Overview
Request 1174204 accepted
- update to 3.17.1 (bsc#1224262, CVE-2024-26306):
* BREAKING CHANGE: iperf3's authentication features, when used
with OpenSSL prior to 3.2.0, contain a vulnerability to a
side-channel timing attack. To address this flaw, a change
has been made to the padding applied to encrypted strings.
This change is not backwards compatible with older versions of
iperf3 (before 3.17). To restore
the older (vulnerable) behavior, and hence
backwards-compatibility, use the --use-pkcs1-padding flag. The
iperf3 team thanks Hubert Kario from RedHat for reporting this
issue and providing feedback on the fix. (CVE-2024-26306)(PR#1695)
* iperf3 no longer changes its current working directory in --daemon
mode. This results in more predictable behavior with relative
paths, in particular finding key and credential files for
authentication. (PR#1672)
* A new --json-stream option has been added to enable a streaming
output format, consisting of a series of JSON objects (for the
start of the test, each measurement interval, and the end of the
test) separated by newlines (#444, #923, #1098).
* UDP tests now work correctly between different endian hosts
* The --fq-rate parameter now works for --reverse tests
* The statistics reporting interval is now available in the --json
start test object (#1663).
* A negative time test duration is now properly flagged as an error
(IS#1662 / PR#1666).
- Created by dirkmueller
- In state accepted
Request History
dirkmueller created request
- update to 3.17.1 (bsc#1224262, CVE-2024-26306):
* BREAKING CHANGE: iperf3's authentication features, when used
with OpenSSL prior to 3.2.0, contain a vulnerability to a
side-channel timing attack. To address this flaw, a change
has been made to the padding applied to encrypted strings.
This change is not backwards compatible with older versions of
iperf3 (before 3.17). To restore
the older (vulnerable) behavior, and hence
backwards-compatibility, use the --use-pkcs1-padding flag. The
iperf3 team thanks Hubert Kario from RedHat for reporting this
issue and providing feedback on the fix. (CVE-2024-26306)(PR#1695)
* iperf3 no longer changes its current working directory in --daemon
mode. This results in more predictable behavior with relative
paths, in particular finding key and credential files for
authentication. (PR#1672)
* A new --json-stream option has been added to enable a streaming
output format, consisting of a series of JSON objects (for the
start of the test, each measurement interval, and the end of the
test) separated by newlines (#444, #923, #1098).
* UDP tests now work correctly between different endian hosts
* The --fq-rate parameter now works for --reverse tests
* The statistics reporting interval is now available in the --json
start test object (#1663).
* A negative time test duration is now properly flagged as an error
(IS#1662 / PR#1666).
anag+factory added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:67"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:adi:67"
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar accepted review
anag+factory accepted review
Staging Project openSUSE:Factory:Staging:adi:67 got accepted.
anag+factory approved review
Staging Project openSUSE:Factory:Staging:adi:67 got accepted.
anag+factory accepted request
Staging Project openSUSE:Factory:Staging:adi:67 got accepted.