Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
"An unauthenticated user may cause execution of arbitrary code in
kadmind, which can compromise the Kerberos key database and host
security. (kadmind usually runs as root.) Unsuccessful exploitation,
or even accidental replication of the required conditions by
non-malicious users, can result in kadmind crashing."
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143
Patch from MIT.
|
|
|
|
|
|
This package embeds secure hashes (SHA1) and digital signatures (GNU
Privacy Guard) into files for verification and authentication.
Currently, target file types are all ELF format: executables, kernel
modules, shared and static link libraries. This program has
functionality similar to tripwire and integrit without the need to
maintain a database.
|
|
|
|
2007-01-16 David A. Wheeler <dwheeler, at, dwheeler.com>
* Release version 1.27
2007-01-16 Sebastien Tandel <sebastien, at, tandel (doht) be)
* Cleaned up code for patch handling, fix bug in subdir handling,
include patch info in help.
2007-01-15 Steve Kemp <steve at shellcode dot org>
* Fix Debian bug 268236.
This complains that flawfinder crashes when presented with a
file it cannot read. The patch obviously can't prevent
the problem, since the tool can't review what it can't read,
but at least it halts with a cleaner error message.
2007-01-15 cmorgan <cmorgan47, at earthlink dooot net>
* Fixed Debian bug 271287 (flawfinder).
Fixed skipping newlines when line ended with \,
which caused incorrect line number reporting.
Skip multiple whitespace at one time.
2007-01-15 David A. Wheeler <dwheeler, at, dwheeler.com>
* Modified Sebastien Tandel's code so that it also supports GNU diff
(his code worked only for svn diff)
* When using a patchfile, skip analysis of any file not
listed in the patchfile.
2007-01-15 Sebastien Tandel <sebastien, at, tandel (doht) be)
* Add support for using "svn diff" created patch files, based
on the approach described by David A. Wheeler on how it
could be done.
2007-01-15 David A. Wheeler <dwheeler, at, dwheeler.com>
* By default, now skips directories beginning with "."
(this makes it work nicely with many SCM systems).
Added "--followdotdir" option if you WANT it to enter
such directories.
* Fixed divide-by-zero when no code found (not exactly common
in normal use, but anyway!)
|
|
phpmyadmin-2.9.2.
|
|
XXX: further bl3.mk files might need to be included, but
the current state suffices for the one dependency I know of.
|
|
"Makefile.in". Hint provided by Matthias Andree in private e-mail.
|
|
|
|
|
|
|
|
bump PKGREVISION
|
|
|
|
overloaded from time to time.. (e.g., now).
|
|
Recent changes include:
2006-10-31 15:14 Christos Zoulas <christos@zoulas.com>
* Check offset before copying (Mike Frysinger)
* merge duplicated code
* add quad date support
* make sure that we nul terminate desc (Ryoji Kanai)
* don't process elf notes multiple times
* allow -z to report empty compressed files
* use calloc to initialize the ascii buffers (Jos van den Oever)
2006-06-08 11:11 Christos Zoulas <christos@zoulas.com>
* QNX fixes (Mike Gorchak)
* Add quad support.
* FIFO checks (Dr. Werner Fink)
* Linux ELF fixes (Dr. Werner Fink)
* Magic format checks (Dr. Werner Fink)
* Magic format function improvent (Karl Chen)
2006-05-03 11:11 Christos Zoulas <christos@zoulas.com>
* Pick up some elf changes and some constant fixes from SUSE
* Identify gnu tar vs. posix tar
* When keep going, don't print spurious newlines (Radek Vokál)
2006-04-01 12:02 Christos Zoulas <christos@zoulas.com>
* Use calloc instead of malloc (Mike Frysinger)
* Fix configure script to detect wctypes.h (Mike Frysinger)
|
|
|
|
this fixes possible overflows in the extensions dbe and render.
|
|
approved by joerg
|
|
|
|
|
|
bump PKGREVISION
|
|
|
|
|
|
|
|
|
|
The list of changes since version 6.2.5.5 is too large to mention here.
The new version provides a fix for the vulnerability reported in the
fetchmail-SA-2006-02.txt advisory.
|
|
|
|
PR/32905, and PR/33583 and also
https://bugzilla.mozilla.org/show_bug.cgi?id=77788
|
|
Addresses PR/35387.
|
|
-Wall to different arguments.
|
|
some cases.
XXX: There should be more support in the infrastructure for this case.
|
|
|
|
Changes:
- AUCTeX and preview-latex have been changed in order to accommodate
file names containing spaces. preview-latex now tolerates bad
PostScript code polluting the stack (like some Omega fonts).
- Support for folding of comments was added.
- The `polish' language option of the babel LaTeX package as well as the
`polski' LaTeX package are now supported. Most notably this means
that AUCTeX will help to insert quotation marks as defined by
polish.sty ("`..."') and polski.sty (,,...'').
- There has been quite a number of bug fixes to various features and
documentation across the board, most critical probably the tool bar.
|
|
|
|
|
|
|
|
It's disabled by default, to avoid too much dependancies
|
|
http://www.kde.org/info/security/advisory-20070115-1.txt.
Bump PKGREVISION.
|
|
http://www.kde.org/info/security/advisory-20070115-1.txt.
Bump PKGREVISION.
|
|
clear that these variables are completely unrelated to
BUILDLINK_TRANSFORM.
Added a legacy check that catches appearances of BUILDLINK_TRANSFORM.*.
XXX: Where should incompatible changes in pkgsrc be documented?
|
|
|
|
the name short enough to be more portable). As near as I can tell,
no other pkgs actually care about what this username is.
|
|
meant to be used. Partially addresses PR/35433.
|
|
program tries to install a kernel driver allowing unrestricted access to
all hardware ports. Unprivileged users cannot do that anyway.
XXX: Should we disallow the installation on Solaris at all because of this?
|
|
sylpheed-claws-2.7.1 [now claws-mail], xfce4-4.2.4.
|
|
This gets this right for thunderbird and doesn't change seamonkey.
|
|
and PR/33583. See also https://bugzilla.mozilla.org/show_bug.cgi?id=77788
for a discussion of this.
|
|
systems (eg solaris) need that. Addresses PR/34127
|