[collectd] Version 5.4.3 available.
Florian Forster
octo at collectd.org
Tue Jul 26 10:33:55 CEST 2016
Hello everybody,
we're proud to announce version 5.4.3, a patch release to the 5.4
branch.
This release fixes an issue in the Network plugin that can be triggered
remotely and is potentially exploitable (CVE-2016-6254). We urge all
users of the Network plugin to upgrade ASAP.
Download
--------
The new version is available in source-code form from collectd's
download page. The direct download links are:
* https://collectd.org/files/collectd-5.4.3.tar.bz2
SHA-256: 6b2ccd4c4ad2a3f8905fba9c259318a5252abb972ff25d11df6010fb39e743d9
* https://collectd.org/files/collectd-5.4.3.tar.gz
SHA-256: 4ffb498609a918c7d040d1c0ecf2122d9b61a53eb54c02f543d800f3959d7df7
Thanks
------
Thanks to everybody who contributed to this version. In particular:
* @biancalana
* Brandon Arp
* @brianpkelly
* @ciomaire
* Claudius Zingerli
* Corey Kosak
* Dagobert Michelsen
* Emilien Gaspar
* Eric Sandeen
* Fabien Wernli
* Gautam BT
* Herve COMMOWICK
* Jakub Jankowski
* Jan Andres
* Jim Quinn
* Landry Breuil
* Laurent
* Manuel Luis Sanmartín Rozada
* Marc Fournier
* Marek Becka
* Michael Salmon
* Nathan Ward
* Pavel Rochnyack
* Pierre Fersing
* Pierre-Yves Ritschard
* Remi Collet
* Ruben Kerkhof
* Ruud van Melick
* Sam Pointer
* Sergey
* Shahul Hameed
* Stefan Brüns
* Sven Trenkel
* Tamás Földesi
* Thomas Guthmann
* Thomas Kho
* Tim Laszlo
* Tolga Ceylan
* Wilfried Goesgens
* Yoga Ramalingam
* @yujokang
* Yves Mettier
ChangeLog
---------
2016-07-26, Version 5.4.3
* Build system: A deprecation warning has been removed. Thanks to
Florian Forster.
* Build system: An ordering issue when build the AMQP plugin was
corrected. Thanks to Shahul Hameed.
* Build system: Building the gmond plugin against recent libganglia
versions has been added. Thanks to Marc Fournier. #1129
* Build system: "collectd-tg" now builds on AIX. Thanks to Manuel Luis
Sanmartín Rozada. #542
* Build system: "version-gen.sh" portablility was improved. Thanks to
Marc Fournier and Ruben Kerkhof.
* Build system: Compiling utils_dns.c on Solaris has beed fixed. Thanks
to Yves Mettier, Dagobert Michelsen and Florian Forster. #348
* Build system: Default JDK detection got improved. Thanks to Ruben
Kerkhof and Marc Fournier.
* Build system: Detection and handling of librrd 1.6 and later has been
fixed. Thanks to Ruben Kerkhof.
* Build system: notify_email build options got corrected to make it
build on non-GNU libc systems. Thanks to Marc Fournier.
* Build system: Protobuf building and logging has been improved. Thanks
to Ruben Kerkhof.
* Build system: The "make distcheck" target was fixed to properly handle
java build artifacts. Thanks to Florian Forster.
* Build system: The configure script got fixed to work properly when
called with "CC="gcc -Wall -Werror"" . Thanks to Marc Fournier.
* Build system: The configure script will now fail if pkg-config isn't
available. Thanks to Ruben Kerkhof.
* Build system: The users plugin now builds properly on Solaris when
libstatgrab is available. Thanks to Dagobert Michelsen. #1061
* Build system: Various fixes have been done to improve library
detection on FreeBSD. Thanks to Ruben Kerkhof.
* collectd2html: Several perl errors have been corrected. Thanks to Ruud
van Melick. #1103
* collectd: A global gauge format-string is now used to avoid loss of
precision. Thanks to Florian Forster. #1039
* collectd: A race condition at plugin initialization time was fixed.
Thanks to Jan Andres. #1316
* collectd: Autoloading now properly sets plugin context, allowing
plugins to determine the interval. Thanks to Florian Forster. #1069
* collectd: Empty "Plugin" blocks are now supported by the configuration
file parser. Thanks to Manuel Luis Sanmartín Rozada. #1035
* collectd: The address of the Free Software Foundation has been fixed
in GPL license headers. Thanks to Ruben Kerkhof.
* collectd: Writing to a closed TCP socket is now properly handled.
Thanks to Tamás Földesi. #1104
* Documentation: iptables plugin: IPv6 configuration option has been
added to the collectd.conf(5) manpage. Thanks to 'Marc Fournier''.
#1496
* AMQP plugin: The plugin was fixed to build against librabbitmq 0.6.0.
Thanks to Remi Collet. #1008
* Apache plugin: A warning about a possible misconfiguration has been
added. Thanks to Marc Fournier.
* Apache plugin: The plugin was extended to parse the whole response,
required to support Apache versions greater than 2.4.17. Thanks to
Marc Fournier and Florian Forster. #1170, #1343
* APC UPS plugin: Log messages are now prefixed with the plugin name.
Thanks to Sergey. #1329
* Bind plugin: The type_instance now gets properly sanitized. Thanks to
Thomas Kho. #992
* CPU plugin: Error messages on MacOSX have been improved. Thanks to
Florian Forster. #22
* cURL plugin: A typo in an error message got corrected. Thanks to Marc
Fournier.
* cURL, cURL-JSON and cURL-XML plugins: A memory leak when allocating
more memory fails has been fixed. Thanks to Brandon Arp.
* DF plugin: An bug preventing filesystems which don't report inodes
such as btrfs has been corrected. Thanks to Marek Becka. #1096
* DF plugin: Duplicate entries are no longer reported twice. Thanks to
Stefan Brüns and Florian Forster. #1402
* DF plugin: Legacy code for skipping "rootfs" mount points has been
removed. Thanks to Marc Fournier. #1402
* DF plugin: Legacy references to the "ReportReserved" option have been
removed. Thanks to Marc Fournier.
* DF plugin: Reading the mtab now uses a reentrant function when
possible. Thanks to Ruben Kerkhof. #1163
* Ethstat plugin: Code to strip leading whitespace from device names.
This works around an issue in the VMXNet3 driver. Thanks to Thomas
Guthmann. #1059
* Exec plugin: A file descriptor leak when the plugin is configured to
run as a non-existing user was corrected. Thanks to Gautam BT and Marc
Fournier. #762
* Exec plugin: A problem in the error handling of an fdopen() failure
has been fixed. Thanks to @ciomaire.
* Interface plugin: Documentation about regular expressions in the
ignore list has been added. Thanks to Jakub Jankowski.
* IRQ plugin: The "FIQ" line is now skipped as it doesn't contain any
counter. Thanks to Ruben Kerkhof. #971
* Modbus plugin: The debug output has been disabled by default. It is
now only enabled when building with "--enable-debug". Thanks to Eric
Sandeen and Marc Fournier.
* MongoDB plugin: A memory leak has been fixed and some adaptations to
the current API of the mongo-c-driver have been made. Thanks to
Florian Forster. #956
* Network plugin: A check for the initialization of secure memory has
been added. Previously, failure to initialize this memory was ignored.
Thanks to @yujokang. #1665
* Network plugin: A heap overflow has been fixed in the server code.
This issue can be triggered remotely and is potentially exploitable.
Thanks to Emilien Gaspar. CVE-2016-6254
* Network plugin: The TimeToLive option handling was made more robust.
Thanks to Tim Laszlo. #654
* NTPd plugin: Documentation about the required "mode 7" has been added.
Thanks to Jakub Jankowski.
* NTPd plugin: Reporting of "time_offset-loop" was corrected to match
the values from ntpq/ntpdc. Thanks to Pierre Fersing and Florian
Forster. #1300
* OpenVPN plugin: The plugin was fixe to avoid signaling an error when
no clients were connected. Thanks to Florian Forster. #731
* Perl plugin: Init callbacks have been changed to run essentially
single-threaded to avoid race conditions by init functions which
create additional threads. Thanks to Pavel Rochnyack. #1706
* PF plugin and DNS plugin: These plugins have been fixed to build
properly on OpenBSD again. Thanks to Ruben Kerkhof.
* Processes plugin: A compilation error on systems without "regex.h" has
been fixed. Thanks to Corey Kosak.
* Processes plugin: A memory leak on Solaris has been fixed. Thanks to
Jim Quinn.
* Processes plugin and Swap plugin: These plugins have been corrected to
also work inside FreeBSD jails. Thanks to biancalana. #1019
* Processes plugin: A warning about too long process names has been
added. Thanks to Marc Fournier. #1284
* Processes plugin: Process counting on the FreeBSD and OpenBSD
platforms has been fixed. Thanks to Herve COMMOWICK. #1298
* Processes plugin: The plugin was fixed to work properly on Solaris.
Thanks to Jan Andres. #919
* Python plugin: A double-free bug got fixed. Thanks to Sven Trenkel.
#1285
* RRDtool plugin: A race condition leading to corrupt RRD file creation
has been fixed. Thanks to Manuel Luis Sanmartín Rozada. #1031
* SNMP plugin: The "Gauge32" signedness was corrected to match RFC1902.
Thanks to Nathan Ward. #1325
* StatsD plugin: A deadlock on plugin shutdown has been fixed. Thanks to
Pavel Rochnyack #1703
* StatsD plugin: A memory leak was corrected. Thanks to Florian Forster.
#997
* StatsD plugin: A symbol lookup error was fixed by properly linking the
plugin against libm. Thanks to Florian Forster.
* StatsD plugin: "utils_latency": Support for including values above
1000 in percentile calculation has been added. Thanks to Yoga
Ramalingam. #401
* StatsD plugin: "utils_latency": Two division by zero error conditions
have been corrected. Thanks to Wilfried Goesgens. #655
* StatsD plugin: Counters absolute counts are now also reported. Thanks
to Pierre-Yves Ritschard. #1311
* StatsD plugin: The plugin now emits NaN values when no timer event is
recorded. Thanks to Florian Forster. #1038, #1039
* StatsD plugin: The plugin was corrected to avoid crashing when
negative timer values are submitted. Thanks to Florian Forster. #1131
* Tail CSV plugin: The plugin was fixed to work properly with multiple
"Collect" options and a bug got fixed when no "TimeFrom" is specified.
Thanks to Manuel Luis Sanmartín Rozada and Florian Forster. #1032
* TCPConns plugin: A memory leak was fixed. Thanks to Florian Forster.
#1074
* TCPConns plugin: An bug causing collectd to enter an inifinite loop on
OpenBSD was fixed. Thanks to Landry Breuil. #1094
* Threshold plugin: Threshold configuration blocks can now be defined in
different files. Thanks to Michael Salmon. #551
* vmem plugin: Support for pgsteal in recent Linux kernels has been
added. Thanks to Jakub Jankowski. #1307
* vmem plugin: The DSType for nr_dirtied and nr_written was corrected to
report a derive. Thanks to Marek Becka. #1072
* Write Graphite plugin: Error handling when submitting metrics to the
server is now more robust. Thanks to Sam Pointer. #1364
* Write HTTP plugin: Freeing of memory holding HTTP headers during
shutdown has been fixed. Thanks to Tolga Ceylan.
* Write Redis plugin: Multi-Valued key was made easier to parse by
adding a "|" character as a delimiter. Thanks to brianpkelly and
Florian Forster. #1070
* Write Redis plugin: The timestamp format was corrected. Thanks to
Florian Forster.
* ZFS ARC plugin: The plugin was will not emit warning about missing
"l2_size" stats anymore. Thanks to Jan Andres. #919
* 152 patches have been applied to numerous plugins and core components,
fixing various programming errors which were reported by scan-build,
libasan, FBInfer, coverity-scan, clang and gcc-6: Thanks to Ruben
Kerkhof, Florian Forster, Marc Fournier, Corey Kosak, Laurent,
Claudius Zingerli and Fabien Wernli.
Best regards,
—octo
--
collectd – The system statistics collection daemon
Website: http://collectd.org
Google+: http://collectd.org/+
GitHub: https://github.com/collectd
Twitter: http://twitter.com/collectd
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mailman.verplant.org/pipermail/collectd/attachments/20160726/bbe7b5b3/attachment.sig>
More information about the collectd
mailing list