From rra at isc.org  Fri Jan 29 06:21:51 2021
From: rra at isc.org (Russ Allbery)
Date: Thu, 28 Jan 2021 22:21:51 -0800
Subject: [ANNOUNCE] INN 2.6.4 available
Message-ID: <87tur0l0u8.fsf@hope.eyrie.org>


Internet Systems Consortium is pleased to announce that a new bug-fix
release of INN is available at:

   ftp://ftp.isc.org/isc/inn/inn-2.6.4.tar.gz

The MD5 checksum of this release is:

   720aafc4c1b6c22f37356685d7e4747c

A PGP signature, signatures of SHA-1, SHA-256, and SHA-512 checksums, and
a patch from 2.6.3 to 2.6.4 are available in the same directory.

This is a bug-fix and minor feature release over 2.6.3.  Upgrading an
existing INN 2.6.3 installation is as simple as building INN 2.6.4,
running make update, and restarting innd and related programs.

Many thanks to Julien ?LIE for preparing this release.

Changes in 2.6.4

  * Added support for systemd notifications and socket activation. Use of
    more features provided by systemd, including more notifications, will
    come in future releases. Thanks to Marco d'Itri for this first systemd
    integration into INN.

  * nnrpd now adapts the length of the DH parameter used during a DHE key
    exchange so as to comply with the security level OpenSSL 1.1.0 or
    later expects. Thanks to Michael Baeuerle for the bug report.

  * cnfsstat now also returns information about retired CNFS buffers:
    buffers mentioned in cycbuff.conf as a cycbuff but not declared in a
    metacycbuff.

  * Switch default innreport behaviour to the common practice of
    externalizing CSS into a separate file. Its name can be configured
    with the html_css_url parameter in innreport.conf. If this parameter
    is unset, the default innreport.css file name will be used and
    innreport will generate this CSS file for you. Previously generated
    reports are kept untouched, though, and will still contain inline CSS
    if you had not already set the html_css_url parameter in previous INN
    versions.  Thanks to Richard Kettlewell for the patch.

  * sm can now read and store any number of articles given in wire format
    on its standard input when both -s and -R are used. Only native format
    was previously possible. Thanks to Bo Lindbergh for the patch.

  * Added new -a flag to rnews to disallow, if needed, the use of
    additional unpackers from the rnews.libexec sub-directory of pathbin
    (as set in inn.conf); only "rnews" and "cunbatch" will then be
    recognized as valid batch commands.

  * Added new -b flag to rnews to save rejected articles in the bad
    subdirectory of pathincoming (as set in inn.conf). Otherwise, rnews
    just logs and discards any articles that are rejected or cannot be
    parsed for some reason.

  * Added new -d flag to rnews to log via syslog the message-ID and the
    Path header value of each article rejected as a duplicate.

  * Added new --enable-hardening-flags configure-time option, enabled by
    default, to use hardening build flags like "-fPIE" and
    "-fstack-protector-strong". This option can easily be disabled if the
    compiler or the platform does not support them well. More hardening
    build flags will eventually be added in future releases.

INN is discussed on <inn-workers at lists.isc.org>.  Please send any bug
reports or patches to that list.