[Spread-users] Spread release 3.15.1

Jonathan Stanton jonathan at cs.jhu.edu
Fri Mar 2 13:56:57 EST 2001

A new version of the Spread Wide-Area Group Communication toolkit was 
released today. 

Two major changes are involved in this release. First we have moved to a 
three numeral version number system with Major, Minor, and Patch. This
has two consequences for backwards compatibility:

1) The new spread daemon will work with both old and new client libraries, but
   clients compiled against the new libraries (3.15.1) will NOT work with 
   old daemons.
2) The SP_version function has had it's interface changed. This breaks source
   compatibility, but it is a non-essential function and we had to change it 
   sometime. The fix is very simple.

The second major change is that the copyright of the Spread code developed
by the original developers has officially been changed from the individual
authors to Spread Concepts LLC. Spread Concepts is a company formed by the
principle authors of Spread to promote the development and use of
technologies for reliabile distributed systems. The company provides
commercial licensing and support for Spread as well as working with other
organizations to help them solve problems by using distributed systems.

The change in copyright ownership does not change any of the licenses
available for Spread which are still the same. This change mainly provides
increased legal protection to the developers and gives us more tools with
which to promote Spread and related systems to a wider audience.

Also, the following bugs and issues were resolved:
1) Make sess_read() non-blocking so slow clients sending messages don't slow
   or block daemon.
2) Implement input validation on all messages received from clients. This
   is to address the possibility of clients overflowing the servers buffers.
   These problems were uncovered in a security audit by Olaf Kirch of Caldera.
3) Use chroot to isolate spread and drop priveledges if spread is run by root.
   If it is run as a normal user, then no chroot is done and it runs just as 
   before. The user to run as and the location of the chroot jail can be 
   configured in the spread_params.h file at compile time.
4) Fix a bug that causes a significant memory leak when retransmissions are 
   required. This memory leak exists in versions 3.13, 3.14 and 3.15.0.

Version 3.15.0 was only an internal release. It included the following

1) New version scheme. We now have three parts to identify the version.
2) A bugfix to prevent users from sending a message to too many groups
   at once.

Currently two freely-available commercial use licenses are available for 
Spread. One allows the use of Spread for distributed logging of Apache web 
server logs, and the other allows the use of Spread for distributed SSL 
session caching with Apache-SSL. For more details please see 

Other commercial licenses or other licensing arrangements are available. 
Please contact yairamir at spreadconcepts.com. We are looking for partners 
interested in using group communications and/or replication to solve 
demanding, real-world problems.

Jonathan R. Stanton         jonathan at cs.jhu.edu
Dept. of Computer Science   
Johns Hopkins University    

More information about the Spread-users mailing list