aboutsummaryrefslogtreecommitdiffstats
path: root/ports-mgmt
Commit message (Collapse)AuthorAgeFilesLines
* - Update to 0.2.6_5pav2005-02-152-1/+583
| | | | | | | | | | 1) Some code clean up using valgrind 2) Added flushing of stdout/stderr so messages are not lost when redirecting portmanager output to a file PR: ports/77525 Submitted by: Michael C. Shultz <reso3w83@verizon.net> (maintainer)
* Update to 2.6.11marcus2005-02-142-4/+12
| | | | | | | | | | | * Do not warn on direct command use if the command is preceeded by "--" [1] * Add a check for ports installing charset.alias or locale.alias. In most cases these ports should depend on libiconv or gettext, and not install their own copies of these files [2] PR: 77410 [2] Requested by: gerald [1] Submitted by: leeym [2]
* - Update to 0.2.6_4:pav2005-02-132-1/+311
| | | | | | | | | | | * Finally found and fixed the bug haunting portmanager for the past few revisions. Portmanager now "flushes" after droping new records into it's data bases :) * Improvement of database code to handle wider variety of strings/character codes merged from another project that uses libMG. PR: ports/77409 Submitted by: Michael C. Shultz <reso3w83@verizon.net> (maintainer)
* - Fix bug where configuration file would not get readpav2005-02-103-8/+62
| | | | | PR: ports/77319 Submitted by: Michael C. Shultz <reso3w83@verizon.net> (maintainer)
* - Update to 0.2.6_2:pav2005-02-093-9/+89
| | | | | | | | | There may be a bug in edge cases where a port name originates from multiple usr/ports directories. Patch allows printing of useful information if this happens and hopefully traps the bug with assert statements. PR: ports/77276 Submitted by: Michael C. Shultz <reso3w83@verizon.net> (maintainer)
* - disable CONFIGURE_ARGS temporarily (requested by maintainer)leeym2005-02-081-8/+8
| | | | Submitted by: maintainer
* update portmanager to ver 0.2.6leeym2005-02-082-33/+31
| | | | | | | | | | | | | 1) Fixed bug where ports were being updated for old dependencies when they did not require it. 2) Added -sl option: show leaf ports (ports with no other ports depending on them) 3) Added -slid option: interactivly delete leaf ports PR: 77238 Submitted by: Michael C. Shultz <reso3w83 at verizon.net>
* Catch up with latest bsd.port.mk changeseik2005-02-032-94/+177
|
* - Update to 0.2.5sem2005-01-315-1013/+12
| | | | | | | | 1) Add handling of identical portnames from differing origins in port tree 2) Minor bug fix involving portmanager's handling of missing dependencies PR: ports/76872 Submitted by: maintainer
* - Fixes stupid bug introduced in 0.2.4_1 where portmanager overwrites its ownpav2005-01-292-2/+29
| | | | | | | config file the first time it is run after being installed. PR: ports/76779 Submitted by: Michael C. Shultz <reso3w83@verizon.net> (maintainer)
* - handle looping by limiting to no more than 2 occurancessem2005-01-283-2/+979
| | | | | | | | - fix compiler error on sparc64-6-latest - other minor fixes PR: ports/76739 Submitted by: maintainer
* Update to 1.3arved2005-01-262-3/+3
| | | | | PR: 76655 Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk>
* - update to 0.2.4:sem2005-01-213-25/+25
| | | | | | | | 1) added -ip "ignore port" command line option and the same for pm-020.conf 2) if a port fails to build, port manager now instead of failing, adds it to ignore.db then continues PR: ports/76529 Submitted by: maintainer
* - Update to 0.2.3pav2005-01-193-15/+16
| | | | | PR: ports/76453 Submitted by: Michael C. Shultz <reso3w83@verizon.net> (maintainer)
* - Update to 1.2pav2005-01-192-3/+3
| | | | | | PR: ports/76404 Submitted by: Renato Botelho <renato@galle.com.br> Approved by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
* In light of recent tests, update the description of portsnap to notecperciva2005-01-161-2/+3
| | | | | | | that it is far more bandwidth-efficient than CVSup in cases where the ports tree is being updated every few days. Approved by: pav
* Document Horde's XSS vulnerabilities.thierry2005-01-051-0/+1
| | | | Approved by: portmgr (krion).
* Before performing any work, unset a number of environment variables whichdes2004-12-313-2/+18
| | | | may adversely affect the port build. See the man page for details.
* - update to 0.2.2sem2004-12-293-5/+21
| | | | | | | | | | | | | | | | | | | | | | | 1) Made MGmDbArrayFree and MGmDbArray source in /libMG/src/libMG.h more readable. Fixed a few bad mallocs in MGmDbArrayFree as well. 2) As per suggestions from John E Hein <jhein@timing.com> in libPMGR/src/libPMGR.h removed hard coded paths and changed so ports infrastructure files are accessed by using $PORTSDIR & $PKG_DBDIR environment vars and fixed hard coded path references in /portmanager/portmanager.c 3) In pmupgrade.c added an abort if error during clean in an attempt to halt looping when a port conflict occurs, this is untested so temporary for now. 4) libPMGR/src/PMGRrMakeDescribe.c fixed hard coded paths 5) pmupgrade.c fixed hard coded paths 6) pmupgrade.c Major cleanup of code, seperated upgrade routine into upgrade, checkForOldDepencies, and PMGRrDoUpgrade routines. 7) fixed portmanager seg faulting when it self updates. (thanks to "Noah" <admin2@enabled.com> for reporting 8) Added "HINTS AND TIPS" section to portmanager(1) man page. PR: ports/75596 Submitted by: maintainer
* - Upgrade to 0.6sem2004-12-292-4/+6
| | | | | | | | * Search port by "make search" (works on FreeBSD 5.3 as well) * Bugfix: missing default server support on -o PR: ports/75611 Submitted by: maintainer
* Oops, I forgot to commit Makefile..knu2004-12-292-0/+4
| | | | | | | | -- Fix the startup script for 4.x. Submitted by: Nicole Thurner <thurners -at- t-online.de>
* Fix the startup script for 4.x.knu2004-12-282-0/+28
| | | | Submitted by: <Nicole Thurner <thurners -at- t-online.de>
* pkg_rmleaves finds packages that are not requested by any other installedpav2004-12-283-0/+30
| | | | | | | | | | | package and lets you decide (in a beauty dialog interface) for each one if you want to keep it or delete it. This is similar to pkg_cutleaves, but it does not require any dependencies and is done in visual, dialog(1) interface instead of command line. PR: ports/75517 Submitted by: Timothy Redaelli <drizzt@gufi.org>
* - Update to 0.2.1sem2004-12-276-507/+29
| | | | | | | | | | - Change maintainer email - Removed all html docs and replaced with man page - Add WITH_DEBUG knob - Cleaned up a few compile warnings PR: ports/75413 Submitted by: Michael C. Shultz (maintainer)
* Update to 20041226.knu2004-12-264-6/+6
| | | | | | | | Reverse the condition to check if custom MAKE_ARGS is specified. Submitted by: Max Laier <max@love2party.net> D'oh!
* Update to 20041225.knu2004-12-266-30/+6
| | | | | | | - Fix the startup script. (s/echo //) - When INDEX is not found, try "make fetchindex" first, then try "make index".
* Fix the startup script.knu2004-12-254-0/+28
| | | | | | | I think I've been too long away from my ports work... PR: ports/75468 Submitted by: Michael <mkuhn.nw 'at' web.de>
* Update to 20041224.knu2004-12-2410-102/+8
| | | | | | | | | | | | | | | | | | | | | portsdb(1): - Add a -F flag, which calls make fetchindex internally to update the ports index file. portupgrade(1): - Make -fP properly reinstall an installed package using a binary package. - Do not use a binary package when custom MAKE_ARGS or -m option is defined, unless -PP is specified. portsclean(1): - -L: Make sure that a library does not shadow itself. misc.: - RcNG'ify the startup script. - Do not use Object#class which is obsolete in Ruby >=1.8.
* Don't check for DISTVERSION as apart of %makevars since it will be setmarcus2004-12-182-6/+7
| | | | | | | internally when PORTVERSION is set. Instead, just scour the Makefile to see if both PORTVERSION and DISTVERSION are defined. Reported by: krion
* * Update to 2.6.10marcus2004-12-172-18/+32
| | | | | | * Add support for the new DISTVERSION macro Submitted by: lioux (plus some additional checks)
* Update to version 0.3.1 in order to fix a bug which breaks `portsnapcperciva2004-12-092-3/+3
| | | | | | | extract`. Bug noticed by: Dru Lavigne With hats: pointy, maintainer
* Update to version 0.3. This has the following changes:erwin2004-12-082-5/+6
| | | | | | | | | | | | | | 1. The working directory and ports directory can be specified in the portsnap.conf configuration file. 2. Parts of the ports tree (down to the level of individual ports) can be extracted (e.g., "portsnap extract security/freebsd-update"). This also adds an empty file, $PREFIX/portsnap/.package.this.directory, which (as the name suggests) ensures that $PREFIX/portsnap/ will be generated when a package is installed using pkg_add. PR: 74835 Submitted by: maintainer
* Add whitespace around parentheses in .if logic, in order to unbreakcperciva2004-11-241-1/+1
| | | | | | | | | port and INDEX builds on old (5.1 & 4.7?) releases. PR: ports/74192 Reported by: Joe Horn Approved by: mat With hat: maintainer
* Update to 2.6.9.marcus2004-11-232-158/+57
| | | | | | | | | | | | | | | * Ignore comments when checking for absolute pathname usage * Check DISTNAME for uses of PORTREVISION and PORTEPOCH [1] * Make sure to quote meta-characters in PORTNAME before using it as a regular expression [1] * Fix bug when matching OPTIONS in ".if defined(WITH_OPT1) && defined(WITHOUT_OPT2)" [2] * Update OMF checks to account for the new INSTALLS_OMF macro * Update GConf checks to account for the new GCONF_SCHEMAS macro PR: 73536 [2] Submitted by: mat [1] leeym [2]
* Add p5-FreeBSD-Portindex 1.1, incremental FreeBSD ports INDEX fileokazaki2004-11-214-0/+95
| | | | | | | generation. PR: ports/73612 Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk>
* Use the bzipped index to speed up downloading.des2004-11-212-7/+18
|
* Finally fix the master-has-a-master issue.des2004-11-132-18/+23
| | | | | Now that INDEX is no longer in CVS, don't append .www to the name when downloading it.
* Add sysutils/portbrowser, a free, easy to use GUI frontend implementationhrs2004-11-083-0/+31
| | | | for the BSD ports system.
* Bump PORTREVISIONS for all ports that depend on atk or pango to ease in themarcus2004-11-081-1/+1
| | | | big upgrade.
* - Make freebsd-sha1 dependency conditional on OSVERSIONpav2004-11-072-6/+19
| | | | | | | - Remove hardcoded /usr/local PR: ports/73625 Submitted by: cperciva (maintainer)
* Fix portmanager seg faults when an installed port's +CONTENTS filesem2004-11-022-1/+75
| | | | | | | has no "@comment ORIGIN:" in it. PR: ports/73292 Submitted by: maintainer
* Add portsnap: Provides secure snapshots of the ports directory.lofi2004-11-014-0/+69
| | | | | PR: ports/73323 Submitted by: Colin Percival <cperciva@daemonology.net>
* Switch to ssh for anoncvs so it works again.des2004-10-315-19/+45
| | | | | Recognize globs in port names. Bump version to 2.8.0.
* Create a VuXML entry for Horde XSS help window vulnerability to replacenectar2004-10-271-1/+0
| | | | the portaudit-db entry.
* Add an entry for a vulnerability fixed in horde-2.2.7.thierry2004-10-271-0/+1
|
* Recognize absolute master directories.des2004-10-252-2/+3
|
* Add entries for vulnerabilites in imported xpdf code in kdegraphicslofi2004-10-241-0/+2
| | | | and koffice.
* - fix reinstall targeteik2004-10-243-144/+150
| | | | | | | - fix bug in distfile:group handling - fix bug in DISTDIR handling - add code to better handle refetching of rerolled distfiles - .PHONY -> .EXEC
* Don't croak on port names that contain metacharacters.des2004-10-222-4/+6
|
* Fix the build on older versions of FreeBSD.marcus2004-10-191-0/+16
| | | | Reported by: W.D. <WD@US-Webmasters.com>
* Improve handling of installed ports whose origin can't be determined.des2004-10-142-4/+14
|
* Enable bpm to grok the new INDEX format with extra fields.adamw2004-10-132-4/+20
| | | | Submitted by: maintainer
* Support .ifndef and !defined when doing OPTIONS checking.marcus2004-10-132-1/+2
|
* Add an entry for a XSS vulnerability fixed in IMP-3.2.6.thierry2004-10-121-0/+1
|
* * Update to 2.6.8marcus2004-10-122-5/+47
| | | | | | | | | | | | * Check PLIST_FILES for shared libraries, and make sure INSTALLS_SHLIB is defined [1] * Check DATADIR and MAN3PREFIX macros [2] * Check OPTIONS [3] PR: 71405 [2] 71468 [3] Requested by: michael johnson <ahze@ahze.net> [1] Submitted by: leeym [2] [3]
* - Fix potential endless loop when a port changes his name depending on optionpav2004-10-124-3/+375
| | | | | | | - Fix plist PR: ports/72074 Submitted by: Michael C. Shultz <ringworm@inbox.lv> (maintainer)
* BROKEN on 5.x: Does not compilekris2004-09-261-1/+7
| | | | Approved by: portmgr (self)
* BROKEN on 5.x: Does not compilekris2004-09-181-1/+7
| | | | Approved by: portmgr (self)
* Typo-fix in a commentbrueffer2004-09-091-1/+1
| | | | Approved by: portmgr (krion)
* - star-devel: privilege escalationeik2004-09-092-1/+7
| | | | | | | | - multi-gnome-terminal: information leak - usermin: remote shell command injection and insecure installation - mpg123: layer 2 decoder buffer overflow Approved by: portmgr (implicit)
* - XSS vulnerability in phpGroupWare wiki moduleeik2004-09-072-8/+42
| | | | | | - add some references Approved by: portmgr (implicit)
* multiple vulnerabilities in LHAeik2004-09-041-0/+36
|
* grrrr... left the test case intacteik2004-09-041-1/+1
|
* - update to version 0.5.9eik2004-09-043-14/+34
| | | | (first attempts to check the base system for vulnerabilities)
* - add some referenceseik2004-09-043-8/+142
| | | | | | | | | | - extend ImageMagick entry - squid ntlm authentication helper DoS - multiple vpopmail vulnerabilities - first attempts to check the base system for vulnerabilities: + cvs server code + zlib DoS - BSD license portaudit.xml
* Update to 2.6.7marcus2004-09-012-8/+9
| | | | | | | | | | | | | | | * Switch the direct use of ``echo'' check to suggest ${ECHO_CMD} or ${ECHO_MSG} instead of ${ECHO} [1] * Tighten the check for improper GConf schema handling so that we only look in the GConf schemas directory [2] * Correct some grammar mistakes [3] * Avoid erroneous "direct use of command" warnings [4] PR: 71159 [4] Submitted by: gerald [1] pav [3] eik [4] Reported by: pav [2]
* The recently comitted BPM port fails to handle the new INDEX fileadamw2004-09-012-0/+24
| | | | | | | | | | format, which has had several fields added to it. In addition, it reacts badly when parse errors occur on the INDEX file, resulting in double free()s. The patch works around both of these problems until the next formal release. PR: ports/71213 Submitted by: maintainer
* Minor bug fix and pkg-plist correction.linimon2004-08-313-13/+25
| | | | | PR: ports/71138 Submitted by: Michael C. Shultz <ringworm at inbox dot lv> (maintainer)
* samba printer change notification request DoSeik2004-08-311-0/+1
|
* add some references, add ru-gaimeik2004-08-301-2/+4
|
* multiple vulnerabilities in gaimeik2004-08-301-4/+4
|
* security bug in rscsi client codeeik2004-08-301-0/+4
| | | | Submitted by: marius
* Fix RUN_DEPENDS.linimon2004-08-291-1/+4
| | | | | | PR: ports/70107 Submitted by: Yen-Ming Lee <leeym at utopia dot leeym dot com> Approved by: maintainer timeout (3 weeks)
* Document NSS SSLv2 server buffer overflow (already referenced innectar2004-08-271-1/+0
| | | | portaudit.txt).
* Document ripMIME decoding bug (already referenced in portaudit.txt).nectar2004-08-271-1/+0
|
* Argh. Duplicate entry for "Scorched 3D server chat box format string ↵eik2004-08-271-2/+1
| | | | vulnerabilty"
* Mozilla / NSS S/MIME DoS vulnerability & Scorched 3D server chat box format ↵eik2004-08-271-0/+2
| | | | string vulnerability
* Note sanitize_path bug in rsync (already referenced in portaudit.txt).nectar2004-08-271-1/+0
|
* Document buffer overflows in SoX (already referenced in portaudit.txt).nectar2004-08-271-1/+0
|
* Document cookie bug in Konqueror (already referenced in portaudit.txt).nectar2004-08-271-1/+0
|
* Remove libxine issue which is now documented in the FreeBSD VuXMLnectar2004-08-251-1/+0
| | | | | | document. Reminded by: eik
* nss library SSL remote buffer overfloweik2004-08-251-0/+1
|
* multiple buffer overflows in xveik2004-08-251-2/+3
|
* Watch out for undefined values when resolving port origins. This makesdes2004-08-252-4/+6
| | | | | | | -I / -s work properly when some of the installed ports have since been deleted from the ports tree. Submitted by: Thomas-Martin Seck <tmseck@netcologne.de>
* Fix path to INDEX file on 5.x.adamw2004-08-251-0/+14
| | | | Submitted by: nork
* Fix build on current in some situations.adamw2004-08-241-0/+2
| | | | Submitted by: krion
* I am pleased to announce a new GTK+-2 interface to our ports tree!adamw2004-08-244-0/+55
| | | | | | | | | | | | | | | | | | | BSD Ports Manipuator (BPM) is a graphical ports collection manager for FreeBSD. It has a GTK+ 2.0 interface and allows you to add, remove, or upgrade software packages on your system without requiring you to use a command-line. In addition, it can display details about available, installed, and out-of-date ports, as well as allowing you to search based on port descriptions. BPM uses the existing ports collection structure, allowing it to build ports from source and integrate seamlessly with other tools. This project started out as a clone of Ports Manager.app for DarwinPorts. WWW: http://www.meowfishies.com/bpm.rhtml Submitted by: sethk@meowfishies.com
* Konqueror cross-domain cookie injectioneik2004-08-241-0/+1
|
* handle some duplicateseik2004-08-243-2/+71
|
* fix "too many open files" error when using the -r flageik2004-08-242-2/+2
| | | | Noted by: nectar
* a2ps: Possible execution of shell commands as local user.eik2004-08-211-1/+2
|
* Update to 0.2.0sem2004-08-213-20/+32
| | | | | | PR: ports/70701 Submitted by: maintainer Patches from: Gudin Franci
* correct topic of eda0ade6-f281-11d8-81b0-000347a4fa7deik2004-08-201-1/+1
|
* QT 3.x BMP (and possibly other graphics formats) heap-based overfloweik2004-08-201-0/+1
|
* potential security flaws in mod_ssleik2004-08-191-4/+6
|
* move a800386e-ef7e-11d8-81b0-000347a4fa7d to xmleik2004-08-173-9/+36
|
* ruby CGI::Session insecure file creationeik2004-08-161-1/+2
|
* Don't check the base system when PACKAGE_BUILDINGeik2004-08-161-0/+2
|
* multiple phpGroupWare vulnerabilitieseik2004-08-161-0/+2
|
* phpGedView, jftpgweik2004-08-163-0/+29
|
* Remove -a from the default fetch(1) flags, so that the daily securityeik2004-08-152-2/+2
| | | | | | report is not delayed when the distribution site is down. Submitted by: kuriyama
* apply xlist not to the own fileseik2004-08-142-10/+15
|
* fix man page nits,eik2004-08-143-36/+61
| | | | | | | modify the vulnerability report depending on -q/-v (experimental) PR: 69935, 68942 Submitted by: Chris Pepper <pepper@reppep.com>, Johan Karlsson <k@numeri.campus.luth.se>
* update to 20040811: fix compilation with GCC 3.4eik2004-08-143-13/+19
|
* fix some vuxml duplicates, add sympa unauthorized list creationeik2004-08-143-8/+680
|
* Add another entry for kdelibs3 due to another missed patch.lofi2004-08-131-0/+1
|
* Correct entries for recent kde vuln's and add new entry for kdelibslofi2004-08-131-1/+3
| | | | (3.2.3_3 didn't have all patches).
* fix security hole in non-chroot rsync daemon.eik2004-08-121-0/+1
| | | | <http://www.freebsd.org/ports/portaudit/2689f4cb-ec4c-11d8-9440-000347a4fa7d.html>
* 9fb5bb32-d6fa-11d8-b479-02e0185c0b53 is a duplicate of ↵eik2004-08-122-2/+5
| | | | 40800696-c3b0-11d8-864c-02e0185c0b53
* f72ccf7c-e607-11d8-9b0a-000347a4fa7d is a duplicate of ↵eik2004-08-122-4/+7
| | | | 6f955451-ba54-11d8-b88c-000d610a3b12, move references
* Factor out all but one of the build switches of the KDE main module portslofi2004-08-111-0/+2
| | | | | | | | | | | | | | | into separate ports. The OPTIONS will remain as of yet and trigger dependencies now, for easy transition. Update KOffice to version 1.3.2. Add patches to fix a number of issues, including: - fix kxkb on Xorg - fix kdemultimedia WITH_MPEGLIB (now mpeglib_artsplug) compilation on gcc 3.4.2 with optimizations greater than -O Add security related patches and entries to portaudit.txt.
* libine "vcd:" input source buffer overfloweik2004-08-101-0/+1
|
* Update to 0.1.9sem2004-08-103-9/+9
| | | | | | | | This version corrects bus faults introduced in ver 0.1.8. Also corrects two pkg-plist errors. PR: ports/70239 Submitted by: maintainer
* SpamAssassin DoS & cfengine authentication heap corruptioneik2004-08-101-2/+4
|
* Update to 0.1.8.sem2004-08-093-18/+37
| | | | | | | | Fully PREFIX compliant now. Complete run on CURRENT. PR: ports/70190 Submitted by: maintainer
* Upgrade to 0.1.7.thierry2004-08-084-96/+32
| | | | | PR: ports/70136 Submitted by: maintainer.
* Version 0.5 release.thierry2004-08-082-4/+17
| | | | | | | | | - Bugfix: sometimes the ports version was wrong; - A default cvs server can be set; - Port revision is added to port version number. PR: 70162 Submitted by: maintainer.
* CVStrac arbitrary remote code executioneik2004-08-071-1/+2
|
* - Update to 0.63 (see NEWS for list of changes)sergei2004-08-072-5/+8
| | | | | - Make devel/newfile dependency optional under WITH_NEWFILE knob: "port create" command is only useful to some porttools users, not all
* fold entry 7eded4b8-e6fe-11d8-b12f-0a001f31891a into ↵eik2004-08-062-1/+4
| | | | 2de14f7a-dad9-11d8-b59a-00061bc2ad93
* putty local command executiondinoex2004-08-061-0/+1
|
* move abe47a5a-e23c-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list ↵eik2004-08-061-1/+0
| | | | of vulnerable ports
* o Security Update to 2.2.10-ja-1.0.nork2004-08-061-0/+1
| | | | | | | o rcNG-ify obtained from net/samba3. PR: ports/70034 Submitted by: NAKAJI Hiroyuki <nakaji@jp.freebsd.org> (maintainer)
* add Opera "location" object write access vulnerabilityeik2004-08-051-0/+1
|
* move f9e3e60b-e650-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list ↵eik2004-08-051-3/+0
| | | | of vulnerable ports
* back out last commitdinoex2004-08-051-1/+0
|
* putty local command executiondinoex2004-08-051-0/+1
|
* libPNG stack-based buffer overflow and other code concernseik2004-08-051-0/+3
|
* Acrobat Reader handling of malformed uuencoded pdf fileseik2004-08-041-0/+1
|
* Squid NTLM authentication helper overfloweik2004-08-041-0/+1
|
* ripMIME attachment extraction bypasseik2004-08-041-4/+5
|
* Update to a snapshot of CVS from today to fix the build with GCC 3.4.marcus2004-08-033-7/+7
| | | | | Reported by: pointyhat Obtained from: FreeBSD CVS
* GnuTLS certificate chain verification DoSeik2004-08-031-1/+3
|
* Add portmanager 0.1.3, freeBSD port management software.sem2004-08-015-0/+141
|
* phpMyAdmin configuration manipulation and code injectioneik2004-07-311-1/+2
|
* Register a vulnerability in mail/imp3.thierry2004-07-311-0/+1
| | | | | This vulnerability only exists when using the Internet Explorer to access IMP and only when using the inline MIME viewer for HTML messages.
* Mozilla Firefox certificate spoofingeik2004-07-301-0/+1
|
* DansGuardian banned extension filter bypass vulnerabilityeik2004-07-301-0/+1
|
* add a reference to the SoX buffer overflow entryeik2004-07-291-1/+1
|
* SoX buffer overflows when handling .WAV fileseik2004-07-291-1/+2
|
* LCDProc buffer overflow/format string vulnerabilitieseik2004-07-281-0/+1
|
* pavuk digest auth buffer overfloweik2004-07-271-0/+1
|
* add Nessus "adduser" race condition and Dropbear DSS verification bugeik2004-07-271-2/+5
|
* New option -r: restrict listed entries to selected references.eik2004-07-243-4/+25
| | | | Useful for testing new entries.
* sync with latest b.p.meik2004-07-243-31/+82
|
* l2tpd BSS-based buffer overfloweik2004-07-231-0/+1
|
* phpBB cross site scripting vulnerabilitieseik2004-07-221-0/+1
|
* add subversion-perl, subversion-pythoneik2004-07-201-0/+1
|
* subversion access control bypasseik2004-07-201-0/+1
|
* mod_ssl format string vulnerabilityeik2004-07-181-0/+2
|
* create /var/db/options when it doesn't existeik2004-07-171-0/+6
|
* - synchronize with recent changes in bsd.port.mkeik2004-07-176-139/+1047
| | | | - work in progress: optionsng, cleanroom installation
* Add missing RUN_DEPENDS on devel/newfilevs2004-07-171-1/+2
| | | | | | PR: ports/59956 Submitted by: Nicola Vitale Approved by: maintainer timeout
* Roundup directory traversaleik2004-07-161-1/+2
|
* wv library datetime field buffer overfloweik2004-07-141-0/+1
|
* multiple vulnerabilities in Bugzillaeik2004-07-141-0/+1
|
* check for a working tr(1).eik2004-07-142-0/+9
|
* Add a patch to read the index file via sort(1) instead of readingknu2004-07-134-2/+30
| | | | directly to avoid core dump.
* correct vulnerable version of linux-png and add a referenceeik2004-07-111-2/+2
|
* libpng row buffer overfloweik2004-07-111-0/+2
|
* typo in 'make master-sites-all'eik2004-07-101-1/+1
|
* add some referenceseik2004-07-091-0/+4
|
* FWIIW, enable the use ofeik2004-07-091-6/+9
| | | | | | make DISABLE_SIZE=yes checkdistsites to check for corrupted files on sites that don't support SIZE (the files are unfetchable from these sites anyway)
* move e5e2883d-ceb9-11d8-8898-000d6111a684 to vuln.xmleik2004-07-081-2/+0
|
* add targets master-sites-all, master-sites, patch-sites-all, patch-siteseik2004-07-072-1/+87
| | | | which print a sorted list of the respective sites (used e.g. by FreshPorts)
* fix a warning when GeoIP can't find the country for a siteeik2004-07-071-10/+13
|
* eliminate some verbatim uses of mktemp and sorteik2004-07-072-8/+9
| | | | PR: 62298
* Fix a bug with -P when there are more than one binary package file forknu2004-07-074-2/+34
| | | | | | | | a package to install or upgrade. PR: ports/68598 Submitted by: Victor Prylipko <vic@liniya.ru> Bug traced by: Andrew Bliznak <andrew@ort.lviv.net>
* add some referenceseik2004-07-061-3/+3
|
* Add devel/portmk, a place where bsd.port.mk development can happen.eik2004-07-0618-0/+6241
|
* MySQL versions < 4.1 seem to be unaffectedeik2004-07-061-2/+2
| | | | Reported by: Alexander Vasenin <blacksir@number.ru>
* Update to today's pkg_install from HEAD.marcus2004-07-064-88/+10
|
* add MySQL server authentication bypass / buffer overfloweik2004-07-061-0/+2
|
* Mark 4aec9d58-ce7b-11d8-858d-000d610a3b12 as a duplicate of theeik2004-07-053-1/+28
| | | | already existing c63936c1-caed-11d8-8898-000d6111a684.
* Perform plist substitution for -L.des2004-07-052-3/+10
| | | | Fix bug in origin determination.
* Move phpnuke vulnerabilities to VuXML.trhodes2004-07-031-1/+0
|
* Use full path to portsdb instead of assuming ${LOCALBASE}/sbin is in PATHkris2004-07-021-2/+2
|
* Apply a patch to avoid "undefined method `each' for nil:NilClass"knu2004-07-024-0/+34
| | | | | | | error when such configuration variable as MAKE_ARGS, typically BEFORE_DEINSTALL is not defined. Reported by: krion, Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
* move "phpMyAdmin code injection" to vuxmleik2004-07-021-1/+0
|
* Test OSVERSION instead of pkg_info -P to enable cross-version buildseik2004-07-022-9/+11
| | | | Requested by: kris
* phpMyAdmin code injectioneik2004-07-021-0/+1
|
* - update to version 0.5eik2004-07-0110-554/+442
| | | | | | | | | | | | | | | | *** NOTE *** The preferences file format has changed, as have the periodic.conf(5) names. Normally the default settings should be adequate, except when you need to configure a proxy. Use $PREFIX/etc/portaudit.conf.sample as an example. - moved portaudit to sbin - clean up, merging stuff into the portaudit script - better return codes and errors to stderr - -f can check stdin now - dropped ports tree auditing - merged the periodic(8) scripts into one - run daily auditing as `nobody'
* Update to 20040701. New distfile.knu2004-07-016-54/+10
| | | | | | | | | | | | | | | | | | | | | | portupgrade: - Make -PP/--use-packages-only work better, just as I originally intended. Now packages are correctly identified using pkg_info(1), "LATEST_LINK" files are also properly detected. Related informational messages have also been improved. It turned out that the LATEST_LINK/NO_LATEST_LINK detection was broken long ago and hasn't been working for long. pkg_fetch(1): - Properly rename a "latest link" file with a full package name with version part. pkgtools.conf(5): - Improve and unify the method for pattern matching in MAKE_ARGS, BEFOREBUILD, BEFOREDEINSTALL and AFTERINSTALL variables. This should fix some cases where it looks like MAKE_ARGS entries are ignored.
* - SSLtelnet remote format string vulnerabilityeik2004-07-011-7/+8
| | | | | | (guys, this is a public list) - add some references
* update to 20040629: sync with -CURRENTeik2004-06-303-5/+33
|
* add MIT Kerberos 5 krb5_aname_to_localname() buffer overfloweik2004-06-291-0/+1
|
* add isakmpd security association deletion vulnerabilityeik2004-06-291-2/+3
|
* add Apache input header folding DoS vulnerabilityeik2004-06-291-0/+1
|
* xine-lib RTSP handling vulnerabilitieseik2004-06-281-0/+1
|
* Move MoinMoin entry to VuXML.trhodes2004-06-281-1/+0
|
* diversify url conversioneik2004-06-281-1/+21
|
* Update to 2.6.6marcus2004-06-282-10/+115
| | | | | | | | | | | * Fix a typo in the libtool archive hint [1] * Check for ports that have a poorly specified CONFLICTS line as well as ports that conflict with themselves [2] * Check for proper handling of gconf schemas * Check for explicit listing of %gconf keys in the plist Spotted by: lofi [1] Submitted by: eik [2]
* add portaudit2vuxml.pl to easy the migration of entries to VuXMLeik2004-06-261-0/+129
|
* Add an entry for recent isc-dhcp3-server buffer overflows.trhodes2004-06-261-1/+0
| | | | Remove the one in portaudit.txt.
* Move giFT-FastTrack to VuXML.trhodes2004-06-261-1/+0
|
* giFT-FastTrack remote DoSeik2004-06-251-0/+1
|
* Add patch with bugfixes.mich2004-06-252-1/+48
| | | | | | | | | | - Fix chmod behavior - Ignore irrelevant directories - Index creation speedup Bump PORTREVISION. Submitted by: Radim Kolar <hsn@netmag.cz>
* Update to 0.2.2eik2004-06-254-7/+10
| | | | - correct some URLs
* correct rlpr versioneik2004-06-251-2/+2
|
* Pure-FTPd DoS when the max number of connection is reachedeik2004-06-251-0/+1
|
* Move the Gallery entry to VuXML.trhodes2004-06-251-1/+0
|
* update to version 0.4.1eik2004-06-253-2/+30
| | | | | | Use portaudit [packagename ...] to check if package is listed as vulnerable
* rlpr local and remote exploitable buffer overflow (CAN-2004-0393, CAN-2004-0454)eik2004-06-241-0/+1
|
* CAN-2004-0451: format string vulnerabilities in supeik2004-06-241-0/+1
|
* Security flaw in rssheik2004-06-241-1/+2
|
* Icecast remote DoS vulnerabilityeik2004-06-241-0/+1
|
* Add pkg-req file which was forgotten in the last commit.eik2004-06-241-0/+27
|
* Update to version 0.4, with a new `-f' option.eik2004-06-243-42/+91
| | | | | | | | To check which of the current ports have known vulnerabilities, do portaudit -f /usr/ports/INDEX This port requires pkg_install(-devel)>=20040623
* update to version 20040623, which has a new `filter mode' for pkg_version -T.eik2004-06-232-3/+3
| | | | | | If you want to know which ports match '{,??-}apache{,-*}<2.*', do /usr/local/sbin/pkg_version -T - '{,??-}apache{,-*}<2.*' < /usr/ports/INDEX | awk -F\| '{print$1}'
* it seems like isc-dhcp3-{client,devel} are unaffectedeik2004-06-231-1/+1
|
* reword gallery entryeik2004-06-231-1/+4
| | | | add multiple isc-dhcp3 vulnerabilities
* Update of port which supports FreeBSD-5 alike INDEX-5 file parsingeik2004-06-232-1/+21
| | | | | PR: 68212 Submitted by: Anselm Garbe <anselmg@t-online.de> (maintainer)
* Sqwebmail 4.0.4 XSS vulnerabilityeik2004-06-221-0/+1
|
* Oops, the previous patch was bogus. Sorry.knu2004-06-224-24/+18
|
* Upgrade to version 0.4lofi2004-06-222-3/+3
| | | | | PR: ports/68175 Submitted by: Heiner Eichmann <h.eichmann@gmx.de>
* Roundup remote file disclosure vulnerabilityeik2004-06-221-0/+1
|
* Support the new, extended INDEX format.knu2004-06-224-0/+40
|
* make expiry date customizable via daily_status_portaudit_expiryeik2004-06-223-3/+3
|
* mailman allows 3rd parties to retrieve member passwords (CAN-2004-0412)weik2004-06-211-0/+1
|
* super format string vulnerabilityeik2004-06-211-0/+1
|
* Scorched 3D server chat box format string vulnerabilityeik2004-06-211-0/+1
|
* BNBT Authorization Header DoSeik2004-06-211-0/+1
|
* - The previous commit included ruby18-raspell-0.1, which is not affected.thierry2004-06-211-1/+2
| | | | | | - Add a separate entry for linux-aspell. Reported by: Oliver Eikemeier.
* Security: fix a buffer overflow in word-list-compress:thierry2004-06-201-0/+1
| | | | | | | | | | - <http://marc.theaimsgroup.com/?l=bugtraq&m=108761564006503&w=2> - <http://nettwerked.mg2.org/advisories/wlc> Since I'm there, switch from libtool 1.3 to 1.5, to cope with PR ports/63944. Obtained from: Robert Nagy <robert@openbsd.org>.
* ircd-hybrid-7 low-bandwidth DoSeik2004-06-201-0/+2
|
* Fetch the database from http://www.FreeBSD.org/ports/ first.eik2004-06-184-6/+11
| | | | Thanks to: kuriyama
* make BASEURL customizableeik2004-06-182-3/+11
|
* add subversion-perl, subversion-pythoneik2004-06-181-1/+1
|
* added racoon certificate validation bugeik2004-06-171-0/+1
|
* update to 0.2eik2004-06-173-8/+15
| | | | - add the ability to specify multiple URLs
* add moinmoin, phpnuke and webmin vulnerabilitieseik2004-06-171-0/+3
|
* SquirrelMail has a localized japanese versioneik2004-06-161-0/+1
|
* Add SquirrelMail XSS vulnerabilityeik2004-06-161-0/+1
|
* Update to 2.6.5.marcus2004-06-152-5/+11
| | | | | | | | | | * Fix a bug introduced in the "use strict" conversion, and don't check patch files for trailing blank lines * Add a check to make sure pkg-config files are installed into the correct location [1] * Fix some nearby spacing nits Requested by: pav [1]
* typoeik2004-06-152-2/+2
|
* Point all vulnerabilities to the base URL, so that entrieseik2004-06-152-3/+14
| | | | | | look a little more official. Pointed out by: Matthew George <mdg@secureworks.net>
* update to 0.1.1, supporting some of the VuXML 1.1 featureseik2004-06-146-53/+194
|
* reword some descriptionseik2004-06-141-6/+6
|
* Change URLs for a better reference about IMP & Chora vulnerabilities.thierry2004-06-131-2/+2
| | | | Requested by: eik (bis).
* Add an entry for Chora and IMP.thierry2004-06-131-0/+2
| | | | Requested by: eik
* Added CAN-2004-0488, CAN-2004-0492, DBMail vulnerability, smtpproxy ↵eik2004-06-131-4/+9
| | | | | | vulnerability, CAN-2004-0413 (subversion)
* portaudit-db generates a portaudit database from a currenteik2004-06-1310-0/+644
| | | | | | | | ports tree. It also features a file `database/portaudit.txt' where UUIDs for vulnerabilities can be allocated quickly before they are moved to the VuXML database. Call `packaudit' after upgrading your ports tree.
* Fix a bug where the wrong path to pkg_add could result when doing recursivemarcus2004-06-132-21/+24
| | | | | | pkg_adds. Reported by: kris
* accidentally packaged a wrong distribution fileeik2004-06-122-3/+3
| | | | Noted by: Randy Pratt <rpratt1950@earthlink.net>
* fix a problem with adding packages recursively under certain conditionseik2004-06-122-3/+3
| | | | | Noted by: kris Fix from: marcus
* Fix package build by using explicit paths in RUN_DEPENDSkris2004-06-092-11/+11
|
* - Add dependency on portupgradepav2004-06-081-0/+3
| | | | | | PR: ports/67662, pending/67679 Submitted by: Stefan Walter <sw@gegenunendlich.de> Approved by: maintainer
* Update to 2.6.4.marcus2004-06-072-53/+15
| | | | | | | | * Remove check for SIZE and MD5 in distinfo since this was a rush job, and missed some common cases. [1] * Re-enable use strict, and fix portlint to obey it Requested by: eik [1]
* Update to 2.6.3.marcus2004-06-062-25/+57
| | | | | | | | | | | | * Add a generic check for deprecated macros (e.g. the recent autotools batch), and add USE_MESA to the set [1] * Only use USE_LIBTOOL_VER for checking .la file installation [1] * Add a check for USE_LIBLTDL and warn about directly using a libltdl dependency [1] * Check distinfo to make sure each file in DISTFILES has SIZE and MD5 entries if NO_SIZE and NO_CHECKSUM are not defined Submitted by: krion and tobez [1]
* Update to 0.7.will2004-06-064-18/+19
| | | | | | PR: 67595 Submitted by: Stefan Walter <sw@gegenunendlich.de> Approved by: maintainer
generated by cgit (git 2.34.1) at 2024-11-26 23:25:34 +0800