Pcp

- Fixes for security advisory CVE-2012-3418
o Add field validation to PCP instance PDU (Red Hat 841240)
o Fix __pmDecodeInstanceReq heap buffer overflow (Red Hat 841284)
o Fix __pmDecodeText heap overflow (Red Hat 841249)
o Multiple issues in result PDU decoding (Red Hat 841159)
o Fix __pmDecodeNameReq buffer overflow (Red Hat 841180)
o Add length checks to __pmDecodeLogControl (Red Hat 841290)
o Add size check to __pmDecodeIDList (Red Hat 841112)
o Fix __pmDecodeNameList buffer overflow (Red Hat 840920)
o Add missing __pmDecodeFetch namelen checks (Red Hat 841183)
o Add length checks to __pmDecodeProfile (Red Hat 841126)
o Add length checks to __pmDecodeCreds (Red Hat 840822)
- Workaround for security advisory CVE-2012-3419
o Split the Linux kernel and proc PMDAs to prevent information
leakage in default installs - esp. /proc/pid/maps exposure,
but other proc metrics as well - and no longer export process
metrics by default (Red Hat 841702)
- Fixes for security advisory CVE-2012-3420
o Memory leak in pmcd DoFetch error path (Red Hat 841298)
o Memory leak in __pmGetPDU in-band signalling (Red Hat 841319)
- Fixes for security advisory CVE-2012-3421
o Resolve event-driven programming flaw in pmcd (Red Hat 841706)
- Correct buffer unpinning logic in a PMNS traversal error path
o Red Hat bugzilla bug 847314.
- All of the above issues were identified by Florian Weimer of the
Red Hat Security Team, who also assisted extensively in fixing
and testing; a huge thank you to Florian from all PCP developers
and users!
- Add modern gcc/glibc security protection mechanisms where
available. Thanks to the Frank Eigler.
- Harden all boundary checking in the remaining PDU decoders.
- Resolve an issue with configure script checking for the init(1)
process on Fedora 17 (and other systems using systemd). Thanks
to Lukas Berk.
- pmdaelasticsearch only reports on nodes in the cluster now,
and not other client nodes. Thanks to Nigel Donaldson.
- Added interfaces to PCP::PMDA Perl module to allow PMDAs to
use a hash instance domain (instead of int/string array).
These make use of the pmdaCacheOp(3) interfaces - the hash
keys are the (external) PCP instance names, and the value
associated with each key is an opaque reference.
- Added an interface to allow PMDAs to register event queues
with existing clients (pmdaEventNewActiveQueue).
- Initial version of the (experimental) bash tracing PMDA.

- Fix build on s390x platform (thanks to Dan Horak)
- Rethink order of PATH setting for pcp start scripts, to ensure
binaries from other packages with names that conflict with pcp
binaries are not found ahead of the same-named pcp binary.

- Revert initial attempt at getting configure --prefix option to
make sense for local developer PCP installations
- Fix RPM changelog typo in in-tree spec file
- Further work on Debian/kFreeBSD port (thanks to Robert Millan)

- Fix Debian builds on FreeBSD (missing header files)
- Resolve Debian startup script (compat) lintian issue
- Resolve FreeBSD kernel PMDA build issue with PCP not installed
in the build root already.

- Resolve final Mac OS X pthreads build issues
- Debian packaging improvements for split pmlogger/pmcd scripts,
perl module pieces, and other lintian reported issues
- Update the startup script dependencies for /var use
- Support --prefix=... and --exec-prefix=... configure options
- Relaxed the "are you running as root?" test in startup scripts
- Win32 build updates and improvements
- Cache /proc/stat file handle in Linux kernel agent to reduce
syscalls on the most commonly fetched metric subtree

- Thread-safe libpcp, including additional re-entrant and thread-safe
variants for some routines
- Retire all asynchronous routines from libpcp
- Retire all V1 protocols and services (archive format, PMAPI and
PMDA_INTERFACE)
- PMNS moves to ASCII only (no binary PMNS)
- Rework "init" scripts, splitting pcp into pmcd and pmlogger
- Update elasticsearch PMDA to 0.19+, new transport and shard metrics
- Updates to PMDA new event queueing interfaces for agents wishing to
export that class of performance data.
- First round of Coverity cleanup fixes incorporated.
- Initial version of the SNMP PMDA, thanks to Hamish Coleman.
- Updates to postgres PMDA to export additional recovery metrics.