| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Also implement a suggestion from Simon, mark all versions before
the latest version vulnerable.
|
| |
|
|
|
|
|
|
| |
Note that I only documented the high level
threats, there are several others which can
be found at the link provided [1]
Reference: http://www.joomla.org/content/view/1841/78/ [1]
|
| |
|
|
|
|
|
| |
- I'll maintain it now.
PR: ports/99862
Submitted by: Linh Pham <question+fbsdports_AT_closedsrc dot org>
|
| |
|
|
|
| |
PR: ports/102635
Submitted by: Peter Thoenen <peter.thoenen(at)yahoo.com> (maintainer)
|
| |
|
|
|
|
| |
only documentation changes and a small bug fix on option parsing).
Approved by: mnag
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Changelog prelude-manager-0.9.6:
- In case an IDMEF-Service object contain neither name or port
attribute, set name to "unknown" in order to avoid IDMEF DTD
validation issue.
- Normalize analyzer(*).node.
- Fix OpenBSD getaddrinfo() problem.
PR: ports/102593
Submitted by: maintainer (Robin Gruyters)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ssh_encode_{array_alloc,buffer}() calls as appropriate in order to
fix argument size problems on 64-bit platforms and that manifest
themselves on amd64 and ia64. [1]
- Allow the tcsetattr(3) calls in ssh_rl_{restore,set}_tty_modes_for_fd()
to be interrupted by signal. This fixes occasional problems when
connecting to a host for the first time.
- Use the base zlib instead of the one shipping with SSH; although the
latter has an enhancement allowing a minor SSH-specific optimization,
using the base one has the benefit of not needing to track security
vulnerabilities of zlib in this port (SSH 3.2.9.1 ships with zlib
1.1.4 which is not know to be vulnerable though).
- Try to make the description of the WITHOUT_X11 option of the port
Makefile to be more sentence-like.
PR: 98016 [1]
Approved by: netchild
Obtained from: NetBSD [1]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SSL 3.0 protocols. The library does not include any patented algorithms and
is available under the GNU Lesser GPL license.
Important features of the GnuTLS library include:
- Thread safety
- Support for both TLS 1.0 and SSL 3.0 protocols
- Support for both X.509 and OpenPGP certificates
- Support for basic parsing and verification of certificates
- Support for SRP for TLS authentication
- Support for TLS Extension mechanism
- Support for TLS Compression Methods
Additionaly GnuTLS provides an emulation API for the widely used
OpenSSL library, to ease integration with existing applications.
WWW: http://www.gnutls.org/
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Reported by: kris
Approved by: garga (mentor)
|
| |
|
|
|
|
|
| |
Scheme-influenced VM.
PR: ports/102238
Submitted by: Piet Delport
|
| |
|
|
|
|
| |
PR: ports/102368
Submitted by: Martin Jackson <mhjacks(at)swbell.net>
Approved by: krion (mentor), maintainer (via privat mail)
|
| |
|
|
|
|
| |
PR: ports/102008
Submitted by: Sergei Vyshenski <svysh(at)cryptocom.ru> (maintainer)
Approved by: krion (mentor)
|
| |
|
|
|
| |
PR: ports/102423
Submitted by: Kay Lehmann <kay_lehmann at web.de> (maintainer)
|
| |
|
|
|
|
| |
PR: ports/102310 (based on)
Submitted by: Alex Samorukov <samm@os2.kiev.ua>
Approved by: Dmitry Marakasov <amdmi3@mail.ru> (maintainer)
|
| |
|
|
|
|
|
| |
- Grant maintainership to the submitter
PR: ports/97546
Submitted by: Anish Mistry <amistry@am-productions.biz>
|
| | |
|
| |
|
|
|
|
| |
PR: ports/102258
Submitted by: Ulf Lilleengen <lulf(at)pvv.ntnu.no> (maintainer)
Approved by: krion (mentor)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SinFP is a new approach to OS fingerprinting, which bypasses
limitations that nmap has.
Nmap approaches to fingerprinting as shown to be efficient for years.
Nowadays, with the omni-presence of stateful filtering devices,
PAT/NAT configurations and emerging packet normalization technologies,
its approach to OS fingerprinting is becoming to be obsolete.
SinFP uses the aforementioned limitations as a basis for tests to be
obsolutely avoided in used frames to identify accurately the remote
operating system. That is, it only requires one open TCP port, sends
only fully standard TCP packets, and limits the number of tests to 2
or 3 (with only 1 test giving the OS reliably in most cases).
WWW: http://www.gomor.org/sinfp
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
By sniffing a VNC challenge-response sequence off the network
(typically when VNC is used without a decent cryptographic
wrapper like SSH or SSL), you can recover the password fairly
easily and quickly by letting VNCcrack pound on it.
WWW: http://www.randombit.net/projects/vnccrack/
PR: ports/102279
Submitted by: Pankov Pavel <pankov_p at mail.ru>
|
| |
|
|
| |
so that we can easily see the different entries).
|
| |
|
|
|
|
|
| |
- bump PORTREVISION
PR: ports/102302
Submitted by: Matthias Andree (maintainer)
|
| |
|
|
|
|
|
| |
- bump PORTREVISION
PR: ports/102301
Submitted by: Matthias Andree (maintainer)
|
| |
|
|
|
|
| |
PR: ports/102230
Submitted by: Wesley Shields <wxs(at)atarininja.org>
Approved by: krion (mentor)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
OpenVPN is a robust, scalable and highly configurable VPN (Virtual Private
Network) daemon which can be used to securely link two or more private networks
using an encrypted tunnel over the internet. It can operate over UDP or TCP,
can use SSL or a pre-shared secret to authenticate peers, and in SSL mode, one
server can handle many clients.
PR: ports/101802
Submitted by: Matthias Andree <matthias.andree@gmx.de> (openvpn maintainer)
|
| |
|
|
|
| |
PR: ports/102216
Submitted by: Philippe Rocques <phil at teaser.fr> (maintainer)
|
| |
|
|
|
|
| |
PR: ports/102071
Submitted by: Jin-Shan Tseng <tjs(at)cdpa.nsysu.edu.tw>
Approved by: krion (mentor), maintainer
|
| |
|
|
| |
- Add some SecurityFocus BIDs too.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
not WITH(OUT)_NOPORTDOCS
- Use PORTDOCS and clean pkg-plist
- Add NLS to OPTIONS as on by default and move the check after
bsd.port.pre.mk
- Add --with-ldap=${LOCALBASE} because it was not finding ldap libs without
this
PR: ports/101318
Submitted by: garga
Approved by: maintainer timeout (14 days)
|
| | |
|
| |
|
|
|
|
|
| |
ipfw.
PR: ports/101254
Submitted by: Dmitry Marakasov <amdmi3 at mail.ru>
|
| |
|
|
| |
Submitted by: Corey Smith
|
| |
|
|
|
|
| |
PR: ports/101826
Submitted by: chinsan <chinsan.tw at gmail.com>
Approved by: Christopher Cowart <ccowart at rescomp.berkeley.edu> (maintainer)
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- respect TARGETDIR
- fix a PREFIX -> LOCALBASE mistake
- use my @FreeBSD.org address
- bump PORTREVISION
Submitted by: "Scott MacGregor" <shadowbq@gmail.com> [1]
|
| | |
|
| |
|
|
| |
entry.
|
| | |
|
| |
|
|
| |
Reviewed by: simon
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Note that these directories are be removed by other dependency ports,
so I do not bump PORTREVISION for them. These affected ports are
belong to ports@.
PR: ports/101586
Submitted by: Stanislav Sedov <ssedov at mbsd.msk.ru>
|
| |
|
|
|
|
|
| |
- bump PORTREVISION
PR: ports/102053
Submitted by: maintainer (Robin Gruyters)
|
| |
|
|
|
|
|
| |
- these include security/ sysutils/ textproc/ maintained by ports@
PR: ports/101916
Submitted by: Gea-Suan Lin <gslin_AT_gslin dot org>
|
| |
|
|
|
| |
PR: ports/102009
Submitted by: maintainer (Adi Pircalabu)
|
| |
|
|
|
| |
PR: 101853
Submitted by: Gea-Suan Lin <gslin@gslin.org>
|
| |
|
|
|
| |
PR: ports/101986
Submitted by: Gea-Suan Lin <gslin_AT_gslin dot org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog libpreludedb:
- Implement an idea from Lex van Roon <r3boot@r3blog.nl.eu.org> providing
an alert/heartbeat deletion performance improvement in the order of
3000% (preludedb-admin already benefit from it, next Prewikka release
will benefit from it too).
- Fix --with-(perl|python|swig) detection path ordering.
- Verbose error reporting on logfile opening error.
- Various bug fixes.
PR: ports/101995
Submitted by: maintainer (Robin Gruyters)
|
| |
|
|
| |
Approved by: garga (mentor)
|
| |
|
|
|
| |
PR: ports/101866
Submitted by: Gea-Suan Lin <gslin_AT_gslin dot org>
|
| |
|
|
|
|
|
| |
- Use USE_LDCONFIG
PR: ports/101865
Submitted by: Gea-Suan Lin <gslin_AT_gslin dot org>
|
| |
|
|
| |
Approved by: garga (mentor)
|
| |
|
|
| |
The 1.1111th commit, yay.
|
| | |
|
| |
|
|
| |
Reported by: Radim Kolar <hsn at netmag dot cz>
|
| |
|
|
| |
Spotted by: simon (again)
|
| |
|
|
|
|
|
| |
These are all older vulnerabilities which had not yet been documented
by the Security Team.
Also fix a minor mistake in an older PostgreSQL entry.
|
| |
|
|
| |
Spotted by: simon
|
| | |
|
| |
|
|
|
|
|
| |
- Respect CC and CFLAGS
PR: ports/101750
Submitted by: Babak Farrokhi <babak@farrokhi.net> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
marked all future releases of squirrelmail as vulnerable.
The negative side-effect of PORTEPOCH. Split the previous entry
into two seperated entries again, restoring the old entry for
squirrelmail, and having the 'new' entry for ja-squirrelmail.
This would grab any future versions of ja-squirrelmail if it were
to be readded, and does not conflict with future versions of
squirrelmail.
For more information about the portepoch discussion etc:
http://lists.freebsd.org/pipermail/freebsd-vuxml/2006-July/000185.html
|
| |
|
|
| |
as vulnerable. I was soo close..
|
| |
|
|
|
|
| |
Note that I marked all ja-squirrelmail entries as vulnerable, it
does no longer exist on it's own and the portepoch is giving me
matching problems.
|
| | |
|
| |
|
|
| |
Problem reported by: kris
|
| | |
|
| | |
|
| |
|
|
|
|
| |
PR: ports/101716
Submitted by: David Thiel <lx(at)redundancy.redundancy.org> (maintainer)
Approved by: krion (mentor)
|
| |
|
|
| |
Submitted by: Marius Nuennerich <marius.nuennerich@gmx.net>
|
| |
|
|
| |
Problem reported by: kris
|
| |
|
|
|
|
| |
PR: ports/101760
Submitted by: clsung
Approved by: maintainer <chinsan dot tw_AT_gmail dot com>
|
| |
|
|
| |
encryption algorithms.
|
| |
|
|
|
| |
PR: ports/101585
Submitted by: Robin Gruyters <r.gruyters at yirdis.nl> (maintainer)
|
| |
|
|
|
|
|
| |
for a PIN when using an OpenSC smartcard.
Approved by: mnag (maintainer)
Patch obtained from: http://bugzilla.mindrot.org/show_bug.cgi?id=608
|
| |
|
|
| |
Noticed by: garga
|
| |
|
|
|
| |
- Require bglibs >= 1.100 for shlib support
- Add INSTALLS_SHLIBS as the port now installs shared libraries, too
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
original package changes:
- fixed invalid filename encoding with german umlauts in base64
- Fixed display of UTF8 characters in the GUI
- Add environment variable
- Fixed crash when CA is created with nsCertType
- Enhanced version detection
- Changed command for openssl due to changed openssl behavior
regarding fingerprints
- Added "friendly name" to PKCS#12 export
- Corrected exit call
PR: ports/101558
Submitted by: maintainer (Janos Mohacsi)
|
| |
|
|
| |
into MASTER_SITE_LOCAL and temporarily adjust accordingly.
|
| |
|
|
|
| |
PR: ports/101658
Submitted by: Gea-Suan Lin <gslin at gslin.org>
|
| |
|
|
|
|
|
|
| |
- bump PORTREVISION
PR: ports/101541
Submitted by: Jin-Shan Tseng <tjs_AT_cdpa dot nsysu dot edu dot tw>
Approved by: maintainer
|
| | |
|
| |
|
|
|
| |
Reworked by: gabor
Tested by: gabor
|
| |
|
|
| |
Reviewed by: secteam (mnag)
|
| |
|
|
| |
- s/INSTALLS_SHLIB/USE_LDCONFIG/
|
| |
|
|
| |
- Remove extra "." in latest entry
|
| |
|
|
| |
Approved by: portmgr (erwin)
|
| |
|
|
|
|
|
| |
- Use USE_LDCONFIG instead obsolete INSTALLS_SHLIB
- Use new MASTER_SITES magic to SF
Security: http://www.clamav.net/security/0.88.4.html
|
| |
|
|
|
|
| |
PR: ports/101629
Submitted by: clsung
Approved by: maintainer (Gea-Suan Lin)
|
| |
|
|
| |
Pointy hat to: clsung
|
| |
|
|
|
|
|
|
|
| |
- PurePerl.pm has used "eval" to try MIME::Base64 & Digest::base, so
add these dependencies.
PR: ports/101406
Submitted by: Gea-Suan Lin <gslin_AT_gslin dot org>
Approved by: maintainer (gkovesdan_AT_t-hosting dot hu)
|
| |
|
|
|
| |
PR: ports/101581
Submitted by: Yonatan <onatan at gmail.com> (maintainer)
|
| |
|
|
|
|
|
| |
- Fix pkg-plist
Submitted by: pointyhat via kris
Approved by: krion (mentor)
|
| |
|
|
|
| |
Reviewed by: gabor
Approved by: krion (mentor)
|
| |
|
|
|
|
|
|
| |
will be linked against it anyway, not against a system one.
PR: ports/101439
Submitted by: Stanislav Sedov <ssedov at mbsd.msk.ru>
Approved by: David Thiel <lx at redundancy.redundancy.org> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I have jumped in over my head with maintaining the port, both in terms of my
skills with significantly modifying a port (particularly in getting the port
from 2.4.5 to 2.6.0), not using snort enough to really test the full package,
and not enough time to improve the port.
With that said, there still is ports/99862 that is still open (re: bring
security/snort to 2.6.0) which I have it the wall on trying to get the port
to deinstall cleanly due to the optional nature of some components. I will
continue to help out with other ports that I can take on and those that I
can still take on maintainership.
PR: ports/101526
Submitted by: Linh Pham <question+fbsdports@closedsrc.org> (maintainer)
|
| |
|
|
| |
Submitted by: pointyhat via kris
|
| |
|
|
|
| |
PR: 101331
Submitted by: Peter Thoenen <peter.thoenen@yahoo.com> (maintainer)
|
| |
|
|
|
| |
PR: 101431
Submitted by: gabor (maintainer)
|
| |
|
|
|
| |
PR: 101429
Submitted by: gabor (maintainer)
|
| |
|
|
|
| |
PR: ports/101405
Submitted by: Gea-Suan Lin <gslin_AT_gslin dot org>
|
| |
|
|
| |
Submitted by: gabor
|
| |
|
|
|
| |
Noticed by: pointyhat via erwin
Pointyhat to: rafan
|
| |
|
|
|
|
|
|
| |
Author: Gerd Stolpmann
WWW: http://www.ocaml-programming.de/packages/
PR: ports/101213
Submitted by: Stanislav Sedov <ssedov at mbsd.msk.ru>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Kerberos V5 is an authentication system developed at MIT.
(Linux version)
WWW: http://web.mit.edu/kerberos/
- New port: security/linux-openssl
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, full-featured, and Open Source toolkit implementing
the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security
(TLS v1) protocols with full-strength cryptography world-wide. The
project is managed by a worldwide community of volunteers that use
the Internet to communicate, plan, and develop the OpenSSL tookit
and its related documentation.
OpenSSL is based on the excellent SSLeay library developed by Eric
A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under
an Apache-style licence, which basically means that you are free
to get and use it for commercial and non-commercial purposes subject
to some simple license conditions.
(Linux version)
WWW: http://www.openssl.org/
Approved by: garga (mentor)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit should largele be a NOOP as it only adds support
for DESTDIR undefined. This does allow us to start testing
ports with DESTDIR set, but this is as of yet not supported.
Although this has been extensively tested on pointyhat, this
is a very intrusive change and some cases may have been
overlooked. Please contact Gabor and me if you find any.
PR: 100555
Submitted by: gabor
Sponsored by: Google Summer of Code 2006
|
| |
|
|
|
|
| |
- Mark DEPRECATED [2]
Submitted by: pointyhat [1], maintainer [2]
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- Submitter becomes new maintainer (approved by old maintainer)
- Use rc.subr
PR: 98373
Submitted by: Peter Thoenen
Approved by: flz (mentor)
|
| |
|
|
|
|
|
|
|
|
|
| |
since September 2005, with an EXPIRATION_DATE of 2006-08-31,
as all free license keys that still might be in use should
have expired by then.
If anyone is actually using this port with a commercial
license key, feel free to adopt this port. Otherwise this
port will be deleted after the above EXPIRATION_DATE.
Approved by: netchild
|
| |
|
|
| |
Security: vuxml vid c905298c-2274-11db-896e-000ae42e9b93
|
| |
|
|
| |
This is for chinese/oicq.
|
| |
|
|
| |
- break out if shared lib version in port is less than base
|
| | |
|
| |
|
|
|
|
|
|
|
| |
(fixes 2 more possible memory allocation attacks).
- Enable OPTIONS [1].
Security: http://lists.gnupg.org/pipermail/gnupg-announce/2006q3/000229.html
PR: ports/93540 [1]
Submitted by: Pawel Wieleba <P.Wieleba@iem.pw.edu.pl> [1]
|
| |
|
|
|
|
|
| |
binding.
PR: ports/101136
Submitted by: chinsan <chinsan.tw at gmail.com>
|
| |
|
|
|
| |
PR: ports/101004
Submitted by: Yonatan <onatan at gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The GNOME Password Manager - GPass for short - is a simple
application, written for the GNOME 2 desktop, that lets you manage a
collection of passwords. The password collection is stored in an
encrypted file, protected by a master-password.
GPass is released under the GNU GPL2 licence.
Features:
* Clean and easy-to-use user interface.
* Quick-search facility.
* Username and password may easily be copied to the clipboard.
* Encryption is done using the OpenSSL cryptographics library.
* The built-in password generator helps you generate secure passwords.
* You can launch a website and the associated username/passwords
direct from GPass
Author: Kouji TAKAO <kouji -at- netlab.jp>
WWW: http://projects.netlab.jp/gpass/
PR: ports/100845
Submitted by: ports_at_c0decafe.net <ports at c0decafe.net>
Approved by: garga (mentor)
|
| |
|
|
|
| |
PR: 101129
Submitted by: gabor (maintainer)
|
| |
|
|
|
|
|
| |
Submitter (author) taking over maintainership from myself
PR: 100916
Submitted by: andrew@arda.homeunix.net
|
| |
|
|
|
| |
PR: ports/101131
Submitted by: maintainer (Peter Thoenen)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It will be based on Ruby instead of perl, have a different license, and some
utilities (msfconsole, msfencode...) will conflict with the current metasploit
package.
This update comes to preempt the conflicts and to clarify the pkg-descr.
Bump PORTREVISION.
PR: ports/101090
Submitted by: Yonatan (maintianer)
|
| |
|
|
|
|
|
| |
- Pass maintainership to submitter
PR: 101112
Submitted by: chinsan <chinsan.tw@gmail.com>
|
| |
|
|
|
|
|
| |
- Make some archiver support optionally
PR: 101071
Submitted by: gabor (maintainer)
|
| | |
|
| |
|
|
|
| |
- Convert to "magic" master sites
- Various minor portlint-prodded fixes
|
| |
|
|
|
|
|
| |
research.
PR: ports/101005
Submitted by: Yonatan <onatan at gmail.com>
|
| |
|
|
|
|
|
| |
f2c entry (43cb40b3-c8c2-11da-a672-000e0c2e438a). We do not have
the shellscript, and it is not installed.
Reported by: thierry
|
| | |
|
| | |
|
| |
|
|
|
| |
repo churn with little value to resort all entries which have been
modified.
|
| | |
|
| |
|
|
|
|
| |
PR: ports/101002
Submitted by: miwi
Approved by: krion (mentor), maintainer
|
| |
|
|
|
|
| |
should have stayed and I interpreted that wrong.
Pointyhat: remko
|
| |
|
|
|
|
|
|
| |
- Bump PORTREVISION
PR: ports/100814
Submitted by: Daniel Roethlisberger <daniel(at)roe.ch>
Approved by: krion (mentor), maintainer
|
| |
|
|
|
|
| |
have ruby installed. You learn something new everyday...
Noticed/discussed with: simon
|
| |
|
|
|
|
|
|
|
| |
- Remove snort from depends [1]
PR: ports/100783
Submitted by: Linh Pham <question+fbsdports(at)closedsrc.org>
Kian Mohageri <kian.mohageri(at)gmail.com> [1]
Approved by: krion (mentor)
|
| |
|
|
|
|
|
|
| |
yet and are unable to tell what the naming scheme will be with
those patches. We can narrow down the scope later, we should
not do so before we know the mentioned scheme.
Triggered by: sem
|
| |
|
|
| |
Some minor changes to the markup of the entry.
|
| |
|
|
|
|
| |
- Fix URL in previous mutt entry while here.
Reported by: Joel Hatton via freebsd-ports [1]
|
| |
|
|
| |
Prodded by: sat
|
| |
|
|
|
|
|
|
|
|
|
| |
some fpc ports.
- Added PORTREVISION for each port
- Fixed pkg-plist on fpc-gtk2 and fpc-gtk ports
- Fixed the gtk, glib and gdk libraries linking for fpc-gtk
- Removed obsolete patches from fpc-gtk. Now it's using ${REINPLACE_CMD}
- Removed post-extract from fpc-fcl. I just added it to makefiles.units file
Approved by: garga (mentor)
|
| |
|
|
|
| |
Thanks to remko for doing initial list of apache package names in an
earlier VuXML entry.
|
| |
|
|
| |
Approved by: garga (mentor)
|
| |
|
|
| |
Pointy hat to: garga
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the man page) and README.openvpn-down-root
2 - match rc.d filename as printed post install in pkg-message to actual file
name on newer systems (which use openvpn rather than openvpn.sh)
Reported by: Jean-Baptiste Quenot (Bcc'd)
The maintainer wishes to thank Jean-Baptiste for his report and patience.
3 - add a pkg-req script to prevent installation of 6.1 packages on older
machines, which is a frequent source of "rc.d script doesn't work"
complaints.
Added file(s):
- files/pkg-req.in
PR: ports/100917
Submitted by: Matthias Andree (maintainer)
|
| |
|
|
|
|
|
|
|
| |
the format string exploit fixes that were also in the patch in 4.2.0_1 (hence
removed).
- Also updating master site to the new official one.
PR: ports/100952
Submitted by: David Thiel (maintainer)
|
| |
|
|
| |
Reported by: Nick Fishman <kwlogical@bellsouth.net>
|
| |
|
|
|
|
| |
vulnerable.
Reported by: Craig Leres
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- Mark IGNORE on !i386, due to a run-time issue.
- Use DATADIR macro in pkg-plist while here.
PR: ports/99949
Submitted by: shaun (me)
Approved by: Maintainer timeout (19 days)
|
| |
|
|
|
| |
Note I assume that linux-firefox-devel 3.0.a2006.07.26 is fixed, I
haven't actually checked (way to many issues to check for).
|
| |
|
|
| |
Submitted by: Robin Gruyters <r.gruyters@yirdis.nl> (maintainer) by email
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the code, the author uses two level hash, and IPC::Shareable
will create a share memory for those anonymouse object (the second
level hash). Those share memory will not be removed when sshit exists
or when the rule is removed. Running sshit for a period of time,
the number of share memory and semaphore will reach the limit for
one process, then sshit.pl can not get more share memory, thus it
quits. The only solution is to manually remove all share memory and
semaphore.
This is somehow the limitation of using IPC::Shareable. To workaround
this problem. The patch will removes associated firewall rules when
syslogd closes the fd [1], and use IPC::Shareable->clean_up
to remove all shm/sem created by this process. I also set 'destroy'
to 1 so the shm tied to %list can be removed.
The second hunk is to fix a typo for ipfw2. Due to this typo,
ip in ipfw2's table cat not be removed. That means once blocked,
the client is blocked until reboot or admin cleanup the table.
[1] if any log files are rotated, newsyslog sends a HUP to syslogd,
syslogd will close *all* current open fd and reopen them. At
that time, the sshit.pl's stdin will be closed, thus the main
program will exit.
PR: ports/100726
Submitted by: Alex Samorukov <samm at os2.kiev.ua>
Approved by: Jui-Nan Eric Lin <jnlin at csie.NCTU.edu.tw> (maintainer)
Obtained from: rafan
|
| |
|
|
|
| |
PR: ports/100900
Submitted by: Andrew St. Jean <andrew at arda.homeunix.net>
|
| |
|
|
|
|
|
|
| |
- Port now installs some extra documentation into ${DOCSDIR}.
- Added pkg-message and pkg-plist to port.
PR: ports/100897
Submitted by: maintainer (andrew_AT_arda dot homeunix)
|
| |
|
|
|
|
|
| |
- Mark it as BROKEN on 4.x. Maintainer will alert authors to fix it.
PR: ports/100854
Submitted by: Robin Gruyters <r.gruyters@yirdis.nl> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
| |
"Ulf Harnhammar and Max Vozeler from the Debian Security Audit Project
have found several format string security bugs in osiris, a network-wide
system integrity monitor control interface. A remote attacker could
exploit them and cause a denial of service or execute arbitrary code."
PR: ports/100793
Submitted by: David Thiel (maintainer)
Security: CVE-2006-3120
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
CHANGES:
- Added parsing for multiple route-to's
- Added parsing of "set skip" statements
- Added Optionsclass unit test script
- Fixed the natedit page so that is reloads automatically when it should.
- Fixed a small XHTML compliance problem which sometimes would generate &
instead of &
- Moved the stylesheet fromt the body to the header on a lot of web scripts
for xhtml compliance reasons
- Changed from statically defining font size on the screen to a relative
measurement. This allows changing of font size on IE
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
- Update pkg-descr.
PR: ports/100715
Submitted by: Babak Farrokhi <babak@farrokhi.net> (maintainer)
|
| |
|
|
|
|
| |
- Adding entry for lang/fpc-utils
Approved by: garga (mentor)
|
| |
|
|
| |
- Unquote RESTRICTED
|
| | |
|
| |
|
|
| |
Approved by: garga (mentor)
|
| |
|
|
|
|
| |
PR: ports/100717
Submitted by: Fabian Keil <fk@fabiankeil.de>
Approved by: krion (mentor)
|
| |
|
|
|
|
| |
PR: ports/100716
Submitted by: Fabian Keil <fk@fabiankeil.de>
Approved by: krion (mentor)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
connections into Tor.
trans-proxy-tor is a transparent proxy
that uses PF to redirect TCP connections
through Tor (http://tor.eff.org/).
Programs that aren't aware of Tor
will use it without their knowledge,
and their traffic no longer leaves the
system unencrypted.
PR: ports/99034
Submitted by: Fabian Keil <fk at fabiankeil.de>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
dns-proxy-tor is a DNS server that stops
DNS leaks with applications that don't support
or aren't configured to use socks4a or Tor's DNS
resolution.
WWW: http://http://p56soo2ibjkx23xo.onion/
PR: ports/99033
Submitted by: Fabian Keil <fk at fabiankeil.de>
|
| |
|
|
|
| |
PR: ports/100612
Submitted by: maintainer
|
| |
|
|
|
|
|
|
|
| |
- OPTIONS'ify
Note that now MySQL is the default backend, which is also recommended
by Prelude team.
PR: ports/100530
Submitted by: maintainer
|
| |
|
|
|
|
| |
PR: ports/99783
Submitted by: tjs <tjs@cdpa.nsysu.edu.tw>
Approved by: maintainer (timeout 15 days)
|
| |
|
|
|
| |
PR: ports/100547
Submitted by: Gea-Suan Lin <gslin at gslin.org>
|
| |
|
|
|
| |
since rc.subr adds that already. In 3 cases it meant removing a wrongly
specified TERM, since that is the default.
|
| |
|
|
|
|
|
|
| |
Note that though shlib version bumped, no ports need to be changed.
- OPTIONS'ify
PR: ports/100490
Submitted by: maintainer
|
| |
|
|
|
| |
PR: ports/100517
Submitted by: maintainer
|
| |
|
|
|
|
| |
PR: ports/99269
Submitted by: miwi
Approved by: markus (co mentor), maintainer timeout
|
| |
|
|
|
|
| |
PR: ports/99271
Submitted by: miwi
Approved by: markus (co mentor), maintainer timeout
|
| | |
|
| |
|
|
|
|
|
| |
- adopt maintainership
PR: ports/100386
Submitted by: maintainer (Babak Farrokhi)
|
| | |
|
| |
|
|
|
| |
for situations when the database is replicated to a secure environment
that does not have network access, by hand.
|
| | |
|
| |
|
|
|
|
|
|
| |
- take maintainership
- pet portlint
PR: ports/100387
Submitted by: maintainer (Babak Farrokhi)
|
| |
|
|
|
| |
PR: ports/100354
Submitted by: maintainer
|
| |
|
|
| |
Pointy hat to: miwi
|
| | |
|
| |
|
|
|
| |
PR: 100263
Submitted by: swhetzel@gmail.com
|
| | |
|
| |
|
|
|
| |
- Remove --with-included-libtasn1 from CONFIGURE_ARGS (should have
been done that earlier actually)
|
| |
|
|
|
|
|
|
|
|
| |
to use Crypt::Rijndael where available. This implementation is really
slow, but I am working on it.
WWW: http://search.cpan.org/dist/Crypt-Rijndael_PP/
PR: ports/100262
Submitted by: Gea-Suan Lin <gslin at gslin.org>
|
| |
|
|
| |
Reviewed by: simon
|
| |
|
|
|
|
| |
- Unbreak vuln.xml format by adding content to the references section.
- Remove vulnerabilities already documented in
40a0185f-ec32-11da-be02-000c6ec775d9.
|
| |
|
|
|
|
| |
- OPTIONSify (respect CFLAGS / OPTIMIZED_CFLAGS)
- Add support for PKCS#11 tokens
- Grap maintainership
|
| |
|
|
|
|
|
| |
- Take maintainership
PR: ports/100205
Submitted by: chinsan <chinsan dot tw_AT_gmail dot com>
|
| | |
|
| |
|
|
|
|
|
| |
port and makes the IGNORE string read properly.
PR: ports/100210
Submitted by: maintainer (Wesley Shields)
|
| |
|
|
|
|
|
|
|
| |
additional checks
- bump portrevision
PR: ports/99432
Submitted by: Babak Farrokhi <babak@farrokhi.net>
Approved by: maintianer timeout
|
| |
|
|
|
|
| |
PR: ports/94626
Submitted by: shaun (me)
Approved by: ahze (mentor, implicit)
|
| | |
|
| |
|
|
|
|
|
| |
- New style of startup script install
PR: ports/100139
Submitted by: Alexander Logvinov <user_at_blg.akavia.ru>
|
| |
|
|
|
| |
PR: ports/100128
Submitted by: maintainer (David Thiel)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Plug leaks in EVP cipher init/shutdown. (Selcuk Gueney)
- Allow socket_fd == 0 in libssh2_session_startup(). (puudeli)
- Swap ordering of packet_add/packet-inspection to avoid inspect after
- free. (Selcuk)
- Swap KEX_INIT ordering, send our KEX_INIT first.
- Add check for oportunistic KEX_INIT packets. Burn bad guess if necessary.
- Fix OpenSSL detection using pkg-config. (Dan Casey)
PR: ports/100127
Submitted by: maintainer (David Thiel)
|
| |
|
|
| |
Submitted by: maintainer (on irc)
|
| |
|
|
|
|
|
|
|
|
| |
which I can test fixes for those. [1]
- update to use OPTIONS for Postgres and Subversion support. [1]
- enable all the optional modules. [1]
- mark broken on 4.x [2]
PR: ports/100131
Submitted by: maintainer [1], me (itetcu) [2]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
come standard on most unix-like distributions. This allows you to check
passwords against dictionaries of words to ensure some minimal level of
password security.
From the cracklib README
CrackLib makes literally hundreds of tests to determine whether you've
chosen a bad password.
* It tries to generate words from your username and gecos entry to tries
to match them against what you've chosen.
* It checks for simplistic patterns.
* It then tries to reverse-engineer your password into a dictionary
word, and searches for it in your dictionary.
- after all that, it's PROBABLY a safe(-ish) password. 8-)
WWW: http://pecl.php.net/package/crack
PR: ports/94244
Submitted by: Bill Moran <wmoran at collaborativefusion.com>
|
| |
|
|
|
| |
Submitted by: gabor
Reviewed by: simon
|
| |
|
|
|
|
|
| |
processing integer overflow vulnerability, since it turns out that the
issue does not affect the FreeBSD or Linux versions of Opera.
Source: http://www.opera.com/support/search/supsearch.dml?index=834
|
| |
|
|
|
|
| |
a modified date.
OK'ed by: itetcu
|
| |
|
|
| |
Requested by: simon
|
| |
|
|
|
|
|
| |
vid f70d09cb-0c46-11db-aac7-000c6ec775d9 are fixed in 4.5.4
PR: ports/100044
Submited by: maintainer
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Prelude-LML Changes:
- Fix a bug where some rules marked silent would trigger an alert.
- Load Sonicwall and Spamassassin ruleset by default.
- Fix rule syntax problem in Sonicwall ruleset.
- Fix rule indexing problem in Squid ruleset.
- Postfix rule consistency fix.
PR: ports/100063
Submitted by: maintainer (Robin Gruyters)
|
| |
|
|
| |
samba entry.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for multiple pcap.h files and aborts with an error message, if more
than one is actually present. This appears to be a pre-caution to
prevent building with pcap.h from one version and running with a
library belonging to another one ...
While I see the value of such a test, it prevents building on systems
before 5.0 (where it requires a port version of libpcap). After some
testing I'm quite confident, that the port will build correctly (i.e.
without version mismatch between header and library), if the port
version of libpcap is present.
The libpcap port is used instead of the system version, if present.
In that case, yersinia is statically linked with libpcap.
The problem was detected by jau at iki dot fi (Jukka A. Ukkonen).
PR: 99869
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
during the upgrade of the port:
- A gtk-2 enabled version is built unless configure is invoked
with option --without-gtk (detected and reported by Pointyhat)
- Several fixes seem to be no longer required and patch files
can thus be removed
The port uses gtk if present, unless built with -DWITHOUT_GTK.
Building with gtk can be enforced via -DWITH_GTK (but this is
not the default for the package, because of the large dependency
list).
|
| |
|
|
| |
- Update WWW
|
| |
|
|
|
|
| |
PR: 99886 [1], 97297
Submitted by: Oleg Gawriloff <barzog at telecom.by> [1]
Approved by: maintainer
|
| |
|
|
|
|
|
|
| |
announcements about setups which are not affected. To avoid having
to reference two documents simply reference the release notes for
all the information (it's basically the same as the changelog with
slightly different wording).
- Add a modified date tag.
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: ports/99970
Submitted by: Peter Thoenen <peter.thoenen@yahoo.com> (maintainer)
|
| | |
|
| |
|
|
|
| |
PR: ports/99900
Submitted by: Peter Thoenen <peter.thoenen@yahoo.com> (maintainer)
|
| | |
|
| | |
|
| |
|
|
|
|
| |
PR: ports/99833
Submitted by: tjs <tjs_AT_cdpa dot nsysu dot edu dot tw>
Approved by: maintainer (Daniel Roethlisberger)
|
| | |
|
| |
|
|
|
|
| |
PR: 99840
Submitted by: maintainer
Approved by: delphij (mentor, implicit)
|
| |
|
|
| |
active yet.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: ports/92445
Hat: portmgr
|
| |
|
|
|
|
| |
- Update HPN patch to hpn12. Now none cipher are configured in run time. [2]
Notified by: Peter Losher <plosher___plosh.net> [1], Scott Larson <stl___iowainteractive.com> [2]
|
| |
|
|
|
| |
PR: 99785
Submitted by: Gabor Kovesdan <gkovesdan@t-hosting.hu> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Point configure at ${LOCALBASE} instead of ${PREFIX} when looking for the
libraries.
- Use ${DATADIR} where appropriate.
PR: 99619
Submitted by: Richard Bejtlich <taosecurity@gmail.com>
Patch by: stefan
Approved by: maintainer
arved (mentor)
|
| |
|
|
|
|
|
|
|
|
| |
2006-07-01 emulators/linux_base-fc3
2006-06-15 misc/linux-opengroupware
2006-07-01 net/opengk
2006-07-01 security/p5-Crypt-OpenPGP
2006-07-01 textproc/sed_inplace
2006-07-01 textproc/xml4j
2006-07-01 x11-wm/aewm++
|
| |
|
|
| |
maintainer due to mbox overflow.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
meaning that you cannot administrate an OpenVPN server with it (Look for kvpnc
if you want such a program). You can use it to connect and disconnect without
needing to open a console. You can also input username and/or password that
might be needed.
In Short: It can do everything an end-user want's for his everyday work with
OpenVPN.
WWW: http://www.enlighter.de/
--Anderson S. Ferreira <anderson@cnpm.embrapa.br>
PR: ports/95709
Submitted by: anderson@cnpm.embrapa.br
|
| |
|
|
| |
- Fix packing list when auditon(2) doesn't exist.
|
| | |
|
