Security: Rhys Kidd identified a vulnerability in the handling of

[l2tpns.git] / Changes

diff --git a/Changes b/Changes
index 36a1d11..abe7854 100644 (file)
--- a/Changes
+++ b/Changes
@@ -1,5 +1,16 @@
-* Mon Apr 24 2006 Brendan O'Dea <bod@optus.net> 2.1.19
-- Only poll clifd if successfully bound.
+* Fri Dec 1 2006 Brendan O'Dea <bod@optus.net> 2.1.21
+- Security: Rhys Kidd identified a vulnerability in the handling of
+  heartbeat packets.  Drop oversize heartbeat packets.
+
+* Thu Aug 3 2006 Brendan O'Dea <bod@optus.net> 2.1.20
+- Fix sign problem with reporting of unknown VSAs.
+- Allow DNS servers to be specified either using the old or new
+  vendor-specific Ascend formats.
+
+* Fri Jun 23 2006 Brendan O'Dea <bod@optus.net> 2.1.19
+- Kludge around problem with Netgear DM602 authentication.
+- Use result code AVP to set Acct-Terminate-Cause is disconnect cause
+  AVP is not present.
 
 * Tue Apr 18 2006 Brendan O'Dea <bod@optus.net> 2.1.18
 - Don't shutdown on TerminateReq, wait for CDN.