Age | Commit message (Collapse) | Author | Files | Lines |
|
security patch + build fixes for net-snmp
- pkgsrc/net/net-snmp/Makefile 1.69-1.70
- pkgsrc/net/net-snmp/distinfo 1.44-1.46
- pkgsrc/net/net-snmp/files/cpu_dragonfly.c 1.3
- pkgsrc/net/net-snmp/patches/patch-ai 1.4-1.5
- pkgsrc/net/net-snmp/patches/patch-aj 1.5
- pkgsrc/net/net-snmp/patches/patch-ak 1.4
- pkgsrc/net/net-snmp/patches/patch-am 1.7
- pkgsrc/net/net-snmp/patches/patch-de 1.5
- pkgsrc/net/net-snmp/patches/patch-dk removed
- pkgsrc/net/net-snmp/patches/patch-ep 1.3
Module Name: pkgsrc
Committed By: christos
Date: Thu Jun 5 19:09:41 UTC 2008
Modified Files:
pkgsrc/net/net-snmp: Makefile distinfo
pkgsrc/net/net-snmp/files: cpu_dragonfly.c
pkgsrc/net/net-snmp/patches: patch-am patch-de
Added Files:
pkgsrc/net/net-snmp/patches: patch-ai patch-aj patch-ak
Log Message:
PR/36978: Hasso Tepper: Make net-snmp work on dragonfly.
While I am here make it run again on NetBSD (hi clown boy)
---
Module Name: pkgsrc
Committed By: tron
Date: Fri Jun 6 16:18:04 UTC 2008
Modified Files:
pkgsrc/net/net-snmp: distinfo
pkgsrc/net/net-snmp/patches: patch-ai
Removed Files:
pkgsrc/net/net-snmp/patches: patch-dk
Log Message:
Combine the to patches for "agent/mibgroup/mibII/ip.c" to make this
actually build.
---
Module Name: pkgsrc
Committed By: tron
Date: Thu Jun 12 13:32:24 UTC 2008
Modified Files:
pkgsrc/net/net-snmp: Makefile distinfo
pkgsrc/net/net-snmp/patches: patch-ep
Log Message:
Add patch for CVE-2008-0960 from the Net-SNMP project page on Sourceforge.
|
|
Security patch for samba
Revisions pulled up:
- net/samba/Makefile 1.182
- net/samba/distinfo 1.62
- net/samba/patches/patch-ea 1.1
- net/samba/patches/patch-eb 1.1
- net/samba/patches/patch-ec 1.1
- net/samba/patches/patch-ed 1.1
- net/samba/patches/patch-ee 1.1
- net/samba/patches/patch-ef 1.1
---
Module Name: pkgsrc
Committed By: drochner
Date: Wed May 28 15:39:55 UTC 2008
Modified Files:
pkgsrc/net/samba: Makefile distinfo
Added Files:
pkgsrc/net/samba/patches: patch-ea patch-eb patch-ec patch-ed patch-ee
patch-ef
Log Message:
add patches from redhat bugzilla (#446724) to fix CVE-2008-1105
(heap buffer overflow in client code)
bump PKGREVISION
|
|
snort: update for fixes & security vulnerability
revisions pulled up:
- pkgsrc/net/snort/Makefile 1.37
- pkgsrc/net/snort/PLIST 1.27
- pkgsrc/net/snort/distinfo 1.43
Module Name: pkgsrc
Committed By: adrianp
Date: Sun May 25 23:49:07 UTC 2008
Modified Files:
pkgsrc/net/snort: Makefile PLIST distinfo
Log Message:
Update to 2.8.1
Includes fix for CVE-2008-1804
[*] New Additions
* Target-Based support to allow rules to use an attribute table
describing services running on various hosts on the network.
Eliminates reliance on port-based rules.
* Support for GRE encapsulation for both IPv4 & IPv6.
* Support for IP over IP tunneling for both IPv4 & IPv6.
* SSL preprocessor to allow ability to not inspect encrypted traffic.
* Ability to read mulitple PCAPs from the command line.
* Support for new CVS rule detection options.
[*] Improvements
* Update to HTTP Inspect to identify overly long HTTP header fields.
* Updates to IPv6 support, including changes to avoid namespace
conflicts for certain Operating systems.
* Updates to address issues seen on various Sparc platforms.
* Stricter enforcement of shared object versions to avoid API
conflicts.
|
|
security fix for mtr
- pkgsrc/net/mtr/Makefile 1.49
- pkgsrc/net/mtr/distinfo 1.23
- pkgsrc/net/mtr/patches/patch-ac 1.3
Module Name: pkgsrc
Committed By: tron
Date: Thu May 22 12:10:49 UTC 2008
Modified Files:
pkgsrc/net/mtr: Makefile distinfo
Added Files:
pkgsrc/net/mtr/patches: patch-ac
Log Message:
Implement a fix for the security vulnerability reported in
<http://seclists.org/fulldisclosure/2008/May/0488.html>.
|
|
security update for net-snmp
Revisions pulled up:
- pkgsrc/net/net-snmp/Makefile 1.68
- pkgsrc/net/net-snmp/distinfo 1.43
- pkgsrc/net/net-snmp/patches/patch-ad 1.5
Module Name: pkgsrc
Committed By: tron
Date: Sun May 18 11:59:54 UTC 2008
Modified Files:
pkgsrc/net/net-snmp: Makefile distinfo
Added Files:
pkgsrc/net/net-snmp/patches: patch-ad
Log Message:
Add patch from the Net-SNMP SVN repository to fix a buffer overflow in
the Perl SNMP module reported in SA30187.
To generate a diff of this commit:
cvs rdiff -r1.67 -r1.68 pkgsrc/net/net-snmp/Makefile
cvs rdiff -r1.42 -r1.43 pkgsrc/net/net-snmp/distinfo
cvs rdiff -r0 -r1.5 pkgsrc/net/net-snmp/patches/patch-ad
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
|
|
liblive: update package fixes & security vulnerabilities
revisions pulled up:
- pkgsrc/net/liblive/Makefile
- pkgsrc/net/liblive/PLIST
- pkgsrc/net/liblive/distinfo
Module Name: pkgsrc
Committed By: obache
Date: Sat Apr 26 11:38:43 UTC 2008
Modified Files:
pkgsrc/net/liblive: Makefile PLIST distinfo
Log Message:
Update liblive to 2008.04.09.
draw upon a patch to update for 2007.01.17 in PR 38038
While here, add DESTDIR support and fix permission of installed libraries.
2008.04.09:
- Corrected a type-related bug in "RTPInterface::handleRead()". (Thanks to Brain Lai for noting this.)
- Fixed a bug in "RTSPClient" that would prevent RTCP "RR" reports from being sent to
the correct multicast address when we are receiving a multicast stream. (Thanks to Changjin Liu for noticing this.)
2008.04.03:
- Fixed a bug that was introduced in the "2007.12.27" release. The "timeout" parameter to the call to
"readSocket" in "SocketDescriptor::tcpReadHandler()" in "RTPInterface.cpp" needed to be initialized
(to zero) first. (Thanks to Lodewijk Loos for alerting us to this problem.)
- Added a new config file "config.bfin-linux-uclibc", and renamed "config.bfin_uclinux" as "config.bfin-uclinux".
(Thanks to Mike Frysinger.)
2008.02.08:
- Added a hack (suggested by "Romain") to "MPEG2TransportStreamFramer" to (perhaps)
produce more accurate per-transport-packet duration estimates for wildly VBR streams.
- Updated "MPEG2TransportStreamMultiplexor" to support the addition of MPEG-4 Audio or Video Elementary Streams.
- Updated "RTSPOverHTTPServer.cpp" (a work in progress) so that it complies properly for some versions of
Visual Studio on Windows. (Thanks to Eric Flickner for noting this.)
2008.01.19:
- Corrected the "getNormalPlayTime()" function - introduced in the previous release - to allow for 'trick play'
scale factors other than 1.
2008.01.18:
- Added a new member function
float MediaSubsession::getNormalPlayTime()
which - given a stream's current presentation time - returns the "Normal Play Time".
This function is useful for RTSP streams.
- Added support for a "a=control:" URL specified in the SDP description at the session level.
2008.01.04:
- Changed the "RTSPClient" timeout - introduced in the previous release - from
5s to 30s.
- Added support for setting and returning the RTSP session start time (as well as the end time).
(This eliminates the need for the "live-starttime.patch" file that VLC was using.)
- Updated some of the system-specific configuration files, to eliminate the need for many of the patches that
the VLC developers added to their code.
2007.12.27:
- Added a 5s timeout to the "RTSPClient" code that checks for RTSP responses.
This mirrors a change that was already being done to VLC's copy of the code.
(This is still a short-term fix, until the "RTSPClient" code is rewritten to
properly use asynchronous I/O, using the event loop.)
- Added a timeout to the "readSocket()" call in "SocketDescriptor::tcpReadHandler()" in "RTPInterface.cpp",
to handle reading RTP-over-TCP data. This allows for the possibility of non-cooperative RTSP clients.
(Thanks to Peter Leese for this suggestion.) This is probably not a complete solution;
more thought is needed...
2007.12.07:
- Fixed "H2633plusVideoFileServerMediaSubsession" to properly use a dynamic RTP payload type, rather than the
static type 34 (which is reserved for the now-obsolete old "video/H263" RTP payload format).
2007.12.06:
- Updated "JPEGVideoRTPSource" to take optional 'default width' and 'default height' parameters.
These parameters can be set by fields in the SDP description, and can be used to specifiy unusually
large frame widths and/or heights. (Thanks to Andrey Filippov.)
2007.11.18:
- Fixed a couple of memory leaks in "DarwinInjector". (Thanks to Eyal Beit-Halachmi for noting these.)
- Removed old 'backwards compatibility' stuff from "FramedSource". (Noone should be relying upon this any more.)
- Fixed a bounds-checking error in "parseRTSPRequestString()" caused by an int vs. unsigned problem.
(Thanks to Luigi Auriemma for noting this.)
- In "RTSPClient.cpp", fixed a couple of "unsigned" vs. "int" nits. (Thanks for Brain Lai for noting this.)
2007.11.01:
- Several of the options to "openRTSP" have now been changed, with two new options added:
-s <initial-seek-time>
-z <scale>
See the "openRTSP" documentation <http://www.live555.com/openRTSP/> for details.
- Fixed a bug in the way that "MPEG4VideoStreamDiscreteFramer" parses 'config' information (for inclusion in
the stream's SDP description). (Thanks to Nicola Bova for helping to identify this bug.)
- Eliminated a potential memory (and socket) leak when allocating server RTP,RTCP socket pairs.
(Thanks to David Pan for reporting this.)
- Updated "ByteStreamFileSource" to treat a 0-byte file read the same as EOF.
- Ensure that we have reasonable OS buffering for writes on non-blocking sockets.
2007.08.03a:
- Removed a debugging printf() that had been left in by mistake. (Thanks to Massimo Zito for noticing this.)
2007.08.03:
- Updated the "RTSPServer" implementation to work better on systems with more than one IP address.
The server will now include - in its RTSP responses - the IP address on which the corresponding incoming request
was received.
2007.07.25:
- Added some sanity checks to various "MediaSink" subclasses, in case "fSource" is NULL.
(Thanks to Andrey Kaminsky for noting one of these.)
2007.07.10:
- Made sure that "MPEG2TransportStreamFramer"s estimate of the average duration of each Transport Packet
gets updated correctly after each 'seek' operation. (Thanks to Massimo Zito for suggesting this.)
- Fixed a bug in "MPEG2TransportStreamFromESSource" that was causing presentation
timestamps to not be generated correctly. (Thanks to Massimo Zito for noticing this.)
2007.07.01:
- Fixed a bug in "RTSPServer" and "RTSPClient" that would cause problems when streaming
files whose names have spaces in them.
- Fixed a bug in "OnDemandServerMediaSubsession::deleteStream". (Thanks to Igor Bukanov.)
- Make the sockets for "RTPSource", "RTCPInstance" and "BasicUDPSource" non-blocking, even though they will be read
from only asynchronously, when packets arrive. The reason for this is that, in some OSs, reads on a blocking
socket can (allegedly) sometimes block, even if the socket was previously reported (e.g., by "select()") as
having data available. (This can supposedly happen if the UDP checksum fails, for example.)
(Thanks to Marc Neuberger for pointing this out.)
- Fixed a bug in "MPEG2TransportFileServerMediaSubsession.cpp" that was causing 2x
fast-forward to fail. (Some debugging code had been left in by mistake.)
2007.05.24:
- Modified "setupDatagramSocket()" to better handle setting "ReceivingInterfaceAddr" when creating a socket
to be used to send/receive multicast.
- Made a couple of minor changes to overcome some compilation errors that some people were apparently seeing.
2007.05.23:
- The RTSP server now includes the "source=" parameter in the response to a RTSP "SETUP" command.
This works around a bug in QuickTime Player that would cause it to not send RTCP "RR" packets
(when playing a unicast stream, and running on Mac OS X). (Thanks to Dave Singer et al at Apple for tracking
down this problem.)
- The RTSP server implementation no longer terminates the session if it returns 400 or 405 errors.
2007.04.24a:
- Fixed a problem in the new "RTSPOverHTTPServer" code that was causing some people compilation problems.
2007.04.24:
- Fixed a typo in "testOnDemandRTSPServer.cpp". (Thanks to Nils Grundback for noticing this.)
- Modified the signature of "RTSPServer::specialClientAccessCheck()" (defined in the previous revision) to add
a new "clientAddr" parameter (a "struct sockaddr_in"), to allow special access checking based on clients' IP
address.
- Make sure that the locale is set to "POSIX" when calling "toupper()" or "tolower()" on human-supplied strings.
(Thanks to Ismail Doenmez for noting this.)
2007.04.20:
- Modified "MPEG2TransportStreamMultiplexor" to set the "discontinuity_indicator" flag for the first
"adaptation_field" in the output Transport Stream.
- Changed "AMRAudioRTPSource" to more accurately report whether/when an interleaved frame's timestamp has
been synchronized using RTCP.
(Thanks to David Bertrand for this patch.)
- Made to a small fix to the previous revision's support for multicast streaming of raw UDP (nonstandard)
- Added a virtual function to "OnDemandServerMediaSubsession" for closing the stream source.
Subclasses can redefine this, if they wish, to do something smarter. (Thanks to Igor Bukanov for this patch.)
- Added support to "RTSPServer" for optionally performing special per-client access control, beyond the
standard Digest Authentication method. (Thanks to Igor Bukanov for this patch.)
- Made a minor optimization to "Groupsock.cpp". (Thanks to Maxim Petrov for this suggestion.)
- Added an initial implementation of RTSP-over-HTTP at the server level (it was already supported at the client level).
(Note: This code has not yet been completed, and doesn yet work, so don't try to use it.)
2007.02.20:
- Updated "RTSPServer" to support multicast streaming of raw UDP streams (nonstandard).
(Thanks to Aesmund Grammeltvedt for this modification.)
- Made "RTSPClient" a little more robust in case the TCP connection fails.
- Made "RTPSink::rtpmapLine()" virtual (as requested by Andrew Voznytsa).
- Removed an archaic (no longer used) declaration in "groupsock/include/Groupsock.hh".
- Added an optional "allowKasennaProtocol" parameter to "RTSPClient::describeWithPassword()"
(similar to "RTSPClient::describeURL()"). (Thanks to Igor Bukanov for this suggestion.)s
2007.01.17:
- Fixed a bug that would cause the "MPEG2TransportStreamIndexer" application to fail when run on a big-endian
architecture.
- Added a new cl "H264VideoFileSink", that prepends each incoming H.264 NAL unit with the prefix 0x000001,
before writing it to the file. Also updated the "openRTSP" code to use this, when receiving H.264/RTP streams.
(Thanks to Chris Kuiper for contributing this.)
- Added a temporary #ifdef to "GroupsockHelper.cpp" to work around a compliation problem when building
for Cygwin.
2007.01.11:
- Improved the "MPEG2IndexFromTransportStream" class to recogize Transport Stream
PAT and PMT (tables). This in turn makes the "MPEG2TransportStreamIndexer"
utility more robust.
- Fixed a minor bug in "MPEG2TransportStreamFromESSource".
2007.01.09:
- Added RTSP server support for 'trick play' operations on MPEG-2 Transport Stream
files. This requires the presence of a ".tsx" indexle for each ".ts" file.
(This functionality will shortly be documented on the LIVE555 web site,
and announced on the "live-devel" mailing list.)
- Improved the performance of asynchronous file reading in "ByteStreamFileSource".
(Thanks to Aesmund Grammeltvedt for this suggestion.)
- Added "-D_FILE_OFFSET_BITS=64" to the "COMPILE_OPTS" line for each of the Linux config files, in order to
alleviate possible problems with I/O on large files.
2006.12.31:
- We now implement "ByteStreamFileSource" on Windows using synchronous file reads,
by default. I had thought that Windows XP had fixed the problem - present in
earlier versions of Windows - whereby open files are not treated as select()able
sockets. But apparently the problem is still there.
- Added code that will - probably in the next release, very soon - support server
'trick mode' operations on MPEG-2 Transport Stream files. At present, we have two
new applications - in the "testProgs" directory - that help support this:
"MPEG2TransportStreamIndexer" create a special index file for a Transport Stream
file), and "testMPEG2TransportStreamTrickPlay" (to generate a new Transport Stream
file that simulates a 'trick play' operation performed on the original Transport
Stream file). See my forthcoming post to the "live-devel" mailing list for more
details.
- Fixed a bug in the Base64 encoding routine. (Thanks to Sebastian Gracias for reporting this.)
2006.12.08:
- Made sure that each TCP socket used by a "RTSPserver" is non-blocking, so that a slow or hanging client
cannot hang a server. (Thanks to "jers (at) inwind.it" for this suggestion.)
|
|
quagga: fixes denial of service
revisions pulled up:
- pkgsrc/net/quagga/Makefile 1.31
- pkgsrc/net/quagga/distinfo 1.10
- pkgsrc/net/quagga/patches/patch-ab 1.3
- pkgsrc/net/quagga/patches/patch-ac 1.3
Module Name: pkgsrc
Committed By: tonnerre
Date: Tue May 13 22:30:47 UTC 2008
Modified Files:
pkgsrc/net/quagga: Makefile distinfo
Added Files:
pkgsrc/net/quagga/patches: patch-ab patch-ac
Log Message:
Add patch for CVE-2007-1995 for stable quagga (NLRI attributes denial of
service).
|
|
security fix for bind 9
- pkgsrc/net/bind9/Makefile 1.97
- pkgsrc/net/bind9/distinfo 1.35
- pkgsrc/net/bind9/patches/patch-ap 1.3
Module Name: pkgsrc
Committed By: tonnerre
Date: Sun May 11 00:00:59 UTC 2008
Modified Files:
pkgsrc/net/bind9: Makefile distinfo
Added Files:
pkgsrc/net/bind9/patches: patch-ap
Log Message:
Fix CVE-2008-0122 for libbind (as contained in bind). A misplaced
boundary check can be abused for implementation specific exploitation:
depending on the use of libbind, this can result in denial of service
or even remote code execution.
|
|
security fix for bind 8
- pkgsrc/net/bind8/Makefile 1.40
- pkgsrc/net/bind8/distinfo 1.22
- pkgsrc/net/bind8/patches/patch-ao 1.1
Module Name: pkgsrc
Committed By: tonnerre
Date: Sun May 11 00:00:57 UTC 2008
Modified Files:
pkgsrc/net/bind8: Makefile distinfo
Added Files:
pkgsrc/net/bind8/patches: patch-ao
Log Message:
Fix CVE-2008-0122 for libbind (as contained in bind). A misplaced
boundary check can be abused for implementation specific exploitation:
depending on the use of libbind, this can result in denial of service
or even remote code execution.
|
|
security fix for rdesktop
- pkgsrc/net/rdesktop/Makefile 1.34
- pkgsrc/net/rdesktop/distinfo 1.18
- pkgsrc/net/rdesktop/patches/patch-ac 1.5
- pkgsrc/net/rdesktop/patches/patch-ad 1.1
- pkgsrc/net/rdesktop/patches/patch-ae 1.1
- pkgsrc/net/rdesktop/patches/patch-af 1.1
- pkgsrc/net/rdesktop/patches/patch-ag 1.1
- pkgsrc/net/rdesktop/patches/patch-ah 1.1
- pkgsrc/net/rdesktop/patches/patch-ai 1.1
Module Name: pkgsrc
Committed By: tonnerre
Date: Sat May 10 15:28:04 UTC 2008
Modified Files:
pkgsrc/net/rdesktop: Makefile distinfo
Added Files:
pkgsrc/net/rdesktop/patches: patch-ac patch-ad patch-ae patch-af
patch-ag patch-ah patch-ai
Log Message:
Add patches required to fix CVE-2008-180[123], taken from rdesktop CVS.
1) An integer underflow error in iso.c when processing RDP requests can
be exploited to cause a heap-based buffer overflow.
2) An input validation error in rdp.c when processing RDP redirect
requests can be exploited to cause a BSS-based buffer overflow.
3) A signedness error within "xrealloc()" in rdesktop.c can be exploited
to cause a heap-based buffer overflow.
|
|
security update for rsync
Applied patches supplied by tron for:
- pkgsrc/net/rsync/Makefile
- pkgsrc/net/rsync/distfile
Head uses a different version that is not affected by the vulnerability
fixed here.
|
|
CHANGES FOR PKGSRC:
==================
Makefile:
+ Modify section that manually handles the ELF symlinks for samba
shared libraries -- add additional libraries that are built (addns,
smbsharemodes) and reorganize so we don't need two loops where one
will do.
+ Pass --with-included-popt to the configure script to force using
the popt distribution included with samba to avoid any library
mismatch errors between samba and any installed popt. This fixes
PR pkg/34444 by Jason Lingohr.
+ Don't build the smbmount programs on Linux -- they're deprecated in
favor of the mount.cifs programs.
+ Remove some pkgviews-related settings -- I'm not supporting pkgviews
installation of samba.
Makefile.patches:
+ Empty out PATCHFILES because we are updating to the latest release
of samba, which has all previous patches for security advisories
already rolled into the main sources.
Makefile.mirrors:
+ Update SAMBA_MIRRORS in Makefile.mirrors to the latest list of FTP
mirrors.
options.mk:
+ Only show the ``acl'' option on platforms that actually support
POSIX ACLs.
+ Add a new ``fam'' option to enable building the notify_fam VFS
module.
patch-ab, patch-ax:
+ Remove patch-ab and update patch-ax -- there's nothing for the
scripts to back up so we don't need to patch the install* scripts
to avoid this.
patch-ae, patch-ah:
+ Update patch-ae and remove patch-ah -- we should definitely check
that PAM_AUTHTOK_RECOVERY_ERR is defined before using its value to
define PAM_AUTHTOK_RECOVER_ERR.
patch-at, patch-au:
+ Fix patch-at and patch-au -- in configure.in, we need to "escape"
left and right brackets or else m4 will strip them away in the
resulting configure script. This should fix the detection of FreeBSD
and NetBSD systems capable of using nss_winbind noted in PR pkg/38076
by Ingo Meyer.
patch-ay:
+ Remove some unnecessary changes -- we can safely just do "mkdir" in
some places because we know the parent and any intermediate directories
exist.
patch-be:
+ Fix a bug in locating WINS_LIST -- nmbd/nmbd_winsserver.c was
referring to WINS_LIST under the state directory in one place and
under the lock directory in another; change all references to be
under the state directory.
patch-db:
+ Add patch to fix the build of samba on older BSDs. Patch supplied
in PR pkg/37487 by John Frear.
All remaining changes to patches/patch-* are simply to remove fuzz.
MAJOR CHANGES FROM VERSION 3.0.26a:
* Fix failure to join Windows 2008 domains.
* Fix Windows Vista (including SP1 RC) inter-op issues.
* Add a new ``administrative share'' service parameter for defining
hidden shares that cannot be managed from Windows.
* Fix for CVS-2007-6015 (already fixed in 3.0.26anb4 in pkgsrc).
* Fix for CVS-2007-5398 (already fixed in 3.0.26anb4 in pkgsrc).
* Fix for CVS-2007-4572 (already fixed in 3.0.26anb4 in pkgsrc). Also
subsequent fix for regression experienced by smbfs clients caused by
the fix for CVS-2007-4572, noted in PR pkg/38300 by Dave Barnes.
* Many other bugs fixed and memory leaks plugged.
|
|
- remove most of the debug junk
- fix a buffer overflow in the config parser
- replace stdio usage with a simple abstract IO framework. currently
without explicit buffering, but that might be added later
|
|
doesn't clash if something else happens to pull in that include
file - as now happens with XI.h file in inputproto-1.4.3.
Should fix PR 38227.
|
|
- security fixes for X.509sat, Roofnet, LDAP and SCCP dissectors
- several SNMP-related bugs have been fixed.
- several memory-related bugs have been fixed.
- Wireshark now supports custom columns.
- New Protocol Support:
IEEE 802.15.4, Infiniband, Parallel Redundancy Protocol,
RedBack Lawful Intercept, Xcsl
- Updated Protocol Support:
- AFS, ALCAP, ATM, BACapp, CIGI, DCC (renamed from DCCP), DCCP (renamed
from DCP), DCERPC SPOOLSS, DCERPC NT, DHCP, DirectPlay, EtherCAT, FIX,
GIOP, GTP, H.248, HTTP, ICMPv6, ICQ, IPv6, ISIS, JXTA, NCP, P_Mul, PCAP,
PKIX1Explicit, PTP, RADIUS, Roofnet, RTCP, RTMPT, RTP, RX, SABP,
SCSI OSD, sFlow, SMPP, SNMP, SSCOP, TAPA, TIPC, TPNCP, UNISTIM, X.25,
X.509sat, XML
- New and Updated Capture File Support:
Hilscher Analyzer
|
|
(CVE-2007-5623, ticket #16441)
Approved-by: gdt, joerg
|
|
check_http (CVE-2007-5198)
Approved-by: gdt
|
|
PR pkg/38268 from HAT.
And a little pkglint fixes.
Bump PKGREVISION.
|
|
Crafted CNAME entries can be used to DoS MaraDNS without this patch
See CVE-2008-0061 for more details
Approved-by: wiz
|
|
The former version (1.5) was quite old, so there are too many changes
to list here.
No pkgs in pkgsrc are formally using this pkg, but the "sonata" audio
player is able to fetch lyrics if this version is installed.
|
|
Take over maintainership as suggested by jlam
Approved-by: jlam
|
|
http://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk/plugins/check_pgsql.c
revision 1951
|
|
|
|
2.4 instead.
|
|
Changes since version 0.62:
===========================
*** 0.63, 8 Feb 2008
This version contains a Security Fix.
Feature NotifyHandler in Nameserver
The NotifyHandler is a new attribute to the nameserver used in the
same way as the ReplyHandler except that it is executed when the
opcode is NS_NOTIFY (RFC1996). It takes the same arguments as the
reply handler (i.e. $qname, $qclass, $qtype, $peerhost, and $query).
Corrections made in the documentation.
Fix rt.cpan.org #32937: 5.11 introduces new warning on uc(undef)
The patch supplied fixes for methods where undefined arguments were
likely. For methods where undefined arguments don't make the warning
will be printed.
Fix rt.cpan.org #32147: Default LocalAddr broken in Net::DNS::Nameserver 0.62
Listen on the default address if LocalAddr not defined.
Fix rt.cpan.org #30316 Security issue with Net::DNS Resolver.
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654 allows remote attackers
to cause a denial of service (program "croak") via a crafted DNS
response (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6341). Packet
parsing routines are now enclosed in eval blocks to trap exception
and avoid premature termination of user program.
Bug: mbox-dname and txt-dname were not allowed to be empty in the RP RR.
Fix by Peter Koch
|
|
|
|
|
|
clive is a cross-platform command line video extraction tool for
user-uploaded video hosts such as Youtube, Google Video, Dailymotion,
Guba, and Metacafe. It can be chained with 3rd party tools for
subsequent video re-encoding and playing.
|
|
Remove PostgreSQL 8.0 as choice.
|
|
e.g. match IRIX 5.x but not 6.x. Some of these may indeed apply to 6.x
too, but let's be conservative. PR pkg/38224.
|
|
+ Support user-destdir installation.
Bump the PKGREVISION to 1.
|
|
|
|
identified by Charles Zmudzinski in pr pkg/32275
- use EXPORT_SYMBOLS_LDFLAGS as suggested by salo@
- resolves pkg/32275
|
|
Suggested by Alan Barrett.
|
|
Changes: This release adds support for downloading high quality videos
using the -b or --best-quality command line option.
|
|
see <http://samba.rsync.org/> or ${WRKSRC}/CHANGES for more information.
While here:
- Build it with libtool.
- Include buildlink3.mk file for libiconv and change hacks.mk
to set USE_GNU_ICONV=yes instead of including libiconv's b3.mk.
- Added options.mk for inet6 and debug options.
- Added example configuration file (all entries commented out)
|
|
- add patch to src/gnug++/int.defs.h for Solaris compatibility
(by Ian Dickinson, iand@eng.pipex.net)
- move Errors manpage to a less general name (suggested by Ian Dickinson)
- add patch to src/RtConfig/f_cisco.cc by Hagen Boehm <hboehm@NIC.DTAG.DE>
(fixes up the string that gets output instead of a copy of said string)
- improve src/Makefile.in some more
|
|
|
|
(I have been using this for years.)
This is an RPC portmapper that prevents theft of NIS (YP), NFS,
and other sensitive information via the portmapper. As an option,
the program supports access control in the style of the TCP Wrappers
(log_tcp) package.
Daemons that offer RPC services tell the portmapper on what port
they listen. And clients asks the portmapper what port the daemon
is using. RPC network port numbers may change each time the system
is booted.
This is Wietse Venema's fourth replacement portmapper. It is
derived from source code in the RPCSRC 4.0 and the TIRPC source
distributions.
|
|
PKGREVISION++
|
|
|
|
|
|
from archivers/pax and net/tnftp, respectively. In the past, the
pkgtools version of these packages installed into ${PKG_TOOLS_BIN},
but this was changed in:
pkgtools/pax/Makefile:1.15
pkgtools/tnftp/Makefile:1.3
+ Get rid of archivers/pax/Makefile.common and net/tnftp/Makefile.common
by merging them into their respective Makefiles. The Makefile.common
files existed solely for inclusion by the pkgtools versions of these
packages, but with the removal of those packages, these files are
now unnecessary.
+ Add full DESTDIR support to archivers/pax and net/tnftp.
+ Modify the bootstrap to build archivers/pax and net/tnftp instead of
the pkgtools versions of these packages.
|
|
|
|
|
|
|
|
them at will.
|
|
|
|
Bump PKGREVISION
|
|
|