aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* Document nodejs (libuv) CVE-2015-0278.vanilla2015-03-251-0/+28
| | | | | PR: 198861 Submitted by: venture37@geeklan.co.uk
* - Drop @dirrm* from plistamdmi32015-03-241-1/+0
|
* security/linux-c6-openssl: update to 1.0.1e_4xmj2015-03-242-6/+6
| | | | | | | | | | | | | | - update to 1.0.1e_4 Approved by: swills (mentor) Differential Revision: https://reviews.freebsd.org/D2125 Security: 9d15355b-ce7c-11e4-9db0-d050992ecde8 Security: CVE-2015-0286 Security: CVE-2015-0287 Security: CVE-2015-0289 Security: CVE-2015-0292 Security: CVE-2015-0293 MFH: 2015Q1
* Document vulnerable linux-c6-openssl versions in vuxml entry from 2015-03-19xmj2015-03-241-2/+2
| | | | Approved by: swills (mentor)
* security/pinentry:makc2015-03-246-18/+7
| | | | | - Update to 0.9.1 - Remove no longer needed patch
* Document Jenkins Security Advisory 2015-03-23lwhsu2015-03-241-0/+39
|
* Restore lost changes to patch-src-parser-attack_scanner.lfeld2015-03-242-2/+20
| | | | PR: 197854
* Enable matching of syslog entries with <facility.level>feld2015-03-243-21/+25
| | | | PR: 197854
* Fix build without SSLv2 and/or SSLv3 support.jkim2015-03-241-2/+112
| | | | PR: 198401
* Fix build without SSLv2 support.jkim2015-03-241-0/+86
|
* Fix build without SSLv2 support.jkim2015-03-243-0/+38
|
* Fix build with libressl.cy2015-03-244-0/+24
| | | | PR: 198749, 198750
* - Update to 0.7sunpoet2015-03-232-6/+6
| | | | | | | | - While I'm here, reorder knobs Changes: http://search.cpan.org/dist/Crypt-Sodium/Changes PR: 198825 Submitted by: Thomas von Dein <freebsd@daemon.de> (maintainer)
* Unbreak arirang -- it needs to use the newer Ruby API, which, at themi2015-03-232-9/+26
| | | | | | time the last release was made, was still known as RUBY_19. While here, fix an ancient bug reported by clang.
* Update to 1.8.13garga2015-03-233-6/+11
|
* Stop forcing the port version string into the server banner.bdrewery2015-03-233-28/+53
| | | | | | | | | | | | | The port now uses VersionAddendum in the sshd_config to allow overriding this value. Using "none" allows disabling the default of the port version string. The default is kept to show the port version string to remain close to the base version. Support for the client VersionAddendum may be added soon as well to better match base and not give surprises when switching from base to the port. PR: 193127 Requested by: many, including myself when this was broken years ago.
* Fix build with LibreSSLehaupt2015-03-231-2/+18
| | | | | PR: 198754 Submitted by: spil.oss@gmail.com
* - Update to 2.0vsevolod2015-03-233-40/+7
| | | | | - Remove obsoleted patch (included to the upstream) - Honor openssl CFLAGS and LDFLAGS to use the proper version
* - Update OpenH264 to 1.4.0jbeich2015-03-224-7/+6
| | | | | | | | | | | | | | | | | | - Update NSS and ca_root_nss to 3.18 - Update Firefox to 36.0.4 - Update Firefox ESR and libxul to 31.5.3 - Update SeaMonkey to 2.33.1 - Update Enigmail to 1.8 Changes: https://github.com/cisco/openh264/releases/tag/v1.4.0 Changes: https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.18_release_notes Changes: https://www.mozilla.org/firefox/36.0.4/releasenotes/ Changes: https://www.mozilla.org/firefox/31.5.3/releasenotes/ Changes: http://www.seamonkey-project.org/releases/seamonkey2.33/ Changes: https://www.enigmail.net/download/changelog.php#enig1.8 MFH: 2015Q1 X-MFH-With: r380090 Security: https://vuxml.freebsd.org/freebsd/76ff65f4-17ca-4d3f-864a-a3d6026194fb.html
* Document mozilla issues disclosed at HP Zero Day Initiative's Pwn2Ownjbeich2015-03-221-0/+51
|
* Add port to install various NIST KAT files. These are used by thejmg2015-03-225-0/+188
| | | | | | | | | tests in tests/sys/opencrypto to validate parts of the OpenCrypto subsystem... Sponsored by: The FreeBSD Foundation Approved by: mat (mentor) Differential Revision: https://reviews.freebsd.org/D2064
* Improve portability and allow for building with GCC 4.9 and above.gerald2015-03-223-0/+103
| | | | | | | This backports some upstream fixes. PR: 197909 Submitted by: Fabian Keil <fk@fabiankeil.de> (maintainer)
* - Convert to new USE_GITHUB usage and remove deprecated GH_COMMITsunpoet2015-03-222-6/+5
|
* Fix incorrect reference to ETCSSH from r381709bdrewery2015-03-222-24/+24
|
* php53 and fallout: Deprecate, set removal for 15 APR 2015marino2015-03-221-2/+4
| | | | | | | | | | | | | | | | | | | | The PHP developers stopped providing security patches for the 5.3 branch on 14 August 2014. They "strongly urge" to upgrade to current versions "as using older versions may expose you to security vulnerabilities and bugs that have been fixed in more recent versions" of PHP. The PHP53 branch was released from maintainership today, so it's being deprecated with removal set for 15 April 2015. There were only 8 ports limited to php53, six of which were pecl- ports. These ports must be upgraded to use a later version of php (5.6 is recommended) soon, or they will be removed with php53. Note that all 8 ports incorrectly set the PHP_DEFAULT_VERSION, so this was changed to use IGNORE_WITH_PHP instead while here. PR: 198150
* - Security update to 1.0.2adinoex2015-03-2112-92/+395
| | | | | | | | | | | | | | | | | | | | | | | | | | | - termios.h now default - fix patches - fix manpage generation - option ZLIB removed from default - restore padlock support - restore RFC-5705 - restore patch history - restore build on older FreeBSD - restore soname Security: https://www.openssl.org/news/secadv_20150319.txt Security: CVE-2015-0291 Security: CVE-2015-0204 Security: CVE-2015-0290 Security: CVE-2015-0207 Security: CVE-2015-0286 Security: CVE-2015-0208 Security: CVE-2015-0287 Security: CVE-2015-0289 Security: CVE-2015-0292 Security: CVE-2015-0293 Security: CVE-2015-1787 Security: CVE-2015-0285 Security: CVE-2015-0209 Security: CVE-2015-0288
* - Update to 7.06zi2015-03-204-8/+34
|
* - Update to 5.13zi2015-03-202-3/+3
|
* Default the WRKSRC to the proper extracted name for USE_GITHUB whenbdrewery2015-03-201-1/+0
| | | | | | | | | GH_TAGNAME is defaulted to the new DISTVERSIONPREFIX/DISTVERSION/DISTVERSIONSUFFIX change in r381689. This actually fixes the build for sysutils/zfstools, broken in r381704. With hat: portmgr
* Set proper ETCDIR. Mistake in r381709bdrewery2015-03-201-1/+1
|
* Remove remnants of OVERWRITE_BASE which was removed in r376306bdrewery2015-03-202-24/+10
|
* - Update to 2.1.6vsevolod2015-03-2016-507/+5
| | | | | | | | - Remove incorrectly added patch files PR: 198718 Submitted by: Bernard Spil <spil.oss at gmail.com> Security: CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289
* Mention LibreSSL too. Use <ul>'s per suggestion from vsevolod [1].delphij2015-03-201-11/+19
| | | | PR: 198718 [1]
* Fix botched patch, this fixes build for i386.delphij2015-03-201-1/+1
| | | | | Reported by: ohauer Pointy hat to: delphij
* - mark BROKEN optionsdinoex2015-03-201-0/+1
|
* Document OpenSSL multiple vulnerabilities.delphij2015-03-201-0/+51
|
* Fix renamed distfiles missed in r381688. Also fix the GHR ports updated inbdrewery2015-03-201-2/+2
| | | | | | | | | r381648 which were expecting DISTVERSIONPREFIX/SUFFIX to be used in the tag fetched from github by defaulting GH_TAGNAME to the same value as DISTVERSION would get by only when GH_COMMIT is not set (when using the new scheme). With hat: portmgr
* Update to 1.0.1m to fix multiple vulnerabilities.delphij2015-03-2012-108/+100
| | | | With hat: so
* five milter ports: Add or improve support on systems missing sendmailmarino2015-03-201-0/+1
| | | | | | | | In some cases no-sendmail support was in place but missing CFLAGS or LDFLAGS, but in others it needed to be added. Problems found as a result of DragonFly removing sendmail from base. Approved by: just fix it.
* - Add LICENSEamdmi32015-03-202-1/+9
| | | | | - Add empty directory to plist - Strip binaries
* Remove GITHUB_RELEASE MASTER_SITE from r375010 as it is now redundant with ↵bdrewery2015-03-201-1/+0
| | | | | | | | | | | GITHUB. The new GITHUB MASTER_SITE from r381618 now supports not setting GH_COMMIT and only having GH_TAGNAME default to DISTVERSION. All of these ports as-is. With hat: portmgr
* Update USE_GITHUB so it does not require GH_COMMIT.bdrewery2015-03-204-4/+4
| | | | | | | | | | | | | | | | | Using this new scheme allows only setting the _tag_ or _commit hash_ in GH_TAGNAME and not having to know the hash for a tag. This scheme will download a tarball that has a different checksum than before due to a changed directory name for extraction. The following MASTER_SITES are provided to retain the old checksum and directory structure (that require GH_COMMIT): GH -> GHL GITHUB -> GITHUB_LEGACY Differential Revision: https://reviews.freebsd.org/D748 Submitted by: amdmi3 Reviewed by: mat, swills, antoine, bdrewery With hat: portmgr
* Add CPE information.bdrewery2015-03-191-1/+3
| | | | | PR: 153859 Submitted by: shun <shun.fbsd.pr@dropcut.net>
* - Backport the following fixes from openssl [1]:vsevolod2015-03-1914-0/+543
| | | | | | | | | | | | | CVE-2015-0207 Segmentation fault in DTLSv1_listen moderate CVE-2015-0209 Use After Free following d2i_ECPrivatekey error low CVE-2015-0286 Segmentation fault in ASN1_TYPE_cmp moderate CVE-2015-0287 ASN.1 structure reuse memory corruption moderate CVE-2015-0289 PKCS7 NULL pointer dereferences moderate - Enable libtls component [2] - Bump portrevision PR: 198681 [1] Submitted by: Bernard Spil <spil.oss at gmail.com> [1], naddy [2]
* - Update to 5.12zi2015-03-192-3/+3
|
* Upgrade to 0.305.vanilla2015-03-192-3/+3
| | | | | PR: 198671 Submitted by: maintainer
* - Update to 2.1.5vsevolod2015-03-183-8/+8
| | | | | PR: 198651 Submitted by: Bernard Spil <spil.oss at gmail.com>
* Record new libXfont security issues.kwm2015-03-181-0/+43
|
* security/polarssl: 1.2.12 -> 1.2.13pi2015-03-183-17/+5
| | | | | | | | | Changes: https://tls.mbed.org/tech-updates/releases/polarssl-1.2.13-released PR: 197780 Submitted by: takefu@airport.fm Approved by: jase (maintainer timeout)
* security/wpa_supplicant: Upgrade version 2.3 => 2.4marino2015-03-1714-85/+40
| | | | | See http://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog for list of changes since version 2.3.
* security/libsparkcrypto: Fix gcc5-aux support and stop stage buildingmarino2015-03-172-2/+25
| | | | | | | | | | | This port failed to build on gcc5-aux because 3 data types could not be inlined after an explicit pragma requested it (the pragmas were removed). I noticed half the port was building in the stage phase, so I changed the ALL_TARGET to make all of it build during the build phase. This probably didn't need revbump, but I'm going to anyway to make sure the FreeBSD builders are still happy.
* Add latest security vulnerabilities in linux-*-flashplugin11:xmj2015-03-171-0/+58
| | | | | | | | | | | | | | | | | CVE-2015-0332 CVE-2015-0333 CVE-2015-0334 CVE-2015-0335 CVE-2015-0336 CVE-2015-0337 CVE-2015-0338 CVE-2015-0339 CVE-2015-0340 CVE-2015-0341 CVE-2015-0342 Differential Revision: https://reviews.freebsd.org/D2061 Approved by: swills (mentor)
* - Fix build with python3*sunpoet2015-03-171-4/+4
| | | | | | | | - Do not silence installation message PR: 196336 Submitted by: Kevin Zheng <kevinz5000@gmail.com> Approved by: <theis@gmx.at> (maintainer)
* - Add LICENSEamdmi32015-03-161-1/+5
| | | | - Strip library
* - Add LICENSEamdmi32015-03-161-0/+4
| | | | - Strip library
* security/p5-openxpki: update 0.26.1.1 -> 0.27.0.1robak2015-03-163-5/+11
| | | | | PR: 198525 Submitted by: Sergei Vyshenski <svysh.fbsd@gmail.com>
* Allow building with clang 3.6antoine2015-03-151-0/+104
| | | | | PR: 198017 Submitted by: dim
* Update to version 1.3.10pawel2015-03-156-50/+52
| | | | | | PR: 197779 Submitted by: takefu@airport.fm Approved by: maintainer (with minor changes)
* Add port of RHash, console utility and library for computing and verifyingdanfe2015-03-147-1/+158
| | | | | | | hash sums of files. It is based on the same code as existing Perl wrapper, `security/p5-Crypt-RHash' port. Also, properly sort `security/Makefile' while here.
* Clean up the rest of the perl@ Makefiles a bit.adamw2015-03-148-45/+30
| | | | | | | | | | | | | | | | - Remove dependencies on modules distributed as part of perl core - Remove references to FreeBSD < 8 and perl < 5.16 - Ensure that DOCS and EXAMPLES options exist for ports installing PORTDOCS or PORTEXAMPLES - Reduce unnecessary inclusions of bsd.port.options.mk by using OPTIONS helpers and the like - Fix some cases where dependencies were only assigned to BUILD_DEPENDS - Fix a few of the cases where dependencies were only assigned to RUN_DEPENDS. This one happens in many, many ports. I only applied it in cases where it interfered with 'make test' but it should maybe be done more generally. - Mute ${MKDIR} in installation - Parethesize compound commands - In www/p5-URI-Fetch, remove the ZLIB option that wasn't used
* security/py-pycryptopp: unbreak CLANG buildrobak2015-03-134-8/+257
| | | | | | | | - Drop GCC usage - Maintainer's timeout (wen@FreeBSD.org) PR: 183849 Submitted by: <senno@example.com>
* - Update to 0.18sunpoet2015-03-132-3/+3
| | | | Changes: http://search.cpan.org/dist/Unix-Passwd-File/Changes
* - Add LICENSEamdmi32015-03-131-1/+7
| | | | - Strip library
* - Add LICENSEamdmi32015-03-131-0/+7
| | | | - Strip library
* - Strip libraryamdmi32015-03-131-1/+4
|
* - Update to 2.9.7.2zi2015-03-132-5/+5
|
* Update security/p5-openxpki-i18n to 0.27.0.1.brd2015-03-132-5/+5
| | | | | | PR: 198529 Submitted by: Sergei Vyshenski <svysh.fbsd@gmail.com> Approved by: bapt
* Add vulnerability for mail/sympa.brd2015-03-131-0/+26
| | | | | Approved by: bapt Security: CVE-2015-1306
* - Convert to new options helpersunpoet2015-03-132-13/+6
| | | | - Sort PLIST
* - Update MAINTAINER: use @FreeBSD.orgsunpoet2015-03-132-2/+2
|
* - Update to 5.11zi2015-03-122-3/+3
|
* Horde package update:mm2015-03-122-3/+3
| | | | | | | | | | | | | comms/pear-Horde_ActiveSync 2.26.0 -> 2.26.1 devel/pear-Horde_Core 2.19.0 -> 2.19.2 security/pear-Horde_Group 2.0.4 -> 2.0.5 databases/pear-Horde_HashTable 1.2.2 -> 1.2.3 www/pear-Horde_Http 2.1.3 -> 2.1.4 mail/pear-Horde_Imap_Client 2.26.1 -> 2.27.0 mail/pear-Horde_Mime 2.7.0 -> 2.8.0 mail/pear-Horde_Smtp 1.8.0 -> 1.9.0 net/pear-Horde_Socket_Client 1.1.2 -> 2.0.0 devel/pear-Horde_Util 2.5.3 -> 2.5.4
* Upgrade to 3.0.2.vanilla2015-03-122-3/+3
| | | | | PR: 198534 Submitted by: maintainer
* - Strip librariesamdmi32015-03-121-0/+4
|
* Update KDE SC to 4.14.3alonso2015-03-122-4/+4
| | | | | | | | | | | | | | | | The kde@ team presents KDE SC 4.14.3, the last planed release of the KDE SC 4 series. In addition to the updates provided by the KDE SC developers, this update also addresses numerous FreeBSD and PORTS specific issues, found and solved by the kde@ team and area51 testers, most notorously Tobias C. Berner <tcberner@gmail.com> PR: 197751 PR: 197871 PR: 184996 Reviewed by: rakuco (mentor) Differential: https://reviews.freebsd.org/D1950
* - Unbreak by using mono to set TZ in envantoine2015-03-122-4/+1
| | | | | | - Cleanup plist Reported by: pkg-fallout
* Update to 0.17.adamw2015-03-122-6/+8
| | | | Changes: https://metacpan.org/changes/distribution/Unix-Passwd-File
* - Add LICENSEamdmi32015-03-111-1/+5
| | | | - Strip library
* - Add LICENSEamdmi32015-03-111-1/+8
| | | | - Strip library
* - Add LICENSEamdmi32015-03-112-3/+3
| | | | - Drop @dirrm* from plist
* Update to 1.56barved2015-03-113-5/+6
| | | | | PR: 154085 Submitted by: maintainer
* Add CPE informationjohans2015-03-101-1/+2
| | | | | | | | security/lsh has had vulnerabilities with a CPE identifier assigned (e.g. CVE-2006-0353). PR: 198473 Submitted by: shun.fbsd.pr@dropcut.net
* security/pidentd uses deprecated des_ methods and types that were markedjohans2015-03-103-1/+99
| | | | | | | | deprecated by OpenSSL 0.9.7 and will be removed in OpenSSL 1.1.0. This patch replaces the des_ methods and types with their new DES_ counterparts. PR: 198364 Submitted by: Bernard Spil <spil.oss@gmail.com>
* - Update to 0.16sunpoet2015-03-102-4/+4
| | | | Changes: http://search.cpan.org/dist/Unix-Passwd-File/Changes
* - Clarify LICENSEamdmi32015-03-091-1/+4
| | | | | - Add LICENSE_FILE - Strip binary
* Remove obsolete cruft from Makefile that either no longer reflectsadamw2015-03-091-6/+0
| | | | | | | the codebase, or touches code paths that aren't accessed. PR: 191901 Submitted by: Trond.Endrestol@ximalas.info
* Allow the OpenSSL library to be overridden by using WITH_OPENSSL_PORTadamw2015-03-091-4/+9
| | | | | | | | | instead of a LIB_DEPENDS. I think this is the right way to use WITH_OPENSSL_PORT, but it's tough to know given the lack of documentation on it. PR: 198111 Submitted by: Bernard Spil
* update to 0.2.6.3-alpha [1]; use cpe [2]; adjust rc-script REQUIRES [3];bf2015-03-084-29/+11
| | | | | | | use @sample [4] PR: 197839 [1], 197494 [2], 197998 [3], 198164 [4] Submitted by: C. Sturm [1], J. Beich [3], amdmi3 [4]
* Update:antoine2015-03-0810-23/+24
| | | | | | | | - metasploit to 4.11.1 - rubygem-metasploit-credential to 0.13.17 - rubygem-metasploit_data_models to 0.22.6 - rubygem-meterpreter_bins to 0.0.13 - rubygem-recog to 1.0.7
* Update to 1.1.0antoine2015-03-082-6/+5
|
* Document latest security vulnerabilities in rt42 and rt40:matthew2015-03-081-0/+46
| | | | | | CVE-2014-9472 CVE-2015-1165 CVE-2015-1464
* Document the latest phpMyAdmin vulnerability: CVE-2015-2206matthew2015-03-081-0/+31
|
* - Update to 2.9.2sunpoet2015-03-082-3/+3
| | | | Changes: https://github.com/net-ssh/net-ssh/blob/master/CHANGES.txt
* - Update to 0.15sunpoet2015-03-082-3/+3
| | | | Changes: http://search.cpan.org/dist/Unix-Passwd-File/Changes
* Document mono TLS bugs.romain2015-03-081-0/+27
| | | | Reported by: delphij
* - Update to 0.14sunpoet2015-03-072-6/+15
| | | | | | - Fix *_DEPENDS Changes: http://search.cpan.org/dist/Unix-Passwd-File/Changes
* - Simplify MASTER_SITESamdmi32015-03-072-3/+4
| | | | | - Add LICENSE - Drop @dirrm* from plist
* Add CPE info.mandree2015-03-071-1/+3
| | | | | PR: 198369 Submitted by: shun.fbsd.pr@dropcut.net
* Upgrade to upstream bugfix release 0.64.mandree2015-03-064-20/+23
| | | | | | | | | This fixes a security bug, various other bugs, and supports SSH connection sharing between multiple instances of PuTTY and its tools. MFH: 2015Q1 Security: 92fc2e2b-c383-11e4-8ef7-080027ef73ec Security: CVE-2015-2157
* Document recently fixed PuTTY < 0.64 vuln. CVE-2015-2157.mandree2015-03-061-0/+38
|
* dvertise CPE data for Kerberos.cy2015-03-061-1/+5
| | | | PR: 197465
* Advertise CPE data for Kerberos.cy2015-03-062-2/+10
| | | | PR: 197465, 197466, 197467
* - Update to 1.7.1sunpoet2015-03-062-3/+3
| | | | Changes: https://github.com/capistrano/sshkit/blob/master/CHANGELOG.md
* security/pam_ocra: update 1.1 -> 1.2robak2015-03-052-4/+4
| | | | | | | - Include upstream accepted Clang 3.6.0 fixes by Dimitry Andric <dim@FreeBSD.org> PR: 198113 Submitted by: Stefan Grundmann <sg2342@googlemail.com>
* Document new vulnerabilities in www/chromium < 41.0.2272.76rene2015-03-051-0/+95
| | | | | Submitted by: Carlos Jacobo Puga Medina Obtained from: http://googlechromereleases.blogspot.nl/
* Add entry for CVE-2015-0295 in qt4-gui and qt5-gui.rakuco2015-03-051-0/+33
|
* security/bro: add ELASTICSEARCH optionrobak2015-03-041-2/+11
| | | | | PR: 198018 Submitted by: Craig Leres <leres@ee.lbl.gov>
* - Remove an orphaned directory [1].hrs2015-03-042-4/+45
| | | | | | - Fix USE_LDCONFIG [2]. Spotted by: sunpoet [1] and bdrewery [2]
* - Update to 2.1.4vsevolod2015-03-044-14/+15
| | | | | PR: 198269 Submitted by: Bernard Spil <spil.oss at gmail.com>
* - Drop @dirrm* from plistamdmi32015-03-041-4/+0
| | | | Approved by: portmgr blanket
* Fix bug on __FreeBSD_version >= 1100042 where once vpnc set up a tunnel andehaupt2015-03-042-5/+23
| | | | | | | | went into the main loop, no esp could be sent. PR: 197835 (based on) Submitted by: markiyan.kushnir@gmail.com Fix confirmed: xmj
* - Update to 1.7.0sunpoet2015-03-032-3/+3
| | | | Changes: https://github.com/capistrano/sshkit/blob/master/CHANGELOG.md
* In the embedded copy of libtomcrypt, change the ROLc/RORc inlinedim2015-03-031-0/+107
| | | | | | | | | functions to macros, so the constraints requirements are satisfied at compile time. It is almost exactly the same as the patch for libtomcrypt itself, in PR 198017. Approved by: maintainer (vanilla) PR: 198190
* Remove Author from pkg-descr and white space fixesbapt2015-03-0318-45/+28
|
* Remove Author from pkg-descr and white space fixesbapt2015-03-0316-29/+12
|
* - Connect security/rubygem-scryptsunpoet2015-03-021-0/+1
|
* - Update to 3.1.10sunpoet2015-03-022-3/+5
| | | | | | - Add LICENSE Changes: https://github.com/codahale/bcrypt-ruby/blob/master/CHANGELOG
* - Add rubygem-scrypt 2.0.0sunpoet2015-03-023-0/+29
| | | | | | | | | The scrypt key derivation function is designed to be far more secure against hardware brute-force attacks than alternative functions such as PBKDF2 or bcrypt. WWW: https://github.com/pbhogan/scrypt RG: https://rubygems.org/gems/scrypt
* - Add LICENSEsunpoet2015-03-021-0/+2
|
* - Update to 1.9.14zi2015-03-026-41/+11
| | | | | PR: 198115 Submitted by: rsimmons0@gmail.com
* security/p5-openxpki: Upgrade version 0.25.0.1 => 0.26.1.1marino2015-03-023-18/+32
| | | | | PR: 197470 Submitted by: maintainer (Sergei Vyshenski)
* security/p5-openxpki-i18n: Upgrade version 0.25.0.1 => 0.26.1.1marino2015-03-022-8/+6
| | | | | PR: 197471 Submitted by: maintainer (Sergei Vyshenski)
* security/libgpg-error: Revert use of tradcpp (F11 regression)marino2015-03-021-3/+0
| | | | | | | | | | With the previous change, libgpg-error does not pass configure target on FreeBSD 11 due tradcpp failing "sanity checks". This is a regression since this port builds fine on FreeBSD 10. However, 2037 ports get skipped (this port is *way* too important) as a result, so revert the gcc-5 fix until a solution can be found. PR: 197562
* security/libgpg-error: Switch cpp to support gcc-5marino2015-03-021-0/+3
| | | | | | | | | | This port relies on CPP behavior that changes on GCC 5. To ensure libgpg-error keeps building on the newest GCC, add a build dependency on tradcpp and use it instead. PR: 197562 Submitted by: marino Approved by: maintainer (novel)
* - Add LICENSEamdmi32015-03-011-1/+6
| | | | | | - Fix shebangs MFH: 2015Q1
* - Cleanup RUN_DEPENDSsunpoet2015-03-012-6/+6
| | | | | | - Fix version requirement of BUILD_DEPENDS - Sort PLIST - Bump PORTREVISION for dependency change
* - Update to 2.07sunpoet2015-03-013-8/+7
| | | | | | - Sort PLIST Changes: http://search.cpan.org/dist/Filter-Crypto/Changes
* Deprecate ports that do not work with Ruby 2.xantoine2015-03-011-0/+2
|
* Add entry for security issue in jenkinsswills2015-03-011-0/+73
| | | | Reviewed by: zi
* security/libgcrypt: 1.6.2 -> 1.6.3pi2015-03-013-6/+5
| | | | | | | | Changes: http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html PR: 198109 Submitted by: Carlos Jacobo Puga Medina <cpm@fbsd.es> (maintainer)
* - Upgrade to 1.4.19 (with SCA fix).kuriyama2015-02-285-28/+28
|
* - Add NO_ARCHamdmi32015-02-272-5/+2
| | | | | - Fix whitespace - Drop @dirrm* from plist
* - Drop @dirrm* from plistamdmi32015-02-271-1/+0
| | | | Approved by: portmgr blanket
* Fix typo: s/MSFA/MFSA/. The source to follow later.jbeich2015-02-271-17/+17
| | | | https://bugzilla.mozilla.org/show_bug.cgi?id=1137604
* Document mozilla vulnerabilitiesjbeich2015-02-271-0/+117
|
* Document vulnerablities in php for CVE-2015-0235 and CVE-2015-0273.brd2015-02-271-0/+39
| | | | Approved by: zi (mentor)
* - Add p5-Authen-SCRAM 0.005sunpoet2015-02-275-0/+44
| | | | | | | The modules in this distribution implement the Salted Challenge Response Authentication Mechanism (SCRAM) from RFC 5802. WWW: http://search.cpan.org/dist/Authen-SCRAM/
* - Add p5-PBKDF2-Tiny 0.005sunpoet2015-02-275-0/+28
| | | | | | | PBKDF2::Tiny provides an RFC 2898 compliant PBKDF2 implementation using HMAC-SHA1 or HMAC-SHA2 in under 100 lines of code. WWW: http://search.cpan.org/dist/PBKDF2-Tiny/
* - Add p5-Authen-SASL-SASLprep 1.01sunpoet2015-02-275-0/+33
| | | | | | | | Authen::SASL::SASLprep implements the SASLprep specification, which describes how to prepare Unicode strings representing user names and passwords for comparison. SASLprep is a profile of the stringprep algorithm. WWW: http://search.cpan.org/dist/Authen-SASL-SASLprep/
* Remove TEST dependency on p5-Test-Simple when the version in core isadamw2015-02-271-1/+0
| | | | | | sufficient. Thanks to az for showing me the light here.
* - Update to 0.9.7jhale2015-02-262-3/+3
|
* - Update to 1.5.3jhale2015-02-263-11/+6
|
* - Update to 2.2.0jhale2015-02-263-4/+4
|
* Update 1.11.5 --> 1.11.6cy2015-02-264-87/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a bugfix release. The krb5-1.11 release series has reached the end of its maintenance period, and krb5-1.11.6 is the last planned release in the krb5-1.11 series. For new deployments, installers should prefer the krb5-1.13 release series or later. This commit deprecates this port. * Work around a gcc optimizer bug that could cause DB2 KDC database operations to spin in an infinite loop * Fix a backward compatibility problem with the LDAP KDB schema that could prevent krb5-1.11 and later from decoding entries created by krb5-1.6. * Handle certain invalid RFC 1964 GSS tokens correctly to avoid invalid memory reference vulnerabilities. [CVE-2014-4341 CVE-2014-4342] * Fix memory management vulnerabilities in GSSAPI SPNEGO. [CVE-2014-4343 CVE-2014-4344] * Fix buffer overflow vulnerability in LDAP KDB back end. [CVE-2014-4345] * Fix multiple vulnerabilities in the LDAP KDC back end. [CVE-2014-5354 CVE-2014-5353] * Fix multiple kadmind vulnerabilities, some of which are based in the gssrpc library. [CVE-2014-5352 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423] Security: dbf9e66c-bd50-11e4-a7ba-206a8a720317 CVE-2014-4341, CVE-2014-4342, CVE-2014-4343, CVE-2014-4344 CVE-2014-4345, CVE-2014-5354, CVE-2014-5353, CVE-2014-5352 CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
* Document bugs fixed in krb5 1.11.6.cy2015-02-261-0/+35
| | | | | | | | | | | | | | | | | | | | | | | * Handle certain invalid RFC 1964 GSS tokens correctly to avoid invalid memory reference vulnerabilities. [CVE-2014-4341 CVE-2014-4342] * Fix memory management vulnerabilities in GSSAPI SPNEGO. [CVE-2014-4343 CVE-2014-4344] * Fix buffer overflow vulnerability in LDAP KDB back end. [CVE-2014-4345] * Fix multiple vulnerabilities in the LDAP KDC back end. [CVE-2014-5354 CVE-2014-5353] * Fix multiple kadmind vulnerabilities, some of which are based in the gssrpc library. [CVE-2014-5352 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423] Security: CVE-2014-4341, CVE-2014-4342, CVE-2014-4343, CVE-2014-4344 CVE-2014-4345, CVE-2014-5354, CVE-2014-5353, CVE-2014-5352 CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
* Test::Exception is a TEST depends, not BUILD/RUN.adamw2015-02-261-2/+2
|
* Pod::Coverage and Test::Pod::Coverage are TEST depends, not BUILD/RUN.adamw2015-02-261-4/+3
|
* Those ports do not build with php 5.6antoine2015-02-251-1/+1
|
* - Add GCM and SMP optionsgarga2015-02-252-4/+21
| | | | | | | | | | | - Add pkgconfig to the list of dependencies - Enable IKEv1 OPTION by default - Bump PORTREVISION PR: 197824 Submitted by: Franco Fichtner <franco@lastsummer.de> (based on) Reworked by: strongswan@Nanoteq.com (maintainer) Approved by: strongswan@Nanoteq.com (maintainer)
* remove DEFAULT_VERSIONS.vanilla2015-02-251-1/+0
| | | | Obtained from: bapt@, mat@
* - Fix licenseamdmi32015-02-252-5/+2
| | | | | - Add LICENSE_FILE - Drop @dirrm* from plist
* - Add dependency that was forgotten during the updategabor2015-02-251-1/+3
| | | | | PR: 197994 Submitted by: madpilot
* - Update to 2.10.1gabor2015-02-244-21/+12
| | | | | | | | | - Add p0f-analyzer.pl to SHEBANG_FILES [1] - Remove reference to deprecated virus scanners [2] - Use conventional sample file naming [2] PR: 195870 [1], 194412 [2] Submitted by: me@nileshgr.com [1], takefu@airport.fm [2]
* 1: add LICENSE.vanilla2015-02-241-2/+4
| | | | | 2: switch to USES=tar:tgz 3: switch to DEFAULT_VERSIONS.
* Fix license permissionsamdmi32015-02-241-1/+1
| | | | Noticed by: jbeich
* - Add LICENSEamdmi32015-02-242-2/+5
| | | | - Drop @dirrm* from plist
* 1: add LICENSE.vanilla2015-02-241-1/+3
| | | | 2: switch to USES=tar:tgz
* 1: add LICENSE.vanilla2015-02-241-1/+3
| | | | 2: switch to USES=tar:tgz
* Document Samba remote code execution vulnerability.delphij2015-02-241-0/+41
|
* Record two e2fsprogs vulnerabilities.CVE-2015-0247mandree2015-02-241-0/+57
| | | | | | | | | | | | | | | | | <URL:http://vuxml.freebsd.org/0f488b7b-bbb9-11e4-903c-080027ef73ec.html> Topic: e2fsprogs -- potential buffer overflow in closefs() Affects: e2fsprogs < 1.42.12_2 References: url:http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?h=maint&id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 cvename:CVE-2015-1572 <URL:http://vuxml.freebsd.org/2a4bcd7d-bbb8-11e4-903c-080027ef73ec.html> Security: CVE-2015-0247 Security: CVE-2015-1572 Security: 0f488b7b-bbb9-11e4-903c-080027ef73ec Security: 2a4bcd7d-bbb8-11e4-903c-080027ef73ec.html
* Document BIND DoS issue with trust anchor management.delphij2015-02-241-0/+39
|
* - Drop @dirrm* from plistamdmi32015-02-232-1/+1
| | | | - Strip library
* security/p5-Crypt-OpenSSL-X509: Fix [-Werror=logical-not-parentheses]marino2015-02-222-1/+21
| | | | | | | | | | | | | This bug was first discovered by Fedora 22 team building with gcc5 and they reported it upstream: https://github.com/dsully/perl-crypt-openssl-x509/issues/39 I believe this patch is equivalent but a bit nicer than the fix suggested there. The problem is "not (c < 0)" is desired but "(not c) < 0)" is what the condition evaluates to. The joy of C. Approved by: Just fix it
* security/honggfuzz: Remove -Werror because it fails -pedantic checkmarino2015-02-221-1/+2
| | | | | | | Honggfuzz fails -pedantic checks on gcc-5. This wouldn't be a problem except for the fact -Werror was also set, so Werror is getting removed. Approved by: blanket
* - Update to 0.304sunpoet2015-02-223-10/+10
| | | | | | | | - While I'm here, fix and sort PLIST Changes: http://search.cpan.org/dist/Dancer2-Plugin-Auth-Extensible/Changes PR: 197914 Submitted by: Henk van Oers <hvo.pm@xs4all.nl> (maintainer)
* - Strip libraryamdmi32015-02-222-1/+1
| | | | - Drop @dirrm* from plist
* devel/libssh: Remove -pedantic-error flags and reset portmarino2015-02-221-1/+3
| | | | | | | | | | | | | | | | This port breaks if it violates standards according to the -pedantic flag. Accord to gcc-5, it indeed does with dozens of warnings like this: /wrkdirs/security/libssh/work/libssh-0.6.3/include/libssh/priv.h:200:33: error: ISO C does not support '__FUNCTION__' predefined identifier [-Wpedantic] _ssh_set_error(error, code, __FUNCTION__, __VA_ARGS__) The maintainer has been MIA for over a year with PRs on 8 ports. I'm not waiting for this one to time out too. While here, reset MAINTAINER. PR: 197785 Submitted by: marino Approved by: maintainer reset
* Kerberos Version 5, Release 1.12.3 is released. This fixes multiplecy2015-02-225-200/+3
| | | | | | | | | | | | | | | | | vulnerabilities, some previously committed by point patches and others newly fixed in this release. * Fix multiple vulnerabilities in the LDAP KDC back end. [CVE-2014-5354] [CVE-2014-5353] * Fix multiple kadmind vulnerabilities, some of which are based in the gssrpc library. [CVE-2014-5352 CVE-2014-5352 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423] Security: VuXML: 63527d0d-b9de-11e4-8a48-206a8a720317 Security: CVE-2014-5354, CVE-2014-5353 Security: CVE-2014-5352, CVE-2014-5352, CVE-2014-9421 Security: CVE-2014-9422, CVE-2014-9423
* Kerberos Version 5, Release 1.12.3 is released affectingcy2015-02-221-0/+29
| | | | | | | | | | | | | | | | security/krb5-112. This fixes multiple vulnerabilities, some previously committed by point patches and others newly fixed in this release. * Fix multiple vulnerabilities in the LDAP KDC back end. [CVE-2014-5354] [CVE-2014-5353] * Fix multiple kadmind vulnerabilities, some of which are based in the gssrpc library. [CVE-2014-5352 CVE-2014-5352 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423] Security: CVE-2014-5354, CVE-2014-5353 Security: CVE-2014-5352, CVE-2014-5352, CVE-2014-9421 Security: CVE-2014-9422, CVE-2014-9423
* - Drop @dirrm* from plistamdmi32015-02-211-1/+0
|
* - Add LICENSEamdmi32015-02-212-1/+3
| | | | - Drop @dirrm* from plist
* Fix broken rpath.cy2015-02-213-29/+52
| | | | Submitted by: hrs
* - One more fix for i386 assembly.vsevolod2015-02-212-0/+12
| | | | - Bump revision (package is changed).
* - Use USES=twistedsunpoet2015-02-201-3/+2
| | | | With hat: python
* - Add empty directory to plistamdmi32015-02-202-1/+2
| | | | - Clarify LICENSE
* Remove xstproc dependency if DOCS & MANPAGES are not selected.ale2015-02-202-27/+36
| | | | | PR: 195935 Submitted by: jbeich
* - Update to 2.012jadawin2015-02-202-3/+3
| | | | | PR: 197737 Submitted by: adamw@
* Add armv6 as supported arch.ale2015-02-192-4/+15
| | | | | PR: 197609 Submitted by: egypcio@googlemail.com
* - Upgrade to 2.0.27 (bugfixes).kuriyama2015-02-193-6/+7
|
* - Upgrade to 2.1.2 (bugfixes).kuriyama2015-02-192-7/+6
|
* - Update to 15.0.0sunpoet2015-02-192-3/+3
| | | | Changes: http://twistedmatrix.com/trac/browser/tags/releases/twisted-15.0.0/twisted/conch/topfiles/NEWS
* Document unzip heap based buffer overflow in iconv patch.delphij2015-02-181-0/+28
| | | | PR: ports/197772
* Add modified date to entries I touched recently.madpilot2015-02-181-0/+2
| | | | Noticed by: kwm (thanks)
* Fix build with Perl 5.20.mat2015-02-181-0/+13
| | | | | | PR: 194865 Submitted by: Mike Kuznetsov Sponsored by: Absolight
* Add CVE number to asterisk advisory.madpilot2015-02-181-0/+1
|
* Update to 0.52.adamw2015-02-182-4/+5
| | | | | | Remove stale dependency on Any::Moose and add dependency on Math::BigInt. Changes: https://metacpan.org/changes/distribution/GnuPG-Interface
* - Fix version requirement for security/libgpg-error BUILD_DEPENDzi2015-02-171-1/+1
|
* Update to 3.3.0.wxs2015-02-177-25/+35
|
* Update to 0.12.adamw2015-02-152-5/+4
| | | | Changes: https://metacpan.org/changes/distribution/Crypt-Password-Util
* Add security/p5-Crypt-OpenSSL-EC and security/p5-Crypt-OpenSSL-ECDSA,adamw2015-02-159-0/+65
| | | | interfaces to elliptic curve functions from OpenSSL.
* Update to 0.10.adamw2015-02-153-5/+3
| | | | Changes: https://metacpan.org/changes/distribution/Crypt-OpenSSL-Random
* Update to 0.15.adamw2015-02-152-4/+3
| | | | Changes: https://metacpan.org/changes/distribution/Crypt-OpenSSL-DSA
* Update to 0.6.adamw2015-02-152-4/+3
| | | | Changes: https://metacpan.org/changes/distribution/Crypt-OpenSSL-Bignum
* - Update to version 1.44b [1]jbeich2015-02-153-18/+17
| | | | | | | | | | | - Unbreak install with LOCALBASE != PREFIX [2] Changes: http://lcamtuf.coredump.cx/afl/ChangeLog.txt PR: 197564 [1] PR: 197644 [2] Submitted by: fk@fabiankeil.de (maintainer) [1] Approved by: fk@fabiankeil.de (maintainer) [2] Approved by: mentors (implicit)
* Backported patches for CVE-2014-5353 and CVE-2014-5354 received from MITcy2015-02-145-6/+248
| | | | | | | for krb5-111 and krb5-112. Obtained from: Greg Hudson <ghudson@mit.edu> Security: CVE-2014-5353, CVE-2014-5354
* Backported patches for CVE-2014-5353 and CVE-2014-5354 received from MITcy2015-02-141-3/+3
| | | | | | | for krb5-111 and krb5-112. Obtained from: Greg Hudson <ghudson@mit.edu> Security: CVE-2014-5353, CVE-2014-5354
* - Always use instances logic in rc script. This should make it easier to ↵zi2015-02-132-1/+4
| | | | | | start with one instance and add others without complexity. - Bump PORTREVISION
* Fix php-session dependency and remove plist.ale2015-02-132-2/+4
| | | | | PR: 197751 Submitted by: garga
* - Additional fixes from the krb5 commitzi2015-02-131-1/+3
|
* - Correct errors in previous commit to resolve buildzi2015-02-131-14/+17
|
* Forbid krb5-111 and krb5-112.cy2015-02-132-0/+4
| | | | | Security: CVE-2014-5353, CVE-2014-5354 Security: VUXML: 3a888a1e-b321-11e4-83b2-206a8a720317
* Document new krb5 vulnerabilities.cy2015-02-131-0/+44
| | | | Security: CVE-2014-5353, CVE-2014-5354
* Update 1.13 --> 1.13.1, incorporates MITKRB5-SA-2015-001 (committed incy2015-02-132-7/+3
| | | | r378417).
* Fix gcc5 build for DragonFly BSD.cy2015-02-132-1/+11
| | | | | PR: 197561 Submitted by: marino
* The xorg-server entry in commit 378888, also mention portepoch for the otherkwm2015-02-131-1/+1
| | | | version we want to check.
* Document xorg-server CVE-2015-0255.kwm2015-02-131-0/+43
| | | | Information leak in the XkbSetGeometry request of X servers
* security/reop: Quietly clean up after myselfkoobs2015-02-121-3/+0
| | | | Remove commented out *FLAGS
* [NEW] security/reop: Reasonable Expectation Of Privacykoobs2015-02-124-0/+46
| | | | | | | | | | | reop is a simple, semi-modern wannabe PGP clone. Supported operations include signing -S and verifying -V messages, plus a variety of options for encrypting messages (-D -E). It does everything you'd expect a PGP program to do. More accurately, it does everything I expect you to expect a PGP program to do. WWW: https://github.com/tedu/reop
* [NEW] security/libnacl: Python bindings for NaClkoobs2015-02-124-0/+31
| | | | | | | | | | | This library is used to gain direct access to the functions exposed by Daniel J. Bernstein's nacl library via libsodium or tweetnacl. It has been constructed to maintain extensive documentation on how to use nacl as well as being tely portable. The file in libnacl/__init__.py can be pulled out and placed directly in any project to give a single file binding to all of nacl. WWW: https://libnacl.readthedocs.org
* Horde package update:mm2015-02-112-3/+3
| | | | | | | | | | | | | | | | | | | | | comms/pear-Horde_ActiveSync 2.24.0 -> 2.24.1 devel/pear-Horde_Alarm 2.2.3 -> 2.2.4 devel/pear-Horde_Core 2.18.3 -> 2.19.0 security/pear-Horde_Crypt 2.5.2 -> 2.5.3 databases/pear-Horde_HashTable 1.2.1 -> 1.2.2 graphics/pear-Horde_Image 2.1.0 -> 2.2.0 devel/pear-Horde_Prefs 2.7.1 -> 2.7.2 net/pear-Horde_Rpc 2.1.2 -> 2.1.3 devel/pear-Horde_Stream_Wrapper 2.1.1 -> 2.1.2 www/horde-ansel 3.0.1 -> 3.0.2 www/horde-base 5.2.3 -> 5.2.4 mail/horde-imp 6.2.6 -> 6.2.7 mail/horde-ingo 3.2.3 -> 3.2.4 deskutils/horde-kronolith 4.2.4 -> 4.2.5 deskutils/horde-mnemo 4.2.3 -> 4.2.4 deskutils/horde-nag 4.2.3 -> 4.2.4 mail/horde-turba 4.2.4 -> 4.2.5 devel/horde-whups 3.0.1 -> 3.0.2
* Update to 1.8.12garga2015-02-103-7/+10
|
* Update to 0.2.6.2-alphabf2015-02-092-4/+3
| | | | | PR: 196829 Submitted by: N. Chauhan
* security/ca_root_nss: Fix SSL verification for ports OpenSSL consumerskoobs2015-02-093-13/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since 2.7.9, Python verifies SSL certificates by default. Currently, even with security/ca_root_nss installed, Python fails certificate verification. Upon investigation, Python uses OpenSSL's standard SSL_CTX_load_verify_locations function to load a list of CA root certificates. Support was added to ca_root_nss for "out of the box" certificate verification for a number of base utilities in r372629 [1], but this did not include support for software that uses OpenSSL's SSL_CTX_load_verify_locations function. [1] https://svnweb.freebsd.org/changeset/ports/372629 OpenSSL defaults (at compile time) to the following paths and filenames for certificate and CAFile lookup: Base: SSL_CERT_DIR=/etc/ssl/certs SSL_CERT_FILE/etc/ssl/cert.pem Ports: SSL_CERT_DIR=/usr/local/openssl/certs SSL_CERT_FILE=/usr/local/openssl/cert.pem This change installs a symlink which points to the root certificate bundle in the location that OpenSSL from ports looks for them. This allows any and all software utilising SSL_CTX_load_verify_locations function to verify SSL certificates by default after installation of this package. Additionally, display a pkg-message to the user about the lack of warranty associated with these certificates. Note: This is *NOT* related to solving for SSL certificate verification for OpenSSL in Base, which is covered in bug 189811. While I'm here: - Add LICENSE - Use options helpers and OPTIONS_SUB - Fix typo in !!! message !!! PR: 196431 Submitted by: koobs Reviewed by: jbeich Approved by: maintainer timeout (1 month)
* In r378499, PostgreSQL package names where not version-suffixed. Fixed this.girgen2015-02-091-1/+13
| | | | Submitted by: kuriyama@
* Add conflicts with new softhsm2 port.erwin2015-02-091-0/+2
|
* Add beta version of softhsm2, Software implementation of aerwin2015-02-095-0/+80
| | | | | | | Hardware Security Module (HSM) PR: 196096 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl>
* - Update to 5.95ashish2015-02-092-4/+3
|
* - Update to 0.08ashish2015-02-092-4/+3
|
* - Update to 1.64ashish2015-02-092-4/+3
|
* security/libgcrypt: fix some issuespi2015-02-072-2/+24
| | | | | | | | | - Fix crash at cipher/salsa20.c module on amd64. - Fix strip shared object. - Bump PORTREVISION. PR: 197146 Submitted by: cpm@fbsd.es (maintainer)
* Fix CVE name for www/chromium entryrene2015-02-071-1/+1
| | | | Submitted by: bz via bot
* Document two recent OpenLDAP DoS issues.delphij2015-02-071-0/+32
|
* Document new vulnerabilities in www/chromium < 40.0.2214.111rene2015-02-071-0/+43
| | | | | Submitted by: Carlos Jacobo Puga Medina Obtained from: http://googlechromereleases.blogspot.nl/
* security/ipsec-tools: 0.8.1 -> 0.8.2pi2015-02-075-19/+50
| | | | | | | | | | | | | | | | From ChangeLog: - Fix admin port establish-sa for tunnel mode SAs (Alexander Sbitnev) - Fix source port selection regression from version 0.8.1 - Various logging improvements - Additional compliance and build fixes From submitter: - extra patch to adding wildcard psk option PR: 196930 Submitted by: Harald Schmalzbauer <bugzilla.freebsd@omnilan.de>, Ed Schouten <ed@80368.nl> Approved by: vanhu (maintainer)
* - Fix assembler opcodes on i386vsevolod2015-02-062-1/+29
| | | | | - Fix build on FreeBSD < 10 - Do not bump revision since this only affects broken systems
* Update PostgreSQL-9.x to latests versions.girgen2015-02-061-0/+47
| | | | | | | | | | | This update fixes multiple security issues reported in PostgreSQL over the past few months. All of these issues require prior authentication, and some require additional conditions, and as such are not considered generally urgent. However, users should examine the list of security holes patched below in case they are particularly vulnerable. Security: CVE-2015-0241,CVE-2015-0242,CVE-2015-0243, CVE-2015-0244,CVE-2014-8161
* - Update to 1.0.2vsevolod2015-02-063-5/+12
| | | | | | | | - Resolve undefined reference for pre-10 i386 FreeBSD [1] - Do not touch dependant ports as SONAME is unchanged PR: 193281 [1] Submitted by: Andriy Voskoboinyk <s3erios at gmail.com> [1]
* GPuTTY is a frontend to the SSH client, using the Gtk+ toolkit.jgh2015-02-064-0/+31
| | | | | | | WWW: http://www.defora.org/os/project/334/gputty PR: 197331 (based on) Submitted by: Olivier Cochard-Labbe <olivier@cochard.me>
* Remove 734bcd49-aae6-11e4-a0c1-c485083ca99c because Adobe Flash Player 11.xtijl2015-02-051-36/+0
| | | | | isn't affected. See February 2 revision of https://helpx.adobe.com/security/products/flash-player/apsa15-02.html
* Correct various packaging issues:cy2015-02-059-104/+91
| | | | | | | | | - Libraries are not installed stripped; - pkgconfig files should be installed to libdata; - Use of deprecated @dirrm[try] PR: PR/197338 Submitted by: delphij
* - Add rc script w/multi-instance supportzi2015-02-052-0/+62
| | | | - Bump PORTREVISION
* Address: krb5 -- Vulnerabilities in kadmind, libgssrpc,cy2015-02-056-1/+18
| | | | | | | | | | | | | | | | gss_process_context_token VU#540092 CVE-2014-5352: gss_process_context_token() incorrectly frees context CVE-2014-9421: kadmind doubly frees partial deserialization results CVE-2014-9422: kadmind incorrectly validates server principal name CVE-2014-9423: libgssrpc server applications leak uninitialized bytes Security: VUXML: 24ce5597-acab-11e4-a847-206a8a720317 Security: MIT KRB5: VU#540092 Security: CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
* New port: security/kstart:zi2015-02-054-0/+37
| | | | | | | | | | | | | k5start is a modified version of kinit that can use keytabs to authenticate, can run as a daemon and wake up periodically to refresh a ticket, and can run single commands with their own authentication credentials and refresh those credentials until the command exits. It is commonly used to maintain Kerberos tickets for services that need to authenticate to minimize the amount of Kerberos-related logic that must be in the service itself. WWW: http://www.eyrie.org/~eagle/software/kstart/
* Add the following KRB5 CVEs.cy2015-02-051-0/+56
| | | | | | | | | | | | CVE-2014-5352: gss_process_context_token() incorrectly frees context CVE-2014-9421: kadmind doubly frees partial deserialization results CVE-2014-9422: kadmind incorrectly validates server principal name CVE-2014-9423: libgssrpc server applications leak uninitialized bytes Security: CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
* security/vpnc: Update sysdep.h patch to support dragonflymarino2015-02-041-7/+12
| | | | | | | While here, remove the __FreeBSD_version check as this will always pass on supported releases of FreeBSD. Approved by: blanket (non-invasive DragonFly support)
* Update to 2.1gblach2015-02-042-4/+4
|
* Document unzip out of boundary access issues in test_compr_eb.delphij2015-02-041-0/+32
| | | | PR: ports/197300
* - Fix install by plain user (properly handle suid files in plist)amdmi32015-02-042-7/+4
| | | | - Drop @dirrm* from plist
* - Fix build on recent current: properly handle removed ioctlamdmi32015-02-042-7/+17
| | | | | | - Add LICENSE_FILE - Fix whitespace - Remove unneeded options.mk include
* security/bro, security/broccoli: 2.3 -> 2.3.2pi2015-02-036-138/+138
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This updates bro and broccoli from 2.3 and 2.3.2, which is a security update. Changes to the bro port: - Rework openssl option logic - Remove obsolete - pkgng related changes Changes to the broccoli port: - Remove unused DOCS option - Enable PYTHON by default - pkgng related changes - Minor portlint changes Changes in 2.3.2: - DNP3: fix reachable assertion and buffer over-read/overflow. CVE number pending. (Travis Emmert, Jon Siwek) - Update binpac: Fix potential out-of-bounds memory reads in generated code. CVE-2014-9586. (John Villamil and Chris Rohlf - Yahoo Paranoids, Jon Siwek) - BIT-1234: Fix build on systems that already have ntohll/htonll. (Jon Siwek) - BIT-1291: Delete prebuilt python bytecode files from git. (Jon Siwek) - Adding call to new binpac::init() function. (Robin Sommer) Changes in 2.3.1: - Fix a reference counting bug in ListVal ctor. (Jon Siwek) - Fix possible buffer over-read in DNS TSIG parsing. (Jon Siwek) - Change EDNS parsing code to use rdlength more cautiously. (Jon Siwek) - Fix null pointer dereference in OCSP verification code in case no certificate is sent as part as the ocsp reply. Addresses BIT-1212. (Johanna Amann) - Fix OCSP reply validation. Addresses BIT-1212 (Johanna Amann) - Make links in documentation templates protocol relative. (Johanna Amann) PR: 197107 Submitted by: Craig Leres <leres@ee.lbl.gov> (maintainer) Reviewed by: koobs
* Remove expired ports:rene2015-02-0327-1734/+0
| | | | | | | | | 2015-01-31 audio/py-eyed3-06: In audio/abcde dependency has been changed to audio/py-eyed3 2015-01-31 mail/postfix210: Use mail/postfix instead. 2015-01-31 net-im/venom: No more support from the project 2015-02-01 security/openssh-portable66: security/openssh-portable now has all patches working. This port is obsolete. 2015-01-31 www/p5-WWW-Scraper-ISBN-Driver: Merged to www/p5-WWW-Scraper-ISBN by upstream 2015-01-31 www/p5-WWW-Scraper-ISBN-Record: Merged to www/p5-WWW-Scraper-ISBN by upstream
* - Update to 1.38bamdmi32015-02-033-12/+114
| | | | | PR: 197274 Submitted by: fk@fabiankeil.de (maintainer)
* Add linux-f10-devtools (any version) and linux-c6-devtools (prior to 6.6_3) toxmj2015-02-031-0/+9
| | | | | | the CVE-2015-0235 entry from 2015-01-28. Approved by: swills (mentor)
* Add net-mgmt/xymon-server CVE-2015-1430feld2015-02-021-0/+28
|
* www/linux-*-flashplugin11: Add CVE-2015-0313xmj2015-02-021-0/+36
| | | | | Spotted by: kwm Approved by: swills (mentor)
* - Fix build from plain useramdmi32015-02-021-3/+4
|
* Fix a typo.hrs2015-02-021-1/+1
|
* Add security/p5-Heimdal-Kadm5, a perl module for Heimdal Kerberoshrs2015-02-026-0/+92
| | | | administrative client library (libkadm5clnt).
* Add security/p5-Authen-Simple-Kerberos, Kerberos backend forhrs2015-02-025-0/+27
| | | | p5-Authen-Simple.
* Add security/p5-Authen-Krb5-Simple, simple Kerberos authentication module.hrs2015-02-027-0/+139
|
generated by cgit (git 2.34.1) at 2024-12-11 16:29:51 +0800