[ubuntu/trusty-proposed] pollen 3.6-0ubuntu1 (Accepted)

Dustin Kirkland kirkland at ubuntu.com
Fri Nov 8 16:03:15 UTC 2013 

pollen (3.6-0ubuntu1) trusty; urgency=low

  * pollinate:
    - remove sourcing of an rc config file from $HOME, per security
      review from Seth Arnold
  * pollinate.1:
    - update documentation to note that multiple servers can be specified
      on the command line
  * debian/pollinate.default:
    - use the entropy.ubuntu.com beta site for testing
    - note that we're specifying the --insecure option here, as this is
      very much a work in progress
  * debian/pollinate.upstart:
    - start pollinate when we have networking up and running, or
      when we start ssh
  * pollen.go:
    - drop the nanosecond timestamp collection on the server
    - a good server should have real entropy hardware, and a busy server
      will have network traffic entropy already captured by the kernel
    - Suggestion by Seth Arnold in a security review
  * debian/pollen.default, pollinate:
    - drop timestamp based salting, not terribly valuable
    - per security review by Seth Arnold
  * pollinate:
    - drop unused $bin variable

Date: Tue, 29 Oct 2013 16:55:31 -0500
Changed-By: Dustin Kirkland <kirkland at ubuntu.com>
https://launchpad.net/ubuntu/trusty/+source/pollen/3.6-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 29 Oct 2013 16:55:31 -0500
Source: pollen
Binary: pollen pollinate
Architecture: source
Version: 3.6-0ubuntu1
Distribution: trusty
Urgency: low
Maintainer: Dustin Kirkland <kirkland at ubuntu.com>
Changed-By: Dustin Kirkland <kirkland at ubuntu.com>
Description: 
 pollen     - Entropy-as-a-Service web server
 pollinate  - Entropy-as-a-Service client
Changes: 
 pollen (3.6-0ubuntu1) trusty; urgency=low
 .
   * pollinate:
     - remove sourcing of an rc config file from $HOME, per security
       review from Seth Arnold
   * pollinate.1:
     - update documentation to note that multiple servers can be specified
       on the command line
   * debian/pollinate.default:
     - use the entropy.ubuntu.com beta site for testing
     - note that we're specifying the --insecure option here, as this is
       very much a work in progress
   * debian/pollinate.upstart:
     - start pollinate when we have networking up and running, or
       when we start ssh
   * pollen.go:
     - drop the nanosecond timestamp collection on the server
     - a good server should have real entropy hardware, and a busy server
       will have network traffic entropy already captured by the kernel
     - Suggestion by Seth Arnold in a security review
   * debian/pollen.default, pollinate:
     - drop timestamp based salting, not terribly valuable
     - per security review by Seth Arnold
   * pollinate:
     - drop unused $bin variable
Checksums-Sha1: 
 14abd4c1eb263b2c2961dcb9445605f5b32ac119 1807 pollen_3.6-0ubuntu1.dsc
 715a49ee1472fa5b4cb79c0f823ad55f7eeb2064 119372 pollen_3.6.orig.tar.gz
 7a02781e5389b7af53616fe248530fbd4492900d 8853 pollen_3.6-0ubuntu1.debian.tar.gz
Checksums-Sha256: 
 59c441e719eaec518a21f11a22d832d9e020c9c6aacb2268d1478da76d52526a 1807 pollen_3.6-0ubuntu1.dsc
 fbc54c326fd3e7cf5dc5eeb135fdc9b4f493df3babcc2864b043b1f011424409 119372 pollen_3.6.orig.tar.gz
 abcd448329916d00d2fcffab5dc62526a06fcf5776c825215dbd080b6b033e41 8853 pollen_3.6-0ubuntu1.debian.tar.gz
Files: 
 e047c7aa8cabc1ca685143a2b83f68a6 1807 admin optional pollen_3.6-0ubuntu1.dsc
 8447a992283fdce7a61f995d7a5ffcac 119372 admin optional pollen_3.6.orig.tar.gz
 38c920aa24f2de6780c582ab91df54da 8853 admin optional pollen_3.6-0ubuntu1.debian.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIcBAEBCgAGBQJSfQpZAAoJEJXmQ3PxUpRp79UP/1RrZIMc3Qt4adTYQowWoeOC
9JrjoFOBYs1LRWRMmFjHKCE3Z6basvN6Eemyc4BEQil3JyDSYnepH0UMRdO+tmq4
KE4iPujSrIspucvdMRiEjZ3/kya9s2hQPrQXopiRRmiaoS6ddYDehLMmoG4Kyn+6
BnEToiYV2RsGwpZOZbZuTeD/k+q4fSFs1DPlqWxoyDtdXZ5O7VuewD7XxJAWbeIt
AQMMYWT7Qm9L77u8XVx4UVziwV/Z/naDbph5amtjtxTGzgt4BQ+Xq2TBcQWTM5xW
Khx8ZkDJtT9nbiLASvE56CtVg9j6l3n/hYyUMkRPSv1AJZAop187XBlUWwnV7Flv
6/DA5deMUKsRy78VYUqRLxCN6EERG6MqZXFC3lMOxjrTATfCSDwP1JlbdI2mmCzX
TMbrvdBTS6G7nbpkltaTkHaja+T9fbAolUMZKy0KLrU+PBgGdbM/BXINUzI0khoS
aKX8rn6s9MTkCgF8Fum8vtl8GQoW1TGhsbGzOB7fGprBdRYL6x5OXXdTud6m/jRs
fRCbohRBcOv5CBw2HBJISCrLt7WDbUnAvoCztE2uAQyLDKPNh273Sk2QASuDt5PY
U3MRSVTscA2A/xRz7aI520k0UfF967rgFh5po3vE2FhC3a15Cz2+TJqbqqIsBxlE
a8L+ZEBd2Fqu5mXjRGxx
=Ukdo
-----END PGP SIGNATURE-----

More information about the Trusty-changes mailing list