aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* - Update to 2.0.8pav2005-07-209-6/+12
| | | | | PR: ports/83679 Submitted by: vadim@vk.crocodile.org <vadim@vk.crocodile.org> (maintainer)
* - Update to 2.0.8pav2005-07-209-9/+12
| | | | | PR: ports/83678 Submitted by: vadim@vk.crocodile.org <vadim@vk.crocodile.org> (maintainer)
* - Update to 1.1pav2005-07-203-4/+7
| | | | | PR: ports/83741 Submitted by: Marcus Grando <marcus@corp.grupos.com.br>
* - Update to 0.3.1novel2005-07-204-6/+15
| | | | | | | | - Update WWW and MASTER_SITES - Now install examples too PR: 83740 Submitted by: Marcus Grando (maintainer)
* Update to 4538jeh2005-07-202-3/+3
|
* - Update to 1.4.2pav2005-07-192-4/+4
| | | | | PR: ports/83659 Submitted by: Meno Abels <meno.abels@adviser.com> (maintainer)
* - Use PLIST_FILESpav2005-07-193-2/+4
| | | | | | | - Add Author: to pkg-descr PR: ports/83683 Submitted by: Andrej Zverev <az@inec.ru>
* o add kdebase (kate) vulnarability.mich2005-07-191-0/+33
| | | | Reviewed by: simon
* - Update to 0.2.1pav2005-07-192-4/+4
| | | | | PR: ports/83657 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
* - Update to 1.4pav2005-07-192-11/+8
| | | | | PR: ports/83654 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
* Update to 4537jeh2005-07-192-3/+3
|
* This module brings to Python programs the capability of evaluating passwordpav2005-07-195-0/+58
| | | | | | | | strength. To achieve this noble aim it uses the well known cracklib toolkit, hence the name. PR: ports/83603 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
* - fix manpagesdinoex2005-07-181-2/+0
|
* Add CVE names to recent bugzilla entry.simon2005-07-181-0/+3
|
* - Update to 0.9.2pav2005-07-183-3/+23
| | | | | | PR: ports/80238 Submitted by: Vasil Dimov <vd@datamax.bg> Approved by: maintainer timeout (3 months)
* Make sure LATEST_LINK is unique from that of the calife-nondevel port.adamw2005-07-181-0/+2
|
* With portmgr hat on, reset eik's ports since he has been inactive forlinimon2005-07-182-2/+2
| | | | | | several months (not responding to email). Discussed among: portmgr team
* - fix installation of start script on 4.xleeym2005-07-181-0/+5
| | | | | PR: 83604 Submitted by: Blaz Zupan <blaz@si.FreeBSD.org>
* Fix alignment problems on non-i386 platforms.marcus2005-07-176-58/+56
|
* - Document firefox & mozilla -- multiple vulnerabilities.simon2005-07-161-1/+126
| | | | | - Minor style nit in drupal entry: Use port name (i.e. lower case) as first part of the title.
* make it compile on 7oliver2005-07-161-2/+2
| | | | Noted by: pointyhat via kris
* Add an entry for the drupal vulnerabilities.erwin2005-07-161-0/+27
|
* Update to 4536jeh2005-07-162-3/+3
|
* Fixed incorrect newsfetch and mnogosearch affected package versionsniels2005-07-151-2/+2
| | | | Approved by: nectar (mentor)
* Update to 2.3.1.mezz2005-07-1510-4014/+385
| | | | | PR: ports/83146 Submitted by: Udo Schweigert <udo.schweigert@siemens.com> (maintainer)
* Update to 4535jeh2005-07-152-3/+3
|
* NewPKI is a PKI based on the OpenSSL low-level API, all the datas are handledpav2005-07-147-0/+100
| | | | | | | | | | through a database, which provides a much more flexible PKI than with OpenSSL, such as seeking a certificate with a search engine. CA implementation. PR: ports/83387 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
* NewPKI is a PKI based on the OpenSSL low-level API, all the datas are handledpav2005-07-145-0/+126
| | | | | | | | | | through a database, which provides a much more flexible PKI than with OpenSSL, such as seeking a certificate with a search engine. GUI client that uses wxWidgets. PR: ports/83386 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
* Add PW_PASS option to compile with --enable-pass-savegarga2005-07-143-3/+27
| | | | | | | PR: 82494 Submitted by: Landon Fuller <landonf@threerings.net> Reviewed by: Matthias Andree <matthias.andree@gmx.de> (maintainer) Approved by: mantainer, flz (mentor)
* NewPKI is a PKI based on the OpenSSL low-level API, all the datas are handledpav2005-07-147-0/+147
| | | | | | | | through a database, which provides a much more flexible PKI than with OpenSSL, such as seeking a certificate with a search engine. PR: ports/83385 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
* Mark broken on 4.xlawrance2005-07-141-1/+7
| | | | Approved by: maintainer
* - Update to 0.11.flz2005-07-142-4/+4
| | | | | PR: ports/83401 Submitted by: Marcus Grando <marcus@corp.grupos.com.br>
* - Update to 0.9.flz2005-07-142-6/+3
| | | | | PR: ports/83402 Submitted by: Marcus Grando <marcus@corp.grupos.com.br>
* Update to 4534jeh2005-07-142-3/+3
|
* Update to stunnel 4.11, which is deemed a stable release.roam2005-07-134-70/+11
| | | | | | | | | Remove our local patches for ucontext/pthread/fork model choice, since this is handled by a configure argument now. Note that ucontext is not supported on FreeBSD versions less than 5.0. PR: 83245 (mostly) Submitted by: Vasil Dimov <vd@datamax.bg>
* Markup fixed version of net-snmp problem.kuriyama2005-07-131-1/+2
|
* Fix:cy2005-07-1312-0/+120
| | | | | | - MIT KRB5 Security Advisory 2005-002: Buffer overflow, heap corruption in KDC - MIT KRB5 Security Advisory 2005-003: Double free in krb5_recvauth
* - Let configure know that we have fnmatch.h (fixes some fnmatch-usingjylefort2005-07-132-9/+9
| | | | | | | | | | | C++ ports, since the fnmatch.h which was uselessly installed by heimdal did not wrap the fnmatch() declaration in extern C {}) [1] - Fix the packing list on 4.x [1] PR: ports/80366 Submitted by: Joan Picanyol i Puig <lists-freebsd-gnats@biaix.org> Approved by: maintainer timeout (76 days)
* Update to DAT 4533jeh2005-07-132-3/+3
|
* Update to the latest hpn-ssh patches for 3.9p1. The previous patchesbrooks2005-07-122-12/+8
| | | | | | were unfetchable. An upgrade to 4.1p1 will follow soon. Reported by: pointyhat (via kris)
* Change MAINTAINER to my @FreeBSD.org accountgarga2005-07-123-3/+3
| | | | Approved by: flz (mentor)
* Update to DAT 4532jeh2005-07-122-3/+3
|
* - Sync with master port updatesem2005-07-115-71/+49
| | | | | PR: ports/83181 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
* - Update to latest NetBSD snapshotsem2005-07-1128-10882/+7
| | | | | | | | | - Use tarball instead of set of files - Pass maintainership to submitter PR: ports/83180 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru> Approved by: eik MIA
* Make compilable on 64bit system.sumikawa2005-07-111-0/+20
|
* - Update to 0.46clement2005-07-112-4/+4
|
* Replace master site with working oneskris2005-07-111-1/+3
|
* - update to 0.9.8 for WITH_OPENSSL_BETA=yesdinoex2005-07-1111-5/+417
|
* Chase master sitekris2005-07-111-1/+1
|
* Update to nikto-1.35 to fix fetchingkris2005-07-112-3/+3
|
* - Update to 1.1.0-7 in order to fix fetching. For a list of changes seemarius2005-07-1010-56/+393
| | | | | | | | | | | | | | | | | | | | | | | | | | | | the installed ChangeLog. - Silencing the 'cannot access config file "/etc/antivir.conf"' warnings by creating a respective symlink. Notes: - AntiVir Milter 1.1.0-7 ships with a faulty anti-virus engine which may just exit with the following error when trying to start it: cannot access config file "/etc/avguard.conf" Please update to the latest anti-virus engine by e.g. running the antivirupdater script in order to solve this. - The future of the free licenses for private use and thus of this port currently is uncertain: <...> PersonalEdition Classic UNIX: Advance Notice We have decided to orient the version 6.32 which will be released on September 6, 2005 much more towards the successful PersonalEdition Classic Windows. This means that version 6.32 will be released with a graphical user interface which will make it much easier to work with the program. It will also no longer be necessary to register for the program before downloading it. With version 6.32 the PersonalEdition Classic UNIX will no longer contain any MailGate/Milter functionality. <...> Approved by: netchild
* - Was marked as unmaintained by accident.sem2005-07-101-1/+1
| | | | | | So set MAINTAINER to the port submitter. Submitted by: niels
* Correct a typo: s/lemote/remote/remko2005-07-101-1/+1
| | | | Spotted by: simon
* Document the following vulnerabilities:remko2005-07-101-0/+159
| | | | | | | | | | phpSysInfo -- cross site scripting vulnerability mysql-server -- insecure temporary file creation net-snmp -- fixproc insecure temporary file creation phpbb -- multiple vulnerabilities shtool -- insecure temporary file creation Approved by: simon
* Update to Gaim 1.4.0. See http://gaim.sourceforge.net/ChangeLog formarcus2005-07-094-2/+4
| | | | | the list of changes. Also, bump all PORTREVISIONs for ports that depend on Gaim.
* Document phppgadmin -- "formLanguage" local file inclusion vulnerability.simon2005-07-091-0/+34
|
* Document pear-XML_RPC -- information disclosure vulnerabilities.simon2005-07-091-0/+31
|
* Document ekg -- insecure temporary file creation.simon2005-07-091-0/+29
|
* Document bugzilla -- multiple vulnerabilities.simon2005-07-091-0/+40
|
* Document nwclient -- multiple vulnerabilities (old issues).simon2005-07-091-0/+41
| | | | | | PR: ports/82101 Submitted by: niels Noticed by: Derik van Zuetphen <dz@426.ch>
* Update to DAT 4531jeh2005-07-092-3/+3
|
* - Fix a typo in patch to default configuration filepav2005-07-082-1/+2
| | | | | | PR: ports/82930 Submitted by: Dmitry A Grigorovich <odip@bionet.nsc.ru> Approved by: Alexander Demin <support@spectrum.ru> (maintainer)
* Update to DAT 4530jeh2005-07-082-3/+3
|
* Add CAN reference to recent phpbb vulnerability.simon2005-07-071-0/+2
|
* Document acroread -- insecure temporary file creation.simon2005-07-071-0/+40
|
* Document two calmav vulnerabilities.simon2005-07-071-0/+87
|
* - Add FreeBSD-SA-05:16.zlib.simon2005-07-071-17/+51
| | | | | - Fix ranges for recent security advisories, a bunch of <le> really should have been <lt>.
* Document acroread -- buffer overflow vulnerability.simon2005-07-071-0/+41
|
* Update to DAT 4529jeh2005-07-072-3/+3
|
* OpenCT, a middleware framework for smart card terminals.pav2005-07-066-0/+152
| | | | | | | | | | | | | It all started with a reader driver library to provide a framework for people writing drivers for smart card readers. The idea was to provide all the usual stuff (T=0, T=1, serial vs. USB device handling, etc) in a single place, and reduce driver writing to interaction with the device itself. OpenCT provides a native OpenCT, CT-API and PC/SC Lite IFD interface with an OpenCT ifdhandler resource manager. PR: ports/82990 Submitted by: Janos Mohacsi <janos.mohacsi@bsd.hu>
* - Update to 2.3.2.flz2005-07-069-40/+63
| | | | | | | | | | | - Use USE_RC_SUBR / USE_RCORDER for amavis.sh. - Use SUB_FILES / SUB_LIST for pkg-* files. - Add new MILTER option. - Probably some other fixes I've forgot. PR: ports/82423 Reported by: Petr Rehor <prehor@gmail.com> Submitted by: maintainer
* Update to 20050705.novel2005-07-062-3/+3
| | | | | PR: 83026 Submitted by: Tim Bishop (maintainer)
* Document net-snmp -- remote DoS vulnerability.simon2005-07-061-0/+29
|
* Document cacti -- multiple vulnerabilities.simon2005-07-061-0/+63
| | | | Prodded by: Babak Farrokhi <babak@farrokhi.net>
* - Add another reference to bzip2 -- denial of service and permissionsimon2005-07-061-0/+68
| | | | | race vulnerabilities. - Document two cases of wordpress -- multiple vulnerabilities.
* Update to DAT 4528jeh2005-07-062-3/+3
|
* Update to DAT 4527jeh2005-07-052-3/+3
|
* Update to 0.11.0.novel2005-07-054-7/+26
| | | | | PR: 82954 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
* Fix pkg-plist.sumikawa2005-07-052-0/+4
|
* Update to 20050704.novel2005-07-053-32/+22
| | | | | | PR: 82972 Submitted by: Renato Botelho <freebsd@galle.com.br> Approved by: Rob Evers (maintainer)
* IKEv2 has been supported.sumikawa2005-07-051-1/+0
|
* Upgrade to 20050625b. IKEv2 has been supported.sumikawa2005-07-056-138/+45
|
* Fix cracklib support:roam2005-07-041-1/+2
| | | | | | | | | - there is no lib/crack.a [1], and moreover - apg actually links to the dynamic library, so BUILD -> LIB_DEPENDS. Bump PORTREVISION, since the package dependencies changed. PR: 79673 [1] Submitted by: Vasil Dimov <vd@datamax.bg>
* - update to 2.0.1novel2005-07-043-87/+87
| | | | | | | - use PYTHON_SITELIBDIR in plist PR: 82958 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
* - Set maintainership to security@.simon2005-07-041-1/+1
| | | | Suggested by: nectar, remko
* portaudit 0.5.10:simon2005-07-043-16/+29
| | | | | | | | | | | | - Unbreak portaudit -vF. - Sync usage with reality. - Document the q, v, and V options. - Markup fixes for the portaudit(1) manual page. - Make quiet mode output even less "redundant" text [1]. - Set maintainership to security@. [2] Suggested by: Phil Kernick philk at rotfl dot com dot au [1] Suggested by: nectar, remko [2]
* Update to 0.4.3.marcus2005-07-046-8/+14
|
* - Update to 0.1.0.11pav2005-07-034-8/+6
| | | | | PR: ports/82921 Submitted by: rik <freebsd-ports@rikrose.net> (maintainer)
* Add support for FreeBSD 5.4.thierry2005-07-031-0/+11
| | | | | | PR: 82370 Submitted by: Babak Farrokhi <babak (at) farrokhi.net> Approved by: maintainer time-out (> 15 days)
* Fix dependency and remove the ancient pkg-message.thierry2005-07-032-16/+3
| | | | | | PR: 82336 Submitted by: Babak Farrokhi <babak (at) farrokhi.net> Approved by: maintainer time-out (> 15 days)
* Document the following issues:hrs2005-07-031-0/+61
| | | | | - phpbb -- remote PHP code execution vulnerability - pear-XML_RPC -- arbitrary remote code execution
* Add certvu reference to kernel -- TCP connection stall denial of servicesimon2005-07-031-0/+2
| | | | vulnerability.
* Chase the libevent update.jylefort2005-07-025-4/+7
| | | | Reported by: pointyhat
* Update to 1.0.0.adamw2005-07-023-5/+8
|
* Adjust CONFLICTS.lofi2005-07-021-1/+1
|
* Update to DAT 4526jeh2005-07-022-3/+3
|
* - Update to 0.14.9.flz2005-07-014-9/+32
| | | | | PR: ports/82802 Submitted by: maintainer
* Fix typo in URL.cy2005-07-011-1/+1
|
* - Fix missing dependency.flz2005-07-012-3/+18
| | | | | | | - Complete pkg-message (note on Apache configuration). PR: ports/82829 Submitted by: maintainer
* Update DAT to 4525jeh2005-07-012-3/+3
|
* Fix install on 4.x on which PAM is not used for calife.roberto2005-06-301-2/+10
| | | | | Submitted by: kris (through pointyhat) Approved by: thomas (MAINTAINER)
* - update to amap-5.1leeym2005-06-305-5/+76
| | | | | PR: 82780 Submitted by: Yonatan <onatan@gmail.com>
* Add FreeBSD-SA-05:13.ipfw, FreeBSD-SA-05:14.bzip2, andsimon2005-06-301-0/+142
| | | | FreeBSD-SA-05:15.tcp.
* Update DAT to 4524jeh2005-06-302-3/+3
|
* Fix pkg-plistlawrance2005-06-291-0/+1
| | | | Reported by: kris
* Remove mtree dir from pkg-plistlawrance2005-06-291-1/+0
|
* Fix compilation of the milter interface.jylefort2005-06-291-3/+22
|
* Fix the fix of the compilation of the milter interface.jylefort2005-06-292-30/+28
|
* Fix compilation of the milter interface.jylefort2005-06-291-0/+28
| | | | Reported by: Tony Shadwick <tshadwick@goinet.com>
* Change dependency pattern for libusb to usb-0.1lofi2005-06-291-1/+1
|
* Update DAT to 4523jeh2005-06-292-3/+3
|
* Remove mtree dir from pkg-plistlawrance2005-06-281-1/+0
|
* Update DAT to 4522jeh2005-06-282-3/+3
|
* Update to 1.7.8, now with a shiny new man page.marcus2005-06-273-6/+11
|
* Update to KDE 3.4.1lofi2005-06-262-4/+4
|
* Update to 0.12.6.lawrance2005-06-254-15/+10
| | | | | | | Add missing % in pkg-message substitution. PR: ports/82622 Submitted by: J Randolph <snortsms@servangle.net> (maintainer)
* Document ethereal -- multiple protocol dissectors vulnerabilities.simon2005-06-251-0/+131
|
* Update to 1.9.17lofi2005-06-255-30/+20
|
* Update to 0.6.10lofi2005-06-253-5/+5
|
* - Update to 0.86.1lawrance2005-06-253-13/+3
| | | | | | | | A possible crash in the libmspack's Quantum decompressor has been fixed. PR: ports/82604 Submitted by: Renato Botelho <freebsd@galle.com.br> Approved by: maintainer
* Update to 2.0.0lawrance2005-06-254-20/+24
| | | | | PR: ports/82614 Submitted by: Daniel Blankensteiner <db@trunet.dk> (maintainer)
* Update DAT to 4521jeh2005-06-252-3/+3
|
* Document tor -- information disclosure.hrs2005-06-241-0/+29
|
* Document linux-realplayer -- RealText parsing heap overflow.hrs2005-06-241-0/+31
|
* - Bump PORTREVISIONsem2005-06-242-0/+2
| | | | Requested by: Pavel Rochnyack (irc)
* Update DAT to 4520jeh2005-06-242-3/+3
|
* - Fix compilation of the milter interfacejylefort2005-06-232-5/+12
| | | | - Unconditionally define PORTDOCS, as bsd.port.mk now tests ${NOPORTDOCS}
* - Fix compilation of the milter interface [1]jylefort2005-06-232-6/+13
| | | | | | | | - Unconditionally define PORTDOCS, as bsd.port.mk now tests ${NOPORTDOCS} [1]: PR: ports/82543 Submitted by: Thomas Abthorpe <thomas@stthomasanglican.org>
* Document ruby -- arbitrary command execution on XMLRPC server.hrs2005-06-231-0/+33
|
* Update DAT to 4519jeh2005-06-232-3/+3
|
* Fix the packing listjylefort2005-06-222-0/+3
|
* - Update to 0.86 [1]jylefort2005-06-223-3/+6
| | | | | | | | | - Fix the packing list [1] PR: ports/82474 Submitted by: Renato Botelho <freebsd@galle.com.br> Approved by: maintainer
* Add calife-develerwin2005-06-221-0/+1
| | | | | Forgotten by: roberto Committed from: Las Vegas, NV
* Update DAT to 4518jeh2005-06-222-3/+3
|
* Security update to latest release: 1.6.8p9.osa2005-06-212-4/+4
| | | | | | | | | | | | | | <Security Alert> Summary: A race condition in Sudo's command pathname handling prior to Sudo version 1.6.8p9 that could allow a user with Sudo privileges to run arbitrary commands. Sudo versions affected: Sudo versions 1.3.1 up to and including 1.6.8p8. </Security Alert> More information about this incident available at: http://www.sudo.ws/sudo/alerts/path_race.html
* - net/cacti - potential SQL injection and cross site scripting attackssem2005-06-211-0/+24
|
* Document three opera issues.simon2005-06-211-0/+109
|
* Document sudo -- local race condition vulnerability.simon2005-06-211-0/+34
|
* Add another reference to the latest tcpdump issue.simon2005-06-211-0/+2
|
* - Add entry for trac -- file upload/download vulnerability.simon2005-06-211-10/+61
| | | | | | | | - Improve the last couple of entries a bit: - Whilespace cleanup. - Use standard topic format (port name first, then description starting with lower case). - Make sure SpamAssasin entry also match other 3.0.3 port revisions.
* Update to 2.38arved2005-06-214-8/+6
| | | | | PR: 82404 Submitted by: <ports@c0decafe.net>
* Update DAT to 4517jeh2005-06-212-3/+3
|
* Update to 3.0pre5.roberto2005-06-202-3/+3
|
* - razor-agents DoS vulnerabilitiessem2005-06-201-0/+29
| | | | | PR: ports/82414 Submitted by: dawnshade <h-k@mail.ru>
* Fix year in <discovery> and <entry>.hrs2005-06-191-2/+2
| | | | | Noticed by: nectar Pointy hat to: hrs
* Document SpamAssassin -- Denial of service vulnerability.hrs2005-06-191-0/+36
|
* Document squirrelmail -- Several cross site scripting vulnerabilities.hrs2005-06-191-0/+33
|
* Document acroread -- XML External Entity vulnerability.hrs2005-06-191-0/+29
|
* Use standard topic format for gzip vulnerability.simon2005-06-181-1/+2
|
* Document FreeBSD-SA-05:11.gzip.simon2005-06-181-0/+55
|
* - Update to 0.1.0.10 [1]jylefort2005-06-188-40/+18
| | | | | | | - Polish the Makefile and packing list PR: ports/82386 [1] Submitted by: maintainer [1]
* - Update to 3.5.0 [1]jylefort2005-06-183-13/+59
| | | | | | | | | | - OPTIONSify - Use USE_PERL5_RUN - Add missing pcre dependency - Do not use -static PR: ports/82346 [1] Submitted by: maintainer [1]
* Document SA-05:10.tcpdump.simon2005-06-181-0/+41
|
* Document two vulnerabilities in Gaim.simon2005-06-181-0/+62
|
* Document an older, more serious gallery vulnerability.nectar2005-06-181-0/+25
|
* Document XSS vulnerabilities in gallery.nectar2005-06-181-0/+30
|
* Document KDE kstars vulnerability.nectar2005-06-181-0/+40
|
* Document fd_set overruns reported by 3APA3A.nectar2005-06-181-0/+49
|
* Update 1.6.3 --> 1.8.1cy2005-06-189-186/+198
|
* Update to DAT 4516jeh2005-06-182-3/+3
|
* - Don't install profile dir when WITH_PROFILE undefinedsem2005-06-171-1/+2
| | | | | | | - I pick up this port PR: ports/82326 Submitted by: Dmitry A Grigorovich <odip@bionet.nsc.ru>
* Update to DAT 4515jeh2005-06-172-3/+3
|
* Update to 0.7.0.novel2005-06-164-13/+20
| | | | | PR: 82322 Submitted by: Janos Mohacsi (maintainer)
* - Update to 0.10ahze2005-06-162-8/+9
| | | | | PR: ports/82280 Submitted by: Ports Fury
* - Reroll tarball and mirror on MASTER_SITE_LOCAL, the orignal tarballahze2005-06-162-3/+5
| | | | | | was tared up and gzipped twice and gnutar does not like that. Pointed out by: krismail
* Update to DAT 4514jeh2005-06-162-3/+3
|
* - Add saspahze2005-06-154-0/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a tool that uses ARP poisoning to have a scenario like this: we have a LAN and we want offer connectivity to every- one coming here with his laptop for example. It could happen that our customer has his network parameters already configured to work correctly in his own LAN, but not working here. We can have then this scenario: Customer's host (10.0.0.2/8 and default gateway set to 10.0.0.1) Our LAN (192.168.0.0/24 with real gateway 192.168.0.254). All that we want is that our customer plugs his laptop and joins the internet without changing nothing of his network parameters. Here comes this tool installed in my real gw(192.168.0.254) It's a sort of sniffer, because it sniffs broadcast ARP requests for the gateway and answers that the gateway is itself In our example our customer's laptop sends this request: arp who-has 10.0.0.1 tell 10.0.0.2 Now our gateway does the following: 1) Sends back this reply to 10.0.0.2: arp reply 10.0.0.1 is-at his_mac_address 2)Create the alias 10.0.0.254 (ARP is not routable so we need one alias for each subnet that is not our one) 3)Sends itself an ARP reply to refresh his ARP cache It is different from proxy arp for two reasons: first it runs in user space, then in this case we can plug machines belonging to whatever subnet, while proxy arp is used in the case of only two different ones. PR: ports/79676 Submitted by: Luigi Pizzirani <sviat@opengeeks.it>
* Grab maintainer-ship of portaudit. While I do not currently have anysimon2005-06-152-2/+2
| | | | | | | plans for improvements (though I have ideas) I feel that portaudit is too important to not have an active maintainer. Approved by: portmgr (linimon)
* New port: Create HOME directory with a PAM module on demandniels2005-06-156-0/+76
| | | | | | | | Based on submission via the following PR: PR: ports/82032 Submitted by: Martin Mersberger Approved by: nectar (mentor)
* Update to 20050614 (0.86rc1).novel2005-06-152-3/+3
| | | | | | PR: 82222 Submitted by: Renato Botelho <freebsd@galle.com.br> Approved by: Rob Evers (maintainer)
* Change MAINTAINER email back from babak@farrokhi.net toniels2005-06-151-1/+1
| | | | | | | vaidab@safe-mail.net. This was mistakenly changed during yesterdays patch. Approved by: nectar (mentor)
* Update to DAT 4513jeh2005-06-152-3/+3
|
* Update to 1.1.3.novel2005-06-153-3/+6
| | | | | PR: 82232 Submitted by: Linh Pham (maintainer)
* Update to 2.8.6-p4, should fix port de-install.roberto2005-06-142-4/+4
|
* Add CONFLICTS entry for calife-3.* (calife-devel).roberto2005-06-141-0/+2
|
* Please welcome the development version of calife:roberto2005-06-144-9/+20
| | | | | | | | | | | - full PAMification - code cleanup & silmplification - fixes (some of them will/are in 2.8.6 too). Thomas (thomas@) has agreed to maintain it too although as the author, I may update things with his approval from times to times. Repocopied by: marcus
* OPTIONS'ify, but still leave WITH_STUNNEL_SSL_ENGINE out of it - it isroam2005-06-141-11/+8
| | | | a bit too dangerous to leave out in the open.
* Fix the stunnel ucontext-related problems using a patch from the author,roam2005-06-143-1/+84
| | | | | | | | | | | | | | | | | Michael Trojnara[1]. Also, add the build-time WITH_FORK, WITH_PTHREAD, and WITH_UCONTEXT knobs to control the stunnel threading model used, based on Vasil Dimov's PR's with some modifications [2]. While I'm here, add in a <sys/types.h> inclusion that seems to be needed for <ucontext.h> at least on FreeBSD 6.0/sparc64. Reported by: many Pointy hat to: roam (myself) for both not noticing this and then letting it linger for a while Obtained from: Michael Trojnara's BSD patch from <53594c631989fde6ca0bdb3435b93dfe@mirt.net> [1] PR: 81289, 82202 [2] Submitted by: Vasil Dimov
* Update MASTER_SITES.novel2005-06-141-3/+3
| | | | | PR: 82199 Submitted by: Adi Pircalabu (maintainer)
* Upgrade to version 1.2.7niels2005-06-132-4/+4
| | | | | | PR: ports/82193 Submitted by: Babak Farrokhi Approved by: nectar (mentor)
* Update to DAT 4512jeh2005-06-132-3/+3
|
* - Remove empty pkg-plist.flz2005-06-121-0/+0
| | | | | PR: ports/82158 Submitted by: TAOKA Fumiyoshi
* Disable optimizationpat2005-06-121-1/+1
| | | | | | | PR: ports/76875 Submitted by: Thomas Melzer <tmelzer@tomesoft.de> Reviewed by: pav Approved by: maintainer
* Fix restart logic in rc.subr(8) start/stop script.krion2005-06-121-1/+1
| | | | Submitted by: Alex Lyashkov <umka at sevcity dot net>
* * reflect renaming on CPAN File-Spec to PathToolsskv2005-06-128-26/+12
| | | | | | | | | | | | | | | | | | | | | | | + add devel/p5-PathTools, remove devel/p5-File-Spec + update dependencies for all affected ports (make them unconditional), bump PORTREVISION for these ports module was renamed * reflect renaming on CPAN PodParser to Pod-Parser + add textproc/p5-Pod-Parser, remove textproc/p5-PodParser + update dependencies for all affected ports (make them unconditional), bump PORTREVISION for these ports * for all changed ports make dependencies on File::Temp, Digest::MD5, Storable unconditional * remove 'CONFIGURE_ARGS= INSTALLDIRS=site' from Makefile's (this variable is forced by bsd.port.mk now) * update Class-Autouse to 1.17 * update POE-API-Hooks to 1.05 * make portlint happy (clean IGNORE, convert spaces to tabs and so on)
* Update Gaim to 1.3.1 and chase all dependent ports.marcus2005-06-114-4/+4
| | | | | | | | | The changes in this release of Gaim can be found at http://gaim.sourceforge.net/ChangeLog. Submitted by: Matthew Luckie <mjl@luckie.org.nz> Security: This release fixes security bugs found at http://gaim.sourceforge.net/security/
* Update to 20050611.novel2005-06-112-3/+3
| | | | | PR: 82132 Submitted by: Tim Bishop (maintainer)
* Update to DAT 4511jeh2005-06-112-3/+3
|
* Update to 2.8.6-p3.roberto2005-06-104-8/+16
| | | | Approved by: thomas (MAINTAINER)
* Update to 20050608.novel2005-06-102-3/+3
| | | | | | PR: 82042 Submitted by: Renato Botelho <freebsd@galle.com.br> Approved by: Rob Evers (maintainer)
* Update to 4510jeh2005-06-102-3/+3
|
* Document leafnode -- denial of service vulnerability.simon2005-06-091-0/+33
| | | | Submitted by: Matthias Andree <matthias.andree@gmx.de>
* Update to 4509jeh2005-06-092-3/+3
|
* - convert cfsd.sh to rcNGjylefort2005-06-087-30/+89
| | | | | | | | | | | | | - add a CFS bootstrap directory to the port (${PREFIX}/cfsd-bootstrap) - mount that CFS bootstrap directory in cfsd.sh (default mountpoint is /crypt, configurable in /etc/rc.conf) - explain how to quickly setup cfsd in pkg-message - do display pkg-message - while here, use USE_RC_SUBR PR: ports/18800 Submitted by: Louis Mamakos <louie@TransSys.COM>, myself Approved by: green (maintainer)
* New port based on submission by Paul Schmehlniels2005-06-089-0/+212
| | | | | | | | | | | | Sancp is a network security tool designed to collect statistical information regarding network traffic, as well as, collect the traffic itself in pcap format, all for the purpose of: auditing, historical analysis, and network activity discovery. PR: ports/77426 Submitted by: Paul Schmehl Approved by: nectar (mentor)
* Update to 4508jeh2005-06-082-3/+3
|
* Update to 4507jeh2005-06-072-3/+3
|
* - Update to 4.1p1pav2005-06-072-5/+5
| | | | | PR: ports/81948 Submitted by: Daniel Gerzo <danger@rulez.sk>
* - Fix libkrb5.so library version.flz2005-06-061-2/+2
| | | | | | PR: ports/67183 Submitted by: Oleg Sharoiko <os@rsu.ru> Approved by: maintainer timeout (1 year)
* - Fix deinstall script when running in BATCH mode.flz2005-06-062-1/+2
| | | | | | PR: ports/67762 Submitted by: Linus Sjoberg <lsjoberg@aland.net> Approved by: maintainer timeout (7 weeks)
* - Update to 0.3.6pav2005-06-068-47/+149
| | | | | | PR: ports/81669 Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru> Approved by: maintainer timeout (16 days)
* - Update to 2.5.4.1pav2005-06-062-4/+4
| | | | | PR: ports/81928 Submitted by: Olivier Tharan <olive@oban.frmug.org> (maintainer)
* - update to 1.3leeym2005-06-062-3/+3
| | | | Noticed by: Makoto Matsushita <matusita@jp.FreeBSD.org>
* - Fix libmilter detection.flz2005-06-051-3/+3
| | | | | | PR: ports/81392 Submitted by: Henri Hennebert <hlh@ciger.be> Approved by: maintainer
* - Distfile rerolled:pav2005-06-053-2/+6
| | | | | | | | * expired SSL certificate * new exploits PR: ports/81910 Submitted by: Yonatan <onatan@gmail.com> (maintainer)
* New port: BitDefender Console Antivirus 7.0.1niels2005-06-057-0/+199
| | | | | | | | Based on submission via PR: PR: ports/75424 Submitted by: Adrian Pircalabu Approved by: nectar (mentor)
* Make port build on 4.x.anders2005-06-041-0/+23
| | | | Noticed by: kris/pointyhat
* change the libtool version to use from 1.3 to 1.5oliver2005-06-041-1/+1
|
* Document a directory traversal issue in older GForge versions.nectar2005-06-041-0/+30
|
* Document an authentication bypass vulnerability in imap-uw.nectar2005-06-041-0/+27
|
* Document squid denial-of-service vulnerabilities.nectar2005-06-041-0/+29
|
* Document a remote denial-of-service vulnerability in racoon.nectar2005-06-041-0/+27
|
* Document integer overflows in xli.nectar2005-06-041-0/+26
|
* Document arbitrary command execution vulnerabilities in xli andnectar2005-06-041-0/+35
| | | | xloadimage.
* Add new CVE names for yamt entry.nectar2005-06-041-0/+2
|
* Correct and improve recent xli entry:nectar2005-06-041-5/+15
| | | | | | | | * It actually affected xloadimage and xli * A slightly better topic than just "buffer overflows" * More refererences * Fix the version number for xli... it is still vulnerable as of this writing
* Update to 4506jeh2005-06-042-3/+3
|
* Correct recently added yamt entry:nectar2005-06-041-6/+19
| | | | | | * This is not CAN-2004-1302, which was documented much earlier * Try to explain the issue * Add the only public reference to the issue I can find
* Buffer overflow in xli.trhodes2005-06-031-0/+24
|
* Fix breakage I caused.trhodes2005-06-031-1/+1
|
* Note buffer overflows and directory transversal issues in audio/ymat.trhodes2005-06-031-0/+25
|
* Update to 4505jeh2005-06-022-3/+3
|
* Update to 1.14skv2005-06-022-3/+3
|
* Update 1.4.9p1 --> 1.6.3.cy2005-06-029-309/+228
| | | | Fix a nasty job control/interrupt bug.
* Add snortsms 0.11.3, a Snort Sensor Management System web interfacethierry2005-06-026-0/+350
| | | | | | | and monitoring console. PR: 81425 Submitted by: J. Randolph <snortsms (at) servangle.net>
* Update to 4504jeh2005-06-022-3/+3
|
* Update entry for FreeStyle Wiki:nectar2005-06-021-6/+14
| | | | | | | * <topic> style: ASCII em-dash "--" for separator * replace quoted text with more informative excerpt from a Secunia advisory * add CVE name
* Document vulnerabilities in XView library.nectar2005-06-021-0/+31
|
* document a vulnerability in xtrlocknectar2005-06-021-0/+27
|
* Document vulnerabilities reported in the Red Hat 7.1 libraries.nectar2005-06-021-0/+36
|
* Document squirrelmail vulnerabilities.nectar2005-06-021-0/+59
|
* correct version number for mailman password generation issuenectar2005-06-011-1/+1
|
* Document vulnerability in set-user-ID sympa application.nectar2005-06-011-0/+28
|
* Another older mailman vulnerability, somewhat minornectar2005-06-011-0/+38
|
* Add year-old mailman vulnerability, that seems to not have beennectar2005-06-011-0/+32
| | | | previously documented here.
* document Apache Jakarta Tomcat 5.x XSS issuenectar2005-06-011-0/+25
|
* - Backout latest commit, it needs a repocopy due to API change.flz2005-06-014-8/+8
| | | | Noticed by: Matthias Andree <matthias.andree@gmx.de>
* Update to 4503jeh2005-06-012-3/+3
|
* Update to 4502jeh2005-06-012-3/+3
|
* - Bump lzo lib version.flz2005-06-014-7/+8
| | | | - Bump PORTREVISION.
* - Change maintainer address to his new shiny FreeBSD.org address.flz2005-05-311-1/+1
| | | | | PR: ports/81687 Submitted by: maintainer
* - Fix typo in pkg-descr.flz2005-05-311-1/+1
| | | | | PR: ports/81701 Submitted by: Vasil Dimov <vd@datamax.bg>
* - Fix WITH_PGSQL knobpav2005-05-311-2/+1
| | | | | | PR: ports/81700 Submitted by: Ulrich Spoerlein <q@galgenberg.net> Pointy hat to: pav
* - Update to 1.0.1pav2005-05-312-3/+9
| | | | | PR: ports/81686 Submitted by: Antonio Carlos Venancio Junior <antonio@php.net> (maintainer)
* - Update to 20050529pav2005-05-312-3/+3
| | | | | | PR: ports/81681 Submitted by: Renato Botelho <freebsd@galle.com.br> Approved by: Rob Evers <rob@debank.tv> (maintainer)
* Update to 0.60.anders2005-05-315-188/+13
| | | | Use autoconf, drop pkg-plist and patches.
* - Fix doormand to work on FreeBSDpav2005-05-319-11/+409
| | | | | | | | - Replace broken ipf* script - RCng script PR: ports/81615 Submitted by: Lupe Christoph <lupe@lupe-christoph.de> (maintainer)
* Update to 0.6.2.novel2005-05-302-4/+3
| | | | | PR: 81654 Submitted by: Renato Botelho (maintainer)
* Fix shebangvs2005-05-301-1/+1
| | | | Noticed by: Keith Ng
* Mark samba-2.2.12.j1.0beta1_2 as safe from "samba -- integer overflowsimon2005-05-291-1/+6
| | | | | | vulnerability". Reminded by: NAKAJI Hiroyuki <nakaji@jp.freebsd.org>
generated by cgit (git 2.34.1) at 2024-11-29 03:59:48 +0800