Version 1.6.1 of Mandos is released

Teddy Hogeborn teddy at recompile.se
Sun Oct 13 20:50:17 CEST 2013 

Version 1.6.1 of Mandos is released.  This is mostly an interim release
as we wanted to provide you with many minor fixes without further delay.

IMPORTANT NOTE: The Mandos Maintainer key (E2653B0666CD1C47) expires
three days from now.  It has been superseded by a new key:

pub   4096R/CA34C2C4 2013-10-05 Mandos Maintainer Team <mandos at recompile.se>
 Primary key fingerprint: 153A 37F1 0BBA 0435 987F  2C4A 7223 2973 CA34 C2C4

It has been uploaded to all the usual key servers, signed by my personal
key and by the old Mandos Maintainer key.

NEWS file excerpt:

Version 1.6.1 (2013-10-13)
* Server
** All client options for time intervals now also take an RFC 3339
   duration.  The same for all options to mandos-ctl.
** Bug fix: Handle fast checkers (like ":") correctly.
** Bug fix: Don't print output from checkers when running in
   foreground.
** Bug fix: Do not fail when client is removed from clients.conf but
   saved settings remain.
** Bug fix: mandos-monitor now displays standout (reverse video) again
   using new version of Urwid.
** Bug fix: Make boolean options work from the config file again.
** Bug fix: Make --no-ipv6 work again.
** New default priority string to be slightly more compatible with
   older versions of GnuTLS.
* Client
** Bug fix: Fix bashism in mandos-keygen.
** Default key and subkey types are now RSA and RSA, respectively.
   Also, new default key size is 4096 bits.

Note: even though the only documented format for time intervals is RFC
3339 duration format, the old format continues to work (for now).  This
is, however, *deprecated*, and will probably be removed in the next
major release.

The change to RSA key and subkey type should also hopefully ameliorate
connection problems with GnuTLS.  If you're having trouble and can't
upgrade GnuTLS on both server and client, try generating new keys.

Debian package changes:

* debian/control (mandos/Depends): No longer depends on
                                   python-gnupginterface, but does
                                   depend on gnupg (<< 2).
  (Build-Depends): Depend on debhelper 8.9.7 for using "override-*-arch"
                   and "override-*-indep" targets in debian/rules.
* debian/mandos-client.README: Update Linux documentation link.
* debian/rules: Completely rewritten to use debhelper v7.
* initramfs-tools-hook: Bug fix: Make sure the right version of GnuPG is
  copied into the initramfs image.  Always assume that GPGME is used to
  avoid searching for it since the path might not be /usr/lib.  Thanks
  to Félix Sipma <felix+debian at gueux.org> for the initial bug report,
  and also thanks to Dick Middleton <dick at lingbrae.com> for some more
  debugging. (Closes:  #721903)
* Fix "bashism in /bin/sh script" fixed by upstream. (Closes: #690639)

The Debian package for unstable can be found on mentors.debian.net:
- dget http://mentors.debian.net/debian/pool/main/m/mandos/mandos_1.6.1-1.dsc

Also note that our Debian repository is now updated with packages for
wheezy-backports:

# Mandos - <http://www.recompile.se/mandos>
deb http://ftp.recompile.se/pub/mandos/debian wheezy-backports main
deb-src http://ftp.recompile.se/pub/mandos/debian wheezy-backports main

/Teddy Hogeborn & Björn Påhlsson

-- 
The Mandos Project
http://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20131013/280a3825/attachment.sig>

More information about the Mandos-Dev mailing list