THIS IS AN OVERVIEW OVER THE MORE SEVERE BUGS THAT ANNOY LEAFNODE USERS

This document is by no means complete. Check NEWS and ChangeLog for the
full round-up on bugs fixed in leafnode - particularly, not all security
bugs are listed here!

Legend:
TRIGG:	means trigger
NEW IN:	describes the version when the bug was introduced. "Old" means
	before 1.9.20.
RATE:	estimates how severe the bug is.
------------------------------------------------------------------------
BUG:	- connection hang while fetching header
CVE:	2005-1911
RATE:	MODERATE
FIXED:	1.11.3
CREDIT:	Adam Funk

BUG:	- connection abort while article is read causes fetchnews crash
CVE:	2005-1453
RATE:	MODERATE
NEW IN:	1.9.52
FIXED:	1.11.2

BUG:	- connection abort while header is read causes fetchnews crash
CVE:	2005-1453
RATE:	MODERATE
NEW IN:	1.9.48
FIXED:	1.11.2

BUG:	- fetchnews does not support IPv6
RATE:	MINOR
FIXED:	1.11.0

BUG:	- cannot use # in passwords
RATE:	MINOR
FIXED:	1.11.0

BUG:	- empty groups expire prematurely
RATE:	MODERATE
FIXED:	1.10.8
CREDIT:	Brian Sammon

BUG:	- runtime failure on old systems with broken snprintf
RATE:	CRITICAL
FIXED:	1.10.7
CREDIT:	Michael Buerle

BUG:	- failing server with noactive still requests active update
RATE:	MODERATE
FIXED:	1.10.6
CREDIT:	Brian Sammon (analysis and patch)

BUG:	- duplicates in delaybody mode
RATE:	MINOR
TRIGG:	classic delaybody mode (delaybody_in_situ is unset)
NEW IN:	1.9.50
FIXED:	1.10.5
CREDIT:	Til Schubbe

BUG:	- lots of relinks, texpire expires too many articles
RATE:	CRITICAL
TRIGG:	running another leafnode program (except leafnode itself)
	while texpire is running
NEW IN:	1.9.54
FIXED:	1.10.4
CREDIT:	Rein Klazes

BUG:	- .overview.XXXXXX files prevent removal of empty group
	  directories
RATE:	MINOR
FIXED:	1.10.2
CREDIT:	Johannes Berg

BUG:	- Xref information missing from overview
RATE:	MINOR
FIXED:	1.10.1
NEW IN:	1.9.50
CREDIT:	"SINNER" (news.software.readers), Jrg Lders

BUG:	- texpire segfaults
RATE:	MODERATE
TRIGG:	expiring a group that has been deleted from the groupinfo but is
	present on disk
	premature abort with mids files left in the spool that texpire
	has written
FIXED:	1.10.0
NEW IN:	1.9.52
CREDIT:	Johannes Berg

BUG:	- fetchnews keeps fetching the full newsgroups list
RATE:	MODERATE
TRIGG:	upstream server on a non-standard port
FIXED:	1.9.52
CREDIT:	Cory C. Albrecht, Joshua Crawford

BUG:	- archived groups show errors in access
RATE:	MODERATE
FIXED:	1.9.53

BUG:	- stale .overview and groupinfo files
RATE:	MODERATE
TRIGG:	stdout disconnected prematurely, or groupexpire -1
FIXED:	1.9.43
CREDIT:	Sytse van Slooten

BUG:	- fetchnews XOVER handling (after disconnect) is extremely slow
RATE:	MINOR
NEW IN:	1.9.33
FIXED:	1.9.43
CREDIT:	Rein Klazes (for debugging)

BUG:	- fetchnews hangs
RATE:	CRITICAL, SECURITY (remote denial of service)
TRIGG:	missing mandatory header
NEW IN:	old
FIXED:	1.9.42
CREDIT:	Joshua Crawford (for the first bug report to point to the bug)

BUG:	- fetchnews does not stop fetching a group I unsubscribed from
RATE:	MODERATE
TRIGG:	delaybody=1 before 1.9.32, unconditional since 1.9.33
NEW IN:	old
FIXED:	1.9.41
CREDIT:	Andreas Muck, Gerry Doris

BUG:	- cascaded leafnode installations lose own posts to pseudogroups
RATE:	CRITICAL
NEW IN:	old
FIXED:	1.9.39
CREDIT:	Kyler Laird

BUG:	- incomplete active file
RATE:	SEVERE
NEW IN:	old
FIXED:	1.9.37

BUG:	- fetchnews misses lots of articles
	- lots of "cannot parse server reply" in the logs, with lines from
	  article text
RATE:	SEVERE
TRIGG:	filtered articles
NEW IN:	1.9.33
FIXED:	1.9.36
BUGFIX:	update to >=1.9.36, then run fetchnews with -x option to fetch the
	missed articles, example: fetchnews -nx 1000

BUG:	- newsreader hangs when accessing an article without Message-ID
RATE:	MODERATE
TRIGG:	news spool corruption
FIXED:	1.9.33

BUG:	- fetchnews doesn't post articles (incompatibility)
RATE:	IRRELEVANT
TRIGG:	user hasn't read UPDATING instructions properly
NEW IN:	1.9.23
FIXED:	1.9.33

BUG:	- fetchnews cannot access articles after switching delaybody to 0
RATE:	MODERATE
FIXED:	1.9.33

BUG:	- not getting pseudo article when "reviving" an uninteresting group
RATE:	MODERATE
FIXED:	1.9.33

BUG:	- pressing Ctrl-C more than once confuses leafnode
RATE:	MODERATE
FIXED:	1.9.33
CREDIT:	Ralf Wildenhues (sent bugfix)

BUG:	- timeout not detected on non-BSD, non-Linux systems
RATE:	MODERATE
FIXED:	1.9.31
CREDIT:	Richard van der Hoff (sent bugfix)

BUG:	- leafnode goes 100% CPU when requesting article by message-ID
RATE:	CRITICAL, SECURITY (trusted host denial of service)
FIXED:	1.9.33 for good, first attempt in 1.9.30
CREDIT:	Jan Knutar (report)

BUG:	- fetchnews segfaults when new groups are on server
RATE:	CRITICAL
FIXED:	1.9.29
CREDIT:	Ken Shan

BUG:	- leafnode goes 100% CPU on machines with lots of network interfaces
RATE:	CRITICAL
NEW IN:	1.9.23
FIXED:	1.9.27

BUG:	- texpire chokes if /var/spool/news/lost+found exists
RATE:	MODERATE
FIXED:	1.9.26
CREDIT:	William Grinolds

BUG:	- leafnode: NNTP command LIST ACTIVE.TIME returns bogus data
RATE:	MINOR
FIXED:	1.9.25

BUG:	- crashes when XOVER is sent before GROUP
	- ARTICLE/STAT/HEAD/BODY to current article pointer fails
RATE:	MODERATE
FIXED:	1.9.24

BUG:	- incomplete article posted by fetchnews
RATE:	CRITICAL (data loss)
TRIGG:	fetchnews runs at the same time as a client posts the article
FIXED:	1.9.23

BUG:	- Bogus Message-ID generated for posted articles
RATE:	MINOR
FIXED:	1.9.23
CREDIT:	Andreas Muck

BUG:	- locking does not work at all
RATE:	CRITICAL (data loss)
FIXED:	1.9.20
TRIGG:	multiple fetchnews/texpire run at the same time