mirror of
https://github.com/zeek/zeek.git
synced 2025-10-07 09:08:20 +00:00
Updating CHANGES and VERSION.
This commit is contained in:
Tim Wojtulewicz
parent
c82b42c8dd
commit
17a7cfe005
2 changed files with 42 additions and 1 deletions
41
CHANGES
41
CHANGES
|
|
@ -1,3 +1,44 @@
|
||||||
|
6.0.0-rc2 | 2023-06-12 15:45:49 -0700
|
||||||
|
|
||||||
|
* test-all-policy: Do not load nodes-experimental/manager.zeek (Arne Welzel, Corelight)
|
||||||
|
|
||||||
|
Turns out loading this script in non-cluster mode uses Cluster::log()
|
||||||
|
and creates cluster.log in the external baselines saying "cluster
|
||||||
|
started". Do not load it into test-all-policy.zeek and instead rely
|
||||||
|
on the new test-all-policy-cluster.test to load it transitively
|
||||||
|
when running as manager for basic checking.
|
||||||
|
|
||||||
|
* cluster/main: Remove extra @if ( Cluster::is_enabled() ) (Arne Welzel, Corelight)
|
||||||
|
|
||||||
|
These have been discussed in the context of "@if &analyze" [1] and
|
||||||
|
am much in favor for not disabling/removing ~100 lines (more than
|
||||||
|
fits on a single terminal) out from the middle of a file. There's no
|
||||||
|
performance impact for having these handlers enabled unconditionally.
|
||||||
|
Also, any future work on "@if &analyze" will look at them again which
|
||||||
|
we could also skip.
|
||||||
|
|
||||||
|
This also reverts back to the behavior where the Cluster::LOG stream
|
||||||
|
is created even in non cluster setups like in previous Zeek versions.
|
||||||
|
As long as no one writes to it there's essentially no difference. If
|
||||||
|
someone does write to Cluster::LOG, I'd argue not black holing these
|
||||||
|
messages is better. Schema generators using Log::active_streams will
|
||||||
|
continue to discover Cluster::LOG even if they run in non-cluster
|
||||||
|
mode.
|
||||||
|
|
||||||
|
https://github.com/zeek/zeek/pull/3062#discussion_r1200498905
|
||||||
|
|
||||||
|
* socks/dpd: Add newer auth methods (Arne Welzel, Corelight)
|
||||||
|
|
||||||
|
The IANA has allocated a few more authentication methods, minimally
|
||||||
|
extend the signature to catch those.
|
||||||
|
|
||||||
|
* socks/dpd: Fix socks5_server side signature (Arne Welzel, Corelight)
|
||||||
|
|
||||||
|
The server replies with \x05 and identifier for the chosen method.
|
||||||
|
Not quite sure what the previous signature meant capture.
|
||||||
|
|
||||||
|
See also: https://datatracker.ietf.org/doc/html/rfc1928#section-3
|
||||||
|
|
||||||
6.0.0-rc1.3 | 2023-06-12 11:00:53 -0700
|
6.0.0-rc1.3 | 2023-06-12 11:00:53 -0700
|
||||||
|
|
||||||
* socks/dpd: Add newer auth methods (Arne Welzel, Corelight)
|
* socks/dpd: Add newer auth methods (Arne Welzel, Corelight)
|
||||||
|
|
|
||||||
2
VERSION
2
VERSION
|
|
@ -1 +1 @@
|
||||||
6.0.0-rc1.3
|
6.0.0-rc2
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue