aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* Document earlier dhcpcd security issue that has been fixed in an earlierjunovitch2016-04-181-0/+31
| | | | | | | | | | version before the security implications were reported. PR: 208840 Submitted by: Ben Woods <woodsb02@gmail.com> Submitted by: Roy Marples <roy@marples.name> Security: CVE-2014-7912 Security: https://vuxml.FreeBSD.org/freebsd/092156c9-04d7-11e6-b1ce-002590263bf5.html
* security/py-cryptography: Update to 1.3.1brnrd2016-04-184-35/+35
| | | | | | | | | | - Update to latest version 1.3.1 - Remove patch now included upstream - Add patch to allow build without openssl/e_os.h in base Reviewed by: koobs (mentor, python), feld (mentor) Approved by: feld (mentor) Differential Revision: D5959
* security/libtasn1: update to 4.8novel2016-04-173-4/+4
|
* Document dhcpcd security remote execution/denial of servicejunovitch2016-04-171-0/+31
| | | | | | | PR: 208840 Submitted by: Ben Woods <woodsb02@gmail.com> Security: CVE-2014-7913 Security: https://vuxml.FreeBSD.org/freebsd/6ec9f210-0404-11e6-9aee-bc5ff4fb5ea1.html
* Update to 0.030.vanilla2016-04-173-26/+7
|
* Update rekall to 1.5.0antoine2016-04-168-37/+86
|
* Update plone stack to 4.3.8rm2016-04-166-17/+18
| | | | | | | Changelog: https://plone.org/products/plone/releases/4.3.8 With hat: zope
* - Update to 2.0.2sunpoet2016-04-162-5/+5
| | | | | | - Sort RUN_DEPENDS Changes: https://github.com/google/oauth2client/releases
* Unbreakantoine2016-04-161-1/+0
| | | | Reported by: pkg-fallout
* security/py-flask-httpauth: update to 3.1.1rm2016-04-162-3/+3
|
* Document Asterisk and PJsip vulnerabilities.madpilot2016-04-151-0/+77
|
* Support the various forms of Kerberos via options.cy2016-04-152-21/+59
| | | | PR: 207507
* Fix autogenerated shebang for perl5.cy2016-04-151-2/+2
|
* Revert r413343. The bulk of it was committed by mistake.cy2016-04-152-60/+22
|
* Fix autogenerated shebang for perl5.cy2016-04-152-22/+60
|
* Update to 1.4.26arved2016-04-152-3/+3
|
* Update to 1.8.0.mat2016-04-147-32/+31
| | | | | | PR: 208745, 208746 Submitted by: Sergei Vyshenski (maintainer) Sponsored by: Absolight
* USE_RC_SUBR=yes has not done anything for a long time, remove it frommat2016-04-141-1/+0
| | | | | | the few remaining ports and make it give an error. Sponsored by: Absolight
* Document go remote denial of servicejunovitch2016-04-141-0/+30
| | | | | Security: CVE-2016-3959 Security: https://vuxml.FreeBSD.org/freebsd/f2217cdf-01e4-11e6-b1ce-002590263bf5.html
* - Update to 1.7.0sbz2016-04-143-4/+11
|
* - Update to 0.7sbz2016-04-143-6/+13
| | | | Reported by: Robert Swiecki <robert at swiecki.net> (author)
* - Update to 16.0.0sbz2016-04-142-4/+4
| | | | - Allow Python concurrent installation
* Document linux-c6-nspr which was overlooked in previous vuxml entryfeld2016-04-141-0/+5
|
* Add a patch to pass the size of struct sockaddr_in or sockaddr_in6 totijl2016-04-142-16/+47
| | | | | | | | bind(2) instead of sockaddr_storage. It doesn't accept the latter even though it's big enough. PR: 208753 Tested by: kwinkelman@mcclatchy.com
* security/clambc: convert to CONFIGURE_OUTSOURCEjbeich2016-04-139-26/+24
| | | | | Approved by: portmgr blanket Differential Revision: https://reviews.freebsd.org/D5895
* CentOS ports: for c6_64, install 32bit libraries alongsideswills2016-04-1322-54/+155
| | | | | PR: 206943 Submitted by: xmj
* Update to 1.74.adamw2016-04-132-3/+3
| | | | Changes: http://cpansearch.perl.org/src/MIKEM/Net-SSLeay-1.74/Changes
* Multiple vulnerabilities in Samba.timur2016-04-131-0/+79
| | | | | | | | | | | | | | | | | | | | | | | | [CVE-2015-5370] Errors in Samba DCE-RPC code can lead to denial of service (crashes and high cpu consumption) and man in the middle attacks. [CVE-2016-2110] The feature negotiation of NTLMSSP is not downgrade protected. A man in the middle is able to clear even required flags, especially NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL. [CVE-2016-2111] When Samba is configured as Domain Controller it allows remote attackers to spoof the computer name of a secure channel's endpoints, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic. [CVE-2016-2112] A man in the middle is able to downgrade LDAP connections to no integrity protection. [CVE-2016-2113] Man in the middle attacks are possible for client triggered LDAP connections (with ldaps://) and ncacn_http connections (with https://). [CVE-2016-2114] Due to a bug Samba doesn't enforce required smb signing, even if explicitly configured. [CVE-2016-2115] The protection of DCERPC communication over ncacn_np (which is the default for most the file server related protocols) is inherited from the underlying SMB connection. [CVE-2016-2118] a.k.a. BADLOCK. A man in the middle can intercept any DCERPC traffic between a client and a server in order to impersonate the client and get the same privileges as the authenticated user account. This is most problematic against active directory domain controllers. Security: CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118 Sponsored by: Micro$oft
* Unbreak.mat2016-04-122-4/+5
| | | | | | PR: 208720 Submitted by: tkato432 yahoo com Sponsored by: Absolight
* security/p5-Protocol-ACME: change DISTSITE from github to CPAN, add dependencypi2016-04-122-5/+6
| | | | | PR: 208741 Submitted by: mat
* Update to 3.4.11.tijl2016-04-123-4/+4
|
* Fix build as a userbapt2016-04-121-2/+2
|
* - Update to 1.73sunpoet2016-04-122-3/+3
| | | | Changes: http://search.cpan.org/dist/Net-SSLeay/Changes
* New ports: security/ p5-Crypt-Format p5-Crypt-RSA-Parse p5-Protocol-ACMEpi2016-04-1113-0/+114
| | | | | | | | | | | | | | Conversion utilities for encryption applications WWW: http://search.cpan.org/dist/Crypt-Format/ Parse RSA keys for useful information WWW: http://search.cpan.org/dist/Crypt-RSA-Parse/ Interface to the Let's Encrypt ACME API WWW: http://search.cpan.org/dist/Protocol-ACME/
* - Update to 2.025jadawin2016-04-112-3/+3
|
* Fix buil as a user.mat2016-04-111-0/+14
| | | | Sponsored by: Absolight
* security/fastd-devel: change DISTSITE to httpspi2016-04-101-2/+2
| | | | | PR: 208425 Submitted by: Jan Bramkamp <crest_maintainer@rlwinm.de> (maintainer)
* Convert to @samplebapt2016-04-105-48/+14
|
* - Update to 0.09ashish2016-04-102-3/+3
|
* - Update to 1.42ashish2016-04-102-4/+6
| | | | - Add LICENSE information
* - Update to 0.21ashish2016-04-102-4/+3
|
* - Update to 0.75ashish2016-04-102-4/+3
|
* - Update to 20160407danilo2016-04-102-4/+4
|
* security/sslsplit: update to 0.5.0swills2016-04-093-16/+3
|
* - Update to 0.291sunpoet2016-04-093-5/+6
| | | | | | - Remove leading definite article from COMMENT Changes: http://search.cpan.org/dist/POE-Filter-SSL/Changes
* - Update to 1.057sunpoet2016-04-092-3/+3
| | | | Changes: http://search.cpan.org/dist/Net-SSLGlue/Changes
* - Update to 0.5.0cpm2016-04-082-3/+3
| | | | Approved by: junovitch (mentor), koobs (maintainer, letsencrypt)
* - Update to 0.5.0cpm2016-04-082-6/+8
| | | | | | | - Add dependency on dns/py-idna - Fix TEST_DEPENDS according to requirements. Approved by: junovitch (mentor), koobs (maintainer, letsencrypt)
* security/letsencrypt.sh: Update to 0.1.0brnrd2016-04-082-4/+4
| | | | | | | | - Update to first release 0.1.0 Reviewed by: Sasha <sasha@root-login.org> (maintainer), feld (mentor) Approved by: Sasha <sasha@root-login.org> (maintainer), feld (mentor) Differential Revision: D5780
* - add some more manpagesdinoex2016-04-071-0/+27
| | | | | PR: 208602 Submitted by: timp87@gmail.com
* Horde package update:mm2016-04-074-6/+6
| | | | | | | | | | | | | | | | | | security/pear-Horde_Auth 2.1.11 -> 2.1.12 security/pear-Horde_Crypt 2.7.2 -> 2.7.3 www/pear-Horde_Css_Parser 1.0.8 -> 1.0.9 www/pear-Horde_Dav 1.1.2 -> 1.1.3 mail/pear-Horde_ListHeaders 1.2.3 -> 1.2.4 sysutils/pear-Horde_Log 2.1.3 -> 2.2.0 devel/pear-Horde_Nls 2.1.1 -> 2.2.0 comms/pear-Horde_SyncMl 2.0.6 -> 2.0.7 mail/horde-imp 6.2.13 -> 6.2.14 mail/horde-ingo 3.2.9 -> 3.2.10 deskutils/horde-nag 4.2.8 -> 4.2.9 devel/horde-timeobjects 2.1.1 -> 2.1.2 mail/horde-turba 4.2.13 -> 4.2.14 mail/horde-webmail 5.2.13 -> 5.2.14 deskutils/horde-groupware 5.2.13 -> 5.2.14
* security/mbedtls: add TEST_TARGETgahr2016-04-061-0/+1
|
* Port stat(1) calls in several scripts.tijl2016-04-065-1/+162
| | | | | | PR: 208556 Submitted by: kwinkelman@mcclatchy.com MFH: 2016Q2
* - Switch to options helpersamdmi32016-04-056-30/+32
| | | | - Regenerate patches with `make makepatch`
* - Switch to options helpersamdmi32016-04-051-3/+5
|
* - Add LICENSEamdmi32016-04-055-19/+25
| | | | | - Switch to options helpers - Regenerate patches with `make makepatch`
* - Add LICENSEamdmi32016-04-051-4/+5
| | | | | - Switch to USES=localbase - Switch to options helpers
* - Bump PORTREVISION since distinfo changed.wen2016-04-051-0/+1
|
* security/tls-check: more dependency fixespi2016-04-051-3/+6
| | | | Submitted by: Johan Hendriks <joh.hendriks@gmail.com>
* - Update GH_TAGNAME which forgot in last commitwen2016-04-052-3/+3
| | | | Spotted by: mat@
* security/tls-check: add missing dependpi2016-04-051-2/+3
|
* One more fix for /usr/sbin/service -R.mandree2016-04-052-1/+4
|
* Work around 10.3-RELEASE's service(8) shortcomingsmandree2016-04-052-0/+10
| | | | | PR: 208534 Reported by: allan@saddi.com
* - Update to 20151014wen2016-04-053-3/+5
| | | | | | | - Add WWW PR: 208461 Submitted by: jrm@ftfl.ca(maintainer)
* - remove NOPRECIOUS*dinoex2016-04-051-12/+9
| | | | - make portlint happier
* Add new port security/libadacryptmarino2016-04-056-0/+404
| | | | | | | | | | | | | | | | | | | | | | This is a crypto library for Ada with a nice API and is written for the i386 and x86_64 hardware architecture. Symmetric cryptography supported: * Blockciphers: AES, Twofish, 3DES, Serpent * Hash functions: SHA-1, SHA-256, SHA-384, SHA-512, Whirlpool * MACs: RMAC, HMAC, CMAC * Modes of operation: BPS, CFB, Ctr, OFB * Authenticated Encryption Schemes: OCB, SIV, McOE Assymmetric cryptography supported: * DSA signature scheme * OEAP-RSA * ECDSA, ECDH Unsigned big number library features: * Primary cyclic group arithmetic (Z_p) * Binary Field arithmetic support * Elliptic Curve arithmetic
* devel/ruby-gems: Update to 2.6.2swills2016-04-041-14/+14
| | | | | PR: 208371 Submitted by: wen (partial)
* security/tls-check: small changespi2016-04-043-5/+9
| | | | | | | | - add missing depends [1] - update to latest commit [2] - fixes some make test aspects Submitted by: Florian Smeets <flo@smeets.xyz> [1], Alvar C.H. Freude <af@alvar-freude.de> [2]
* security/tls-check: add missing dependenciespi2016-04-041-1/+3
| | | | Submitted by: netchild
* security/strongswan: unbreak FreeBSD 9 buildsjunovitch2016-04-031-0/+13
| | | | | | | | - Add patch to include sys/endian.h header PR: 208446 Submitted by: strongswan@Nanoteq.com (maintainer) MFH: 2016Q2 (build fix blanket)
* Document multiple vulnerabilities from the 31 Mar 16 PHP releasesjunovitch2016-04-031-0/+72
| | | | | | PR: 208465 Reported by Christian Schwarz <me@cschwarz.com> Security: https://vuxml.FreeBSD.org/freebsd/482d40cb-f9a3-11e5-92ce-002590263bf5.html
* Document PCRE heap overflow vulnerabilityjunovitch2016-04-031-0/+33
| | | | | | | PR: 208260 Reported by: Sevan Janiyan <venture37@geeklan.co.uk> Security: CVE-2016-1283 Security: https://vuxml.FreeBSD.org/freebsd/497b82e0-f9a0-11e5-92ce-002590263bf5.html
* Update to 4.06ehaupt2016-04-032-3/+3
| | | | Approved by: lx (maintainer)
* security/tls-check: seperate TEST_DEPENDS from other DEPENDSpi2016-04-032-20/+19
| | | | Submitted by: adamw
* security/py-{letsencrypt,acme}: Update to 0.4.2cpm2016-04-034-6/+6
| | | | | | - Update py-acme and py-letsencrypt ports. Approved by: koobs (maintainer, letsencrypt)
* Document djblets vulnerability from the 0.9.2 release notesjunovitch2016-04-031-0/+34
| | | | Security: https://vuxml.FreeBSD.org/freebsd/df328fac-f942-11e5-92ce-002590263bf5.html
* Document multiple security advisories for Moodlejunovitch2016-04-031-0/+64
| | | | | | | | | | | | | | Security: CVE-2016-2151 Security: CVE-2016-2152 Security: CVE-2016-2153 Security: CVE-2016-2154 Security: CVE-2016-2155 Security: CVE-2016-2156 Security: CVE-2016-2157 Security: CVE-2016-2158 Security: CVE-2016-2159 Security: CVE-2016-2190 Security: https://vuxml.FreeBSD.org/freebsd/a430e15d-f93f-11e5-92ce-002590263bf5.html
* Add additional reference URL for Kamailio entry from r411376junovitch2016-04-031-0/+2
| | | | | Security: CVE-2016-2385 Security: https://vuxml.FreeBSD.org/freebsd/c428de09-ed69-11e5-92ce-002590263bf5.html
* Document squid multiple vulnerabilitiesjunovitch2016-04-031-0/+51
| | | | | | | PR: 208463 Security: CVE-2016-3947 Security: CVE-2016-3948 Security: https://vuxml.FreeBSD.org/freebsd/297117ba-f92d-11e5-92ce-002590263bf5.html
* security/tls-check: patch is no longer necessarypi2016-04-031-10/+0
|
* security/tls-check: use modbuild, not configurepi2016-04-032-2/+8
| | | | Submitted by: pi (maintainer)
* New port: security/tls-checkpi2016-04-036-0/+120
| | | | | | Scan a list of domains for TLS-related compliance stats. WWW: https://github.com/tls-check/TLS-Check
* security/l5: modernize port a bitrm2016-04-031-7/+4
| | | | | | | | - replace EXTRACT_SUFX with USES equivalent - use modern way of defining BROKEN to avoid using of bsd.port.pre.mk No functional changes, so no PORTREVISION bump is required.
* Update to 1.2.0antoine2016-04-022-4/+8
|
* security/clamav-unofficial-sigs: 5.0.4 -> 5.0.5pi2016-04-025-26/+29
| | | | | | | | Changes: https://github.com/extremeshok/clamav-unofficial-sigs/releases/tag/5.0.5 PR: 208459 Submitted by: Marko Njezic <sf@maxempire.com> (maintainer)
* Missed two occurences of ${PORTSDIR}/.mat2016-04-021-1/+1
| | | | | With hat: portmgr Sponsored by: Absolight
* - Switch to options helpersamdmi32016-04-012-3/+5
| | | | - Regenerate patches with `make makepatch`
* Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.mat2016-04-01567-2076/+2076
| | | | | With hat: portmgr Sponsored by: Absolight
* Fixup some whitespace at the beginning of lines problems.mat2016-04-016-11/+11
| | | | | With hat: portmgr Sponsored by: Absolight
* - Update to 1.4.0sunpoet2016-04-012-4/+4
| | | | | | - Update RUN_DEPENDS: remove PORTSDIR Changes: https://github.com/attr-encrypted/attr_encrypted/commits/1-x-stable
* - Update to 0.29sunpoet2016-04-013-10/+13
| | | | | | | | | | - Update *_DEPENDS: remove PORTSDIR - Sort *_DEPENDS - Use = instead of += - Strip shared library - Sort PLIST Changes: http://search.cpan.org/dist/POE-Filter-SSL/Changes
* Fix dependencies.tj2016-04-011-6/+7
|
* New port security/py-python-socal-auth 0.2.14tj2016-04-014-0/+31
| | | | | | | Python Social Auth is an easy-to-setup social authentication/registration mechanism with support for several frameworks and auth providers. WWW: https://github.com/omab/python-social-auth
* Add OPENLDAP_SASL option for changing LIB_DEPENDSume2016-04-012-1/+7
| | | | to openldap-sasl-client.
* security/clamav-unofficial-sigs: fix PREFIX in two patchespi2016-03-313-4/+5
| | | | | | PR: 208326 Submitted by: Lukasz Wasikowski <lukasz@wasikowski.net> Approved by: Marko Njezic <sf@maxempire.com> (maintainer)
* - Switch to USES=tar:tbz2amdmi32016-03-312-29/+15
| | | | | | | | - Switch to options helpers - Fix typo - Fix plist for WITH=QTGUI case Approved by: portmgr blanket
* This CVE is actually for the -contrib module:girgen2016-03-311-0/+1
| | | | Security: CVE-2016-3065
* Add vuxml entries for "Security Fixes for RLS, BRIN"girgen2016-03-311-0/+38
| | | | | | | in PostgreSQL 9.5 Security: CVE-2016-2193 Security: CVE-2016-3065
* security/clamav-unofficial-sigs: 3.7.2 -> 5.0.4, extremeshok forkpi2016-03-3113-143/+140
| | | | | | | | | | | | | | | | | | Changes: (long!) https://github.com/extremeshok/clamav-unofficial-sigs/releases This version of clamav-unofficial-sigs is eXtremeSHOK's fork. Configuration file location has changed from %PREFIX%/clamav-unofficial-sigs.conf to %PREFIX%/clamav-unofficial-sigs/ master.conf and os.conf hold default values, local changes should be placed in user.conf. PR: 208326 Submitted by: Talal Al Dik <tad@vif.com>, Lukasz Wasikowski <lukasz@wasikowski.net> Approved by: sf@maxempire.com (maintainer)
* Document latest batch of flash plugin vulnerabilities.tijl2016-03-311-0/+63
|
* - Update botan110 to 1.10.12madpilot2016-03-313-8/+8
| | | | | | | | | | - Chase shlib version bump in dependent ports PR: 208393 Submitted by: Lapo Luchini <lapo at lapo.it> (maintainer) Security: 2004616d-f66c-11e5-b94c-001999f8d30b Security: 4cd9b19f-f66d-11e5-b94c-001999f8d30b MFH: 2016Q1
* Document mutiple Botan vulnerabilities.madpilot2016-03-311-0/+59
| | | | | | | | | PR: 208393 Submitted by: Lapo Luchini <lapo at lapo.it> Security: CVE-2015-5726 Security: CVE-2015-5727 Security: CVE-2016-2194 Security: CVE-2016-2195
* Fix a couple of typos in security/py-crits.olgeni2016-03-301-2/+2
|
* - remove ${PORTSDIR} from dependencyohauer2016-03-302-5/+5
|
* Remove uneeded dependency on GNU m4bapt2016-03-304-8/+1
|
* Nmap 7.12 [2016-03-29]ohauer2016-03-302-3/+3
| | | | | | | | | | o [NSE] VNC updates including vnc-brute support for TLS security type and negotiating a lower RFB version if the server sends an unknown higher version. [Daniel Miller] o [NSE] Added STARTTLS support for VNC, NNTP, and LMTP [Daniel Miller] o Added new service probes and match lines for OpenVPN on UDP and TCP.
* Document multiple Mercurial vulnerabilitiesolivierd2016-03-301-0/+31
| | | | | | Security: CVE-2016-3630 Security: CVE-2016-3068 Security: CVE-2016-3069
* Document chromium vulnerabilitiescmt2016-03-301-0/+70
| | | | Approved by: miwi (mentor), rene (mentor)
* - Add CPE informationamdmi32016-03-301-1/+3
| | | | | | PR: 208327 Submitted by: shun.fbsd.pr@dropcut.net Approved by: portmgr blanket
* 1: Update to 0.028.vanilla2016-03-293-5/+27
| | | | 2: remove dependencies to p5-JSON & p5-Module-Build.
* - Update to 1.9.3amdmi32016-03-292-4/+4
| | | | | | | - While here, fix LICENSE PR: 208354 Submitted by: mp39590@gmail.com (maintainer)
* - cipher/salsa20.c (selftest): Ensure 16-byte alignment for salsa20cpm2016-03-294-28/+90
| | | | | | | | | context structure. - mpi/longlong.h: Fix build on sparc. PR: 206919 Approved by: junovitch (mentor)
* Bump PORTREVISION for gnutls update in r411990.tijl2016-03-291-0/+1
|
* Update security/elixir-comeonin to version 2.3.olgeni2016-03-283-3/+5
|
* Document BIND security advisoriesjunovitch2016-03-281-0/+119
| | | | | | | | | | | PR: 208034 Reported by: martin@lispworks.com Security: CVE-2016-1285 Security: CVE-2016-1286 Security: CVE-2016-2088 Security: https://vuxml.FreeBSD.org/freebsd/c9075321-f483-11e5-92ce-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/cba246d2-f483-11e5-92ce-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/cd409df7-f483-11e5-92ce-002590263bf5.html
* Syntax fix, drop leading FreeBSD- in <freebsdsa> tags as it caused links withjunovitch2016-03-281-3/+3
| | | | a FreeBSD-FreeBSD-SA starting the URL.
* security/libressl-devel: Update to 2.3.3brnrd2016-03-272-3/+3
| | | | | | Reviewed by: feld (mentor) Approved by: feld (mentor) Differential Revision: D5721
* - Update security/gnutls to 3.4.10.tijl2016-03-2728-228/+321
| | | | | | | | | | | | | | | | | | | | | | | | | | - Rename the LIBDANE option DANE because that's the name of the protocol supported by libgnutls-dane and gnutls-cli. Also clarify the option description. - Add an IDN option. - libgnutls-openssl has been removed in 3.4. Some ports used this library in their LIB_DEPENDS but no port actually required it. - Some old API functions have been removed. Ports that used these have been updated or patched to use the new API. - Add a patch to print/cups to prevent overlinking of libgnutls.so. - Bump PORTREVISION on dependent ports. net-im/jabber: This port used the old API to give users fine grained control over which crypto algorithms were used via a configuration file. It's not immediately obvious how to port this to the new API so the port always uses the defaults now. www/hydra: Mark BROKEN. This uses more removed calls than the other ports, is said to be alpha quality and not fully functional and has been abandoned 10 years ago. PR: 207768 Exp-run by: antoine Approved by: portmgr (antoine)
* Document Salt Insecure configuration of PAM external authentication servicejunovitch2016-03-271-0/+35
| | | | | | PR: 208244 Security: CVE-2016-3176 Security: https://vuxml.FreeBSD.org/freebsd/6d25c306-f3bb-11e5-92ce-002590263bf5.html
* - Update to 2016.2.28sunpoet2016-03-273-4/+4
| | | | Changes: https://github.com/certifi/python-certifi/commits/master
* - Update to 3.1.1sunpoet2016-03-262-5/+4
| | | | | | | - Add LICENSE_FILE - Remove outdated PORTSCOUT Changes: https://github.com/net-ssh/net-ssh/blob/3-1-release/CHANGES.txt
* Document multipule activemq vulnerabilities:tj2016-03-261-0/+92
| | | | | | | | | | | | | | | CVE-2016-0782 - ActiveMQ Web Console - Cross-Site Scripting CVE-2016-0734 - ActiveMQ Web Console - Clickjacking CVE-2015-5254 - Unsafe deserialization in ActiveMQ PR: 208163 PR: 208193 Security: CVE-2015-5254 Security: http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt Security: CVE-2016-0782 Security: http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt Security: CVE-2016-0734 Security: http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt
* Convert to USES=7z for trivial casesjbeich2016-03-251-7/+1
| | | | | Approved by: portmgr modernization blanket Differential Revision: https://reviews.freebsd.org/D4190
* - Update to 1.4amdmi32016-03-253-7/+7
| | | | | | | - While here, fix license and silence mkdir PR: 207787 Submitted by: jochen@jochen-neumeister.de (supposedly maintainer)
* Oh, it had been fixed just before.mat2016-03-241-2/+0
| | | | | | Reported by: antoine Pointy hat: mat Sponsored by: Absolight
* - Update to 0.6.0amdmi32016-03-242-3/+4
| | | | | | | - While here, add LICENSE_FILE PR: 208203 Submitted by: 6yearold@gmail.com (maintainer)
* - Fix symlink to icon fileamdmi32016-03-242-3/+4
| | | | | | | - While here, add LICENSE_FILE PR: 208237 Submitted by: admin@vladiom.com.ua
* Mark broken on 9.mat2016-03-241-0/+2
| | | | | | | | crypto_generichash/blake2/ref/blake2b-compress-ssse3.c: In function 'blake2b_compress_ssse3': crypto_generichash/blake2/ref/blake2b-compress-ssse3.c:66: note: use -flax-vector-conversions to permit conversions between vectors with differing element types or numbers of subparts crypto_generichash/blake2/ref/blake2b-compress-ssse3.c:66: error: incompatible type for argument 1 of '__builtin_ia32_psrlqi128' Sponsored by: Absolight
* - Update to 8.5.1amdmi32016-03-242-3/+3
| | | | | PR: 208151 Submitted by: douglas@douglasthrift.net (maintainer)
* - Fix build on 9.xvsevolod2016-03-241-3/+2
| | | | - Remove invalid mirror
* New port: security/akmos.rakuco2016-03-245-0/+52
| | | | | | | | | | | | | | | | | Akmos is a cryptographic library with CLI. It supports: - symmetric ciphering; - computing message digests (hashes); - calculating a message authentication code (MAC); Depends only on the standard C library. Primary develop for the x86_64 architecture. WWW: https://github.com/melanhit/akmos PR: 206987 Submitted by: Andrew Romanenko <melanhit@gmail.com>
* Horde package update:mm2016-03-248-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | comms/pear-Horde_ActiveSync 2.31.2 -> 2.31.8 devel/pear-Horde_Alarm 2.2.6 -> 2.2.7 www/pear-Horde_Browser 2.0.11 -> 2.0.12 devel/pear-Horde_Cache 2.5.2 -> 2.5.3 archivers/pear-Horde_Compress 2.1.4 -> 2.1.5 devel/pear-Horde_Core 2.22.6 -> 2.23.0 security/pear-Horde_Crypt 2.7.0 -> 2.7.2 devel/pear-Horde_Date 2.2.0 -> 2.3.0 devel/pear-Horde_Exception 2.0.7 -> 2.0.8 www/pear-Horde_Form 2.0.12 -> 2.0.13 security/pear-Horde_Group 2.1.0 -> 2.1.1 devel/pear-Horde_Icalendar 2.1.3 -> 2.1.4 graphics/pear-Horde_Image 2.3.4 -> 2.3.5 mail/pear-Horde_Imap_Client 2.29.5 -> 2.29.6 devel/pear-Horde_Itip 2.1.1 -> 2.1.2 textproc/pear-Horde_JavascriptMinify 1.1.2 -> 1.1.3 devel/pear-Horde_LoginTasks 2.0.6 -> 2.0.7 mail/pear-Horde_Mail_Autoconfig 1.0.2 -> 1.0.3 mail/pear-Horde_Mapi 1.0.6 -> 1.0.8 mail/pear-Horde_Mime 2.9.3 -> 2.9.4 mail/pear-Horde_Mime_Viewer 2.1.2 -> 2.1.3 devel/pear-Horde_Nls 2.1.0 -> 2.1.1 security/pear-Horde_Perms 2.1.6 -> 2.1.7 devel/pear-Horde_Prefs 2.7.5 -> 2.7.6 net/pear-Horde_Rpc 2.1.6 -> 2.1.7 security/pear-Horde_Share 2.0.8 -> 2.0.10 mail/pear-Horde_Smtp 1.9.2 -> 1.9.3 net/pear-Horde_Socket_Client 2.1.0 -> 2.1.1 textproc/pear-Horde_Text_Filter 2.3.3 -> 2.3.4 devel/pear-Horde_Timezone 1.0.10 -> 1.0.11 devel/pear-Horde_Token 2.0.8 -> 2.0.9 sysutils/pear-Horde_Vfs 2.3.1 -> 2.3.2 www/horde-ansel 3.0.3 -> 3.0.4 ftp/horde-gollem 3.0.7 -> 3.0.8 www/horde-base 5.2.9 -> 5.2.10 mail/horde-imp 6.2.12 -> 6.2.13 mail/horde-ingo 3.2.8 -> 3.2.9 deskutils/horde-kronolith 4.2.15 -> 4.2.16 deskutils/horde-mnemo 4.2.9 -> 4.2.10 deskutils/horde-nag 4.2.7 -> 4.2.8 www/horde-trean 1.1.4 -> 1.1.5 mail/horde-turba 4.2.12 -> 4.2.13 mail/horde-webmail 5.2.12 -> 5.2.13 deskutils/horde-groupware 5.2.12 -> 5.2.13 www/horde-wicked 2.0.4 -> 2.0.5
* Fix requirements fileantoine2016-03-241-1/+2
|
* - Update to 2.1.0sunpoet2016-03-242-6/+6
| | | | Changes: https://github.com/tinfoil/devise-two-factor/commits/master
* - Update to 1.204sunpoet2016-03-242-4/+4
| | | | Changes: http://search.cpan.org/dist/Digest-Bcrypt/Changes
* - Update to 0.24.0sunpoet2016-03-242-3/+3
| | | | Changes: https://gitlab.com/m2crypto/m2crypto/commits/master
* Update security/strongswan to 5.4.0garga2016-03-243-9/+6
| | | | | | | PR: 208219 Approved by: swan@nanoteq.com (maintainer) Obtained from: pfSense Sponsored by: Rubicon Communications (Netgate)
* Update to 4.6.3.mat2016-03-233-4/+4
| | | | | | PR: 208211 Submitted by: tkato432 yahoo com Sponsored by: Absolight
* - Update libsodium to 1.0.8vsevolod2016-03-2315-9/+18
| | | | | | | - Bump revisions of all dependant ports PR: 206482 Submitted by: lev, w.schwarzenfeld@aon.at
* security/py-flask-httpauth: update to 3.1.0rm2016-03-232-3/+3
|
* - update to 7.11ohauer2016-03-232-3/+3
| | | | | | | | | | | Changes: o [NSE][GH#341] Added support for diffie-hellman-group-exchange-* SSH key exchange methods to ssh2.lua, allowing ssh-hostkey to run on servers that only support custom Diffie-Hellman groups. [Sergey Khegay] o [NSE] Added support in sslcert.lua for Microsoft SQL Server's TDS protocol, so you can now grab certs with ssl-cert or check ciphers with ssl-enum-ciphers. [Daniel Miller]
* Fix build on FreeBSD 9 which doesn't have a zlib pkgconfig file.tijl2016-03-221-0/+12
|
* Make it buildable with GDBM on.ume2016-03-222-0/+2
| | | | | PR: 208194 Reported by: vas__at__mpeks.tomsk.su
* - Add LICENSE_FILEamdmi32016-03-221-3/+7
| | | | | - Add NO_ARCH - Switch to options helpers
* Fix build on arm6.mat2016-03-212-0/+11
| | | | | | PR: 201248 Submitted by: mikael urankar gmail com Sponsored by: Absolight
* - Take maintainer.tijl2016-03-211-2/+3
| | | | | | | - Fix a build problem with upcoming libc++. PR: 207768, 208175 Approved by: bdrewery (maintainer)
* Update to 0.23antoine2016-03-212-5/+5
|
* Update to 2.2.0lme2016-03-212-4/+3
|
* Drop bogus libgnome-keyring dependencyrm2016-03-211-2/+2
| | | | | | | | | | And add dependency upon libsecret where needed. Bump PORTREVISION because of dependency change. For x11/gdm also drop KEYRING option and corresponding logic bits - this functionality is now available unconditionally. Differential Revision: D5690 Reviewed by: kwm, mat
* Fix version range for pcre2 vulnerabilityfeld2016-03-211-1/+2
| | | | | PR: 208167 Security: CVE-2016-3191
* Document pcre vulnerabilityfeld2016-03-211-0/+32
| | | | | PR: 208167 Security: CVE-2016-3191
* - Add LICENSE_FILEsunpoet2016-03-211-0/+2
| | | | | | - Add NO_ARCH Approved by: portmgr (blanket)
* - Update to 3.1.0sunpoet2016-03-212-3/+3
| | | | Changes: https://github.com/net-ssh/net-ssh/blob/master/CHANGES.txt
* Update to upstream version 0.9.4riggs2016-03-202-4/+3
| | | | | PR: 207886 Submitted by: theis@gmx.at (maintainer)
* Install net/libnet headers and libraries back in the location where othertijl2016-03-2017-244/+45
| | | | | | | | | ports expect it. The files were put in a different location to avoid a conflict with net/libnet10 but this port has been removed a while ago now. PR: 208122 Exp-run by: antoine Approved by: portmgr (antoine)
* Remove expired ports:rene2016-03-204-32/+0
| | | | | | 2016-03-15 www/eaccelerator: cannot be installed: doesn't work with lang/php56 port (doesn't support PHP 5.5 5.6 70) 2016-03-15 devel/pecl-inclued: cannot be installed: doesn't work with lang/php56 port (doesn't support PHP 5.5 5.6 70) 2016-03-15 security/pecl-taint: cannot be installed: doesn't work with lang/php56 port (doesn't support PHP 5.5 5.6 70)
* - Switch to options helpersamdmi32016-03-201-0/+2
|
* Update to 1.7.3.vanilla2016-03-192-3/+3
|
* Update to 1.7.3.vanilla2016-03-192-3/+3
|
* security/sshguard: Add patch to prevent log flooding with error messagesfeld2016-03-192-1/+37
| | | | PR: 208133
* - Add NO_ARCHamdmi32016-03-191-2/+7
| | | | - Switch to options helpers
* Document kamailio SEAS Module Heap overflow vulnerabilityjunovitch2016-03-191-0/+28
| | | | | Security: CVE-2016-2385 Security: https://vuxml.FreeBSD.org/freebsd/c428de09-ed69-11e5-92ce-002590263bf5.html
* Document hadoop2 unauthorized disclosure of data vulnerabilityjunovitch2016-03-191-0/+28
| | | | | Security: CVE-2015-1776 Security: https://vuxml.FreeBSD.org/freebsd/5dd39f26-ed68-11e5-92ce-002590263bf5.html
* - Update security/clusterssh to 4.05ehaupt2016-03-193-17/+42
| | | | | | | - Provide an option to install bash-completion file PR: 208118 Approved by: lx (maintainer)
* Remove sourceforge and use correct MASTER_SITES since clamav announced thisgarga2016-03-181-1/+1
| | | | | | is the last version available there Pointed out by: pi
* Update security/clamav to 0.99.1garga2016-03-182-4/+3
|
* - Update security/sudo to 1.8.16 [1]garga2016-03-183-5/+6
| | | | | | | | - Pet portlint using (pre|post)[un]exec items in plist PR: 208111 [1] Submitted by: cy [1] Sponsored by: Rubicon Communications (Netgate)
* Update git packages and versions affected by CVE-2016-2324garga2016-03-181-2/+26
| | | | | MFH: 2016Q1 Sponsored by: Rubicon Communications (Netgate)
* - Add NO_ARCHamdmi32016-03-181-8/+9
| | | | - Switch to options helpers
* - Add LICENSEamdmi32016-03-181-2/+5
| | | | - Switch to options helpers
* - upate to version 7.10ohauer2016-03-188-19/+30
| | | | | | | | | | | | | | - remove support for custom IPv4 only kernel [1] Short summary: - 12 new NSE scripts - hundreds of new OS/version fingerprints - dozens if smaller improvements and bug fixes Full Changelog: https://nmap.org/changelog.html [1] nmap does no longer build agains custom kernel without IPv6!
* Add security/greenbone-security-assistant, a web interface for OpenVAS.tijl2016-03-188-0/+287
| | | | | | (This should have been part of r411278.) Reported by: antoine
* security/openxpki-i18n: Update to 1.5.0feld2016-03-182-3/+3
| | | | PR: 207844
* security/p5-openxpki: Update to 1.5.0feld2016-03-182-3/+3
| | | | PR: 207845
* Update to 2.1.0. [1]mat2016-03-183-18/+9
| | | | | | | | While there, use options helpers. PR: 208089 [1] Submitted by: maintainer Sponsored by: Absolight
* Update to 1.7.2.vanilla2016-03-173-3/+5
|
* Update to 1.7.2.vanilla2016-03-173-3/+7
|
* Mark Nessus ports deprecated. Nessus became proprietary closed-sourcetijl2016-03-174-0/+12
| | | | | | | | software many years ago and the ports are now outdated. A good alternative is OpenVAS which started as a fork of the open-source Nessus. PR: 208023 Approved by: Udo.Schweigert@siemens.com (maintainer)
* Update OpenVAS ports from version 2 to version 8. All components havetijl2016-03-1779-12114/+1357
| | | | | | | been renamed and rearranged. The graphical user interface provided by security/openvas-client has been discontinued. Instead there is now a web interface provided by security/greenbone-security-assistant and a command-line interface provided by security/openvas-client.
* security/gpgme: put header back in normal location.tijl2016-03-174-8/+5
| | | | | | | This used to cause a conflict with security/gpgme03 but this port has been removed many years ago now. Approved by: jhale (maintainer)
* Document possible code execution and integer overflow issue in gitjunovitch2016-03-171-0/+56
| | | | | | | | | | PR: 208074 Reported by: Sevan Janiyan <venture37@geeklan.co.uk> (via PR) Reported by: Tony Tung <tonytung@merly.org> (via email) Security: CVE-2016-2315 Security: CVE-2016-2324 Security: https://vuxml.FreeBSD.org/freebsd/93ee802e-ebde-11e5-92ce-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/d2a84feb-ebe0-11e5-92ce-002590263bf5.html
* - Add LICENSEamdmi32016-03-172-1/+7
| | | | | | - Add NO_ARCH - Switch to options helpers - Fix WWW:
* - Add LICENSEamdmi32016-03-172-19/+13
| | | | - Switch to options helpers
* - Add LICENSEamdmi32016-03-163-17/+20
| | | | | - Switch to options helpers - Cleanup pkg-descr
* update security/lastpass-cli to 0.9.0cmt2016-03-162-3/+3
| | | | | | PR: 207891 Approved by: rene (mentor) Approved by: tom@hur.st (Maintainer)
* Update to 4.6.2.mat2016-03-156-9/+9
| | | | | | PR: 207991 Submitted by: tkato432 yahoo com Sponsored by: Absolight
* - Update to 2.07bwen2016-03-152-3/+3
| | | | | PR: 207830 Submitted by: t@tobik.me(maintainer)
* - bump PORTREVISION on ports depending on unboundohauer2016-03-152-2/+2
| | | | | PR: 207948 Submitted by: jaap@NLnetLabs.nl (maintainer)
* Cisco-torch is a mass Cisco Vulnerability Scanner.feld2016-03-158-0/+172
| | | | | | | | | | | | | | | The main feature that makes Cisco-torch different from similar tools is the extensive use of forking to launch multiple scanning processes on the background for maximum scanning efficiency. Also, it uses several methods of application layer fingerprinting simultaneously, if needed. We wanted something fast to discover remote Cisco hosts running Telnet, SSH, Web, NTP and SNMP services and launch dictionary attacks against the services discovered. WWW: http://www.hackingciscoexposed.com/?link=tools PR: 207221 Submitted by: Rihaz Jerrin <rihaz.jerrin@gmail.com>
* Document node vulnerabilitiesfeld2016-03-151-0/+34
| | | | | | | PR: 207832 Security: CVE-2016-0702 Security: CVE-2016-0705 Security: CVE-2016-0797
* security/dropbear: Update to 2016.72feld2016-03-142-3/+3
| | | | | | PR: 207903 MFH: 2016Q1 Security: CVE-2016-3116
* Document dropbear security vulnerabilityfeld2016-03-141-0/+27
| | | | | PR: 207903 Security: CVE-2016-3116
* Document assigned CVE for recent ssh vulnerabilityfeld2016-03-141-0/+2
| | | | Security: CVE-2016-3115
* Document one more graphite2 vulnerabilityjbeich2016-03-141-0/+9
|
* - Switch to options helpersamdmi32016-03-144-12/+14
| | | | | | - Cosmetic fixes - Regenerate patches with `make makepatch` - Fix WWW:
* - Add LICENSEamdmi32016-03-142-4/+8
| | | | | - Switch to options helpers - Cleanup pkg-descr
* security/py-flask-httpauth: update to 3.0.2rm2016-03-142-3/+3
|
* These ports do not build with PHP 7.0, make them as such.mat2016-03-142-0/+3
| | | | | | Also, mark those who try to use mysql, which does not exist in PHP 7.0. Sponsored by: Absolight
* Fix copy/paste error from previous commitriggs2016-03-141-1/+0
|
* Document XSS vulnerability in graphics/jpgraph2 before 3.0.7_1riggs2016-03-141-0/+32
| | | | | PR: 207001 Security: CVE-2009-4422
* Document issues in recent PHP security releasejunovitch2016-03-131-0/+78
| | | | | Security: https://vuxml.FreeBSD.org/freebsd/e991ef79-e920-11e5-92ce-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/5af511e5-e928-11e5-92ce-002590263bf5.html
* Expand February PHP entry with extra CVE and all security bugs on changelogjunovitch2016-03-131-5/+32
| | | | | Security: CVE-2016-2554 Security: https://vuxml.FreeBSD.org/freebsd/85eb4e46-cf16-11e5-840f-485d605f4717.html
* Update to 5.7.rakuco2016-03-132-3/+3
| | | | | | | Changes: Argon2 library update and some minor changes. PR: 207944 Submitted by: Sergey Matveev <stargrave@stargrave.org> (maintainer)
* Update to 0.502.rakuco2016-03-132-3/+3
| | | | | | | | | | | See https://github.com/ctrlo/Dancer2-Plugin-Auth-Extensible-Provider-DBIC/blob/master/Changes 0.502 Sun Mar 6 17:00:00 2016 GMT * Allow disable_roles to be used PR: 207770 Submitted by: Henk van Oers <hvo.pm@xs4all.nl> (maintainer)
* Update to 8.4.1.rakuco2016-03-132-3/+3
| | | | | | | | | | | | | | | | From CHANGES (there was no entry for 8.4.1): --- 8.4 --- * Pull Request #209: Better error message when no backend is available (indicating keyrings.alt as a quick workaround). * Pull Request #208: Fix pywin32-ctypes package name in requirements. PR: 207870 Submitted by: douglas@douglasthrift.net (maintainer)
* Update to 1.1.1.rakuco2016-03-132-3/+3
| | | | | | | | | | | From CHANGES.rst: 1.1.1 ===== Test cleanup. PR: 207871 Submitted by: douglas@douglasthrift.net (maintainer)
* - Fix license. COPYING explicitly states that APACHE20 does not apply, the ↵amdmi32016-03-134-11/+15
| | | | | | | | | | | | license is actually commercial: Commercial software. Please write info@synergetics.be for licensing terms. LICENSE-2.0.txt does not apply. It is only provided for information, e.g. on some related software packages. - Switch to options helpers - Regenerate patches with `make makepatch`
* - Switch to options helpersamdmi32016-03-132-25/+27
| | | | | - Silence patching and stripping - Regenerate patches with `make makepatch`
* Sort security/Makefile.olgeni2016-03-131-1/+1
|
* - Clarify LICENSEamdmi32016-03-124-14/+16
| | | | | | - Don't install unneeded docs - Switch to options helpers - Regenerate patches with `make makepatch`
* Update to 2.32.rakuco2016-03-122-3/+3
| | | | | | | Changes: http://keepass.info/news/n160309_2.32.html PR: 207861 Submitted by: Ben Woods <woodsb02@gmail.com> (maintainer)
* the GS2 plugin can be buildable with the MIT Kerberos as well.ume2016-03-121-4/+7
|
* - Update to 1.9.0sunpoet2016-03-122-3/+3
| | | | Changes: https://github.com/capistrano/sshkit/blob/master/CHANGELOG.md
* - Update to 2.1.1sunpoet2016-03-122-3/+4
| | | | | | - Add NO_ARCH Changes: https://github.com/pbhogan/scrypt/blob/master/CHANGELOG.md
* Document OpenSSH 7.2p2 fix for X11Forwarding command injectionbdrewery2016-03-121-0/+41
|
* - Update to 7.2p2 which fixes X11Forwarding command injection vulnerability.bdrewery2016-03-122-3/+3
| | | | | Changelog: http://www.openssh.com/txt/release-7.2p2 Advisory: http://www.openssh.com/txt/x11fwd.adv
* Document net/quagga vulnerabilityfeld2016-03-111-0/+28
| | | | Security: CVE-2016-2342
* net-im/ricochet: Document vulnerabilityfeld2016-03-111-0/+28
| | | | PR: 207536
* Update to 16.0.0.rakuco2016-03-112-8/+9
| | | | | | | PR: 207789 Submitted by: jochen@jochen-neumeister.de (first version), Axel.Rau@Chaos1.DE (later version) Approved by: Axel.Rau@Chaos1.DE (maintainer)
* security/pidgin-otr: Update to 4.0.2feld2016-03-103-3/+4
| | | | | | | | | | | | | | Changes: - Fix use-after-free issue during SMP - Updated Spanish, German, Norwegian Bokmål translations - New Danish translation - The Windows binary has been linked with updated versions of libotr, libgcrypt, libgpg-error, and other supporting libraries MFH: 2016Q1 Security: CVE-2015-8833 Security: http://www.vuxml.org/freebsd/77e0b631-e6cf-11e5-85be-14dae9d210b8.html
* Document security/pidgin-otr vulnerabilityfeld2016-03-101-0/+31
| | | | Security: CVE-2015-8833
* - Update to 2.55jadawin2016-03-102-3/+5
|
* security/nss: refresh patch with version approved upstreamjbeich2016-03-101-4/+9
|
* Update libotr vulnerability informationfeld2016-03-101-1/+6
| | | | | | | | | Correct description is "integer overflow" libotr3 has also been added as vulnerable. It appears vulnerable as it also has datalen defined as unsigned int and identical functions. Security: http://www.vuxml.org/freebsd/c2b1652c-e647-11e5-85be-14dae9d210b8.html
* Document security/libotr vulnerabilityfeld2016-03-101-0/+27
| | | | | | It is not clear at this time if security/libotr3 is also affected. Security: CVE-2016-2851
* security/libotr: Update to 4.1.1feld2016-03-103-7/+6
| | | | | | | | | | | | | | | Changes: * Fix an integer overflow bug that can cause a heap buffer overflow (and from there remote code execution) on 64-bit platforms * Fix possible free() of an uninitialized pointer * Be stricter about parsing v3 fragments * Add a testsuite ("make check" to run it), but only on Linux for now, since it uses Linux-specific features such as epoll * Fix a memory leak when reading a malformed instance tag file * Protocol documentation clarifications MFH: 2016Q1 Security: CVE-2016-2851
* - Add LICENSE_FILEamdmi32016-03-102-5/+7
| | | | | | | | | | - Add NO_ARCH - Don't install LICENSE with PORTDOCS - Install bash completion where it belongs PR: 207817 Submitted by: amdmi3 Approved by: lme (maintainer)
* Sleuthkit 4.2.0 switched from 100 nano seconds precision to 1 nano secondantoine2016-03-102-0/+30
| | | | | | precision for *time_nano fields. Adjust py-dfvfs for this. See: https://github.com/log2timeline/dfvfs/issues/116
* Update to 1.7.1.vanilla2016-03-092-3/+3
|
* Update to 1.7.1.vanilla2016-03-092-3/+3
|
* Adjust brotli vulnerability after MFH in r410670jbeich2016-03-091-1/+2
|
* Adjust brotli vulnerability after r410664jbeich2016-03-091-1/+5
|
* security/pam_google_authenticator: fix space/tab in Makefilepi2016-03-091-5/+5
| | | | PR: 207229
* security/pam_google_authenticator: fix .so locationpi2016-03-092-1/+6
| | | | | | | | - move .so location back to where it was PR: 207229 Submitted by: Ralf van der Enden <tremere@cainites.net> Approved by: just-fix-it
* Move brotli to its own entryjbeich2016-03-091-6/+66
|
* Document recent Firefox vulnerabilitiesjbeich2016-03-091-5/+293
|
* - Add LICENSE_FILEsunpoet2016-03-091-1/+1
|
* - Update to 3.1.11sunpoet2016-03-092-3/+3
| | | | Changes: https://github.com/codahale/bcrypt-ruby/blob/master/CHANGELOG
* - Update to 1.203sunpoet2016-03-092-3/+3
| | | | Changes: http://search.cpan.org/dist/Digest-Bcrypt/CHANGES
* security/sshguard: Update to 1.6.3feld2016-03-094-28/+5
| | | | | | | Changelog: https://sourceforge.net/p/sshguard/mailman/message/34733464/ PR: 207511 Submitted by: <dcarmich@dcarmichael.net>
* Always set the DEFAULT github DISTFILE with .tar.gz for EXTRACT_SUFX.mat2016-03-081-2/+2
| | | | | | | | | | | | Fix distinfo for the offending ports. lang/yorick's tag was moved, and the added patch was no longer needed. PR: 207644 Submitted by: mat Exp-run by by: antoine Sponsored by: Absolight Differential Revision: https://reviews.freebsd.org/D4268
* Update 1.13.3 --> 1.13.4cy2016-03-083-14/+3
|
* Document Django multiple vulnerabilitiesjunovitch2016-03-081-0/+58
| | | | | | Security: CVE-2016-2512 Security: CVE-2016-2513 Security: https://vuxml.FreeBSD.org/freebsd/f9e6c0d1-e4cc-11e5-b2bd-002590263bf5.html
* Wrap long lines. No content change.junovitch2016-03-081-1/+4
|
* Document Wordpress multiple vulnerabilitiesjunovitch2016-03-081-1/+44
| | | | | | | | While here, fix URL reference in last Wordpress entry Security: CVE-2016-2221 Security: CVE-2016-2222 Security: https://vuxml.FreeBSD.org/freebsd/fef03980-e4c6-11e5-b2bd-002590263bf5.html
* Update to 0.22antoine2016-03-082-4/+6
|
* - Fix LICENSEsunpoet2016-03-081-1/+3
| | | | - Add LICENSE_FILE
* - Update to 2.0.1sunpoet2016-03-082-3/+3
| | | | Changes: https://github.com/google/oauth2client/blob/master/CHANGELOG.md
* - Switch regripper to USE_GITHUBantoine2016-03-087-44/+17
| | | | | - Update regripper to a recent snapshot (2.8.20160225) - Merge regripperplugins into regripper
* Security upgrade to new upstream release 0.67.mandree2016-03-082-5/+5
| | | | | | | | | | | Unix-relevant changes: * Security fix: a buffer overrun in the old-style SCP protocol when receiving the header of each file downloaded from the server is fixed. (CVE-2016-2563) * Assorted other robustness fixes for crashes and memory leaks. MFH: 2016Q1 Security: 7f0fbb30-e462-11e5-a3f3-080027ef73ec Security: CVE-2016-2563
generated by cgit (git 2.34.1) at 2024-11-08 00:34:06 +0800