aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* - Use LOCAL macropgollucci2010-06-082-6/+2
| | | | | | - Kill 2 dead mirrors in security/ruby-blowfish With Hat: ruby@
* - Convert to RF macropgollucci2010-06-081-2/+1
| | | | With Hat: ruby@
* PBKDF2 is a secure password hashing algorithm that uses the techniques ofmiwi2010-06-075-0/+71
| | | | | | | | | | | | | | | | | "key strengthening" to make the complexity of a brute-force attack arbitrarily high. PBKDF2 uses any other cryptographic hash or cipher (by convention, usually HMAC-SHA1, but Crypt::PBKDF2 is fully pluggable), and allows for an arbitrary number of iterations of the hashing function, and a nearly unlimited output hash size (up to 2**32 - 1 times the size of the output of the backend hash). The hash is salted, as any password hash should be, and the salt may also be of arbitrary size. See also: RFC2898, PKCS#5 version 2.0: http://tools.ietf.org/html/rfc2898 WWW: http://search.cpan.org/dist/Crypt-PBKDF2/ PR: ports/146847 Submitted by: Victor Popov <v.a.popov at gmail.com>
* - update to openssl-1.0.0adinoex2010-06-064-75/+19
| | | | | Security: CVE-2010-1633 this problem was already fixed in 1.0.0 with option WITH_DTLS_BUGS
* - Update to 0.5miwi2010-06-062-4/+4
| | | | | PR: 146833 Submitted by: Joris Dedieu <joris.dedieu@gmail.com> (maintainer)
* - Update to 2.0.23pgollucci2010-06-062-4/+4
|
* - Pass maintainership to submittermiwi2010-06-061-1/+1
| | | | | PR: 147478 Submitted by: Anderson Eduardo <anderson@secover.com.br>
* The update utility is designed to download and save updates and modulesmiwi2010-06-065-0/+67
| | | | | | | | | | | | | | | of the Kaspersky Lab's applications into a separate folder. With the help of the utility you can download updates for selected Kaspersky Lab's applications installed either in your network or at a home PC. The utility has a function for saving downloaded updates and autopatches in a local folder, a network folder connected as a disc to the computer file system, or onto a flash-carrier. WWW: http://support.kaspersky.com/updater?level=2 PR: ports/147116 Submitted by: Gvozdikov Veniamin <g.veniamin at googlemail.com>
* - Update to 20100601miwi2010-06-062-4/+7
| | | | | PR: 147433 Submitted by: Bapt <baptiste.daroussin@gmail.com> (maintainer)
* LICENSE GPLv2dinoex2010-06-062-0/+4
|
* - Update to 1.0.4miwi2010-06-062-4/+4
| | | | | PR: 147443 Submitted by: Anish Mistry <amistry@am-productions.biz> (maintainer)
* Perl encrypt stuff simplymiwi2010-06-065-0/+41
| | | | | | | WWW: http://search.cpan.org/dist/Crypt-Simple/ PR: ports/147284 Submitted by: Alexander Kriventsov <avk at vl.ru>
* Fix bashisms (source FILE -> . FILE)mandree2010-06-051-0/+4
| | | | | | | | | | | replace shebang-lines /bin/bash -> /bin/sh bump portrevision (changed files) based on: PR: ports/147472 Submitted by: Olli Hauer <ohauer@gmx.de> Approved by: miwi (mentor)
* LICENSE BSDdinoex2010-06-041-0/+2
|
* - LICENSE GPLv3dinoex2010-06-041-0/+2
|
* - Update to 0.5.19wen2010-06-042-5/+4
|
* Does not compile on sparc64.linimon2010-06-041-0/+4
| | | | Hat: portmgr
* Mark broken on sparc64.linimon2010-06-041-0/+4
| | | | Hat: portmgr
* - Update to 0.28wen2010-06-042-4/+4
|
* Update to latest snapshotjpaetzel2010-06-043-5/+6
| | | | | | PR: ports/147330 Submitted by: Eric F Crist <ecrist@secure-computing.net> Approved by: itetcu@ (mentor)
* - Update to 2.0.22pgollucci2010-06-042-4/+4
|
* Mark as broken on powerpc.linimon2010-06-031-1/+7
| | | | Hat: portmgr
* - Update to 2.0.21pgollucci2010-06-032-4/+4
|
* Update to 1.7.2p7.wxs2010-06-032-5/+5
| | | | Security: d42e5b66-6ea0-11df-9c8d-00e0815b8da8
* Document sudo secure path vulnerability. We are not vulnerable to this bywxs2010-06-031-0/+37
| | | | | default but a user could build sudo with SUDO_SECURE_PATH defined or turn it on in sudoers.
* - Chase net-snmp shlib bumpsylvio2010-06-032-2/+4
|
* - Update to 3.0.1pav2010-06-021-0/+27
| | | | | PR: ports/147195 Submitted by: Pavel Pankov <pankov_p@mail.ru> (maintainer)
* - Document two mediawiki security vulnerabilitieswen2010-06-021-0/+34
| | | | Approved by: delphij@(ports-security override)
* Attempt to fix build on powerpc.linimon2010-06-021-0/+11
| | | | Hat: portmgr
* Present KDE SC 4.4.4 for FreeBSD.makc2010-06-024-8/+6
|
* Update to 2.7.0.lx2010-06-022-4/+6
|
* Quantis is a physical random number generator exploitingale2010-06-017-0/+159
| | | | | | | | | an elementary quantum optics process. This port contains the user library and a CLI/GUI application to access such devices. WWW: http://www.idquantique.com/
* Quantis is a physical random number generator exploitingale2010-06-015-0/+72
| | | | | | | | | an elementary quantum optics process. This port contains the kernel driver to access Quantis PCI and PCIe devices. WWW: http://www.idquantique.com/
* Bounce PORTREVISION for gettext-related ports. Have fun, ya'll.ade2010-05-3138-20/+38
|
* - Mark BROKEN: Does not fetch.sylvio2010-05-311-0/+2
| | | | | PR: ports/146148 Submitted by: Gavin <ggcameron@gmail.com>
* Fix build error.cy2010-05-312-2/+2
|
* Add LICENSE and LICENSE_FILE to my ports.arved2010-05-313-0/+9
|
* - Update to 2.25sylvio2010-05-293-17/+8
| | | | | PR: ports/146933 Submitted by: Damian Gerow <dgerow@afflictions.org> (maintainer)
* - Update to 1.0.0wen2010-05-282-7/+7
| | | | - Pass maintainership to miwi@
* - Update to 2.0.16pgollucci2010-05-282-4/+4
|
* Make it buildable with db50.ume2010-05-272-0/+26
|
* - Mass conversion of RF -> RG for MASTER_SITE for rubygem- portspgollucci2010-05-272-2/+2
| | | | | | | | | [RG aka rubygems.org] PR: ports/147005 Submitted by: pgollucci (myself) Approved by: portmgr (pav) With Hat: ruby@
* - Update to 1.2.16johans2010-05-273-22/+95
| | | | - Remove dynamic plist generation
* - Update to 1.1.6wen2010-05-262-5/+5
| | | | - Update my mail to FreeBSD
* - Update to 0.2.1.26miwi2010-05-252-4/+4
|
* Update 4.0.0 build-2877 to 4.0.1 build-2929.cy2010-05-255-10/+21
|
* Update 4.0.0 --> 4.0.1.cy2010-05-255-8/+19
|
* Apply patch for MIT KRB5 security vulnerability MITKRB5-SA-2010-005.cy2010-05-252-1/+6
| | | | | | PR: 146939 Submitted by: wollman Security: MIT krb5 Security Advisory 2010-005
* Rename the following Haskell ports to bring them in sync with thepgj2010-05-257-47/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | HackageDB: archivers/hs-zip-archive-ghc -> archivers/hs-zip-archive devel/hs-binary-ghc -> devel/hs-binary devel/darcs -> devel/hs-darcs devel/hs-language-c-ghc -> devel/hs-language-c devel/hs-lazysmallcheck-ghc -> devel/hs-lazysmallcheck devel/hs-pcre-light-ghc -> devel/hs-pcre-light devel/hs-utf8-string-ghc -> devel/hs-utf8-string graphics/hs-HGL-ghc -> graphics/hs-HGL ports-mgmt/porte -> ports-mgmt/hs-porte security/hs-digest-ghc -> security/hs-digest textproc/hs-haxml -> textproc/hs-HaXml textproc/hs-highlighting-kate-ghc -> textproc/hs-highlighting-kate textproc/hs-polyparse-ghc -> textproc/hs-polyparse textproc/pandoc -> textproc/hs-pandoc x11/hs-x11-ghc -> x11/hs-X11 x11/hs-x11-xft-ghc -> x11/hs-X11-xft x11/xmobar -> x11/hs-xmobar x11-toolkits/hs-opengl-ghc -> x11-toolkits/hs-OpenGL x11-toolkits/hs-OpenGLRaw-ghc -> x11-toolkits/hs-OpenGLRaw x11-toolkits/hs-GLURaw-ghc -> x11-toolkits/hs-GLURaw x11-toolkits/hs-glut-ghc -> x11-toolkits/hs-GLUT x11-wm/xmonad -> x11-wm/hs-xmonad x11-wm/xmonad-contrib -> x11-wm/hs-xmonad-contrib
* Unbreak.cy2010-05-242-4/+0
|
* Updated to version 0.4.3niels2010-05-244-132/+41
| | | | Approved by: itetcu (mentor, implicit)
* - Update gss to 1.0.1johans2010-05-244-16/+17
| | | | | - Update MASTER_SITE (GNU) - Note: shlib version bumped
* - Update shishi to 1.0.0johans2010-05-245-28/+10
| | | | | | - Update MASTER_SITE (GNU) - Remove custom patch (fixed upstream) - Note: shlib version bumped
* Fix an autotools dependency issue.cy2010-05-244-4/+4
| | | | | Thans to Mike Harding <mvharding@gmail.com> for allowing me to use one of his systems to debug this problem.
* The Tiny Encryption Algorithm in Perl and JavaScript.wen2010-05-245-0/+37
| | | | | | | WWW: http://search.cpan.org/~pjb/Crypt-Tea/ PR: ports/145303 Submitted by: Steve Wills <steve@mouf.net>
* - No longer broken on -current b/c of utmpx changespgollucci2010-05-241-4/+0
| | | | | | PR: ports/146384 Submitted by: pgollucci@ (myself), others Approved by: maintainer timeout (cy@, 16 days)
* Over to new volunteer.linimon2010-05-241-1/+1
|
* Reset perky@FreeBSD.org due to maintainer-timeouts and no responselinimon2010-05-242-2/+2
| | | | | | to email. Hat: portmgr
* - Mark BROKEN: does not configurepav2010-05-242-0/+4
| | | | Reported by: pointyhat
* - Fix to tap device in amd64sylvio2010-05-231-2/+11
| | | | | | PR: ports/146102 Submitted by: Alex Forencich <alex@alexforencich.com> Approved by: maintainer (timeout > 14days)
* Updated to version 1.3.03niels2010-05-232-4/+4
| | | | Approved by: itetcu (mentor, implicit)
* - Fix OPTIONS support for Cabal ports by introducingpgj2010-05-231-0/+2
| | | | | | | bsd.cabal.options.mk - Fix ports broken with non-default options Triggered by: Yuri Pankov <yuri.pankov@gmail.com>
* - Update to version 1.7.5 and the latest contributed patchset [*]danfe2010-05-224-39/+36
| | | | | | | | | - Prefer HTTP mirrors as they are generally more accessible than FTP ones - Install support scripts in addition to datafiles - Simplify PORTDOCS handling, utilize BUILD_WRKSRC, and clean up things PR: ports/146114 [*] Submitted by: lme
* Update Pidgin and friends to 2.7.0. Seemarcus2010-05-221-2/+2
| | | | | | | | http://developer.pidgin.im/wiki/ChangeLog for the list of changes. Also, enable Tcl 8.5 support. PR: 146607 Submitted by: dougb
* Fix build with OpenSSL 1.0makc2010-05-223-28/+283
| | | | | PR: ports/146615 Reported by: Gerard Seibert <gerard at seibercom.net>
* The xz utils and lzma library have been imported into base, so makenaddy2010-05-222-2/+2
| | | | | | the dependency on the archivers/xz port conditional on OSVERSION. Approved by: MAINTAINER
* Gcc 4.2+ is only needed to build clamav with LLVM/JIT support, remove thisgarga2010-05-212-2/+2
| | | | | | dependency when LLVM is not set. Submitted by: Guy Antony Halse <G.Halse@ru.ac.za>
* - update to 1.5.0dinoex2010-05-212-4/+4
|
* Update to 0.9.31 release.ale2010-05-202-4/+4
|
* Update to 2.7.1garga2010-05-202-6/+5
|
* A bunch of changes for the SQLITE3 backend:ale2010-05-207-87/+129
| | | | | | | | | 1) fix for bug #528467 (C_UnwrapKey didn't work with DSA and EC private keys) 2) fix for bug #526231 (C_GetAttributeValue didn't correctly work) 3) partial fix for bug #564011 (object ID race on keypairgen) 4) use sqlite3 in ports (there is no reason to compile the bundled one) Approved by: no objections by marcus and gnome team
* Fix HTTP headers handling. Bump PORTREVISION.tobez2010-05-202-0/+24
| | | | | | | This bug has been known for years, but have been ignored upstream (see https://rt.cpan.org/Public/Bug/Display.html?id=33954). Submitted by: brian
* - Fix when a Swatch rule has an "exec" action, child processes are notsylvio2010-05-201-0/+11
| | | | | | | | correctly cleaned up. PR: ports/136611 Submitted by: Thomas Quinot <thomas@cuivre.fr.eu.org> Approved by: Joseph Scott <joseph@josephscott.org> (maintainer)
* Update to 0.96.1garga2010-05-203-36/+6
|
* - Mark BROKEN: bad plistpav2010-05-181-0/+2
| | | | Reported by: pointyhat
* - Update to 1.4.1.1pgj2010-05-163-5/+32
| | | | - Import OPTIONS
* Update to week 19 tarballjpaetzel2010-05-152-4/+4
| | | | | | PR: ports/146594 Submitted by: Eric F Crist <ecrist@secure-computing.net> Approved by: itetcu@ (mentor)
* - Document multiple redmine vulnerabilitiesdecke2010-05-151-0/+26
| | | | | Approved by: miwi (secteam), beat (co-mentor) Security: http://www.redmine.org/news/39
* Properly install the missing org.freedesktop.secrets.service file.marcus2010-05-144-0/+22
| | | | | Reported by: Jonathan Chen <jonc@chen.org.nz> Obtained from: https://bugzilla.gnome.org/show_bug.cgi?id=611002
* Add AUTOTOOLS dependency when using packages as opposed to portscy2010-05-144-4/+4
| | | | to satisfy dependencies.
* Remove unnecessary dependency on autoconf/automakejohans2010-05-131-1/+0
|
* Updated tomcat entry (CVE-2010-1157) with fixed version information.niels2010-05-131-2/+2
| | | | | | | This makes sure that the correct older versions are marked vulnerable Approved by: itetcu (mentor, implicit) Security: http://www.vuxml.org/freebsd/3383e706-4fc3-11df-83fb-0015587e2cc1.html
* Introduce a new (and hopefully better) ports infrastructure for Haskell Cabalpgj2010-05-136-213/+40
| | | | | | ports which makes possible the direct translation of Cabal package descriptions to FreeBSD ports. It promises both easier addition and maintenance for Cabal-based ports.
* - Added 109 missing CVE names to 60 VuXML entriesniels2010-05-121-24/+171
| | | | | | | | - Fixed Tomcat55 entry to mark current PORTREVISION vulnerable PR: ports/146418 Approved by: itetcu (mentor, implicit) Security: http://people.freebsd.org/~niels/vuxml/
* Resolve autotools issue.cy2010-05-124-0/+4
| | | | Thanks to: pointyhat
* Switch to PLIST_FILESdougb2010-05-122-5/+2
| | | | | PR: ports/146508 Submitted by: Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
* Add the info for the .sig filedougb2010-05-121-0/+3
|
* Adopt the orphan, add the verify target for the PGP signaturedougb2010-05-121-1/+6
|
* Update to 0.4.0.anders2010-05-122-4/+4
| | | | The new version has a much welcomed and useful search ability.
* - The FreeBSD KDE team is pleased to announce KDE SC 4.4.3 for FreeBSDfluffy2010-05-116-66/+88
| | | | With hat on: kde@
* Presenting GNOME 2.30.1 for FreeBSD. The offical release notes for thiskwm2010-05-1122-144/+284
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | release can be found at http://library.gnome.org/misc/release-notes/2.30/ . This release brings initial PackageKit support, Upower (replaces power management part of hal), cuse4bsd integration with HAL and cheese, and a faster Evolution. Sadly GNOME 2.30.x will be the last release with FreeBSD 6.X support. This will also be the last of the 2.x releases. The next release will be the highly-anticipated GNOME 3.0 which will bring with it a new UI experience. Currently, there are a few bugs with GNOME 2.30 that may be of note for our users. Be sure to consult the UPGRADING note or the 2.30 upgrade FAQ at http://www.freebsd.org/gnome/docs/faq230.html for specific upgrading instructions, and the up-to-date list of known issues. This release features commits by avl, ahze, bland, marcus, mezz, and myself. The FreeBSD GNOME Team would like to thank Anders F Bjorklund for doing the initual packagekit porting. And the following contributors & testers for there help with this release: Eric L. Chen Vladimir Grebenschikov Sergio de Almeida Lenzi DomiX walder crsd Kevin Oberman Michal Varga Pavel Plesov Bapt kevin and ITetcu for two exp-run PR: ports/143852 ports/145347 ports/144980 ports/145830 ports/145511
* Updated port to version 1.34bniels2010-05-112-4/+4
| | | | Approved by: maintainer, itetcu (mentor, implicit)
* This is a adaptation of pam_chroot to BSD jails : it dropps users in jailsmiwi2010-05-105-0/+48
| | | | | | | after login. PR: ports/145302 Submitted by: Damien Bobillot
* pulledpork is a Perl script which helps to update your Snort 2.8+ rules.miwi2010-05-105-0/+135
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The sample config file comes predefined with the new settings for snort.org downloads, which will change in June 2010. BE SURE to read through the master pulledpork.conf file thoroughly, as there are many changes as of snort 2.8.6.0 that WILL affect you, even if you are NOT yet running 2.8.6.0! Features: * Flowbit tracking! * capability to specify base ruleset (see README.RULESETS) in master pulledpork.conf file. * Handle preprocessor and sensitive-information rulesets * Ability to define sid ranges in any of the sid modification .conf files * Ability to specify references in any of the sid modification .conf files * Ability to ignore entire rule categories (i.e. not include them) * Specify locally stored rules files that need their meta data included in sid-msg.map * Ability to specify your arch for so_rules * Rules are written to only two distinct files * Support metadata based VRT recommended rulesets * Maintain an optional rule changelog * Support for setting rules to Drop * Support for multi-line rules * Rule modification, i.e. disabling of specific rules within rule sets * Outputs changes in rules files if any rules have been added / modified * Compares new rules files with current rule sets * Automated retrieval of certain variables (Distro, Snort Version.. etc) * Downloads latest rules file * Verifies MD5 of local rules file * If MD5 has not changed from snort.org.. doesn't fetch files again * handle both rules and so_rules * Capability to generate stub files WWW: http://code.google.com/p/pulledpork/ PR: ports/146239 Submitted by: Olli Hauer
* - Update to 2.14wen2010-05-102-4/+4
|
* - Update to 1.4.5miwi2010-05-0912-5/+174
| | | | | PR: 145635 Submitted by: olli hauer <ohauer@gmx.de>
* - Update to 4.26miwi2010-05-093-6/+7
| | | | | PR: 146312 Submitted by: Ports Fury
* Added wireshark (DoS) and piwik (XSS) issuesniels2010-05-081-0/+57
| | | | | | | Approved by: itetcu (mentor, implicit) Security: http://www.wireshark.org/security/wnpa-sec-2010-03.html Security: http://www.wireshark.org/security/wnpa-sec-2010-04.html Security: http://piwik.org/blog/2010/04/piwik-0-6-security-advisory/
* Added spamass-milter remote command execution vulnerabilityniels2010-05-071-1/+31
| | | | | | Approved by: itetcu (mentor, implicit) Security: CVE-2010-1132 Security: http://archives.neohapsis.com/archives/fulldisclosure/2010-03/0139.html
* Update to 0.4.3skv2010-05-064-85/+14
| | | | | | Changes: http://www.keepassx.org/changelog PR: ports/146259 Submitted by: Gvozdikov Veniamin <g.veniamin xx googlemail.com>
* - Added mediawiki and lxr vulnerabilitiesniels2010-05-061-1/+68
| | | | | | | | | - Fixed vlc topic format (lower case, portname first) PR: ports/146337 Approved by: itetcu (mentor, implicit) Security: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-April/000090.html Security: http://sourceforge.net/mailarchive/message.php?msg_name=E1NS2s4-0001PE-F2%403bkjzd1.ch3.sourceforge.com
* - fix path in c_rehashdinoex2010-05-054-4/+50
| | | | | | | | Submitted by: Matthias Andree Obtained from: http://rt.openssl.org/Ticket/Display.html?id=2234 - add more DTLS bugfixes Obtained from: http://sctp.fh-muenster.de/
* - Update to 1.33jadawin2010-05-052-4/+4
| | | | - Changelog: http://search.cpan.org/src/SULLR/IO-Socket-SSL-1.33/Changes
* Add security/p5-Crypt-CAST5 0.05, a Perl module that implementstobez2010-05-055-0/+39
| | | | CAST5 block cipher.
* Update 1.3.r7 --> 4.2.cy2010-05-056-46/+11
| | | | | PR: 146072 Submitted by: plosher
* Update 3.0.7 --> 4.0.0.cy2010-05-057-148/+332
|
* Welcome the new fwbuilder-devel and libfwbuilder-devel ports.cy2010-05-051-0/+2
|
* Welcome the new fwbuilder-devel port.cy2010-05-054-57/+219
|
* Welcome the new libfwbuilder-devel port.cy2010-05-053-90/+117
|
* Added 38 missing CVE names to 24 VuXML entriesniels2010-05-051-5/+62
| | | | | | | (256 CVE names to go) Approved by: itetcu (mentor, implicit) Security: http://people.freebsd.org/~niels/vuxml/
* - Update to 20100504garga2010-05-052-5/+5
| | | | - Try to fix build on sparc64 disabling LLVM/JIT build
* Disable LLVM/JIT build for sparc64, it should unbreak it on this archgarga2010-05-051-1/+1
|
* Fix build issue WITH_OPENSSL_PORT.nork2010-05-041-0/+1
| | | | | PR: ports/146289 Submitted by: Dan Lukes dan obluda cz
* Fix build issue WITH_OPENSSL_PORT.nork2010-05-041-0/+2
| | | | | PR: ports/146288 Submitted by: Dan Lukes dan obluda cz
* Fix build issue WITH_OPENSSL_PORT.nork2010-05-041-0/+2
| | | | | PR: ports/146286 Submitted by: Dan Lukes dan obluda cz
* Fix build issue WITH_OPENSSL_PORT.nork2010-05-041-0/+2
| | | | | PR: ports/146285 Submitted by: Dan Lukes dan obluda cz
* - Annotate the combination of X509 and KERB_GSSAPI patches as brokenpav2010-05-041-0/+4
| | | | | | PR: ports/142819 Submitted by: Scot Hetzel <swhetzel@gmail.com> Approved by: maintainer timeout (1 month)
* Fix build error WITH_OPENSSL_PORT.nork2010-05-041-0/+2
| | | | | PR: 146283 Submitted by: Dan Lukes dan obluda cz
* - Use @dirrmtry instead of @dirrmwen2010-05-041-3/+3
| | | | | PR: ports/144965 Submitted by: Kimo <kimor79@yahoo.com>
* Update to 2.6.novel2010-05-042-4/+4
|
* Update to 2.8.6.novel2010-05-043-4/+5
|
* Update to 2.9.10.novel2010-05-044-26/+57
|
* - Update to 1.5.0sahil2010-05-032-5/+4
| | | | | | PR: ports/146234 Submitted by: Petr Rehor <prehor@gmail.com> (maintainer) Approved by: wxs@ (mentor)
* Added 34 missing CVE names to 24 VuXML entriesniels2010-05-021-7/+60
| | | | | | | (294 CVE names to go) Approved by: miwi (secteam) Security: http://people.freebsd.org/~niels/vuxml/
* Update to version 1.07 (unbreak port)niels2010-05-023-20/+31
| | | | Approved by: itetcu (mentor, implicit)
* - Update to 0.2.2.13-alphamiwi2010-05-022-4/+4
| | | | | PR: 146091 Submitted by: Andrei Lavreniyuk <andy.lavr@gmail.com> (maintainer)
* 2010-04-30 audio/py-flac: has been marked IGNORE for past 24 monthsmiwi2010-05-027-111/+0
| | | | | | | | | | | | | | | | | 2010-02-20 databases/mysql-connector-java50: Old version: please use databases/mysql-connector-java instead 2010-04-15 databases/p5-DBIx-Class-HTML-FormFu: This module is obsoleted by www/p5-HTML-FormFu-Model-DBIC 2010-04-29 devel/py-rbtree: "does not build with new pyrex and it's not active maintained" 2010-04-08 devel/tavrasm: No longer maintained, use devel/avra instead 2010-04-27 mail/postfix23: it's no longer maintened by upstream developer 2010-04-30 math/libgmp4: Use math/gmp instead. 2010-04-04 misc/ezload: does not build with new USB stack in 8-STABLE 2010-01-31 misc/gkrellmbgchg: use misc/gkrellmbgchg2 2010-03-04 multimedia/kbtv: no longer under development by author 2010-02-16 net/plb: broken; abandoned by author; use net/relayd or www/nginx instead 2010-04-30 security/vpnd: This software is no longer developed 2010-03-15 textproc/isearch: abandoned upstream, uses an obsolete version of GCC, not used by any other port 2010-04-02 www/caudium12: No longer maintained upstream, please switch to www/caudium14 2010-03-08 www/p5-Catalyst-Plugin-Cache-FileCache: Deprecated by module author in favor of www/p5-Catalyst-Plugin-Cache
* - VideoLAN has released 1.0.6 to address serveral vulnerabilities they ↵sylvio2010-05-021-0/+27
| | | | | | | discoverd while working towards the 1.1.0 release. These vulnerabilities could potentially allow for a specially crafted file to execute code. PR: ports/146099 Submitted by: Joseph S. Atkinson <jsa@wickedmachine.net> (maintainer)
* Updated port to version 1.06niels2010-05-023-18/+57
| | | | Approved by: itetcu (mentor, implicit)
* Update to version 1.33bniels2010-05-022-4/+5
| | | | | Reviewed by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor, implicit)
* Update to 1.2.15johans2010-04-302-4/+4
|
* - fix version for apache+mod_ssldinoex2010-04-301-1/+1
|
* - fix info for apache+mod_ssldinoex2010-04-301-1/+1
|
* - Assign to new volunteerpgollucci2010-04-301-1/+1
|
* - fix dependencyclsung2010-04-291-0/+2
| | | | | | | - bump PORTREVISION PR: ports/144709 Submitted by: Rainer Duffner <rainer_AT_ultra-secure dot de>
* Fix the 'nss-config --libs' by remove the '-Wl,-R/usr/local/lib/nss' to allowmezz2010-04-292-1/+2
| | | | | | | other gecko applications to be able to build with nss. PR: ports/144994 Submitted by: mi
* Mark kdebase3 as safe now.makc2010-04-291-1/+1
|
* - Re-assign all my rubygem-* ports to ruby@pgollucci2010-04-284-6/+6
| | | | | | | | | this gives us more eyes and brings us inline with perl@ Current ruby@ members (stas, dinoex, pgollucci) http://wiki.freebsd.org/Ruby Discussed with: stas on #bsdports
* - Documented multiple Joomla! vulnerabilitiesniels2010-04-271-0/+52
| | | | | | | - Added new reference to the recent cacti issue Approved by: remko (secteam) Security: http://developer.joomla.org/security/
* Welcome to krb5-appl-1.0. MIT split the Kerberos applications from thecy2010-04-2625-597/+57
| | | | base Kerberos distribution, creating krb5-appl.
* Welcome the new krb5-1.8.1. Significant changes include the removal ofcy2010-04-2616-574/+193
| | | | the MIT KRB5 applications (now in a separate tarball and port).
* Krb5-17 has been merged into krb5 and a new krb5-appl has been repocopiedcy2010-04-261-1/+1
| | | | | | | from krb5-l7. The old krb5-17 port has been removed. All this is in preparation for the krb5 1.8.1 commit. PR: 145968
* Remove krb5-17, which has been merged into the krb5 port.cy2010-04-2626-1061/+0
|
* MFkrb5-17.cy2010-04-2612-220/+89
|
* - Update to 201017sylvio2010-04-262-4/+4
| | | | | PR: ports/145762 Submitted by: Eric F Crist <ecrist@secure-computing.net> (maintainer)
* Documented vulnerabilities in moodle, tomcat55, tomcat66 and cactiniels2010-04-251-0/+94
| | | | | | | | | PR: ports/146021 PR: ports/146022 Approved by: remko (secteam) Security: http://seclists.org/bugtraq/2010/Apr/200 Security: http://docs.moodle.org/en/Moodle_1.9.8_release_notes Security: http://www.bonsai-sec.com/en/research/vulnerability.php
* - Update to 5.3sahil2010-04-255-50/+10
| | | | | | | | | - Use ${PORTNAME} variable where possible PR: ports/145524 Submitted by: Laurent LEVIER <llevier@argosnet.com> (maintainer) Tweaked by: sahil@ (myself) Approved by: wxs@ (mentor)
* Documented emacs movemail vulnerability and marked the seperateniels2010-04-241-0/+67
| | | | | | | mail/movemail port vulnerable to an old format string vulnerability. Approved by: remko (secteam) Security: http://www.ubuntu.com/usn/USN-919-1
* - PHP 5.2 slave portdinoex2010-04-242-0/+15
| | | | | PR: 145772 Submitted by: Alex Keda
* - PHP 5.2 slave portdinoex2010-04-243-0/+29
| | | | | PR: 145772 Submitted by: Alex Keda
* - PHP 5.2 slave portdinoex2010-04-241-0/+1
| | | | | PR: 145772 Submitted by: Alex Keda
* - PHP 5.2 slave portdinoex2010-04-234-0/+54
| | | | | PR: 145772 Submitted by: Alex Keda
* - PHP 5.2 slave portdinoex2010-04-231-0/+1
| | | | | PR: 145772 Submitted by: Alex Keda
* - Update MASTER_SITESkrion2010-04-231-3/+1
| | | | | PR: ports/145730 Submitted by: sylvio@FreeBSD.org
* Added krb5 double free vulnerabilityniels2010-04-221-0/+30
| | | | | | Approved by: remko (secteam) Security: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt Security: CVE-2010-1320
* Upgraded to version 1.05niels2010-04-213-118/+202
| | | | Approved by: itetcu (mentor)
* JBroFuzz is a web application fuzzer for requests being made overniels2010-04-216-0/+74
| | | | | | | | | HTTP or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities. WWW: http://www.owasp.org/index.php/Category:OWASP_JBroFuzz Approved by: itetcu (mentor)
* Upgraded to version 1.32bniels2010-04-212-4/+4
| | | | | Reviewed by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor)
* Documented the following vulnerabilities:niels2010-04-211-0/+161
| | | | | | | | | | | | | | | | | | - png: libpng decompression denial of service - e107: code execution and XSS vulnerabilities - pidgin: multiple remote denial of service vulnerabilities - fetchmail: denial of service vulnerability PR: ports/145885 PR: ports/145857 Approved by: remko (secteam) Security: CVE-2010-0996 Security: CVE-2010-0997 Security: CVE-2010-1167 Security: CVE-2010-0277 Security: CVE-2010-0420 Security: CVE-2010-0423 Security: CVE-2010-0205
* - fix LIB_DEPENDS about libnetclsung2010-04-202-5/+6
| | | | | | | | | - snortsam patch for snort has changed - ref: http://lists.snortsam.net/pipermail/snortsam-discussion/2010-March/000502.html - bump PORTREVISION PR: ports/145632 Submitted by: olli hauer <ohauer_AT_gmx dot de>
* Documented the following vulnerabilities:niels2010-04-201-0/+111
| | | | | | | | | | | | - curl: libcurl buffer overflow vulnerability - irssi: multiple vulnerabilities - ejabberd: queue overload denial of service vulnerability Approved by: remko (secteam) Security: http://curl.haxx.se/docs/adv_20100209.html Security: http://support.process-one.net/browse/EJAB-1173 Security: http://xforce.iss.net/xforce/xfdb/57790 Security: http://xforce.iss.net/xforce/xfdb/57791
* New port: Fuzzdb is a comprehensive set of fuzzing patterns thatniels2010-04-195-0/+152
| | | | | | | | can be used during discovery or security testing of web applications. WWW: http://code.google.com/p/fuzzdb/ Approved by: itetcu (mentor)
* Switch to use newer GMP version.ale2010-04-1912-19/+24
| | | | | | PR: ports/144487 Submitted by: ale Approved by: portmgr (-exp run by erwin)
* - Added three krb5 vulnerabilitiesniels2010-04-191-6/+80
| | | | | | | | | | - Fixed indent on mahara entry - Fixed title of KDM entry Approved by: remko (secteam) Security: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-001.txt Security: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-002.txt Security: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt
* Mark BROKEN on 9.x: does not builderwin2010-04-191-0/+4
|
* Mark BROKEN on 9.x: leaves files behind on deinstallerwin2010-04-191-0/+4
|
* Document mahara sql injection vulnerabilityniels2010-04-191-0/+32
| | | | | Approved by: remko (secteam) Security: http://www.debian.org/security/2010/dsa-2030
* Upgrade to version 1.31bniels2010-04-182-4/+4
| | | | | Reviewed by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor)
* - Fix pkg-plist so directories installed out of PREFIX are removedglarkin2010-04-171-0/+1
| | | | | | | when empty PR: ports/145741 Submitted by: sahil
* Update to 1.2.5 and hand maintainership to Sofian Brabez.lx2010-04-172-5/+54
| | | | | PR: ports/145760 Submitted by: sbrabez@gmail.com
* Update to stunnel-4.33; hopefully, the stability problems are fixed now.roam2010-04-165-16/+13
|
* Correct CVE entry. The advisory from Todd[0] says CVE 2010-0426, which iswxs2010-04-161-1/+1
| | | | | | | | | the entry assigned to the original sudoedit vulnerability[1]. The new one (CVE-2010-1163) was just assigned. I believe the one assigned by CVE folks is the proper one to use. [0]: http://sudo.ws/sudo/alerts/sudoedit_escalate2.html [1]: 018a84d0-2548-11df-b4a3-00e0815b8da8
* - Update to 1.7.2p6 (security fix).wxs2010-04-162-5/+5
| | | | Security: 1a9f678d-48ca-11df-85f8-000c29a67389
* - Document sudo privilege escalation bug. This is similar towxs2010-04-161-0/+36
| | | | 018a84d0-2548-11df-b4a3-00e0815b8da8.
* Mark FORBDDEN due to security vulnerabilities.cy2010-04-152-0/+2
| | | | Security: MITKRB5-SA-2010-001, MITKRB5-SA-2010-002, MITKRB5-SA-2010-003.
* - Do not match x11/kdebase4 in latest KDM vulnerability.avilla2010-04-151-1/+2
| | | | Approved by: tabthorpe (mentor)
* - Mark BROKEN: does not compilepav2010-04-154-0/+8
| | | | Reported by: pointyhat
* - Document KDM local privilege escalation vulnerability.avilla2010-04-151-0/+35
| | | | Approved by: tabthorpe (mentor), delphij (secteam)
* - Fix build with opensslwen2010-04-141-3/+11
| | | | | PR: ports/145620 Submitted by: Sergei Vyshenski <svysh@pn.sinp.msu.ru> (maintainer)
* Bumped PORTREVISION due to new patchniels2010-04-141-0/+1
| | | | Approved by: miwi (mentor)
* Fix plugins location patchniels2010-04-141-9/+3
| | | | Approved by: miwi (mentor)
* - update to 1.0.13dinoex2010-04-142-4/+4
|
* - Unbreak after recent PHP 5.3.2 updateglarkin2010-04-131-3/+42
| | | | | Reported by: pointyhat Approved by: portmgr (itetcu, erwin - blanket)
* - Update to 20100412garga2010-04-123-5/+6
| | | | | - Use ${TOUCH} instead of touch - Fix pkg-plist to delete directories installed out of PREFIX (on /var)
* - Use ${TOUCH} instead of touchgarga2010-04-122-1/+3
| | | | | | | | - Fix pkg-plist to delete directories installed out of PREFIX (on /var) [1] - Bump PORTREVISION because of [1] PR: ports/145448 [1] Submitted by: sahil@ [1]
* Unit tests require python built with thread support, disable make check whengarga2010-04-122-2/+34
| | | | | | | local python doesn't have this PR: ports/145520 Submitted by: Michael Scheidell <scheidell at secnap.net>
* New port: WhatWeb can be used to detect the software packages thatniels2010-04-126-0/+264
| | | | | | | | | | are used for a website. It can detect content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers, etc.. WWW: http://www.morningstarsecurity.com/research/whatweb Approved by: itetcu (mentor)
* Removed old patch to fix previous commit:niels2010-04-121-30/+0
| | | | | | | | Upgraded to version 1.30b Submitted by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor) Reported by: QAT
* Upgraded to version 1.30bniels2010-04-125-17/+36
| | | | | Submitted by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor)
* Add forgotten dependency on gnutlsjohans2010-04-111-1/+3
|
* - Update to 3.12.6beat2010-04-104-27/+26
| | | | Approved by: marcus
* - Update to 1.1.4sylvio2010-04-102-6/+4
| | | | | | PR: ports/145523 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Approved by: itetcu (mentor, implicit)
* Python and gmake are just necessary when LLVM option is setgarga2010-04-101-14/+16
|
* Python and gmaker are needed just if LLVM option is setgarga2010-04-101-14/+16
|
* Update to 0.9.30 release.ale2010-04-092-4/+4
|
* Update to PHP 5.3.2 release!ale2010-04-093-31/+1
|
* - Remove nmap-i18n-man - security/nmap now comes with translated manual pagesamdmi32010-04-085-180/+0
| | | | | PR: 145439 Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
* - add option WITHOUT_ASMdinoex2010-04-071-0/+7
|
* - Document dojo - cross-site scripting and other vulnerabilitiesglarkin2010-04-071-0/+72
| | | | | | | | - Document ZendFramework - security issues in bundled Dojo library Approved by: secteam (remko) Security: http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/ Security: http://framework.zend.com/security/advisory/ZF2010-07
* - Reduce differences between it and security/clamav-develgarga2010-04-071-10/+16
| | | | | | | - Make JIT bytecode compiler as an OPTION, On by default [1] PR: ports/145435 [1] Submitted by: Alexander Wittig <alexander at wittig.name> [1]
* - Update to 20100406garga2010-04-073-30/+30
| | | | | - Reduce differences between it and security/clamav - Make JIT bytecode compiler as an OPTION, On by default
* - fix build on sparc64dinoex2010-04-071-0/+4
| | | | Submitted by: kwm
* - Remove duplicated BUILD_DEPENDSgarga2010-04-071-2/+0
|
* Chase clamav's lib bumpgarga2010-04-0610-9/+12
|
* - Update to 0.96garga2010-04-066-54/+62
| | | | | | | | - Fix error on make check when LC_ALL != en and subversion is installed [1] PR: ports/145340 [1] Submitted by: Alexander Wittig <alexander@wittig.name> [1] Obtained from: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1922 [1]
* - chase updated patches for sctp-17 and dtlsdinoex2010-04-062-13/+28
|
* - Document firefox -- Re-use of freed object due to scope confusionbeat2010-04-061-0/+26
| | | | | Submitted by: Florian Smeets <flo AT smeets.im> Approved by: miwi
* - add options WITH_MD2dinoex2010-04-062-2/+36
| | | | | | Suggested by: Tatsuki Makino - add options WITH_RC5 and WITH_RFC3779
* - strip text for optionsdinoex2010-04-051-1/+1
| | | | Reported by: Richard J. Dawes
* re-assign back to ports@pgollucci2010-04-051-1/+1
|
* - Update to v0.008brix2010-04-042-4/+4
|
* Build warning fixes, forgotten in previous commit:niels2010-04-042-0/+22
| | | | | | | - Upgrade to version 1.29b Approved by: itetcu (mentor) Approved by: Ryan Steinmetz (maintainer)
* Upgrade to version 1.29bniels2010-04-043-17/+29
| | | | | Reviewed by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor)
* Marked broken for 6.x: does not buildniels2010-04-031-1/+8
| | | | | Approved by: itetcu (mentor) Reported by: pointyhat
* Chase the ftp/curl shlib version bump.roam2010-04-039-7/+13
|
* Add files/patch-lib_netio.c to fix build without starttls.johans2010-04-031-0/+14
| | | | Unfortunately this addition was forgotten in the previous commit.
* Upgrade to version 5.2gniels2010-04-032-11/+11
| | | | | | PR: ports/145149 Submitted by: Gerard <gerard@seibercom.net> (maintainer) Approved by: miwi (co-mentor)
* Upgrade to version 20100313niels2010-04-032-4/+4
| | | | | | PR: ports/145191 Submitted by: Bapt <baptiste.daroussin@gmail.com> (maintainer) Approved by: miwi (co-mentor)
* - update to 1.0.0dinoex2010-04-035-162/+266
| | | | | | - regression tested on i386, amd64 and ia64 - use DIST_SUBDIR to resolve conflicts with old patchfiles - new options DTLS_RENEGOTIATION, DTLS_HEARTBEAT, TLS_EXTRACTOR, SCTP
* Update to 0.0.43johans2010-04-033-6/+7
|
* Mark as broken on powerpc. While here, pet portlint.linimon2010-04-011-2/+8
| | | | Hat: portmgr
* Also broken on powerpc.linimon2010-04-011-2/+2
| | | | Hat: powerpc
* Revert previous commit: it had already been fixed.linimon2010-04-011-7/+1
|
* Mark as not yet ported to powerpc.linimon2010-04-011-1/+7
| | | | Hat: portmgr
* Mark as broken on powerpc.linimon2010-04-011-1/+7
| | | | Hat: portmgr
* Also mark as broken on powerpc.linimon2010-04-011-1/+1
| | | | Hat: portmgr
* Add the actual python module directory.lx2010-04-011-0/+19
|
* Make the python and libfixbuf dependencies mandatory -- they're prettylx2010-04-012-26/+20
| | | | ingrained in the product now.
* - Document mozilla -- multiple vulnerabilitiesbeat2010-03-311-0/+67
| | | | Approved by: delphij
* - Security update to 0.9.8ndinoex2010-03-312-7/+4
| | | | Security: http://www.openssl.org/news/secadv_20100324.txt
* Fix rc.d script return valueehaupt2010-03-312-3/+4
| | | | | PR: 145207 Submitted by: Dominic Fandrey <kamikaze@bsdforen.de>
* Update to 2.14(.)01.tobez2010-03-302-4/+5
| | | | Changes: http://search.cpan.org/dist/Authen-SASL/Changes
* - update to 1.4.1dinoex2010-03-2866-60/+66
| | | | | Reviewed by: exp8 run on pointyhat Supported by: miwi
* Python-otr is a set of python bindings for libotr. This givesmiwi2010-03-285-0/+39
| | | | | | | | | developers the flexibility to implement OTR encryption for their python-based Instant Messaging clients. WWW: http://python-otr.pentabarf.de/ Submitted by: Frank Steinborn <steinex at nognu.de>
* - update to 0.13.1dinoex2010-03-282-4/+4
|
* RC_SUBR_SUFFIX has not been needed for a long time now, all supporteddougb2010-03-277-10/+4
| | | | | versions of FreeBSD now use /etc/rc.subr and rc.d scripts without .sh appended to the script name.
* Begin the process of deprecating sysutils/rc_subr bydougb2010-03-2768-69/+69
| | | | s#. %%RC_SUBR%%#. /etc/rc.subr#
* Update to 0.1.5johans2010-03-264-5/+12
| | | | This includes a shlib version bump
* - Update to 0.4.2avl2010-03-265-6/+39
| | | | - Add option for SSH1 support
* Document postgresql bitsubstr overflow vulnerabilitydelphij2010-03-261-0/+37
|
* skipfish is a high-performance, easy, and sophisticated Web applicationniels2010-03-257-0/+126
| | | | | | | | | | | | security testing tool. It features a single-threaded multiplexing HTTP stack, heuristic detection of obscure Web frameworks, and advanced, differential security checks capable of detecting blind injection vulnerabilities, stored XSS, and so forth. PR: ports/144942 Submitted by: Ryan Steinmetz <rpsfa@rit.edu> Approved by: itetcu (mentor) WWW: http://code.google.com/p/skipfish/
* Marked DEPRECATED and expiration date is set to 2010-04-30. Theniels2010-03-251-0/+3
| | | | | | port is broken and the software is no longer available/developed Approved by: itetcu (mentor)
* Update to version 0.6.0niels2010-03-254-16/+7
| | | | Approved by: itetcu (mentor)
* Upgrade to 1.1.1 (pointed out by www.portscout.org)niels2010-03-253-66/+130
| | | | Approved by: itetcu (mentor)
* Document a buffer overflow in gtar's rmt client functionality.naddy2010-03-251-0/+27
|
* This is the bi-weekly update of openvpn-devel (week 12)niels2010-03-242-4/+4
| | | | | | PR: ports/144945 Submitted by: Eric F Crist <ecrist@secure-computing.net> (maintainer) Approved by: miwi (mentor)
* Update to 2.2.0.lx2010-03-243-39/+39
|
* - update to 0.13.0dinoex2010-03-242-4/+21
|
* - Document firefox -- WOFF heap corruption due to integer overflowbeat2010-03-231-0/+26
| | | | Approved by: miwi
* - restore snortsam checksumclsung2010-03-231-0/+3
| | | | | PR: ports/144715 Submitted by: olli hauer <ohauer_AT_gmx dot de>
generated by cgit (git 2.34.1) at 2025-01-11 03:27:27 +0800