Age | Commit message (Collapse) | Author | Files | Lines |
|
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile by patch
- net/wireshark/distinfo by patch
-------------------------------------------------------------------
Update "wireshark" package to version 1.8.10. Changes since 1.8.9:
- Bug Fixes
The following vulnerabilities have been fixed.
o wnpa-sec-2013-55
The NBAP dissector could crash. Discovered by Laurent Butti.
(Bug 9005)
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9.
o wnpa-sec-2013-56
The ASSA R3 dissector could go into an infinite loop.
Discovered by Ben Schmidt. (Bug 9020 )
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9.
o wnpa-sec-2013-57
The RTPS dissector could overflow a buffer. Discovered by Ben
Schmidt. (Bug 9019 )
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9.
o wnpa-sec-2013-58
The MQ dissector could crash. (Bug 9079 )
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9.
o wnpa-sec-2013-59
The LDAP dissector could crash.
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9.
o wnpa-sec-2013-60
The Netmon file parser could crash. Discovered by G. Geshev.
(Bug 8742 )
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9.
- The following bugs have been fixed:
o Lua ByteArray:append() causes wireshark crash. (Bug 4461)
o Lua script can not get "data-text-lines" protocol data. (Bug
5200)
o PER normally small non-negative whole number decoding is wrong
when >= 64. (Bug 8841)
o Incorrect parsing of IPFIX *IpTotalLength elements. (Bug 8918)
o IO graph/advanced, max/min/summ error on frames with multiple
Diameter messages. (Bug 8980)
o Wireshark fails to decode single-line, multiple Contact: URIs
in SIP responses. (Bug 9031)
o Dissector for EtherCAT: ADS highlighting in the Packet Bytes
Pane is incorrect. (Bug 9036)
o 802.11 HT Extended Capabilities B10 decode incorrect. (Bug
9038)
o Weird malformed HTTP error. (Bug 9101)
- Updated Protocol Support
ASSA R3, EtherCAT AMS, GTPv2, HTTP, IEEE 802.11, IPFIX, LDAP, MQ,
NBAP, NCP SSS, RTPS, SIP,
|
|
net/filezilla: security update
Revisions pulled up:
- net/filezilla/Makefile 1.44-1.45
- net/filezilla/PLIST 1.10
- net/filezilla/distinfo 1.17-1.18
- net/filezilla/patches/patch-CVE-2013-4206 1.1
- net/filezilla/patches/patch-CVE-2013-4208 1.1
- net/filezilla/patches/patch-CVE-2013-4852-1 deleted
- net/filezilla/patches/patch-CVE-2013-4852-2 deleted
- net/filezilla/patches/patch-CVE-2013-4852-3 deleted
- net/filezilla/patches/patch-aa deleted
---
Module Name: pkgsrc
Committed By: drochner
Date: Tue Aug 6 12:55:10 UTC 2013
Modified Files:
pkgsrc/net/filezilla: Makefile distinfo
Added Files:
pkgsrc/net/filezilla/patches: patch-CVE-2013-4852-1
patch-CVE-2013-4852-2 patch-CVE-2013-4852-3
Log Message:
apply patches from pkgsrc/security/putty to fix embedded sftp client
bump PKGREV
---
Module Name: pkgsrc
Committed By: drochner
Date: Wed Aug 7 16:48:49 UTC 2013
Modified Files:
pkgsrc/net/filezilla: Makefile PLIST distinfo
Added Files:
pkgsrc/net/filezilla/patches: patch-CVE-2013-4206
patch-CVE-2013-4208 Removed Files:
pkgsrc/net/filezilla/patches: patch-CVE-2013-4852-1
patch-CVE-2013-4852-2 patch-CVE-2013-4852-3 patch-aa
Log Message:
update to 3.7.2
This is a major update, many fixes and improvements.
Main reason for the update was to sync the embedded sftp client
with putty after fixes for vulnerabilities.
|
|
net/chrony: security update
Revisions pulled up:
- net/chrony/Makefile 1.29
- net/chrony/PLIST 1.5
- net/chrony/distinfo 1.8
- net/chrony/files/chronyd.sh 1.5
- net/chrony/patches/patch-aa 1.5
- net/chrony/patches/patch-ab 1.5
- net/chrony/patches/patch-ac 1.5
- net/chrony/patches/patch-ad 1.4
- net/chrony/patches/patch-ae 1.5
- net/chrony/patches/patch-af 1.4
- net/chrony/patches/patch-ag 1.4
---
Module Name: pkgsrc
Committed By: hannken
Date: Fri Aug 16 08:30:20 UTC 2013
Modified Files:
pkgsrc/net/chrony: Makefile PLIST distinfo
pkgsrc/net/chrony/files: chronyd.sh
pkgsrc/net/chrony/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
patch-af
Added Files:
pkgsrc/net/chrony/patches: patch-ag
Log Message:
Update chrony to version 1.29. For a full list of changes
since 1.24 see file NEWS in the distfile.
Security fixes since 1.24:
* Fix crash when processing crafted commands (CVE-2012-4502)
(possible with IP addresses allowed by cmdallow and localhost)
* Don't send uninitialized data in SUBNETS_ACCESSED and CLIENT_ACCESSES
replies (CVE-2012-4503) (not used by chronyc)
Reviewed by: Joerg Sonnenberger <joerg%netbsd.org@localhost>
|
|
net/samba35: security update
Revisions pulled up:
- net/samba35/Makefile 1.31
- net/samba35/distinfo 1.16
- net/samba35/patches/patch-af 1.6
- net/samba35/patches/patch-ah 1.3
- net/samba35/patches/patch-ap 1.2
- net/samba35/patches/patch-aq 1.4
- net/samba35/patches/patch-av 1.3
- net/samba35/patches/patch-aw 1.2
- net/samba35/patches/patch-ba 1.2
- net/samba35/patches/patch-bb 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Aug 12 02:47:32 UTC 2013
Modified Files:
pkgsrc/net/samba35: Makefile distinfo
pkgsrc/net/samba35/patches: patch-af patch-ah patch-ap patch-aq
patch-av patch-aw patch-ba patch-bb
Log Message:
Update samba35 to 3.5.22, security release.
==============================
Release Notes for Samba 3.5.22
August 05, 2013
==============================
This is a security release in order to address
CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause
server to loop with DOS).
o CVE-2013-4124:
All current released versions of Samba are vulnerable to a denial of
service on an authenticated or guest connection. A malformed packet
can cause the smbd server to loop the CPU performing memory
allocations and preventing any further service.
A connection to a file share, or a local account is needed to exploit
this problem, either authenticated or unauthenticated if guest
connections are allowed.
This flaw is not exploitable beyond causing the code to loop
allocating memory, which may cause the machine to exceed memory
limits.
Changes since 3.5.21:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
reading can cause server to loop with DOS.
|
|
net/samba: security update
Revisions pulled up:
- net/samba/Makefile 1.235,1.237
- net/samba/Makefile.mirrors 1.10
- net/samba/PLIST 1.54
- net/samba/distinfo 1.91-1.92
- net/samba/patches/patch-ac 1.15
- net/samba/patches/patch-ad 1.19
- net/samba/patches/patch-ae 1.11
- net/samba/patches/patch-af 1.12
- net/samba/patches/patch-ah 1.7
- net/samba/patches/patch-ai 1.7
- net/samba/patches/patch-aj 1.7
- net/samba/patches/patch-ak 1.6
- net/samba/patches/patch-an 1.4
- net/samba/patches/patch-ao 1.4
- net/samba/patches/patch-aq 1.4
- net/samba/patches/patch-as 1.4
- net/samba/patches/patch-av 1.5
- net/samba/patches/patch-aw 1.4
- net/samba/patches/patch-ba 1.11
- net/samba/patches/patch-bb 1.5
- net/samba/patches/patch-bf 1.6
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Jul 3 20:00:48 UTC 2013
Modified Files:
pkgsrc/net/samba: Makefile PLIST distinfo
pkgsrc/net/samba/patches: patch-bf
Log Message:
Changes 3.6.16:
* BUG 9881: Link dbwrap_tool and dbwrap_torture against libtevent.
* BUG 9722: Properly handle Oplock breaks in compound requests.
* BUG 9822: Fix crash bug during Win8 sync.
* BUG 9927: errno gets overwritten in call to check_parent_exists().
* BUG 8997: Change libreplace GPL source to LGPL.
* BUG 9900: is_printer_published GUID retrieval.
* BUG 9941: Fix a bug of drvupgrade of smbcontrol.
* BUG 9868: Don't know how to make LIBNDR_PREG_OBJ.
* BUG 9688: Remove "experimental" label on "max protocol=SMB2" parameter.
* BUG 9881: Check for system libtevent.
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jul 4 19:31:10 UTC 2013
Modified Files:
pkgsrc/net/samba: Makefile.mirrors
Log Message:
Fix URL.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Aug 12 02:45:55 UTC 2013
Modified Files:
pkgsrc/net/samba: Makefile distinfo
pkgsrc/net/samba/patches: patch-ac patch-ad patch-ae patch-af patch-ah
patch-ai patch-aj patch-ak patch-an patch-ao patch-aq patch-as
patch-av patch-aw patch-ba patch-bb
Log Message:
Update samba to 3.6.17, security release.
==============================
Release Notes for Samba 3.6.17
August 05, 2013
==============================
This is a security release in order to address
CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause
server to loop with DOS).
o CVE-2013-4124:
All current released versions of Samba are vulnerable to a denial of
service on an authenticated or guest connection. A malformed packet
can cause the smbd server to loop the CPU performing memory
allocations and preventing any further service.
A connection to a file share, or a local account is needed to exploit
this problem, either authenticated or unauthenticated if guest
connections are allowed.
This flaw is not exploitable beyond causing the code to loop
allocating memory, which may cause the machine to exceed memory
limits.
Changes since 3.6.16:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
reading can cause server to loop with DOS.
|
|
net/nagios-base: security update
Revisions pulled up:
- net/nagios-base/Makefile 1.47
- net/nagios-base/distinfo 1.17
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Aug 5 10:43:55 UTC 2013
Modified Files:
pkgsrc/net/nagios-base: Makefile distinfo
Log Message:
Update nagios-base to 3.4.4.
3.4.4 - 01/12/2013
------------------
* Reenabled check for newer versions of Nagios Core (Mike Guthrie)
* Fixed bug #408: service checks get duplicated on reload (Eric Stanley)
* Fixed bug #401: segmentation fault on Solaris when parsing unknown timeperiod
directives. (Eric Stanley)
* Added NULL pointer checks to CGI code. (Eric Stanley)
* Fixed buffer overflow vulnerability in CGI code. Thanks to Neohapsis
(http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html)
for finding this. (Eric Stanley)
|
|
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile patch
- net/wireshark/distinfo patch
-------------------------------------------------------------------
Update "wireshark" package to version 1.8.9. Changes since 1.8.8:
- The following vulnerabilities have been fixed:
o wnpa-sec-2013-45
The Bluetooth SDP dissector could go into a large loop.
Discovered by Laurent Butti. (Bug 8831)
Versions affected: 1.10.0, 1.8.0 to 1.8.8.
CVE-2013-4927
o wnpa-sec-2013-47
The DIS dissector could go into a large loop. (Bug 8911)
Versions affected: 1.10.0, 1.8.0 to 1.8.8.
CVE-2013-4929
o wnpa-sec-2013-48
The DVB-CI dissector could crash. Discovered by Laurent Butti.
(Bug 8916)
Versions affected: 1.10.0, 1.8.0 to 1.8.8.
CVE-2013-4930
o wnpa-sec-2013-49
The GSM RR dissector (and possibly others) could go into a
large loop. (Bug 8923)
Versions affected: 1.10.0, 1.8.0 to 1.8.8.
CVE-2013-4931
o wnpa-sec-2013-50
The GSM A Common dissector could crash. (Bug 8940)
Versions affected: 1.10.0, 1.8.0 to 1.8.8.
CVE-2013-4932
o wnpa-sec-2013-51
The Netmon file parser could crash. Discovered by G. Geshev.
(Bug 8742)
Versions affected: 1.10.0, 1.8.0 to 1.8.8.
CVE-2013-4933
CVE-2013-4934
o wnpa-sec-2013-52
The ASN.1 PER dissector could crash. Discovered by
Oliver-Tobias Ripka. (Bug 8722)
Versions affected: 1.10.0, 1.8.0 to 1.8.8.
CVE-2013-4935
- The following bugs have been fixed:
o Wireshark hides under Taskbar. (Bug 3034)
o Wireshark doesn't translate IEEE802a OUI. (Bug 3123)
o IEEE 802.15.4 frame check sequence in "Chipcon mode" not
displayed correctly. (Bug 4507)
o Mask in Lua ProtoField.uint32() does not work as expected.
(Bug 5734)
o Lines of text are truncated if they are either longer than the
paper width or past the paper height. (Bug 7543)
o [PATCH] Add MAC-DATA support to TETRA dissector and other
minor improvements. (Bug 8708)
o Wireshark writes empty NRB FQDN which makes trace unloadable.
(Bug 8763)
o Wrong encoding for 2 pod files, UTF-8 characters in another.
(Bug 8774)
o SCSI (SPC) sense key specific information field must not
include SKSV. (Bug 8782)
o Wireshark crashes when closing Flow Graph with Graph Analysis
opened. (Bug 8793)
o Detection of IPv6 works only on Solaris 8. (Bug 8813)
o ansi_637_tele dissector displays MSB as MBS for Call-Back
Number. (Bug 8851)
o Dropped bytes in IMAP dissector. (Bug 8857)
o Kismet drone/server dissector improvements. (Bug 8864)
o iostat_draw sizeof mismatch. (Bug 8888)
o SIP stats shows incorrect values for Max/Ave setup times. (Bug
8897)
o Graph Filter field limited to 256 characters. (Bug 8909)
o All mongodb query show as [Malformed Packet: MONGO]. (Bug
8960)
- Updated Protocol Support
ANSI IS-637-A, ASN.1 PER, ASN.1, DCERPC NDR, Ethernet, H.235, IEEE
802.15.4, IEEE 802a, IMAP, KDSP, MAC-LTE, MONGO, PDCP-LTE, RLC,
RLC-LTE, SCSI, SoulSeek, TETRA
- New and Updated Capture File Support
Microsoft Network Monitor, pcap-ng.
|
|
net/bind98: security update
Revisions pulled up:
- net/bind98/Makefile 1.31-1.32
- net/bind98/distinfo 1.23
---
Module Name: pkgsrc
Committed By: jperkin
Date: Fri Jul 12 10:45:05 UTC 2013
Modified Files:
pkgsrc/audio/icecast: Makefile
pkgsrc/audio/mt-daapd: Makefile
pkgsrc/audio/pulseaudio: Makefile
pkgsrc/audio/ubs: Makefile
pkgsrc/chat/anope: Makefile
pkgsrc/chat/atheme: Makefile
pkgsrc/chat/bitlbee: Makefile
pkgsrc/chat/gale: Makefile
pkgsrc/chat/inspircd: Makefile
pkgsrc/chat/inspircd12: Makefile
pkgsrc/chat/ircd-hybrid: Makefile
pkgsrc/chat/ircu: Makefile
pkgsrc/chat/jabberd: Makefile
pkgsrc/chat/jabberd2: Makefile
pkgsrc/chat/silc-server: Makefile
pkgsrc/chat/unrealircd: Makefile
pkgsrc/comms/asterisk: Makefile
pkgsrc/comms/asterisk10: Makefile
pkgsrc/comms/asterisk18: Makefile
pkgsrc/comms/fidogate: Makefile
pkgsrc/comms/mgetty+sendfax: Makefile
pkgsrc/comms/minicom: Makefile
pkgsrc/comms/snooper: Makefile
pkgsrc/databases/apache-cassandra: Makefile
pkgsrc/databases/gnats: Makefile
pkgsrc/databases/mysql5-server: Makefile
pkgsrc/databases/mysql51-server: Makefile
pkgsrc/databases/mysql55-server: Makefile
pkgsrc/databases/mysql56-server: Makefile
pkgsrc/databases/openldap-server: Makefile
pkgsrc/databases/pgbouncer: Makefile
pkgsrc/databases/phpmyadmin: Makefile
pkgsrc/databases/postgresql84-server: Makefile
pkgsrc/databases/postgresql90-server: Makefile
pkgsrc/databases/postgresql91-server: Makefile
pkgsrc/databases/postgresql92-server: Makefile
pkgsrc/databases/virtuoso: Makefile
pkgsrc/devel/cvsd: Makefile
pkgsrc/devel/distcc: Makefile
pkgsrc/devel/memcached: Makefile
pkgsrc/devel/monotone-server: Makefile
pkgsrc/filesystems/tahoe-lafs: Makefile
pkgsrc/inputmethod/canna-dict: Makefile
pkgsrc/inputmethod/canna-server: Makefile
pkgsrc/inputmethod/ja-freewnn-server: Makefile
pkgsrc/inputmethod/sj3-server: Makefile
pkgsrc/mail/amavisd-new: Makefile
pkgsrc/mail/courier-imap: Makefile
pkgsrc/mail/courier-maildir: Makefile
pkgsrc/mail/dcc: Makefile
pkgsrc/mail/dkim-milter: Makefile
pkgsrc/mail/dovecot: Makefile
pkgsrc/mail/dovecot2: Makefile
pkgsrc/mail/dspam: Makefile
pkgsrc/mail/enma: Makefile
pkgsrc/mail/exim: Makefile
pkgsrc/mail/exim3: Makefile
pkgsrc/mail/fml: Makefile
pkgsrc/mail/fml4: Makefile
pkgsrc/mail/freepops: Makefile
pkgsrc/mail/gld: Makefile
pkgsrc/mail/imapproxy: Makefile
pkgsrc/mail/maildrop: Makefile
pkgsrc/mail/mailman: Makefile
pkgsrc/mail/majordomo: Makefile
pkgsrc/mail/milter-greylist: Makefile
pkgsrc/mail/milter-manager: Makefile
pkgsrc/mail/milter-regex: Makefile
pkgsrc/mail/mimedefang: Makefile
pkgsrc/mail/nullmailer: Makefile
pkgsrc/mail/opendkim: Makefile
pkgsrc/mail/policyd-weight: Makefile
pkgsrc/mail/popa3d: Makefile
pkgsrc/mail/postgrey: Makefile
pkgsrc/mail/prayer: Makefile
pkgsrc/mail/qpopper: Makefile
pkgsrc/mail/quickml: Makefile
pkgsrc/mail/sendmail: Makefile
pkgsrc/mail/smtp-vilter: Makefile
pkgsrc/mail/spamd: Makefile
pkgsrc/mail/sqlgrey: Makefile
pkgsrc/mail/sqwebmail: Makefile
pkgsrc/mail/sympa: Makefile
pkgsrc/mail/tmda: Makefile
pkgsrc/multimedia/gmediaserver: Makefile
pkgsrc/multimedia/mediatomb: Makefile
pkgsrc/net/DarwinStreamingServer: Makefile
pkgsrc/net/avahi: Makefile
pkgsrc/net/bind96: Makefile
pkgsrc/net/bind98: Makefile
pkgsrc/net/bind99: Makefile
pkgsrc/net/cacti: Makefile
pkgsrc/net/cntlm: Makefile
pkgsrc/net/couriertcpd: Makefile
pkgsrc/net/freeradius: Makefile
pkgsrc/net/freeradius2: Makefile
pkgsrc/net/gofish: Makefile
pkgsrc/net/iodine: Makefile
pkgsrc/net/irrd: Makefile
pkgsrc/net/kismet: Makefile
pkgsrc/net/lambdamoo: Makefile
pkgsrc/net/lldpd: Makefile
pkgsrc/net/mldonkey: Makefile
pkgsrc/net/mydns-mysql: Makefile
pkgsrc/net/mydns-pgsql: Makefile
pkgsrc/net/netdisco: Makefile
pkgsrc/net/nsd: Makefile
pkgsrc/net/openntpd: Makefile
pkgsrc/net/openvpn: Makefile
pkgsrc/net/pygopherd: Makefile
pkgsrc/net/quagga: Makefile
pkgsrc/net/rancid: Makefile
pkgsrc/net/rbldnsd: Makefile
pkgsrc/net/ruby-stompserver: Makefile
pkgsrc/net/snort: Makefile
pkgsrc/net/spread: Makefile
pkgsrc/net/tacacs-shrubbery: Makefile
pkgsrc/net/teamspeak-server: Makefile
pkgsrc/net/tor: Makefile
pkgsrc/net/unbound: Makefile
pkgsrc/net/uucp: Makefile
pkgsrc/net/vsftpd: Makefile
pkgsrc/net/xymon: Makefile
pkgsrc/net/xymonclient: Makefile
pkgsrc/news/leafnode: Makefile
pkgsrc/news/nntpcache: Makefile
pkgsrc/parallel/gridscheduler: Makefile
pkgsrc/parallel/sge: Makefile
pkgsrc/parallel/slurm: Makefile
pkgsrc/print/cups: Makefile
pkgsrc/security/cyrus-sasl: Makefile
pkgsrc/security/dirmngr: Makefile
pkgsrc/security/f-prot-antivirus6-ms-bin: Makefile
pkgsrc/security/libprelude: Makefile
pkgsrc/security/libprelude-lua: Makefile
pkgsrc/security/libprelude-perl: Makefile
pkgsrc/security/libprelude-python: Makefile
pkgsrc/security/libprelude-ruby: Makefile
pkgsrc/security/opendnssec: Makefile
pkgsrc/security/openssh: Makefile
pkgsrc/security/pks: Makefile
pkgsrc/security/policykit: Makefile
pkgsrc/security/prelude-correlator: Makefile
pkgsrc/security/prelude-lml: Makefile
pkgsrc/security/prelude-manager: Makefile
pkgsrc/security/py-prewikka: Makefile
pkgsrc/security/sfs: Makefile
pkgsrc/security/stunnel: Makefile
pkgsrc/sysutils/amanda-common: Makefile
pkgsrc/sysutils/bacula: Makefile
pkgsrc/sysutils/dbus: Makefile
pkgsrc/sysutils/hal: Makefile
pkgsrc/sysutils/munin-node: Makefile
pkgsrc/sysutils/munin-server: Makefile
pkgsrc/sysutils/sysbuild-user: Makefile
pkgsrc/sysutils/ups-nut: Makefile
pkgsrc/textproc/dict-server: Makefile
pkgsrc/www/apache: Makefile
pkgsrc/www/apache-tomcat6: Makefile
pkgsrc/www/apache-tomcat7: Makefile
pkgsrc/www/apache2: Makefile
pkgsrc/www/apache22: Makefile
pkgsrc/www/apache24: Makefile
pkgsrc/www/dansguardian: Makefile
pkgsrc/www/jetty7: Makefile
pkgsrc/www/nginx: Makefile
pkgsrc/www/nginx-devel: Makefile
pkgsrc/www/ocsigen: Makefile
pkgsrc/www/php-concrete5: Makefile
pkgsrc/www/php-owncloud: Makefile
pkgsrc/www/php-piwigo: Makefile
pkgsrc/www/php-soycms: Makefile
pkgsrc/www/php-sugarcrm: Makefile
pkgsrc/www/php-tiki6: Makefile
pkgsrc/www/php-tt-rss: Makefile
pkgsrc/www/privoxy: Makefile
pkgsrc/www/screws: Makefile
pkgsrc/www/sencha-sns: Makefile
pkgsrc/www/squid3: Makefile
pkgsrc/www/squidGuard: Makefile
pkgsrc/www/tinyproxy: Makefile
Log Message:
Bump PKGREVISION of all packages which create users, to pick up change of
sysutils/user_* packages.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jul 27 03:20:53 UTC 2013
Modified Files:
pkgsrc/net/bind98: Makefile distinfo
Log Message:
Update bind98 to 9.8.5pl2 (BIND 9.8.5-P2).
--- 9.8.5-P2 released ---
3621. [security] Incorrect bounds checking on private type 'keydata'
can lead to a remotely triggerable REQUIRE failure
(CVE-2013-4854). [RT #34238]
|
|
net/bind99: security update
Revisions pulled up:
- net/bind99/Makefile 1.28
- net/bind99/distinfo 1.17
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jul 27 03:20:07 UTC 2013
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Log Message:
Update bind99 to 9.9.3pl2 (BIND 9.9.3-P2).
--- 9.9.3-P2 released ---
3621. [security] Incorrect bounds checking on private type 'keydata'
can lead to a remotely triggerable REQUIRE failure
(CVE-2013-4854). [RT #34238]
|
|
|
|
|
|
-traditional will work.
|
|
|
|
|
|
ChangeLog:
2.3.3:
- fallback to gcrypt if no openssl elliptical support
|
|
ChangeLog:
2013-06-03 Tristan Matth
Uninitialized control message and rtcp messages.
|
|
<tuple> and boost::tuple.
|
|
* Use distfile's install target, remove pkgsrc one.
Changelog:
unknown.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This recently tagged version from GitHub works (with a few warnings...)
|
|
|
|
Remove bogus removal of dlpisubs.c, and force the configure script to
avoid any getifaddrs implementation on SunOS which would result in it
not being included.
Fixes build on SunOS. Thanks to Jörn Clausen for testing on Solaris 10.
Bump PKGREVISION. Approved during freeze by wiz.
|
|
don't match PLIST.
Fixes build on Ubuntu. No change on platforms where the package would
successfully build, so no bump required.
|
|
ChangeLog:
- BUG/MAJOR: backend: consistent hash can loop forever in certain circumstances
- BUG/MEDIUM: checks: disable TCP quickack when pure TCP checks are used
- MEDIUM: protocol: implement a "drain" function in protocol layers
- BUG/CRITICAL: fix a possible crash when using negative header occurrences
|
|
|
|
|
|
|
|
web interface (especially the map), using an extra distfile in
MASTER_SITE_LOCAL
bump PKGREVISION
|
|
The latter contains the unstable version 3 of mono, which breaks many mono
packages.
Bump dependencies and PKGREVISIONs.
Ok during freeze: gdt@
|
|
|
|
|
|
mimms is a program designed to allow you to download streams using
the MMS protocol and save them to your computer, as opposed to
watching them live. Similar functionality is available in full
media player suites such as Xine, MPlayer, and VLC, but mimms is
quick and easy to use and, for the time being, remains a useful
program.
Originally, mimms was forked directly from the last known version
of mmsclient, which was for years unmaintained. mimms was started
with the following goals:
* Keep a working copy of "mmsclient" (now "mimms") well maintained
* Fix lots of the bugs that were in mmsclient
* Extend the functionality of the program in useful ways
Since the 2.x series, mimms shares no code with mmsclient, and
actually does all of it's MMS operations using libmms, a library
based off of the xine-improved mmsclient code, which is designed
to allow multiple implementations of MMS clients without requiring
a fragmented code base. The mimms 3.x series is implemented entirely
in python, and is freed from the details of the MMS protocol and
architecture dependence, and can focus on usability.
|
|
2011-01-17 libmms-0.6.2 release (Hans de Goede <j.w.r.degoede@gmail.com>)
-------------------------------------------------------------------------
* Really fix building libmms with mingw, once more thanks to Carlo Bramini
* Move a lot of duplicate code between mms and mmsh to a new
mms-common-funcs file
* Fix several issues in the stream selection code when dealing with mms
streams with multiple audio / video streams inside them
https://bugs.launchpad.net/libmms/+bug/381782
https://bugs.launchpad.net/libmms/+bug/414892
2011-01-11 libmms-0.6.1 release (Hans de Goede <j.w.r.degoede@gmail.com>)
-------------------------------------------------------------------------
* Fix use of this keyword in public headers, patch by Fabian Greffrath
http://bugzilla.rpmfusion.org/show_bug.cgi?id=1596
* Add support for getting file creation time patch by Norman Rasmussen
https://sourceforge.net/tracker/?func=detail&aid=3072760&group_id=101989&atid=630607
https://bugs.edge.launchpad.net/libmms/+bug/398287
* Fix endianness macros doing unaligned word accesses (this also fixes
the strict aliasing warnings):
https://sourceforge.net/tracker/?func=detail&aid=3068992&group_id=101989&atid=630609
https://sourceforge.net/tracker/?func=detail&aid=3050812&group_id=101989&atid=630607
* Add support for compiling under mingw and BeOS, patch by Carlo Bramini
https://sourceforge.net/tracker/?func=detail&aid=3072635&group_id=101989&atid=630607
https://bugs.launchpad.net/libmms/+bug/339946
* Add support for connecting to mmsh / mmst streams over ipv6,
based on a patch by Cristian Morales Vega:
https://sourceforge.net/tracker/?func=detail&aid=3051744&group_id=101989&atid=630609
* Fix mmsh infinite loop when stream not avaliable any more, patch by
Serge (sf account ttipok):
https://sourceforge.net/tracker/?func=detail&aid=3025529&group_id=101989&atid=630609
|
|
mismatches non-fatal for clang.
|
|
2.006nb1 to 2.007.
Upstream changes:
2.007 Jan 09 2013
- Update run_dequeue to clear out signals after fork.
- Add serialize none for PreFork and PreForkSimple servers that
at not multi-port.
- Allow for auto-assigned port to be the same when hostname
resolves to multiple ips/ipvs (RT #78024)
- Fix bug in header parsing (RT #82125)
- Fix warning bug (RT #78828)
- Fix wrong wantarray context in Proto::TCP (RT #31437)
- Simplify _get_commandline to just use $0 - no fishing in proc
(RT #80260)
- Fix uninitialized begin (RT #78830)
- Fix misplaced +2 (RT #78827)
- Fix various spelling errors and pod nits (RT #77994)
- Allow for log calls from the MUX object (RT #78514)
- Give an error at begin time of SSLEAY if the need Fcntl function
is not available on this platform (RT #82542)
- Make all of the tests self cancel much earlier if there is an
error handling the request.
- Add a stronger timeout to PreFork tests - ideally we'd like to
find a real way to test these one windows (RT #811411, #81993) -
still broken - but shouldn't hang
- Superficial changes to help packagers not list Log4perl as
dependency (it is optional)
|
|
to 2.70.
Upstream changes:
2013-05-21 Shlomi Fish <shlomif@shlomifish.org>
* Fix a typo:
- https://rt.cpan.org/Ticket/Display.html?id=73143
* Add t/style-trailing-space.t and got rid of trailing space.
* New Release IO-Socket-INET6-2.70
|
|
# Addressable 2.3.4
- fixed issue with encoding altering its inputs
- query string normalization now leaves ';' characters alone
- FakeFS is detected before attempting to load unicode tables
- additional testing to ensure frozen objects don't cause problems
|
|
bug fixes.
|
|
- fix a typo in vrrp.py
- fix IPv4 and IPv6 packet to correctly handle zero payload length
- store cipher_suite as int in TLSServerHello to allow app-specific messages
- improve SSL parsing
dpkt-1.7:
- handle dynamic imports from py2exe/freeze.py/zipped egg
packages, from plotnikoff
- decode Ethernet MPLS labels, Cisco ISL VLAN tags, 802.2 LLC fields
- handle multiply-defined HTTP headers from simdream
- add IPv6 extension header support (minus ESP)
- add radiotap module
- add IEEE80211 module
- add RFB module
- fix IP6 checksum to include options
- rename 'as' to 'asn' field in BGP header
- fix transport-layer checksum in IP6
- handle improper TCP header offset
- fix SSL typo
- handle malformed ICMP headers
- added RX module
- fixed loopback module IP/IP6 decoding
- set transport-layer (TCP, UDP) checksum in IP
- MRT module fixes
- fix pcap.Writer timestamp calculation
|
|
* Use distfile's install target.
* Add comments to patches.
Changelog:
3.54: A bug with hash_fold() regarding incoming IPv4 and IPv6 source addresses has been fixed. The "hash" group mechanism is now working as expected.
3.52: Buffering has been disabled for interactive shell IO. A new "assign" command has been added to allow changing of the host:port assignment of a channel (only if disabled). A locking bug has been fixed.
3.50: A new option -6 has been added to force IPv6 bind.
3.49: A patch has been applied due to a problem with ftok() on Solaris.
3.48: Problems with setting IPV6_V6ONLY socket option are now handled more nicely with a syslog warning message.
3.42: Balance now compiles also on systems where IPV6_V6ONLY is undefined (like some Solaris systems).
3.40: IPv6 support on the listening side has been added. MAXCHANNELS in balance.h has been increased to 64.
3.35: A bug in the autodisable functionality has been fixed.
3.34: -a option added (enables "autodisable" option: A channel needs to be manually re-enabled after a failure). Syslog logging added for reporting this event.
3.33: -M option added (use MMAP instead of SHM for IPC)
3.32: Bugfix: /var/run/balance may now already exist.
3.31: Bugfix: TCP_NODELAY properly set.
3.30: Code cleanups and fixes.
|
|
Changelog:
3.2.5, 2011-01-01
+ Fixed a problem on Mac OS X Snow Leopard for universal binary support.
+ ncftpls now prefers that you omit the leading dash when you use the -x
option. For example, if you wanted to try "ls -lrt", then try doing
"ncftpls -x lrt" rather than "ncftpls -x -lrt".
+ If a server's MLSx output returns both the "UNIX.mode" and the "perm"
parameters, UNIX.mode will take precedence (Thanks, Jay Kulpinski).
+ confirm-close is now off by default.
|
|
|
|
=====================================
* Minimum required Perl version is now 5.10.1.
* A couple of new tests:
- That a minimal referral can fit in a 512-octet packet.
- The responses come from the same IP address the question was sent to.
- That NSEC or NSEC3 is used in signed zones.
- That NSEC3 parameters are sane.
- That RRSIG durations are sane.
* CZNIC contributed a Czech translation.
* Reserved IP ranges updated according to new RFCs.
* All tests that made SMTP connections have been removed.
* The CLI script has a --level flag to specify the lowest log level you want printed.
* A new, better algorithm to check nameserver AS distribution.
* Plus of course bug and stability fixes.
Release Notes for DNSCheck Lib v1.3.0
=====================================
Notable changes:
* The configuration file layout has changed completely!
Instead of the old, complicated variant, default configuration, default
policy and language files are now installed in the proper place in the Perl
module tree. The user should never need to care exactly where that is. Local
changes to the configuration now lives in /etc/dnscheck/config.yaml and
/etc/dnscheck/policy.yaml
You have to manually move and rename your old site_config.yaml and
site_policy.yaml, if you have them!
|
|
RPKI-RTR (RFC6810) is now official (TCP Port 323)
Fix detection of OpenSSL libcrypto.
Add DNSSL (RFC6106) support.
Add "radius" as an option for -T.
Update Action codes for handle_action function according to
802.11s amendment.
Decode DHCPv6 AFTR-Name option (RFC6334).
Updates for Babel.
Fix printing of infinite lifetime in ICMPv6.
Added support for SPB, SPBM Service Identifier, and Unicast
Address sub-TLV in ISIS.
Decode RIPv2 authentication up to RFC4822.
Fix RIP Request/full table decoding issues.
On Linux systems with cap-ng.h, drop root privileges
using Linux Capabilities.
Add support for reading multiple files.
|
|
Add netfilter/nfqueue interface.
If we don't have support for IPv6 address resolution, support,
in filter expressions, what IPv6 stuff we can.
Checks added for malloc()/realloc()/etc. failures.
Fix pcap-config to include -lpthread if canusb support is
present
Try to fix "pcap_parse not defined" problems when --without-flex
and --without-bison are used when you have Flex and Bison
Fix some issues with the pcap_loop man page.
Fix pcap_getnonblock() and pcap_setnonblock() to fill in the
supplied error message buffer
Fix typo that, it appeared, would cause pcap-libdlpi.c not to
compile (perhaps systems with libdlpi also have BPF and use
that instead)
Catch attempts to call pcap_compile() on a non-activated pcap_t
Fix crash on Linux with CAN-USB support without usbfs
Fix addition of VLAN tags for Linux cooked captures
Check for both EOPNOTSUPP and EINVAL after SIOCETHTOOL ioctl, so
that the driver can report either one if it doesn't support
SIOCETHTOOL
Add DLT_INFINIBAND and DLT_SCTP
Describe "proto XXX" and "protochain XXX" in the pcap-filter man
page
Handle either directories, or symlinks to directories, that
correspond to interfaces in /sys/class/net
Fix handling of VLAN tag insertion to check, on Linux 3.x
kernels, for VLAN tag valid flag
Clean up some man pages
Support libnl3 as well as libnl1 and libnl2 on Linux
|