Age | Commit message (Collapse) | Author | Files | Lines |
|
samba: bug fix
Revisions pulled up:
- net/samba/Makefile 1.188
- net/samba/distinfo 1.66
- net/samba/patches/patch-at 1.11
- net/samba/patches/patch-au 1.10
---
Module Name: pkgsrc
Committed By: sborrill
Date: Tue Mar 3 17:50:49 UTC 2009
Modified Files:
pkgsrc/net/samba: Makefile distinfo
pkgsrc/net/samba/patches: patch-at patch-au
Log Message:
Rework detection of getifaddrs() code so that it precedes the AIX method as
AIX method was being chosen in preference (on NetBSD 5.0 at least). This
broke net and rpcclient, etc. as they failed to enumerate interfaces
correctly.
|
|
mldonkey: security update
mldonkey-gui: security update
Revisions pulled up:
- net/mldonkey/Makefile 1.46-1.48
- net/mldonkey/Makefile.common 1.34-1.36
- net/mldonkey/distinfo 1.46-1.48
- net/mldonkey-gui/Makefile 1.27
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat Jan 24 12:59:28 UTC 2009
Modified Files:
pkgsrc/net/mldonkey: Makefile.common distinfo
Log Message:
Update to 2.9.7:
2009/01/20: version 2.9.7 = tag release-2-9-7
6727: Web_infos: Replace old GeoIP URL with new one
- old code added the new URL, even if GeoIP was not present in web_infos
2009/01/04
6714: BT: Fix bug when computing limits for max_bt_uploaders
6713: GeoIP: New web_infos URL for country list (thx to Choby)
- old URLs are updated to:
http://www.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
2008/12/13
6689: Allow compilation with Ocaml 3.11.0
2008/09/01
6629: Mail: Move hostname from subject to body (eydaimon)
Updated Mozilla protocol handler to version 2.5
- original source from http://www.informatik.uni-oldenburg.de/~dyna/mldonkey
6628: IP discover: Use http://whatismyip.org, old URL is not working anymore
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon Feb 16 13:11:41 UTC 2009
Modified Files:
pkgsrc/net/mldonkey: Makefile Makefile.common
pkgsrc/net/mldonkey-gui: Makefile
Log Message:
Convert to user-destdir.
---
Module Name: pkgsrc
Committed By: wiz
Date: Tue Feb 24 22:50:45 UTC 2009
Modified Files:
pkgsrc/net/mldonkey: Makefile distinfo
Added Files:
pkgsrc/net/mldonkey/patches: patch-aa
Log Message:
Add patch fixing security problem from upstream.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Feb 25 23:39:37 UTC 2009
Modified Files:
pkgsrc/net/mldonkey: Makefile Makefile.common distinfo
Removed Files:
pkgsrc/net/mldonkey/patches: patch-aa
Log Message:
Update to 3.0.0:
2009/02/24: version 3.0.0 = tag release-3-0-0
6754: Fix local file access bug in internal http server
- this is an urgent security related bug-fix and effects
all MLDonkey versions >= 2.8.4
6752: Optimized implementation of the ip_set module (cbah)
6736: Add/fix some copyright texts
|
|
net-snmp: security fix
revisions pulled up:
pkgsrc/net/net-snmp/Makefile 1.76
pkgsrc/net/net-snmp/distinfo 1.52
pkgsrc/net/net-snmp/patches/patch-ad 1.7
Module Name: pkgsrc
Committed By: tron
Date: Sun Feb 15 11:31:51 UTC 2009
Modified Files:
pkgsrc/net/net-snmp: Makefile distinfo
Added Files:
pkgsrc/net/net-snmp/patches: patch-ad
Log Message:
Add a patch from the "net-snmp" repository to close the vulnerability
reported in SA33884/CVE-2008-6123.
|
|
wireshark: update package for security fix
revisions pulled up:
pkgsrc/net/wireshark/Makefile 1.29
pkgsrc/net/wireshark/PLIST 1.12
pkgsrc/net/wireshark/distinfo 1.19
pkgsrc/net/wireshark/patches/patch-ad r0
Module Name: pkgsrc
Committed By: tron
Date: Fri Feb 13 09:41:11 UTC 2009
Modified Files:
pkgsrc/net/wireshark: Makefile PLIST distinfo
Removed Files:
pkgsrc/net/wireshark/patches: patch-ad
Log Message:
Update "wireshark" package to version 1.0.6.
Changes between 1.0.5 and 1.0.6.:
- The following vulnerabilities have been fixed:
* On non-Windows systems, Wireshark could crash if the HOME environment
variable contained sprintf-style string formatting characters.
* Wireshark could crash while reading a malformed NetScreen snoop file.
* Wireshark could crash while reading a Tektronix K12 text capture file.
- The following bugs have been fixed:
* Crash when loading capture file and Preferences: NO Info column
* Some Lua scripts may lead to corruption via out of bounds stack
* Build with GLib 1.2 fails with error: 'G_MININT32' undeclared
* Wrong decoding IMSI with GSM MAP protocol
* Segmentation fault for "Follow TCP stream" (Bug 3119)
* SMPP optional parameter 'network_error_code' incorrectly decoded
* DHCPv6 dissector doesn't handle malformed FQDN
* WCCP overrides CFLOW as decoded protocol (Bug 3175)
* Improper decoding of MPLS echo reply IPv4 Interface and Label Stack Object
* ANSI MAP fix for TRN digits/SMS and OTA subdissection (Bug 3214)
- Updated Protocol Support
* AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS
- New and Updated Capture File Support
* NetScreen snoop
Changes between version 1.0.4 and 1.0.5:
- The following vulnerabilities have been fixed. See the security advisory
for details and a workaround.
* The SMTP dissector could consume excessive amounts of CPU and memory.
* The WLCCP dissector could go into an infinte loop.
- The following bugs have been fixed:
* Missing CRLF during HTTP POST in the "packet details" window
* Memory assertion in time_secs_to_str_buf() when compiled with GCC 4.2.3
* Diameter dissector fails RFC 4005 compliance
* LDP vendor private TLV type is not correctly shown
* Wireshark on MacOS does not run when there are spaces in its path
* Compilation broke when compiling without zlib
* Memory leak: saved_repoid
* Memory leak: follow_info
* Memory leak: follow_info
* Memory leak: tacplus_data
* Memory leak: col_arrows
* Memory leak: col_arrows
* Incorrect address structure assigned for find_conversation() in WSP
* Memory leak with unistim in voip_calls
* Error parsing the BSSGP protocol
* Assertion thrown in fvalue_get_uinteger when decoding TIPC
* LUA script : Wireshark crashes after closing and opening again a window
used by a listener.draw() function.
- Updated Protocol Support
* ANSI MAP, BSSGP, CIP, Diameter, ENIP, GIOP, H.263, H.264, HTTP, MPEG PES
* PostgreSQL, PPI, PTP, Rsync, RTP, SMTP, SNMP, STANAG 5066, TACACS, TIPC
* WLCCP, WSP
The package update was provided by Matthias Drochner in private e-mail.
|
|
tor: security update
Revisions pulled up:
- net/tor/Makefile 1.62
- net/tor/distinfo 1.34
- net/tor/patches/patch-ac delete
---
Module Name: pkgsrc
Committed By: obache
Date: Sun Feb 15 07:59:02 UTC 2009
Modified Files:
pkgsrc/net/tor: Makefile distinfo
Removed Files:
pkgsrc/net/tor/patches: patch-ac
Log Message:
Update tor to 0.2.0.34.
Patch provided by Christian Sturm and back to maintainer.
Changes in version 0.2.0.34 - 2009-02-08
o Security fixes:
- Fix an infinite-loop bug on handling corrupt votes under certain
circumstances. Bugfix on 0.2.0.8-alpha.
- Fix a temporary DoS vulnerability that could be performed by
a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.
- Avoid a potential crash on exit nodes when processing malformed
input. Remote DoS opportunity. Bugfix on 0.2.0.33.
- Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
Spec conformance issue. Bugfix on Tor 0.0.2pre27.
o Minor bugfixes:
- Fix compilation on systems where time_t is a 64-bit integer.
Patch from Matthias Drochner.
- Don't consider expiring already-closed client connections. Fixes
bug 893. Bugfix on 0.0.2pre20.
|
|
proftpd: security update
Revisions pulled up:
- net/proftpd/Makefile 1.53-1.54
- net/proftpd/PLIST 1.15-1.16
- net/proftpd/distinfo 1.30
- net/proftpd/files/proftpd.sh 1.3
---
Module Name: pkgsrc
Committed By: shattered
Date: Sun Jan 11 22:47:54 UTC 2009
Modified Files:
pkgsrc/net/proftpd: Makefile PLIST
pkgsrc/net/proftpd/files: proftpd.sh
Log Message:
- rc.d script: replace interpreter, add 'reload' command
- install 'ftpasswd' script from contrib
OK by kim@.
---
Module Name: pkgsrc
Committed By: kim
Date: Sun Feb 8 07:28:44 UTC 2009
Modified Files:
pkgsrc/net/proftpd: Makefile PLIST distinfo
Log Message:
Upgrade proftpd to 1.3.2
|
|
xorp: build fixe
Revisions pulled up:
- net/xorp/distinfo 1.15
- net/xorp/patches/patch-ab 1.8
---
Module Name: pkgsrc
Committed By: joerg
Date: Sat Feb 7 18:39:20 UTC 2009
Modified Files:
pkgsrc/net/xorp: distinfo
pkgsrc/net/xorp/patches: patch-ab
Log Message:
Fix patch to actually work by using the right name of the version macro.
Fixes build on NetBSD 4.99.24+.
|
|
ns: build fix
Revisions pulled up:
- net/ns/Makefile 1.32
---
Module Name: pkgsrc
Committed By: minskim
Date: Tue Jan 6 04:43:23 UTC 2009
Modified Files:
pkgsrc/net/ns: Makefile
Log Message:
ns uses C99 features.
|
|
ntp4: security update
Revisions pulled up:
- net/ntp4/Makefile 1.59
- net/ntp4/distinfo 1.12
---
Module Name: pkgsrc
Committed By: kefren
Date: Mon Jan 26 20:06:15 UTC 2009
Modified Files:
pkgsrc/net/ntp4: Makefile distinfo
Log Message:
Update to 4.2.4p6. Highlights from 4.2.4p4:
* fix CVE-2009-0021
* fix build against latest OpenSSL versions
* obsolete "dynamic" keyword
* fix memory leak when fetching system messages
* several fixes in ntpdate
|
|
tor: security update
Revisions pulled up:
- net/tor/Makefile 1.61
- net/tor/distinfo 1.32-1.33
- net/tor/patches/patch-ac 1.6
---
Module Name: pkgsrc
Committed By: drochner
Date: Thu Jan 22 12:46:51 UTC 2009
Modified Files:
pkgsrc/net/tor: distinfo
Added Files:
pkgsrc/net/tor/patches: patch-ac
Log Message:
make this build with 64-bit time_t
(There are some unclean typecasts in the code, but the cases I've
seen are harmless -- as long as poll intervals, cert lifetimes etc
don't reach into y2037 which would be problematic in any case.)
---
Module Name: pkgsrc
Committed By: drochner
Date: Thu Jan 22 12:50:57 UTC 2009
Modified Files:
pkgsrc/net/tor: Makefile distinfo
Log Message:
update to 0.2.0.33
changes:
-Security fix:
Fix a heap-corruption bug that may be remotely triggerable on
some platforms.
-many bugfixes
|
|
fixes dnssec resolver checks
Revisions pulled up:
- pkgsrc/net/bind95/Makefile 1.6
- pkgsrc/net/bind95/distinfo 1.5
- pkgsrc/net/bind95/PLIST by patch
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Jan 8 09:02:50 UTC 2009
Modified Files:
pkgsrc/net/bind95: Makefile distinfo
Log Message:
Changes since 9.5.1:
2522. [security] Handle -1 from DSA_do_verify().
To generate a diff of this commit:
cvs rdiff -r1.5 -r1.6 pkgsrc/net/bind95/Makefile
cvs rdiff -r1.4 -r1.5 pkgsrc/net/bind95/distinfo
|
|
bind9: security update
Revisions pulled up:
- net/bind9/Makefile 1.103-1.104
- net/bind9/PLIST 1.23
- net/bind9/distinfo 1.39-1.40
- net/bind9/patches/patch-ai 1.10
- net/bind9/patches/patch-ap delete
---
Module Name: pkgsrc
Committed By: adrianp
Date: Sun Jan 4 00:16:03 UTC 2009
Modified Files:
pkgsrc/net/bind9: Makefile PLIST distinfo
pkgsrc/net/bind9/patches: patch-ai
Removed Files:
pkgsrc/net/bind9/patches: patch-ap
Log Message:
Update to 9.4.3
Resolver could try unreachable servers multiple times.
Adb's handling of lame addresses was different for IPv4 and IPv6.
Remove NULL pointer dereference in dns_journal_print().
libbind: Out of bounds reference in dns_ho.c:addrsort.
Set initial timeout to 800ms.
TSIG context leak
For all the details see:
http://oldwww.isc.org/sw/bind/view/?release=9.4.3#RELEASE
---
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Jan 8 09:02:19 UTC 2009
Modified Files:
pkgsrc/net/bind9: Makefile distinfo
Log Message:
Changes since 9.4.3:
2522. [security] Handle -1 from DSA_do_verify().
2498. [bug] Removed a bogus function argument used with
ISC_SOCKET_USE_POLLWATCH: it could cause compiler
warning or crash named with the debug 1 level
of logging. [RT #18917]
To generate a diff of this commit:
cvs rdiff -r1.103 -r1.104 pkgsrc/net/bind9/Makefile
cvs rdiff -r1.39 -r1.40 pkgsrc/net/bind9/distinfo
|
|
aria2: build fix
Revisions pulled up:
- net/aria2/Makefile 1.17
- net/aria2/distinfo 1.15
- net/aria2/patches/patch-aa 1.6
---
Module Name: pkgsrc
Committed By: dholland
Date: Sat Jan 3 23:11:47 UTC 2009
Modified Files:
pkgsrc/net/aria2: Makefile distinfo
Added Files:
pkgsrc/net/aria2/patches: patch-aa
Log Message:
Work around API bug in pre-christos-time_t NetBSD, where struct
timeval's seconds are "long" rather than "time_t". Passing these
seconds to localtime_r() breaks on 64-bit platforms where those types
aren't the same. Fixes PR 40323 from Andreas Burghardt.
PKGREVISION++ as a precaution, since I patched the source.
|
|
|
|
|
|
(http://secunia.com/advisories/33227/)
patch from 2.0.4beta2. Bump PKGREVISION.
|
|
|
|
* Change to use BUILD_DIRS instead of custom do-build target.
|
|
|
|
Add an "inet6" option for enabling IPv6 support.
Add a "ban" option for enabling mod_ban.
Make the "wrap" option compile all binaries successfully.
Fix generating language catalog with older versions of msgfmt.
|
|
|
|
|
|
|
|
|
|
|
|
* Ensure to use BSD_MAKEFILE and pass appropriate CFLAGS.
Fixes PR 40171.
|
|
|
|
configuration files and binaries in a number of cases. This should hopefully
fix them all. Without this patch they look in /etc only and fail to start
if the file is not present.
|
|
Based on PR 40241 by Taylor R Campbell.
While here, add DESTDIR support.
Changes in version 0.2.0.32 - 2008-11-20
o Security fixes:
- The "User" and "Group" config options did not clear the
supplementary group entries for the Tor process. The "User" option
is now more robust, and we now set the groups to the specified
user's primary group. The "Group" option is now ignored. For more
detailed logging on credential switching, set CREDENTIAL_LOG_LEVEL
in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum
and Steven Murdoch. Bugfix on 0.0.2pre14. Fixes bug 848 and 857.
- The "ClientDNSRejectInternalAddresses" config option wasn't being
consistently obeyed: if an exit relay refuses a stream because its
exit policy doesn't allow it, we would remember what IP address
the relay said the destination address resolves to, even if it's
an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.
o Major bugfixes:
- Fix a DOS opportunity during the voting signature collection process
at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.
o Major bugfixes (hidden services):
- When fetching v0 and v2 rendezvous service descriptors in parallel,
we were failing the whole hidden service request when the v0
descriptor fetch fails, even if the v2 fetch is still pending and
might succeed. Similarly, if the last v2 fetch fails, we were
failing the whole hidden service request even if a v0 fetch is
still pending. Fixes bug 814. Bugfix on 0.2.0.10-alpha.
- When extending a circuit to a hidden service directory to upload a
rendezvous descriptor using a BEGIN_DIR cell, almost 1/6 of all
requests failed, because the router descriptor has not been
downloaded yet. In these cases, do not attempt to upload the
rendezvous descriptor, but wait until the router descriptor is
downloaded and retry. Likewise, do not attempt to fetch a rendezvous
descriptor from a hidden service directory for which the router
descriptor has not yet been downloaded. Fixes bug 767. Bugfix
on 0.2.0.10-alpha.
o Minor bugfixes:
- Fix several infrequent memory leaks spotted by Coverity.
- When testing for libevent functions, set the LDFLAGS variable
correctly. Found by Riastradh.
- Avoid a bug where the FastFirstHopPK 0 option would keep Tor from
bootstrapping with tunneled directory connections. Bugfix on
0.1.2.5-alpha. Fixes bug 797. Found by Erwin Lam.
- When asked to connect to A.B.exit:80, if we don't know the IP for A
and we know that server B rejects most-but-not all connections to
port 80, we would previously reject the connection. Now, we assume
the user knows what they were asking for. Fixes bug 752. Bugfix
on 0.0.9rc5. Diagnosed by BarkerJr.
- If we overrun our per-second write limits a little, count this as
having used up our write allocation for the second, and choke
outgoing directory writes. Previously, we had only counted this when
we had met our limits precisely. Fixes bug 824. Patch from by rovv.
Bugfix on 0.2.0.x (??).
- Remove the old v2 directory authority 'lefkada' from the default
list. It has been gone for many months.
- Stop doing unaligned memory access that generated bus errors on
sparc64. Bugfix on 0.2.0.10-alpha. Fixes bug 862.
- Make USR2 log-level switch take effect immediately. Bugfix on
0.1.2.8-beta.
o Minor bugfixes (controller):
- Make DNS resolved events into "CLOSED", not "FAILED". Bugfix on
0.1.2.5-alpha. Fix by Robert Hogan. Resolves bug 807.
|
|
No need to remove superfluous directory now.
|
|
Bump PKGREVISION.
|
|
It was removed as part of fix PR 37195,
but re-added when merged new version from pkgsrc-wip.
|
|
|
|
Pkgsrc updates:
o Actually, there were a lot of missing dependencies on other
perl modules in this package. Add them.
|
|
|
|
GNOME VFS provides an abstraction layer of the file system; applications
use this layer to access many different protocols and simulate that they
are part of the local file system.
This package provides the dns-sd module for GNOME VFS, which allows it to
discover sftp, webdav, and ftp services advertised with multicast DNS.
|
|
|
|
|
|
|
|
then majorly reworked by myself. You can blame us both now ;)
Avahi is an Implementation the DNS Service Discovery and Multicast DNS
specifications for Zeroconf Computing. It uses D-BUS for communication
between user applications and a system daemon. The daemon is used to
coordinate application efforts in caching replies, necessary to minimize
the traffic imposed on networks.
|
|
This should fix PR#39952
MAKE_JOBS_SAFE=no
05 December 2008 - Version 2.1.3 has been released.
The focus of this release is stability.
Feature Improvements
* Allow running with user=radiusd and binding to secure sockets.
* Start sending Status-Server "are you alive" messages earlier, which helps with proxying multiple realms to a home server.
* Removed thread pool code from rlm_perl. It's not necessary.
* Added example Perl configuration to raddb/modules/perl
* Force OpenSSL to support certificates with SHA256. This seems to be necessary for WiMAX certs.
Bug Fixes
* Fix Debian patch to allow it to build.
* Fix potential NULL dereference in debugging mode on certain platforms for TTLS and PEAP inner tunnels.
* Fix uninitialized memory in handling of vendor definitions
* Fix parsing of quoted (but non-string) attributes in the users< file.
* Initialize unknown NAS IP to 255.255.255.255, rather than 0.0.0.0
* use SUN_LEN in control socket, to avoid truncation on some platforms.
* Correct internal handling of debug condition to prevent it from being over-written.
* Check return code of regcomp in unlang, so that invalid regular expressions are caught rather than mishandled.
* Make rlm_sql use <ltdl.h>. Addresses bug #610.
* Document list "type = status" better. Closes bug #580.
* Set "default days" for certificates, because OpenSSL won't do it. This closes bug #615.
* Reference correct list in example raddb/modules/ldap. Closes #596.
* Increase default schema size for Acct-Session-Id to 64. Closes #540.
* Fix use of temporary files in dialup-admin. Closes #605 and addresses CVE-2008-4474.
* Addressed a number of minor issues found by Coverity.
* Added DHCP option 150 to the dictionary. Closes #618.
04 December 2008 - Version 2.1.2 has been released.
Due to packaging issues, 2.1.2 has been pulled from the net.
|
|
|
|
Noteable changes include:
NetBSD-5 support
Optional DBus and IPv6 support
ISC leasefile support removed
Support DHCP clients in multiple DNS domains
Re-read /etc/resolv.conf when an "interface up" event occurs
|
|
Pkgsrc changes:
o Add dependency on perl>=5.10 or p5-version.
When pulled up to pkgsrc-2008Q3 this should fix PR#39773.
|
|
|
|
|
|
|
|
- improve chroot handling
- even stricter validation
- support for blocking DNS rebinding attacks
- DLV support
- bugfixes
The package now uses the normal net/ldns package instead of the local
copy.
|
|
Sync with ldns-1.4.0 release.
Add DESTDIR support.
|
|
- better TCP fallback, improved TSIG support
- namespace cleanup
- bugfixes
Require the new version and switch to normal runtime dependencies as it
is normally linked dynamically.
|