Fixes the following security issue:
- CVE-2017-7401: Incorrect interaction of the parse_packet() and
parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and
earlier allows remote attackers to cause a denial of service (infinite
loop) of a collectd instance (configured with "SecurityLevel None" and
with empty "AuthFile" options) via a crafted UDP packet
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Since version 5.5, daemon is licensed under MIT:
889e5e6bd5
- Plugins are licensed under MIT, GPL-2.0 or LGPL-2.1
- Add libltdl/COPYING.LIB to license files to have a copy of LGPL-2.1 as
it is not in COPYING
- Add hash for both license files
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes a heap overflow in the network plugin.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
