| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
security fix for ethereal
Revisions pulled up:
- pkgsrc/net/ethereal/Makefile 1.121
- pkgsrc/net/ethereal/distinfo 1.46
- pkgsrc/net/ethereal/patches/patch-ac 1.5
Modified Files:
pkgsrc/net/ethereal: Makefile distinfo
Added Files:
pkgsrc/net/ethereal/patches: patch-ac
Log Message:
Security fix for CVE-2005-3651:
"Remote exploitation of an input validation vulnerability in the OSPF
protocol dissectors within Ethereal, as included in various vendors
operating system distributions, could allow attackers to crash the
vulnerable process or potentially execute arbitrary code."
http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities
Patch from the Ethereal SVN repository.
|
|
security update of net/openvpn
Revisions pulled up:
- pkgsrc/net/openvpn/Makefile 1.11
- pkgsrc/net/openvpn/distinfo 1.6
- pkgsrc/net/openvpn/files/openvpn.sh 1.3
Module Name: pkgsrc
Committed By: salo
Date: Thu Nov 3 14:31:19 UTC 2005
Modified Files:
pkgsrc/net/openvpn: Makefile distinfo
pkgsrc/net/openvpn/files: openvpn.sh
Log Message:
Security update to version 2.0.5.
Changes:
2.0.5:
======
- Fixed bug in Linux get_default_gateway function
introduced in 2.0.4, which would cause redirect-gateway
on Linux clients to fail.
- Restored easy-rsa/2.0 tree (backported from 2.1 beta
series) which accidentally disappeared in
2.0.2 -> 2.0.4 transition.
2.0.4:
======
- Security fix -- Affects non-Windows OpenVPN clients of
version 2.0 or higher which connect to a malicious or
compromised server. A format string vulnerability
in the foreign_option function in options.c could
potentially allow a malicious or compromised server
to execute arbitrary code on the client. Only
non-Windows clients are affected. The vulnerability
only exists if (a) the client's TLS negotiation with
the server succeeds, (b) the server is malicious or
has been compromised such that it is configured to
push a maliciously crafted options string to the client,
and (c) the client indicates its willingness to accept
pushed options from the server by having "pull" or
"client" in its configuration file (Credit: Vade79).
CVE-2005-3393
- Security fix -- Potential DoS vulnerability on the
server in TCP mode. If the TCP server accept() call
returns an error status, the resulting exception handler
may attempt to indirect through a NULL pointer, causing
a segfault. Affects all OpenVPN 2.0 versions.
CVE-2005-3409
- Fix attempt of assertion at multi.c:1586 (note that
this precise line number will vary across different
versions of OpenVPN).
- Added ".PHONY: plugin" to Makefile.am to work around
"make dist" issue.
- Fixed double fork issue that occurs when --management-hold
is used.
- Moved TUN/TAP read/write log messages from --verb 8 to 6.
- Warn when multiple clients having the same common name or
username usurp each other when --duplicate-cn is not used.
- Modified Windows and Linux versions of get_default_gateway
to return the route with the smallest metric
if multiple 0.0.0.0/0.0.0.0 entries are present.
2.0.3:
======
- openvpn_plugin_abort_v1 function wasn't being properly
registered on Windows.
- Fixed a bug where --mode server --proto tcp-server --cipher none
operation could cause tunnel packet truncation.
|
|
security fix for openvmps
Revisions pulled up:
- pkgsrc/net/openvmps/Makefile 1.2
- pkgsrc/net/openvmps/distinfo 1.2
- pkgsrc/net/openvmps/patches/patch-ad 1.1
Module Name: pkgsrc
Committed By: bouyer
Date: Thu Nov 3 20:06:41 UTC 2005
Modified Files:
pkgsrc/net/openvmps: Makefile distinfo
Added Files:
pkgsrc/net/openvmps/patches: patch-ad
Log Message:
Add patch to fix a format string vulnerability in vmps_log():
http://www.security.nnov.ru/Jdocument889.html
Patch from me, reviewed by Adrian Portelli
Bump pkgrevision.
|
|
security fix for ethereal
Revisions pulled up:
- pkgsrc/net/ethereal/Makefile 1.117, 1.118
- pkgsrc/net/ethereal/distinfo 1.44, 1.45
- pkgsrc/net/ethereal/patches/patch-ab 1.7
Module Name: pkgsrc
Committed By: salo
Date: Tue Oct 25 11:32:04 UTC 2005
Modified Files:
pkgsrc/net/ethereal: Makefile distinfo
Log Message:
Use tar.bz2 archive again, it's 2MB smaller.
---
Module Name: pkgsrc
Committed By: frueauf
Date: Tue Nov 1 20:09:50 UTC 2005
Modified Files:
pkgsrc/net/ethereal: Makefile
Added Files:
pkgsrc/net/ethereal/patches: patch-ab
Log Message:
Add patch for security issue published at http://secunia.com/product/1228/
taken from
http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/net-analyzer/ethereal/files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff?hideattic=1
Also bump version to 0.10.13nb1.
---
Module Name: pkgsrc
Committed By: frueauf
Date: Tue Nov 1 20:28:56 UTC 2005
Modified Files:
pkgsrc/net/ethereal: distinfo
Log Message:
Update for new patch-ab.
|
|
security update for skype
Revisions pulled up:
- pkgsrc/net/skype/Makefile 1.10
- pkgsrc/net/skype/distinfo 1.7
Module Name: pkgsrc
Committed By: abs
Date: Wed Nov 2 20:11:47 UTC 2005
Modified Files:
pkgsrc/net/skype: Makefile distinfo
Log Message:
Update net/skype to 1.2.0.18 (from 1.2.0.11)
25.10.2005 Skype for Linux version 1.2.0.18
* bugfix: fixed a bug in networking code that made Skype
vulnerable to remotely induced crash (Skype Security Bulletin
SKYPE-SB/2005-003)
22.09.2005 Skype for Linux version 1.2.0.17
* change: New multilingual EULA in Help.Licence
* change: Call quality improvements
* change: "Find in chat" engine rewritten
* change: Refreshing icons on start tab
* change: Cleaned up RPM packaging
* bugfix: Menu items not disabled when going offline
* bugfix: Crash when a new message was received
* bugfix: Crash when password changed
* bugfix: Crash when chat search string contained "+331234567"
* bugfix: Crash when chat search string contained emoticon
* bugfix: Auth requests from previous user being shown
* bugfix: Crash while history was loading
* bugfix: Find crash when searching for empty text
* bugfix: Auth request remaining on event panel after authorization
Only minimally startup tested as there is a font issue (seen in both old
and new versions) on my NetBSD-3 xorg system...
|
|
usability fix for net/smokeping
Revisions pulled up:
- pkgsrc/net/smokeping/MESSAGE 1.2
- pkgsrc/net/smokeping/Makefile 1.14
- pkgsrc/net/smokeping/PLIST 1.6
- pkgsrc/net/smokeping/distinfo 1.7
- pkgsrc/net/smokeping/files/smokeping.sh 1.3
- pkgsrc/net/smokeping/patches/patch-aa 1.5
- pkgsrc/net/smokeping/patches/patch-ab 1.5
- pkgsrc/net/smokeping/patches/patch-ac 1.5
- pkgsrc/net/smokeping/patches/patch-ad 1.1
Module Name: pkgsrc
Committed By: adrianp
Date: Fri Oct 28 21:43:18 UTC 2005
Modified Files:
pkgsrc/net/smokeping: MESSAGE Makefile PLIST distinfo
pkgsrc/net/smokeping/files: smokeping.sh
pkgsrc/net/smokeping/patches: patch-aa patch-ab patch-ac
Added Files:
pkgsrc/net/smokeping/patches: patch-ad
Log Message:
Upgrade from smokeping 1.3.x to 2.0.4
Ok'ed bouyer@
Lots of changes but in brief:
new probe programming interface
allow target-specific vars get defaults from Probes section
config file examples and smokeping_examples document
documentation updates and reorganizing
new commandline options '--config=X' and '--check'
Perl 5.8.0 compatibility fix
RRDtool 1.2.x compatibility fix ("unknown RRD version: 0003" on restart)
See this URL for all the details:
http://people.ee.ethz.ch/~oetiker/webtools/smokeping/pub/CHANGES
|
|
security update for gopher
Revisions pulled up:
- pkgsrc/net/gopher/Makefile 1.12
- pkgsrc/net/gopher/distinfo 1.6
Module Name: pkgsrc
Committed By: adrianp
Date: Sun Oct 30 16:54:03 UTC 2005
Modified Files:
pkgsrc/net/gopher: Makefile distinfo
Log Message:
Update gopher to 3.0.11
* [security] Fix for client buffer overflows [CAN-2005-2772].
|
|
security update for ethereal
Revisions pulled up:
- pkgsrc/net/ethereal/Makefile 1.116
- pkgsrc/net/ethereal/PLIST 1.23
- pkgsrc/net/ethereal/distinfo 1.43
- pkgsrc/net/ethereal/patches/patch-ab removed
- pkgsrc/net/ethereal/patches/patch-ac removed
Module Name: pkgsrc
Committed By: drochner
Date: Thu Oct 20 17:19:19 UTC 2005
Modified Files:
pkgsrc/net/ethereal: Makefile PLIST distinfo
Removed Files:
pkgsrc/net/ethereal/patches: patch-ab patch-ac
Log Message:
update to ethereal-0.10.13
This fixes a number of memory leaks, crashes and buffer overflows
in protocol dissectors, see
http://www.ethereal.com/appnotes/enpa-sa-00021.html
for details.
other changes:
-nanosecond timestamp resolution possible
-memory managment has been greatly improved
-can now save gzip-compressed capture files
|
|
sync net/snort with HEAD, including a security update
Revisions pulled up:
- pkgsrc/net/snort/Makefile.common 1.26, 1.27
- pkgsrc/net/snort/distinfo 1.31, 1.32
Module Name: pkgsrc
Committed By: adrianp
Date: Tue Oct 11 20:53:22 UTC 2005
Modified Files:
pkgsrc/net/snort: Makefile.common distinfo
Log Message:
Update to 2.4.2
- don't try to actually open the log file when in test mode
- Fixes to address schema being a keyword in MySQL 5.0
---
Module Name: pkgsrc
Committed By: adrianp
Date: Tue Oct 18 15:15:04 UTC 2005
Modified Files:
pkgsrc/net/snort: Makefile.common distinfo
Log Message:
Update to snort 2.4.3
- Fixed potential buffer overflow in BackOrifice preprocessor and
added an alert on attempt to overflow buffer in snort. Thanks
Andy Mullican for the fix.
|
|
security update for wget
Revisions pulled up:
- pkgsrc/net/wget/Makefile 1.85
- pkgsrc/net/wget/distinfo 1.28
Module Name: pkgsrc
Committed By: adam
Date: Fri Oct 14 10:12:12 UTC 2005
Modified Files:
pkgsrc/net/wget: Makefile distinfo
Log Message:
Changes 1.10.2:
* Buffer overrun fixed in NTLM code
|
|
would have hit an internal assertion later. The patch is a merge from
the unstable tree as suggested by the author.
Bump revision to 1.
|
|
|
|
|
|
only if needed
|
|
|
|
Bump to nb2
|
|
Bump to nb1
|
|
From the ChangeLog:
> 2005-09-16 - Snort 2.4.1 Released
> [*] New additions
> * Added a -K command line option to manually select the logging mode using
> a single switch. The -b and -N switches will be deprecated in version
> 2.7. Pcap logging is now the default for Snort at startup, use "-K ascii"
> to revert to old behavior.
>
> [*] Improvements
> * Win32 version now supports winpcap 3.1 and MySQL client 4.13.
> * Added event on zero-length RPC fragments.
> * Fixed TCP SACK processing for text based outputs that could result in a
> DoS.
> * General improvements to frag3 including Teardrop detection fix.
> * Fixed a bug in the PPPoE decoder.
> * Added patch for time stats from Bill Parker. Enable with configure
> --enable-timestats.
> * Fixed IDS mode bailing at startup if logdir is specified in snort.conf
> and /var/log/snort doesn't exist.
> * Added decoder for IPEnc for OpenBSD. Thanks Jason Ish for the patch
> (long time ago) and Chris Kuethe for reraising the issue.
> * Allow snort to use usernames (-u) and groupnames (-g) that include
> numbers. Thanks to Shaick for the patch.
> * Fixed broken -T option.
> * Change ip_proto to ip for portscan configuration. Thanks David Bianco
> for pointing this out.
> * Fix for prelude initialization. Thanks Yoann Vandoorselaere for the
> update.
> * For content matches, when subsequent rule options fail, start searching
> again in correct location.
> * Updated Win32 to handle pflog patch.
> * Added support for new OpenBSD pflog format. Older pflog format,
> OpenBSD 3.3 and earlier is still supported. Thanks Breno Leitao
> and Christian Reis for the patch.
> * Added statistics counter for ETH_LOOPBACK packets. Thanks rmkml
> for the patch.
|
|
SIGUSR1 reset of the openvpn process. This is useful for simplifying
dhclient-exit-hooks hook scripts that need to tell the openvpn process
to reset and re-run its "up" script.
Bump the PKGREVISION of net/openvpn to 1.
|
|
|
|
(This needs to be fixed more generally across pkgsrc post-freeze.)
Reviewed by wiz.
|
|
|
|
the former is still provided through nameser_compat.h while the
latter is not available on older NetBSDs
should fix build error seen in the 2.0.2 bulk build
|
|
no longer correct since update to libevent 1.x; it now uses libtool and
generates a shlib.
Remove the offending bl3 line, and bump all dependents' PKGREVISIONs, since
the binary pkg changes for any OS that doesn't have a sufficient builtin
libevent version (or the package has requested a non-builtin version).
|
|
Changes:
3.93:
=====
o Modified Libpcap's configure.ac to compile with the
--fno-strict-aliasing option if gcc 4.X is used. This prevents when
said compiler is used. This was done for Nmap in 3.90, but is
apparently needed for pcap too. Thanks to Craig Humphrey
(Craig.Humphrey(a)chapmantripp.com) for the discovery.
o Patched libdnet to include sys/uio.h in src/tun-linux.c. This is
apparently necessary on some Glibc 2.1 systems. Thanks to Rob Foehl
(rwf(a)loonybin.net) for the patch.
o Fixed a crash which could occur when a ridiculously short
--host_timeout was specified on Windows (or on UNIX if --send_eth was
specified). Nmap now also prints a warning if you specify a
host_timeout of less than 1 second. Thanks to Ole Morten Grodaas
(grodaas(a)gmail.com) for discovering the problem.
3.91:
=====
o Fixed a crash on Windows when you -P0 scan an unused IP on a local
network (or a range that contains unused IPs). This could also
happen on UNIX if you specified the new --send_eth option. Thanks
to Jim Carras (JFCECL(a)engr.psu.edu) for reporting the problem.
o Fixed compilation on OpenBSD by applying a patch from Okan Demirmen
(okan(a)demirmen.com), who maintains Nmap in the OpenBSD Ports
collection.
o Updated nmap-mac-prefixes to include OUIs assigned by the IEEE since
April.
o Updated the included libpcre (used for version detection) from
version 4.3 to 6.3. A libpcre securty issue was fixed in 6.3, but
that issue never affected Nmap.
o Updated the included libpcap from 0.8.3 to 0.9.3. I also changed
the directory name in the Nmap tarball from libpcap-possiblymodified
to just libpcap. As usual, the modifications are described in the
NMAP_MODIFICATIONS in that directory.
3.90:
=====
o Added the ability for Nmap to send and properly route raw ethernet
packets cointaining IP datagrams rather than always sending the
packets via raw sockets. This is particularly useful for Windows,
since Microsoft has disabled raw socket support in XP for no good
reason. Nmap tries to choose the best method at runtime based on
platform, though you can override it with the new --send_eth and
--send_ip options.
o Added ARP scanning (-PR). Nmap can now send raw ethernet ARP requests to
determine whether hosts on a LAN are up, rather than relying on
higher-level IP packets (which can only be sent after a successful
ARP request and reply anyway). This is much faster and more
reliable (not subject to IP-level firewalling) than IP-based probes.
The downside is that it only works when the target machine is on the
same LAN as the scanning machine. It is now used automatically for
any hosts that are detected to be on a local ethernet network,
unless --send_ip was specified. Example usage: nmap -sP -PR
192.168.0.0/16 .
o Added the --spoof_mac option, which asks Nmap to use the given MAC
address for all of the raw ethernet frames it sends. The MAC given
can take several formats. If it is simply the string "0", Nmap
chooses a completely random MAC for the session. If the given
string is an even number of hex digits (with the pairs optionally
separated by a colon), Nmap will use those as the MAC. If less than
12 hex digits are provided, Nmap fills in the remainder of the 6
bytes with random values. If the argument isn't a 0 or hex string,
Nmap looks through the nmap-mac-prefixes to find a vendor name
containing the given string (it is case insensitive). If a match is
found, Nmap uses the vendor's OUI (3-byte prefix) and fills out the
remaining 3 bytes randomly. Valid --spoof_mac argument examples are
"Apple", "0", "01:02:03:04:05:06", "deadbeefcafe", "0020F2", and
"Cisco".
o Applied an enormous nmap-service-probes (version detection) update
from SoC student Doug Hoyte (doug(a)hcsw.org). Version 3.81 had
1064 match lines covering 195 service protocols. Now we have 2865
match lines covering 359 protocols! So the database size has nearly
tripled! This should make your -sV scans quicker and more
accurate. Thanks also go to the (literally) thousands of you who
submitted service fingerprints. Keep them coming!
o Applied a massive OS fingerprint update from Zhao Lei
(zhaolei(a)gmail.com). About 350 fingerprints were added, and many
more were updated. Notable additions include Mac OS X 10.4 (Tiger),
OpenBSD 3.7, FreeBSD 5.4, Windows Server 2003 SP1, Sony AIBO (along
with a new "robotic pet" device type category), the latest Linux 2.6
kernels Cisco routers with IOS 12.4, a ton of VoIP devices, Tru64
UNIX 5.1B, new Fortinet firewalls, AIX 5.3, NetBSD 2.0, Nokia IPSO
3.8.X, and Solaris 10. Of course there are also tons of new
broadband routers, printers, WAPs and pretty much any other device
you can coax an ethernet cable (or wireless card) into!
o Added 'leet ASCII art to the confugrator! ARTIST NOTE: If you think
the ASCII art sucks, feel free to send me alternatives. Note that
only people compiling the UNIX source code get this. (ASCII artist
unknown).
o Added OS, device type, and hostname detection using the service
detection framework. Many services print a hostname, which may be
different than DNS. The services often give more away as well. If
Nmap detects IIS, it reports an OS family of "Windows". If it sees
HP JetDirect telnetd, it reports a device type of "printer". Rather
than try to combine TCP/IP stack fingerprinting and service OS
fingerprinting, they are both printed. After all, they could
legitimately be different. An IP that gives a stack fingerprint
match of "Linksys WRT54G broadband router" and a service fingerprint
of Windows based on Kazaa running is likely a common NAT setup rather
than an Nmap mistake.
o Nmap on Windows now compiles/links with the new WinPcap 3.1
header/lib files. So please upgrade to 3.1 from
http://www.winpcap.org before installing this version of Nmap.
While older versions may still work, they aren't supported with Nmap.
o The official Nmap RPM files are now compiled statically for better
compatability with other systems. X86_64 (AMD Athlon64/Opteron)
binaries are now available in addition to the standard i386. NmapFE
RPMs are no longer distributed by Insecure.Org.
o Nmap distribution signing has changed. Release files are now signed
with a new Nmap Project GPG key (KeyID 6B9355D0). Fyodor has also
generated a new key for himself (KeyID 33599B5F). The Nmap key has
been signed by Fyodor's new key, which has been signed by Fyodor's
old key so that you know they are legit. The new keys are available
at http://www.insecure.org/nmap/data/nmap_gpgkeys.txt , as
docs/nmap_gpgkeys.txt in the Nmap source tarball, and on the public
keyserver network. Here are the fingerprints:
pub 1024D/33599B5F 2005-04-24
Key fingerprint = BB61 D057 C0D7 DCEF E730 996C 1AF6 EC50 3359 9B5F
uid Fyodor <fyodor@insecure.org>
sub 2048g/D3C2241C 2005-04-24
pub 1024D/6B9355D0 2005-04-24
Key fingerprint = 436D 66AB 9A79 8425 FDA0 E3F8 01AF 9F03 6B93 55D0
uid Nmap Project Signing Key (http://www.insecure.org/)
sub 2048g/A50A6A94 2005-04-24
o Fixed a crash problem related to non-portable varargs (vsnprintf)
usage. Reports of this crash came from Alan William Somers
(somers(a)its.caltech.edu) and Christophe (chris.branch(a)gmx.de).
This patch was prevalent on Linux boxes running an Opteron/Athlon64
CPU in 64-bit mode.
o Fixed crash when Nmap is compiled using gcc 4.X by adding the
--fno-strict-aliasing option when that compiler is detected. Thanks
to Greg Darke (starstuff(a)optusnet.com.au) for discovering that
this option fixes (hides) the problem and to Duilio J. Protti
(dprotti(a)flowgate.net) for writing the configure patch to detect
gcc 4 and add the option. A better fix is to identify and rewrite
lines that violate C99 alias rules, and we are looking into that.
o Added "rarity" feature to Nmap version detection. This causes
obscure probes to be skipped when they are unlikely to help. Each
probe now has a "rarity" value. Probes that detect dozens of
services such as GenericLines and GetRequest have rarity values of
1, while the WWWOFFLEctrlstat and mydoom probes have a rarity of 9.
When interrogating a port, Nmap always tries probes registered to
that port number. So even WWWOFFLEctrlstat will be tried against
port 8081 and mydoom will be tried against open ports between 3127
and 3198. If none of the registered ports find a match, Nmap tries
probes that have a rarity less than or equal to its current
intensity level. The intensity level defaults to 7 (so that most of
the probes are done). You can set the intensity level with the new
--version_intensity option. Alternatively, you can just use
--version_light or --version_all which set the intensity to 2 (only
try the most important probes and ones registered to the port
number) and 9 (try all probes), respectively. --version_light is
much faster than default version detection, but also a bit less
likely to find a match. This feature was designed and implemented
by Doug Hoyte (doug(a)hcsw.org).
o Added a "fallback" feature to the nmap-service-probes database.
This allows a probe to "inherit" match lines from other probes. It
is currently only used for the HTTPOptions, RTSPRequest, and
SSLSessionReq probes to inherit all of the match lines from
GetRequest. Some servers don't respond to the Nmap GetRequest (for
example because it doesn't include a Host: line) but they do respond
to some of those other 3 probes in ways that GetRequest match lines
are general enough to match. The fallback construct allows us to
benefit from these matches without repeating hundreds of signatures
in the file. This is another feature designed and implemented
by Doug Hoyte (doug(a)hcsw.org).
o Fixed crash with certain --excludefile or
--exclude arguments. Thanks to Kurt Grutzmacher
(grutz(a)jingojango.net) and pijn trein (ptrein(a)gmail.com) for
reporting the problem, and to Duilio J. Protti
(dprotti(a)flowgate.net) for debugging the issue and sending the
patch.
o Updated random scan (ip_is_reserved()) to reflect the latest IANA
assignments. This patch was sent in by Felix Groebert
(felix(a)groebert.org).
o Included new Russian man page translation by
locco_bozi(a)Safe-mail.net
o Applied pach from Steve Martin (smartin(a)stillsecure.com) which
standardizes many OS names and corrects typos in nmap-os-fingerprints.
o Fixed a crash found during certain UDP version scans. The crash was
discovered and reported by Ron (iago(a)valhallalegends.com) and fixed
by Doug Hoyte (doug(a)hcsw.com).
o Added --iflist argument which prints a list of system interfaces and
routes detected by Nmap.
o Fixed a protocol scan (-sO) problem which led to the error message:
"Error compiling our pcap filter: syntax error". Thanks to Michel
Arboi (michel(a)arboi.fr.eu.org) for reporting the problem.
o Fixed an Nmap version detection crash on Windows which led to the
error message "Unexpected error in NSE_TYPE_READ callback. Error
code: 10053 (Unknown error)". Thanks to Srivatsan
(srivatsanp(a)adventnet.com) for reporting the problem.
o Fixed some misspellings in docs/nmap.xml reported by Tom Sellers
(TSellers(a)trustmark.com).
o Applied some changes from Gisle Vanem (giva(a)bgnett.no) to make
Nmap compile with Cygwin.
o XML "osmatch" element now has a "line" attribute giving the
reference fingerprint line number in nmap-os-fingerprints.
o Added a distcc probes and a bunch of smtp matches from Dirk Mueller
(mueller(a)kde.org) to nmap-service-probes. Also added AFS version
probe and matches from Lionel Cons (lionel.cons(a)cern.ch). And
even more probes and matches from Martin Macok
(martin.macok(a)underground.cz)
o Fixed a problem where Nmap compilation would use header files from
the libpcap included with Nmap even when it was linking to a system
libpcap. Thanks to Solar Designer (solar(a)openwall.com) and Okan
Demirmen (okan(a)demirmen.com) for reporting the problem.
o Added configure option --with-libpcap=included to tell Nmap to use
the version of libpcap it ships with rather than any that may already be
installed on the system. You can still use --with-libpcap=[dir] to
specify that a system libpcap be installed rather than the shipped
one. By default, Nmap looks at both and decides which one is likely
to work best. If you are having problems on Solaris, try
--with-libpcap=included .
o Changed the --no-stylesheet option to --no_stylesheet to be
consistant with all of the other Nmap options. Though I'm starting to
like hyphens a bit better than underscores and may change all of the
options to use hyphens instad at some point.
o Added "Exclude" directive to nmap-service-probes grammar which
causes version detection to skip listed ports. This is helpful for
ports such as 9100. Some printers simply print any data sent to
that port, leading to pages of HTTP requests, SMB queries, X Windows
probes, etc. If you really want to scan all ports, specify
--allports. This patch came from Doug Hoyte (doug(a)hcsw.org).
o Added a stripped-down and heavily modified version of Dug Song's
libdnet networking library (v. 1.10). This helps with the new raw
ethernet features. My (extensive) changes are described in
libdnet-stripped/NMAP_MODIFICATIONS
o Removed WinIP library (and all Windows raw sockets code) since MS
has gone and broken raw sockets. Maybe packet receipt via raw
sockets will come back at some point. As part of this removal, the
Windows-specific --win_help, --win_list_interfaces, --win_norawsock,
--win_forcerawsock, --win_nopcap, --win_nt4route, --win_noiphlpapi,
and --win_trace options have been removed.
o Chagned the interesting ports array from a 65K-member array of
pointers into an STL list. This noticeable reduces memory usage in
some cases, and should also give a slight runtime performance
boost. This patch was written by Paul Tarjan (ptarjan(a)gmail.com).
o Removed the BSDFIX/BSDUFIX macros. The underlying bug in
FreeBSD/NetBSD is still there though. When an IP packet is sent
through a raw socket, these platforms require the total length and
fragmentation offset fields of an IP packet to be in host byte order
rather than network byte order, even though all the other fields
must be in NBO. I believe that OpenBSD fixed this a while back.
Other platforms, such as Linux, Solaris, Mac OS X, and Windows take
all of the fields in network byte order. While I removed the macro,
I still do the munging where required so that Nmap still works on
FreeBSD.
o Integrated many nmap-service-probes changes from Bo Jiang
(jiangbo(a)brandeis.edu)
o Added a bunch of RPC numbers from nmap-rpc maintainer Eilon Gishri
(eilon(a)aristo.tau.ac.il)
o Added some new RPC services to nmap-rpc thanks to a patch from
vlad902 (vlad902(a)gmail.com).
o Fixed a bug where Nmap would quit on Windows whenever it encountered
a raw scan of localhost (including the local ethernet interface
address), even when that was just one address out of a whole network
being scanned. Now Nmap just warns that it is skipping raw scans when
it encounters the local IP, but continues on to scan the rest of the
network. Raw scans do not currently work against local IP addresses
because Winpcap doesn't support reading/writing localhost interfaces
due to limitations of Windows.
o The OS fingerprint is now provided in XML output if debugging is
enabled (-d) or verbosity is at least 2 (-v -v). This patch was
sent by Okan Demirmen (okan(a)demirmen.com)
o Fixed the way tcp connect scan (-sT) respons to ICMP network
unreachable responses (patch by Richard Moore
(rich(a)westpoint.ltd.uk).
o Update random host scan (-iR) to support the latest IANA-allocated
ranges, thanks to patch by Chad Loder (cloder(a)loder.us).
o Updated GNU shtool (a helper program used during 'make install' to
version 2.0.2, which fixes a predictable temporary filename
weakness discovered by Eric Raymond.
o Removed addport element from XML DTD, since it is no longer used
(sugested by Lionel Cons (lionel.cons(a)cern.ch)
o Added new --privileged command-line option and NMAP_PRIVILEGED
environmental variable. Either of these tell Nmap to assume that
the user has full privileges to execute raw packet scans, OS
detection and the like. This can be useful when Linux kernel
capabilities or other systems are used that allow non-root users to
perform raw packet or ethernet frame manipulation. Without this
flag or variable set, Nmap bails on UNIX if geteuid() is
nonzero.
o Changed the RPM spec file so that if you define "static" to 1 (by
passing --define "static 1" to rpmbuild), static binaries are built.
o Fixed Nmap compilation on Solaris x86 thanks to a patch from Simon
Burr (simes(a)bpfh.net).
o ultra_scan() now sets pseudo-random ACK values (rather than 0) for
any TCP scans in which the initial probe packet has the ACK flag set.
This would be the ACK, Xmas, Maimon, and Window scans.
o Updated the Nmap version number, description, and similar fields
that MS Visual Studio places in the binary. This was done by editing
mswin32/nmap.rc as suggested by Chris Paget (chrisp@ngssoftware.com)
o Fixed Nmap compilation on DragonFly BSD (and perhaps some other
systems) by applying a short patch by Joerg Sonnenberger which omits
the declaration of errno if it is a #define.
o Fixed an integer overflow that prevented Nmap from scanning
2,147,483,648 hosts in one expression (e.g. 0.0.0.0/1). Problem
noted by Justin Cranford (jcranford(a)n-able.com). While /1 scans
are now possible, don't expect them to finish during your bathroom
break. No matter how constipated you are.
o Increased the buffer size allocated for fingerprints to prevent Nmap
from running out and quitting (error message: "Assertion
`servicefpalloc - servicefplen > 8' failed". Thanks to Mike Hatz
(mhatz(a)blackcat.com) for the report. [ Actually this was done in a
previous version, but I forgot which one ]
o Changed from CVS to Subversion source control system (which
rocks!). Neither repository is public (I'm paranoid because both CVS
and SVN have had remotely exploitable security holes), so the main
change users will see is that "Id" tags in file headers use the SVN
format for version numbering and such.
|
|
http://secunia.com/advisories/16786/
Whitespace police on MESSAGE
Bump to nb1
|
|
> Security Fixes
> * SQL injection attack in the module "rlm_sqlcounter".
> * Buffer overflows in the module "rlm_sqlcounter".
> * Expansion of variable %t may write 26 bytes beyond the buffer
> bound. Primoz Bratanic is credited with the discovery of these
> three bugs.
>
> Bug fixes
> * Don't de-reference a NULL pointer if the auth-type is unknown
> in the function rad_check_password().
> * Escape more characters in the LDAP queries.
> Bug found by Suse engineers.
> * In rlm_sql_unixodbc, don't call rad_malloc from sql_error(),
> it leaks memory.
> * Fix an off-by-one error in the module rlm_sql_unixodbc.
> Bug found by Suse engineers.
> * In rlm_sql, resize the buffer for the value of SQL-User-Name.
> * Initialize memory for a new SQL socket in the module rlm_sql.
> * Don't add too many attributes after running an external program.
> Bug found by Suse engineers.
> * Fix an off-by-one error in the function getthing().
> * snprintf() and vsnprintf() replacements were not compiled if
> the autoconf tests didn't find the functions.
> * Don't use vsprintf() anymore, but the replacement for vsnprintf()
> in libradius instead.
> * The function decode_attribute() may write beyond buffer bounds.
> Bug found by Suse engineers.
> * Fix a memset() in the function request_enqueue() which was
> begining at the wrong address. Bug found by Matthias Ruttman.
> * Fix an off-by-one error in the function xlat_copy().
> Bug found by Primoz Bratanic.
> * Fix other off-by-one errors in module "rlm_unix", too.
> Bug found by Allan Bazinet.
> * Fix a 2-byte over-run read in function rad_decode().
> * Update thread pool queue properly.
> * Autonconf tests try first any user-specified directory,
> otherwise they may pick up the wrong version.
> * Delete the autoconf tests for the libldap dependancies.
> * Install all the regular files under the "doc" directory.
> * Distinguish between exit code <0 (failure) and >0 (reject)
> in Exec-Program-Wait. Patch from Thor Spruyt.
> * Make Expiration work.
> * Clean up the code for opening a proxy socket.
> * When finding a realm to proxy to, if all are dead, wake them
> if wake_all_if_all_dead is true.
> * In radwho, print the NAS-Port as unsigned int.
> * Use extended regex instead of basic regex in rlm_attr_filter.
> * Catch the case where someone deletes a directory that rlm_detail
> is using.
> * Use the variable $(LDFLAGS) when linking a module.
> * Ignore the Stripped-User-Name when a realm has the "nostrip"
> directive.
> * Add support for NT-Password in rlm_pap.
> * In rlm_sqlcounter, use the time left to the next reset if it's
> inferior to the time left in the counter.
> * Calculate Message-Authenticator correctly for Accounting-Request
> and Accounting-Response. Bug found by Paolo Rotela.
> * Build on MAC OS X. Still need --disable-shared, though.
> * Fix bug #255 (crash with expired CRL's, etc.)
> * Fix quote removal of the values from a SQL database.
> * Reap the zombie process after a command run from "Exec-Program".
> * Allow to cancel proxy of accounting with "Proxy-To-Realm := LOCAL".
> * Don't copy VSA's to an Access-Reject packet.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
members outside their class.
|
|
Changes:
- Added code for mac802.15.4.
- Improve Cygwin compatibility.
- Bug fixes.
|
|
* New translations
* Performance improvement using DamageReportDeltaRectangles
* Plug a leak
* Fix Caps Lock not working
* Fix Shift not working for some keys
* Fix over-eager key repeat issue
|
|
|
|
No pkgrevision bumps needed.
|
|
|
|
not just on Solaris, Linux, and NetBSD. Bump the PKGREVISION to 3.
|
|
If i understand the code correctly a message is send with a 4 byte length in
front of a block of data. If the data length was less than 80 a stack reserved
memory block was used to avoid over-malloc'ing for small pieces. This block was
declared 80 bytes long... so it would overflow if messages of aprox. 80 bytes
were sent for the length bytes were not accounted for. Claimed more for
certain.
With this small fix the repeated crashes that i experienced are gone. Author
has been notified of the possible problem.
|
|
* Wget 1.10.1 is a bugfix release with no user-visible changes.
|
|
|
|
http://www.amule.org/wiki/index.php/ has the full list of changes; in brief,
the CPU and memory usage has been vastly improved, the network code has been
substantially rewritten, amule now works with wxGTK 2.6, and several hundred
bugs have been fixed.
|
|
the "mldonkey" and "mldonkey-gui" packages with the latest version of
the "ocaml" package.
|
|
|
|
defined(__APPLE__)
|
|
needed the CVS -ko mode in revision 1.4.
|
