I am pleased to announce the latest Y stream release of Corosync 2 (2.3.0) available immediately from our website at http://www.corosync.org/download. This releases fixes possible Dos (Denial of service) vulnerability of corosync 2.0.z, 2.1.z and 2.2.z when using encryption. Change makes Corosync wire incompatible with previous 2.Y releases, so please make sure to update ALL cluster nodes. Because it's impossible to fix vulnerability in wire compatible way, 2.0.z, 2.1.z and 2.2.z are now officially unsupported. Please consider update. Short changelog for 2.3.0: Fabio M. Di Nitto (4): totemcrypto: fix hmac key initialization crypto: drop < 2.3 protocols and onwire compat totemconfig: enforce hmac config when crypto is enabled crypto config: update man pages and examples Kazunori INOUE (1): log: move Corosync started log messages Thanks/congratulations to all people that contributed to achieve this great milestone. _______________________________________________ discuss mailing list discuss@xxxxxxxxxxxx http://lists.corosync.org/mailman/listinfo/discuss
