| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Update provided by Andreas Wrede <andreas@planix.com> via PR pkg/23319.
Changes:
031023 Released 0.12.0.
Penlogd: sscanf would read 100 bytes + terminating nul into
a buffer of size 100. Now reads 99+nul. Spotted by Oezguer Kesim.
Let tracking time be set through penctl.cgi.
In do_cmd, "no log": only close the logfile if it is open.
New penctl command, "write [FILE]" writes current configuration
to a file. If FILE is omitted, overwrite the original
configuration file (-F option).
Pen: Time based expiration of tracked clients. Default is
0 seconds = never expire. Added -T option to control expiry
time. Also added penctl command "tracking N".
Penlogd: zero-terminate results from recvfrom.
In penlogd.c: don't complain if recvfrom is interrupted by signal.
More bugfixes, etc.
|
|
|
|
Fixes build with gcc3 from pkgsrc.
Style nits.
|
|
o Remove NET_SNMP_LOGFILE since it's not used anymore
o Include /usr/local/share/snmp/mibs into the default MIBS file search path
o Use --with-logfile=none instead of --without-logfile because that is what
the configure script wants for that variable.
While those changes affect an exported header file, they don't affect in
any way the compilation of dependencies, so no revision bump is needed.
|
|
XXX This package should be buildlink2-ified
|
|
changes in the security patch. Bump version to 2.6nb2.
|
|
fragment reassembly code. CVE reference for that vulnerability is
CAN-2003-0850.
Note homepage relocation, and take over maintainership since that's
apparently what I've become.
v1.18 Oct 15 2003
- reject tcp packets with old timestamp; needed to pass fragroute test;
well, linux 2.0.36 did not support this ;)
- fixed memory corruption which could be caused by overlarge TCP packets
- adjusted checksum.c to not use multiline literals (for gcc 3.3)
- in configure.in, even if found libnet files, try compilation; there is
another library with the same name
- fix a bug in "collect" field handling; if you did collect-- and then
collect++ (which is rare), you would get a single junk packet
- correct handling of exec_prefix in configure.in
- unlink config.status in "make distclean"
- use pcap_hdr->caplen instead pcap_hdr->len; the only gain seems to be to
gracefully handle pcap files with too short snaplen
- changed soname to libnids.so.1.x, as binary compatibility is not
guaranteed
- switched to sourceforge as homepage
|
|
the OpenFortress project by Rick van Rein <rick@openfortress.nl>
in private mail.
|
|
If you have installed BIND 9.1.3-P1, BIND 9.1.3-P2, BIND 9.2.2-P1,
BIND 9.2.2-P2, BIND 9.2.3rc2 or BIND 9.2.3rc3 it is recommended that
you upgrade. These versions generate false positives when applying
delegation-only tests.
--- 9.2.3 released ---
1525. [bug] dns_cache_create() could trigger a REQUIRE
failure in isc_mem_put() during error cleanup.
1524. [port] AIX needs to be able to resolve all symbols when
creating shared libraries (--with-libtool).
1523. [bug] Fix race condition in rbtdb. [RT# 9189]
1522. [bug] dns_db_findnode() relax the requirements on 'name'.
[RT# 9286]
1518. [bug] dns_nxt_buildrdata(), and hence dns_nxt_build(),
contained a off-by-one error when working out the
number of octets in the bitmap.
1514. [bug] named: isc_hash_destroy() was being called too early.
[RT #9160]
1513. [doc] Add "US" to root-delegation-only exclude list.
--- 9.2.3rc4 released ---
1512. [bug] Extend the delegation-only logging to return query
type, class and responding nameserver.
1511. [bug] delegation-only was generating false positives
on negative answers from subzones.
--- 9.2.3rc3 released ---
1510. [func] New view option "root-delegation-only". Apply
delegation-only check to all TLDs and root.
Note there are some TLDs that are NOT delegation
only (e.g. DE, LV, US and MUSEUM) these can be excluded
from the checks by using exclude.
root-delegation-only exclude {
"DE"; "LV"; "US"; "MUSEUM";
};
1509. [bug] Hint zones should accept delegation-only. Forward
zone should not accept delegation-only.
1508. [bug] Don't apply delegation-only checks to answers from
forwarders.
1507. [bug] Handle BIND 8 style returns to NS queries to parents
when making delegation-only checks.
1506. [bug] Wrong return type for dns_view_isdelegationonly().
--- 9.2.3rc2 released ---
1505. [bug] Uninitialised rdataset in sdb. [RT #8750]
1504. [func] New zone type "delegation-only".
1503. [port] win32: install libeay32.dll outside of system32.
(9.2.2-P2 is somewhere around here)
|
|
All platforms:
Autokey, using OpenSSL.
IPv6 support.
Bugfixes in loopfilter and refclocks.
NetBSD:
Support for editline command line editing
in "ntpq" and "ntpdc".
NetBSD-current:
Use nanosecond resolution POSIX timers.
|
|
|
|
Changelog:
- Fixed a bug that could occur when upgrading an interpreted object to
precompiled.
- Fixed a bug with catch and atomic in precompiled code.
- Fixed a recursion problem for an error in runtime_error().
- Better fix for the callout pause problem.
|
|
Changelog:
latd (1.17-1) unstable; urgency=low
* Add support for a MOPRC_INTERFACE env variable.
* Fix bug in the lastest retransmit code that screwed up
queued connections rather badly.
* Don't show status messages to /dev/lat ports
* moprc is now a C++ program that uses the LATinterfaces class.
* llogin -p only locks devices if liblockdev is found
* Porting work for *BSD and Darwin.
HUGE thanks to Matthew Fredette of NetBSD for all the bpf work.
* Use autoconf to configure and build. Again Matthew Fredette did
most of the work for this, but I added the Linux bits.
latd (1.16-1) unstable; urgency=low
* Don't use an IP socket for finding interfaces. So now you
can use LAT (& moprc) with a kernel that doesn't have IP.
* Fix latcp man page (-J and -j were wrong way round)
* llogin -L disables locking when using -p
* latd now expires services if it doesn't receive HELLOs
* Expand escape sequences in /etc/issue.net or /etc/issue.lat
* Fix crash on queued connections referencing freed memory.
* moprc now ignores duplicate messages it receives. This fixes
odd behaviour with some Emulex targets
* Put a timeout on CONNECT and COMMAND messages so we can resend
them if we get no reply.
* Check connection IDs more carefully.
latd (1.15-1) unstable; urgency=low
* More DS90L+ fixes (keepalive message format)
* Fix iostreams so they produce the correct output in gcc 3.0 & 2.95.
Now I know why people really hate iostreams.
* Use getloadavg() rather than /proc to get load average.
* Close all FDs before forking server processes.
* Always send an ACK for a packet with data in it.
* llogin uses lock files for device connections
latd (1.14-1) unstable; urgency=low
* gcc-3.0 compilation fixes in the new bits
* Rewritten ethernet flow control
* Increase moprc timeout a little.
* Don't try to process zero-length packets
* Include lat.html documentation
* Tested on DECserver 700
* Send "no more slots on circuit" message when closing a connection for
that reason. Fixes reconnection on DECserver 90L+
pkgsrc changes:
* Fix building when using gcc3
* Use the bsd.pkg.install.mk framework to install the
configuration file into the right place.
|
|
so comment out the result conditionally
|
|
- make it compilable w/ gcc 3.3 and NULL as (void *)0.
|
|
- make it compilable w/ gcc 3.3 and NULL as (void *)0.
- various protocol fixes, including new IANA assignment for RP discovery
|
|
These changes were submitted to the jwhois maintainers as bug #6007.
Approved by: salo.
|
|
|
|
|
|
protocol update in servers. Changes:
malware's contributions:
* Removed all font specifications from the XML resources.
* Do not start a search after adding an ED2K-Link.
* Enable clipping in download list control.
* FIXED: Bug rehashing a part file.
* FIXED: Various minor problems found by malloc debuggers.
* Keep the requested file in sync with the part status in CUpDownClient.
Un-Thesis' contributions:
* Fixed various compatibility issues with the new eDonkey servers.
|
|
http://lists.quagga.net/pipermail/quagga-users/2003-October/000543.html
- missing rip_enable_apply() which was causing lots of problems in
ripd
- revert of the generic PtP patch. This patch just caused way way too
many problems in its quest to try support FreeSWANs odd handling of
IPSec interfaces, particularly in ospfd.
|
|
|
|
Changes for 0.3.1:
* fix 32Bit signed/unsigned bug
* improve Linux /proc/net/dev parsing
* disable LED (set -DWITH_LED to enable them)
* make slurm Gbit-safe (tests with >100MByte/s will be done soon :))
* make -Wall happy on all systems
* calculate traffic correctly when using -d option
* add Mac OS X support (thanks Jan-Eric Kolbe for providing access!)
* print usage information if no interface was given at startup
Changes for 0.3.0:
* did some profiling and lowered cpu usage of sleep stuff
* misc small fixes and documentation updates
Changes for 0.3.0-pre1:
* theme support
* misc small typo fixes and internal changes
Changes for 0.2.3:
* Solaris interface speed detection code
* fix visual overflows in the display when running for long time
* prevent the missing 'E' from being overwritten
Changes for 0.2.2:
* Solaris auto* support
* -z option to virtualy reset displayed counters
* fix padding problems which lead to speeds like 123.45KB/s/s/s/s
|
|
|
|
- IPv4 database updated (20030906)
- add support of LACNIC registry
- add output format "octal"
Print octal representation of a given IPv6 address:
(useful for djbdns/tinydns)
3ffe:ffff::1 ->
\77\376\377\377\0\0\0\0\0\0\0\0\0\0\0\1
--printfulluncompressed 3ffe:ffff::1 ->
\077\376\377\377\000\000\000\000\000\000\000\000\000\000\000\001
Available format options:
--printfulluncompressed: Print in full uncompressed format
- New program "ipv6logstats" for parsing web server logs to get some
IPv4/IPv6 distribution data and build time line charts. See examples for
more.
- add input types:
"ipv4hex" (hexadecimal IPv4 address)
"ipv4revhex" (reverse hexadecimal IPv4 address)
- add support of spaces in MAC/EUI-48 addresses
- General bugfixing
|
|
From reed@ in pkgsrc-changes.
|
|
version changes, without need for a PKGREVISION bump, though).
Take over maintainership, as agreed with dbj@.
|
|
|
|
Changes since 3.45:
===================
o Integrated an enormous number of version detection service
submissions. The database has almost doubled in size to 663
signatures representing the following 130 services:
3dm-http afp apcnisd arkstats bittorent chargen citrix-ica
cvspserver cvsup dantzretrospect daytime dict directconnect domain
echo eggdrop exec finger flexlm font-service ftp ftp-proxy gnats
gnutella-http hddtemp hp-gsg http http-proxy hylafax icecast ident
imap imaps imsp ipp irc ircbot irc-proxy issrealsecure jabber
kazaa-http kerberos-sec landesk-rc ldap linuxconf lmtp lotusnotes
lpd lucent-fwadm meetingmaker melange microsoft-ds microsoft-rdp
mldonkey msactivesync msdtc msrpc ms-sql-m mstask mud mysql
napster ncacn_http ncp netbios-ns netbios-ssn netrek netsaint
netstat netwareip networkaudio nntp nsclient nsunicast ntop-http
omniback oracle-mts oracle-tns pcanywheredata pksd pmud pop2 pop3
pop3s poppass postgresql powerchute printer qotd redcarpet
rendezvous rlogind rpc rsync rtsp sdmsvc sftp shell shivahose
sieve slimp3 smtp smux snpp sourceoffice spamd ssc-agent ssh ssl
svrloc symantec-av symantec-esm systat telnet time tinyfw upnp
uucp veritasnetbackup vnc vnc-http vtun webster whois wins
winshell wms X11 xfce zebra
o Added the ability to execute "helper functions" in version
templates, to help clean up/manipulate data captured from a server
response. The first defined function is P() which includes only
printable characters in a captured string. The main impetus for
this is to deal with unicode strings like
"W\0O\0R\0K\0G\0R\0O\0U\0P\0" that many MS protocols send. Nmap can
now decode that into "WORKGROUP".
o Added SUBST() helper function, which replaces strings in matched
appname/version/extrainfo strings with something else. For example,
VanDyke Vshell gives a banner that includes
"SSH-2\.0-VShell_2_2_0_528". A substring match is used to pick out
the string "2_2_0_528", and then SUBST(1,"_",".") is called on that
match to form the version number 2.2.0.528.
o If responses to a probe fail to match any of the registered match
strings for that probe, Nmap will now try against the registered "null
probe" match strings. This helps in the case that the NULL probe
initially times out (perhaps because of initial DNS lookup) but the
banner appears in later responses.
o Applied some portability fixes (particularly for OpenBSD) from Chad
Loder (cloder(a)loder.us), who is also now the OpenBSD Nmap port
maintainer.
o Applied some portability fixes from Marius Strobl
(marius(a)alchemy.franken.de).
o The tarball distribution of Nmap now strips the binary at install
time thanks to a patch from Marius Strobl
(marius(a)alchemy.franken.de).
o Fixed a problem related to building Nmap on systems that lack PCRE
libs (and thus have to use the ones included by Nmap). Thanks to Remi
Denis-Courmont (deniscr6(a)cti.ecp.fr) for the repot and patch.
o Alphebetized the service names in each Probe section in
nmap-service-probes (makes them easier to find and add to).
o Fixed the problem several people reported where Nmap would quit with
a "broken pipe" error during service scanning. Thanks to Jari Ruusu
(jari.ruusu(a)pp.inet.fi) for sending a patch. The actual error
message was "Unexpected error in NSE_TYPE_READ callback. Error
code: 32 (Broken pipe)"
o Fixed protocol scan (-sO), which I had broken when adding the new
output table format. It would complain "NmapOutputTable.cc:128:
failed assertion `row < numRows'". Thanks to Matt Burnett
(marukka(a)mac.com) for notifying me of the problem.
o Upgraded Libpcap to the latest tcpdump.org version (0.7.2) from
0.7.1
o Applied a patch from Peter Marschall (peter(a)adpm.de) which adds
version detection support to nmapfe.
o Fixed a problem with XML output being invalid when service detection
was done on SSL-tunneled ports. Thanks to the several people who
reported this - it means that folks are actually using the XML
output :).
o Fixed (I hope) some Solaris Sune ONE compiler compilation problems
reported (w/patches) by Mikael Mannstrom (candyman(a)penti.org)
o Fixed the --with-openssl configure option for people who have
OpenSSL installed in a path not automatically found by their
compilers. Thanks to Marius Strobl (marius(a)alchemy.franken.de) for
the patch.
o Made some portability changes for HP-UX and possibly other types of
machines, thanks to a patch from Petter Reinholdtsen (pere(a)hungry.com)
o Applied a patch from Matt Selsky (selsky@columbia.edu) which fixes
compilation on some Solaris boxes, and maybe others. The error said
"cannot compute sizeof (char)"
o Applied some patches from the NetBSD ports tree that Hubert Feyrer
(hubert.feyrer(a)informatik.fh-regensburg.de) sent me. The NetBSD
Nmap ports page is at http://www.NetBSD.org/packages/net/nmap/ .
o Applied some Makefile patches from the FreeBSD ports tree that I
found at http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/nmap/files/
|
|
site doesn't have the distfile anymore.
also add a CONFLICT on bind, as it includes bin/host also.
fixes PR pkg/20810 from Jeremy C. Reed.
|
|
patch from Jeremy C. Reed in PR pkg/20810.
|
|
|
|
fixes PR pkg/23078 from Jeremy C. Reed.
|
|
spurious output.
fixes PR pkg/22814 from Rob Quinn.
|
|
fixing remotely exploitable buffer overflow.
bump PKGREVISION.
addresses PR pkg/22687 from Wolfgang S. Rupprecht.
|
|
|
|
v1.17 Dec 12 2002
- fixed a stupid bug in TCP reassembly; having received a particular order
of TCP out of frame segments, libnids could lost track of the current
seq, and miss the following data stream
- DLT_FDDI
- benign typo in hash.c
- mentioned usefulness of two process buffering on a fast network
v1.17rc1 Aug 30 2002
- support for libnet-1.1 and --with-libnet=no
- added support for libpcap save files
- finally, DLT_LINUX_SLL is recognized
- removed a horrible assumption on sizeof(pointer); it could result in
segfault in scan.c
- --enable-shared
- __i386 -> __i386__ || __i386 :(
- support for 802.1Q VLAN
- support for wireless frames (DLT_IEEE802_11)
- got rid of (obsolete) pcap_open_live_new
- bail out if link type is unknown, instead of pretending it is ethernet
- $(MAKE) -> $(MAKE) $(AM_MAKEFLAGS)
- added a working link to Ptacek-Newsham paper
- %hi -> %hu :)
- align IP header if necessary (should not be)
- improved libraries detection
- mentioned usefulness od setsockopt(...SO_RCVBUF...) on a fast network
v1.16 Nov 3 2000
- nah, at least a release forced by a security bug. A typo in libnids.c
could cause libnids to segfault when source routed frame has been received.
v1.15 Oct 9 2000
- token ring support
- new configurable option (non-default): if a tcp callback hasn't processed
all available data, it is called immediately again
- fixed alignment in hash.c, which caused sigsegv on Sparc
- another _obviously_ redundant include file added to configure test progs
- html version of the API documentation
|
|
The main change since 1.1 is working support for the SpeedTouch 330 USB
ADSL modem. The earlier SpeedTouch USB modem has not been shipping for
over a year, and 1.1 either runs extremely slowly with a 330, or locks
the machine solid and panics when unplugged.
(speedtouch has been in beta for over a year now)
|
|
|
|
From Quentin Garnier <cube@cubidou.net> resolves pr pkg/23080
|
|
This makes this package compile on Solaris and Linux (plus - hey! - static
linking is really from the past millennium!)
Fixes PR 23032.
|
|
Original patch by Simas Mockevicius <symka@vejas.lt>
|
|
assumed incorrectly that if you are using Linux, that you want to
use the nmap-provided libpcap code; but the libpcap package works
fine. (Okay'd by salo.)
|
|
Min Sik Kim <minskim at bawi dot org>. Bump PKGREVISION to 1.
|
|
|
|
Various changes, including:
* forbid mget of filenames that aren't in or below the local cwd.
* improve auto-fetch transfers
* improve www/proxy authentication support
* improve http response header parsing
* change UCB-licensed code from 4-clause to 3-clause
|
|
Various changes, including:
* forbid mget of filenames that aren't in or below the local cwd.
* improve auto-fetch transfers
* improve www/proxy authentication support
* improve http response header parsing
* change UCB-licensed code from 4-clause to 3-clause
|
|
* bug fixes
* documentation updates
|
|
|
