systems without "regex.h" has
been fixed. Thanks to Corey Kosak.
* Processes plugin: A memory leak on Solaris has been fixed. Thanks to
Jim Quinn.
* Processes plugin: A warning about too long process names has been
added. Thanks to Marc Fournier. #1284
* Redis plugin: A memory leak in an error handling code path has been
fixed. Thanks to Andrés J. Díaz.
* Redis plugin: The data source type of the expired_keys metric has been
corrected to "DERIVE". Thanks to Marc Falzon and Marc Fournier. #1483.
* SMART plugin: A build dependency on libudev has been added. Thanks to
Pavel Rochnyack. #1724
* StatsD plugin: A deadlock on plugin shutdown has been fixed. Thanks to
Pavel Rochnyack #1703
* Write HTTP plugin: Freeing of memory holding HTTP headers during
shutdown has been fixed. Thanks to Tolga Ceylan.
* Write Sensu plugin: A segfault when the Tag was unset has been fixed.
Thanks to Marc Fournier.
* ZFS ARC plugin: The cache_operation-stolen metric has been removed for
FreeBSD 10.2 and later. Thanks to Ruben Kerkhof. #1580
Best regards,
—octo
--
collectd – The system statistics collection daemon
Website: http://collectd.org
Google+: http://collectd.org/+
GitHub: https://github.com/collectd
Twitter: http://twitter.com/collectd
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mailman.verplant.org/pipermail/collectd/attachments/20160726/a3b22ecf/attachment.sig>
More information about the collectd
mailing list