aboutsummaryrefslogtreecommitdiffstats
path: root/security/base
diff options
context:
space:
mode:
Diffstat (limited to 'security/base')
-rw-r--r--security/base/Makefile4
-rw-r--r--security/base/distinfo6
-rw-r--r--security/base/files/patch-base_graph_display.php35
-rw-r--r--security/base/files/patch-base_qry_common.php16
-rw-r--r--security/base/files/patch-base_qry_sqlcalls.php14
-rw-r--r--security/base/files/patch-base_stat_ipaddr.php38
-rw-r--r--security/base/files/patch-includes__base_db.inc.php11
-rw-r--r--security/base/files/patch-includes__base_net.inc.php11
-rw-r--r--security/base/files/patch-includes__base_signature.inc.php11
-rw-r--r--security/base/files/patch-includes__base_state_citems.inc.php11
-rw-r--r--security/base/files/patch-includes__base_state_common.inc.php11
-rw-r--r--security/base/files/patch-includes__base_state_criteria.inc.php11
12 files changed, 174 insertions, 5 deletions
diff --git a/security/base/Makefile b/security/base/Makefile
index 2ec258da7ce2..2ae83077e36a 100644
--- a/security/base/Makefile
+++ b/security/base/Makefile
@@ -6,14 +6,14 @@
#
PORTNAME= base
-PORTVERSION= 1.4.4
+PORTVERSION= 1.4.5
CATEGORIES= security
MASTER_SITES= SF/secureideas/BASE/${PORTNAME}-${PORTVERSION}
MAINTAINER= miwi@FreeBSD.org
COMMENT= Basic Analysis and Security Engine - analyzing Snort alerts
-RUN_DEPENDS= ${ADODB_DIR}/adodb.inc.php:${PORTSDIR}/databases/adodb \
+RUN_DEPENDS= ${ADODB_DIR}/adodb.inc.php:${PORTSDIR}/databases/adodb5 \
${LOCALBASE}/share/pear/Image/Graph.php:${PORTSDIR}/graphics/pear-Image_Graph \
${LOCALBASE}/share/pear/Mail.php:${PORTSDIR}/mail/pear-Mail \
${LOCALBASE}/share/pear/Mail/mime.php:${PORTSDIR}/mail/pear-Mail_Mime
diff --git a/security/base/distinfo b/security/base/distinfo
index 1582209f6613..efac37e5fc2e 100644
--- a/security/base/distinfo
+++ b/security/base/distinfo
@@ -1,3 +1,3 @@
-MD5 (base-1.4.4.tar.gz) = bb8c10cf033113585155c6fa4c77c9cb
-SHA256 (base-1.4.4.tar.gz) = 5a5e5a1b2b20efca2fe7f57edfacf78a92aeea60f4f5c4f3b49af7dcdb37639d
-SIZE (base-1.4.4.tar.gz) = 966138
+MD5 (base-1.4.5.tar.gz) = 2ce7de089b7b860f8230731f94a02044
+SHA256 (base-1.4.5.tar.gz) = 23910f5277ceb43398442074e444182941bf7f6da85efd84ecdd0cf62c4b8935
+SIZE (base-1.4.5.tar.gz) = 958567
diff --git a/security/base/files/patch-base_graph_display.php b/security/base/files/patch-base_graph_display.php
new file mode 100644
index 000000000000..104a52fb7c17
--- /dev/null
+++ b/security/base/files/patch-base_graph_display.php
@@ -0,0 +1,35 @@
+--- ./base_graph_display.php.orig 2010-03-05 16:06:17.000000000 +0100
++++ ./base_graph_display.php 2010-04-11 23:52:13.000000000 +0200
+@@ -320,27 +320,27 @@
+
+ // special case '"I0" => "private network (rfc 1918)"' and
+ // '"** (private network) " => "private network (rfc 1918)"'
+- if (ereg("rfc 1918", $tmp, $substring) || (ereg("[*][*] \(private network\) ", $tmp_lower, $substring)))
++ if (preg_match("/rfc 1918/", $tmp, $substring) || (preg_match("/[*][*] \(private network\) /", $tmp_lower, $substring)))
+ {
+ $Dataset->addPoint("private network (rfc 1918)", $xdata[$i][1]);
+ }
+ // special case '?? (Not Found) ' => 'unknown'
+- elseif(ereg("[?][?][ \t]+\(Not Found\)[ \t]*", $tmp, $substring))
++ elseif(preg_match("/[?][?][ \t]+\(Not Found\)[ \t]*/", $tmp, $substring))
+ {
+ $Dataset->addPoint("unknown", $xdata[$i][1]);
+ }
+ // anything inside parentheses, following a 2-letter TLD:
+- elseif (ereg("^[-a-zA-Z0-9]{2}[ \t]\((.+)\)[ \t]*$", $tmp, $substring))
++ elseif (preg_match("/^[-a-zA-Z0-9]{2}[ \t]\((.+)\)[ \t]*$/", $tmp, $substring))
+ {
+ $Dataset->addPoint($substring[1], $xdata[$i][1]);
+ }
+ // anything after two-letter top level domain names and after one space or tab:
+- elseif (ereg("[ \t]*[-a-zA-Z0-9]{2}[ \t]([-a-zA-Z0-9]+[-a-zA-Z0-9 ]*)", $tmp, $substring))
++ elseif (preg_match("/[ \t]*[-a-zA-Z0-9]{2}[ \t]([-a-zA-Z0-9]+[-a-zA-Z0-9 ]*)/", $tmp, $substring))
+ {
+ $Dataset->addPoint($substring[1], $xdata[$i][1]);
+ }
+ // two-letter top level domain names right at the beginning:
+- elseif (ereg("[ \t]*([-a-zA-Z0-9]{2})[ \t]", $tmp_lower, $substring))
++ elseif (preg_match("/[ \t]*([-a-zA-Z0-9]{2})[ \t]/", $tmp_lower, $substring))
+ {
+ $Dataset->addPoint($substring[1], $xdata[$i][1]);
+ }
diff --git a/security/base/files/patch-base_qry_common.php b/security/base/files/patch-base_qry_common.php
new file mode 100644
index 000000000000..67197295ce57
--- /dev/null
+++ b/security/base/files/patch-base_qry_common.php
@@ -0,0 +1,16 @@
+--- ./base_qry_common.php.orig 2010-03-05 16:06:17.000000000 +0100
++++ ./base_qry_common.php 2010-04-11 23:52:13.000000000 +0200
+@@ -773,10 +773,10 @@
+ }
+ }
+ /* if have chosen the address type to be both source and destination */
+- if ( ereg("ip_both", $tmp) )
++ if ( preg_match("/ip_both/", $tmp) )
+ {
+- $tmp_src = ereg_replace("ip_both","ip_src",$tmp);
+- $tmp_dst = ereg_replace("ip_both","ip_dst",$tmp);
++ $tmp_src = preg_replace("/ip_both/","ip_src",$tmp);
++ $tmp_dst = preg_replace("/ip_both/","ip_dst",$tmp);
+
+ if ( $ip_addr[$i][2] == '=' )
+ $tmp = "(".$tmp_src.') OR ('.$tmp_dst.')';
diff --git a/security/base/files/patch-base_qry_sqlcalls.php b/security/base/files/patch-base_qry_sqlcalls.php
new file mode 100644
index 000000000000..92623d38aab7
--- /dev/null
+++ b/security/base/files/patch-base_qry_sqlcalls.php
@@ -0,0 +1,14 @@
+--- ./base_qry_sqlcalls.php.orig 2010-03-05 16:06:17.000000000 +0100
++++ ./base_qry_sqlcalls.php 2010-04-11 23:52:13.000000000 +0200
+@@ -259,9 +259,9 @@
+ $line = split (" ", $current_sig_txt);
+ foreach ($line as $ps_element)
+ {
+- if ( ereg("[0-9]*\.[0-9]*\.[0-9]*\.[0-9]", $ps_element) )
++ if ( preg_match("/[0-9]*\.[0-9]*\.[0-9]*\.[0-9]/", $ps_element) )
+ {
+- $ps_element = ereg_replace (":", "", $ps_element);
++ $ps_element = preg_replace ("/:/", "", $ps_element);
+ qroPrintEntry("<A HREF=\"base_stat_ipaddr.php?ip=".$ps_element."&amp;netmask=32\">".
+ $ps_element."</A>");
+ }
diff --git a/security/base/files/patch-base_stat_ipaddr.php b/security/base/files/patch-base_stat_ipaddr.php
new file mode 100644
index 000000000000..5ea59c016279
--- /dev/null
+++ b/security/base/files/patch-base_stat_ipaddr.php
@@ -0,0 +1,38 @@
+--- ./base_stat_ipaddr.php.orig 2010-03-05 16:06:17.000000000 +0100
++++ ./base_stat_ipaddr.php 2010-04-11 23:52:13.000000000 +0200
+@@ -135,7 +135,7 @@
+ print "</PRE><BR>\n";
+ */
+
+- if(ereg($ip, $contents)) {
++ if(preg_match("/$ip/", $contents)) {
+ $total++;
+ if( $total % 2 == 0 ) {
+ $color="DDDDDD";
+@@ -143,7 +143,7 @@
+ $color="FFFFFF";
+ }
+
+- $contents = ereg_replace(" ", " ", $contents);
++ $contents = preg_replace("/ /", " ", $contents);
+ $elements = explode(" ", $contents);
+
+ echo '<tr bgcolor="'.$color.'"><td align="center">'.
+@@ -183,7 +183,7 @@
+ print "</PRE></TD>";
+
+ /*
+- ereg("([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*):([0-9]*)",$elements[3],$store);
++ preg_match("/([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*):([0-9]*)/",$elements[3],$store);
+ $source_ip = $store[1];
+ $source_port = $store[2];
+ if (empty($source_ip))
+@@ -197,7 +197,7 @@
+ echo '<td align="center">' . $source_ip . '</td>';
+ echo '<td align="center">' . $source_port . '</td>';
+
+- ereg("([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*):([0-9]*)",$elements[5],$store);
++ preg_match("/([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*):([0-9]*)/",$elements[5],$store);
+ $destination_ip = $store[1];
+ $destination_port = $store[2];
+ if (empty($destination_ip))
diff --git a/security/base/files/patch-includes__base_db.inc.php b/security/base/files/patch-includes__base_db.inc.php
new file mode 100644
index 000000000000..895b2697b002
--- /dev/null
+++ b/security/base/files/patch-includes__base_db.inc.php
@@ -0,0 +1,11 @@
+--- ./includes/base_db.inc.php.orig 2010-03-05 16:06:18.000000000 +0100
++++ ./includes/base_db.inc.php 2010-04-11 23:52:13.000000000 +0200
+@@ -209,7 +209,7 @@
+ /* ** Begin DB specific SQL fix-up ** */
+ if ($this->DB_type == "mssql")
+ {
+- $sql = eregi_replace("''", "NULL", $sql);
++ $sql = preg_replace("/''/i", "NULL", $sql);
+ }
+
+ if ($this->DB_type == "oci8")
diff --git a/security/base/files/patch-includes__base_net.inc.php b/security/base/files/patch-includes__base_net.inc.php
new file mode 100644
index 000000000000..4f81782e4498
--- /dev/null
+++ b/security/base/files/patch-includes__base_net.inc.php
@@ -0,0 +1,11 @@
+--- ./includes/base_net.inc.php.orig 2010-03-05 16:06:18.000000000 +0100
++++ ./includes/base_net.inc.php 2010-04-11 23:52:13.000000000 +0200
+@@ -391,7 +391,7 @@
+ $line = explode(" ", $response_l[$i]);
+ for ($j=0; $j < sizeof($line); $j++ )
+ {
+- if ( eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $line[$j]) )
++ if ( preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $line[$j]) )
+ {
+ if ( $email == "" )
+ $email = $line[$j];
diff --git a/security/base/files/patch-includes__base_signature.inc.php b/security/base/files/patch-includes__base_signature.inc.php
new file mode 100644
index 000000000000..b32aa7925846
--- /dev/null
+++ b/security/base/files/patch-includes__base_signature.inc.php
@@ -0,0 +1,11 @@
+--- ./includes/base_signature.inc.php.orig 2010-03-05 16:06:18.000000000 +0100
++++ ./includes/base_signature.inc.php 2010-04-11 23:52:13.000000000 +0200
+@@ -139,7 +139,7 @@
+ {
+ if ($tmp_ref_system_name == "snort")
+ {
+- if (ereg("([0-9]+):([0-9]+)", $ref_tag, $backref))
++ if (preg_match("/([0-9]+):([0-9]+)/", $ref_tag, $backref))
+ {
+ if ($backref[1] == "1")
+ {
diff --git a/security/base/files/patch-includes__base_state_citems.inc.php b/security/base/files/patch-includes__base_state_citems.inc.php
new file mode 100644
index 000000000000..40755eb24643
--- /dev/null
+++ b/security/base/files/patch-includes__base_state_citems.inc.php
@@ -0,0 +1,11 @@
+--- ./includes/base_state_citems.inc.php.orig 2010-03-05 16:06:18.000000000 +0100
++++ ./includes/base_state_citems.inc.php 2010-04-11 23:52:13.000000000 +0200
+@@ -963,7 +963,7 @@
+ for ( $i = 0; $i < $this->criteria_cnt; $i++ )
+ {
+ if ( (isset ($this->criteria[$i][3])) &&
+- (ereg("([0-9]*)\.([0-9]*)\.([0-9]*)\.([0-9]*)", $this->criteria[$i][3])) )
++ (preg_match("/([0-9]*)\.([0-9]*)\.([0-9]*)\.([0-9]*)/", $this->criteria[$i][3])) )
+ {
+ $tmp_ip_str = $this->criteria[$i][7] = $this->criteria[$i][3];
+ $this->criteria[$i][3] = strtok($tmp_ip_str, ".");
diff --git a/security/base/files/patch-includes__base_state_common.inc.php b/security/base/files/patch-includes__base_state_common.inc.php
new file mode 100644
index 000000000000..d39b08ef196c
--- /dev/null
+++ b/security/base/files/patch-includes__base_state_common.inc.php
@@ -0,0 +1,11 @@
+--- ./includes/base_state_common.inc.php.orig 2010-03-05 16:06:18.000000000 +0100
++++ ./includes/base_state_common.inc.php 2010-04-11 23:52:13.000000000 +0200
+@@ -181,7 +181,7 @@
+ if ( ($valid_data & VAR_SCORE) > 0 )
+ $regex_mask = $regex_mask . "\-";
+
+- return ereg_replace("[^".$regex_mask."]", "", $item);
++ return preg_replace("/[^".$regex_mask."]/", "", $item);
+ }
+
+ /* ***********************************************************************
diff --git a/security/base/files/patch-includes__base_state_criteria.inc.php b/security/base/files/patch-includes__base_state_criteria.inc.php
new file mode 100644
index 000000000000..9e6018a9f7f6
--- /dev/null
+++ b/security/base/files/patch-includes__base_state_criteria.inc.php
@@ -0,0 +1,11 @@
+--- ./includes/base_state_criteria.inc.php.orig 2010-03-05 16:06:18.000000000 +0100
++++ ./includes/base_state_criteria.inc.php 2010-04-11 23:52:13.000000000 +0200
+@@ -252,7 +252,7 @@
+ if ( isset($_POST['current_view']) ) $query_string .= "&amp;current_view=".$_POST['current_view'];
+ if ( isset($_POST['submit']) ) $query_string .= "&amp;submit=".$_POST['submit'];
+
+- $query_string = ereg_replace("back=1&", "", CleanVariable($query_string, VAR_PERIOD | VAR_DIGIT | VAR_PUNC | VAR_LETTER));
++ $query_string = preg_replace("/back=1&/", "", CleanVariable($query_string, VAR_PERIOD | VAR_DIGIT | VAR_PUNC | VAR_LETTER));
+
+ ++$_SESSION['back_list_cnt'];
+ $_SESSION['back_list'][$_SESSION['back_list_cnt']] =