Fedora 21 Update: bip-0.8.9-6.fc21

Thu Feb 26 05:56:06 UTC 2015

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-1020
2015-01-21 22:09:23
--------------------------------------------------------------------------------

Name        : bip
Product     : Fedora 21
Version     : 0.8.9
Release     : 6.fc21
URL         : http://bip.t1r.net
Summary     : IRC Bouncer
Description :
Bip is an IRC proxy, which means it keeps connected to your preferred IRC
servers, can store the logs for you, and even send them back to your IRC
client(s) upon connection.
You may want to use bip to keep your logfiles (in a unique format and on a
unique computer) whatever your client is, when you connect from multiple
workstations, or when you simply want to have a playback of what was said
while you were away.

--------------------------------------------------------------------------------
Update Information:

This update makes it easier to use TLS/SSL connections to IRC networks with Bip.

Just like any other TLS/SSL-capable client, in order to use its 'ca' mode of TLS/SSL server certificate validation where certificates are validated to ensure they are issued by a CA 'trusted' by the system, a set of trusted CA certificates must be available to Bip.

Fedora / EL provide a system store of trusted certificates for applications to use, but prior to this update, Bip did not know where to find it, and was not capable of using the store in the form we provide (a bundle file, as opposed to a directory containing individual certificate files). This update both makes Bip capable of using a trust store in the form of a bundle file, and allows it to find the system trust store with no special configuration required.

The result is that you can enable the 'ca' validation mode (with the 'ssl_check_mode = "ca";' configuration file directive) and enable SSL/TLS for networks which support connections and use certificates issued by recognized public CAs (or any other CA you add to the system trust store with the 'update-ca-trust' system; see 'man update-ca-trust' for more details on this). Not all networks support SSL/TLS connections, or use certificates signed by recognized public CAs if they do; check with each individual network for details on their configuration. As an example, SSL/TLS connection to the Freenode network is possible with the server address 'chat.freenode.net' on port 7000 (this will always direct you to an SSL/TLS-capable server using an appropriate certificate).

This affects only communication between Bip and the remote IRC networks. Use of SSL/TLS between your clients and your Bip server is not changed by this update.

The changes in this update are backports from upstream Bip.
Use network-online.target (#862610)
First build of bip for epel7
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 10 2014 Adam Williamson <awilliam at redhat.com> - 0.8.9-6
- backport a couple of patches that make CA mode TLS validation work OOTB
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #862610 - Bip systemd should require iptables start first
        https://bugzilla.redhat.com/show_bug.cgi?id=862610
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update bip' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------