Age | Commit message (Collapse) | Author | Files | Lines |
|
end up with multiple version dependencies.
|
|
Changes (from 0.49) :
- fixed build problem for OpenSSL 0.9.6 and some builds
of perl 5.8.x which resulted in make error:
/usr/include/openssl/des.h:193: parse error before '&' token"
Thanks to Rob Brown for submitting a similar patch to cover
this problem
- bug fix from Dongqiang Bai when server using proxy cannot
resolve host name being connected to
- Added c:/openssl in default search path on win32 machines
which is the recommended installation area in the openssl dist
- Added patch from Pavel Hlavnicka for freeing memory leaks
from SSL_CTX_use_pkcs12_file() whose functionality is triggered
by the $ENV{HTTPS_PKCS12_*} settings
- Added alarm() during Net::SSL->read() to honor socket timeout
setting for more robust applications. read()
will die_with_error() which in consistent with previous
semantics used during SSL read() failure
Thanks to Pavel Hlavnicka for prompting this change.
- Removed code that supported versions of SSLeay before version 0.8
I believe SSLeay v.8 was released back in 1998
- Added patch from Devin Heitmueller so that initial random seed
would be taken from /dev/urandom if available via RAND_load_file
API
|
|
Changes :
1.22
- proxy auth fix from Bill.Muller@@ubsw_..com
- RAND patch from Toni Andjelkovic <toni@soth._at>
1.23
- some minor tweaks by many, mainly for RH build
- memory leak and cleanup patches from
Marian Jancar <mjancar@suse._cz>
|
|
|
|
Bump to 1.16.
|
|
now and not NetBSD-*-arm32. Changes include one or more of:
- Change MACHINE_ARCH == arm32 to also match arm
- Where ONLY_FOR_PLATFORM includes NetBSD-*-arm32, add NetBSD-*-arm
- Where BROKEN or worked around for arm gcc bugs, set USE_GCC3
The last may shake out a few more broken packages the next bulk build.
|
|
- (djm) Add back radix.o (used by AFS support), after it went missing from
Makefile many moons ago
- (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
- (djm) Fix blibpath specification for AIX/gcc
- (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
(This last fix makes this compile on IRIX again.)
|
|
PLIST_SRC accordingly after we recently set LOWER_OPSYS on IRIX to what
most applications seem to expect (ie irix6.5 rather than irix6).
|
|
for the time being.
|
|
Also, add dependency on Perl instead of noting it in message, and use
REPLACE_PERL.
PHP frontend not included in this package.
Changes:
apg-2.1.0
Some code cleanup.
apg-2.1.0b1
Option [-E char_string] now works for pronounceable
password generation too (see apg(1), apgd(8)).
apg-2.1.0b0
Added new option [-e char_string] that allow to exclude some
characters from password generation process.
(works only for random password generation yet)
apg-2.1.0a0
Added support for /dev/arandom for OpenBSD
apg-2.1.0a0
Fixed some typing errors in the man pages
System getopt() replaced with own apg_getopt().
All calls of bcopy() and bzero() replaced with memcpy() and memset().
Changed documentation.
PRNG algorithm changed to use PID as an element of initial seed.
Redesigned PHP frontend. Added support for German language.
Implemented password quality ckeck based on filter. Now you can enforce
APG to generate passwords that must contain numbers, special characters etc.
Removed support for old style password generation mode definition.
apg-2.0.0final
Changed PHP frontend to work with PHP safe-mode.
Version numbers of apg, apgd, apgbfm, apgonline changed to 2.0.0final.
apg-2.0.0b1
Fixed error that has forced user to set world-write privileges on
Bloom-filter file. (Thanks to Mike Robbins)
Fixed PHP frontend to clean-up generated HTML code.
(Thanks to Mike Robbins)
apg-2.0.0b0
Some code style fixes.
Support for "special" symbol-set usage for password generation
in pronounceable mode (S mode).
Support for "resticted special" symbol-set usage for password generation
in pronounceable mode (R mode).
New style of hyphenated password output for pronounceable
password generation mode.
apg-2.0.0a3
Better error handling in apgbfm.
Added -q option for apgbfm and apg (quiet mode).
Added PHP frontend for APG.
apg-2.0.0a2
Added support for SHA1 algorithm used for random numbers and hash
generation.
Hash function used in apgbfm changed to SHA1.
Added info to APG_TIPS file.
apg-2.0.0a1 (not published)
Finaly fixed some warnings during compilation process.
Added support for OpenBSD.
Added info to APG_TIPS file.
apg-2.0.0a0
Added new algorithm (-b option) to check generated passwords
quality (Bloom filter).
Added utility apgbfm to manage Bloom filter.
Some code style fixes.
Added APG_TIPS file in documentation.
|
|
- Cleared up some ambiguous syntax (grid -column instead of -col)
- Added a workaround for a bug in Tcl/Tk 8.4.0, which crashes on selection
requests when a handler is registered without a type. Thanks to Roberto
Ugoccioni for both of these patches!
|
|
suggested by Jeremy C. Reed.
|
|
|
|
This also includes changes offered in pr pkg/18734 and pr pkg/20796
submitted by Adrian Portelli. Thanks & Sorry that it took that long to
pick them up.
2.0.6 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Support for the keyword 'default' as a port range in nmap_wrapper.nes
- Fixed a zombie issue in nmap_wrapper.nes
- Fixed various issues which could allow a NASL script to crash the
NASL interpretor
- Improved the process management in find_services.nes
2.0.5 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a rare race condition which may make the scan hang
- Fixed SMB related issues
- Entering "default" as the port range will make nessusd scan the ports
listed in the Nessus services file.
- Even more sigs in find_services.nes
. changes by Julien Bordet (zejames@greyhats.org)
- Added over 3,000 signatures to smtpscan.nasl (thanks to the data
provided by the Nessus team)
2.0.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- fixed the SIGCHLD handler which would not work properly and leave zombies
on the system
- fixed a race condition when testing a great number of hosts which would
cause a testing process to slow down a whole audit or even hang it
totally
- When a great number of host names is passed to nessusd as a target, they
are resolved by chunks of 64 instead of trying to resolve everything then
starting the test
- RedHat 9 support (in spite of their attempt to make their distro incompatible
with everyone else)
. changes by Gabriel L. Somlo <somlo@acns.colostate.edu>
- The nessus can save the reports to stdout and read them from stdin
2.0.3 :
- fixed a compilation error which would prevent find_services from working
properly
2.0.2 :
. changes by Michel Arboi (arboi@alussinan.org)
- NASL port of smtpscan (original Perl program by Julien Bordet)
- Nasty bug made loop stop prematurely on rare cases
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Re-wrote webmirror.nasl from scratch. The new version has a real parser
built-in and is much faster
- Added checks for older Microsoft Advisories
- SMB plugins now use NTMLv1 authentication, ie: they don't send passwords
in clear text over the network any more
- Added new crypto functions, taken from samba, in libnasl/
- Repaired detached scans
- Fixed IP ranges notation (10.1.1-9.1-254 did not work any more)
- Minor bug fixes and enhancements : #234, #233, #230, #229, #228, #225, #222,
#220, #218, #217, #216, #215, #213, #212, #211, #207, #206, #205
- nessus-update-plugins properly calls chown under FreeBSD, no matter how
many plugins there are
- find_services.nes recognizes even more protocols
. changes by Xueyong Zhi <zhi@mail.eecis.udel.edu>
- Added NTLMv2 authentication
. changes by Frank Migge (frank.migge@oracle.com)
- nessus-mkcert-client creates the auth/rules file properly
2.0.1 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Minor bugfixes (bugs #180, #183, #185, #188, #189, #195, #197, #202, #203, #204)
- Fixed the "pink" graphical report issue
- Added http keep-alive support in the CGI related plugins
- Fixed a bug in the function get_kb_list() which would not always work
properly
- Fixed an issue where in some situations, some HTTP services would not
be tested for flaws if they have not been port-scanned first
- Added new signatures in find_services.nes
. changes by Stephen Friedl (steve@unixwiz.net)
- Fixed bugs and warnings in nessus-libraries
2.0.0 :
. changes by Michel Arboi (arboi@alussinan.org)
- NASL2 : Implement >!< "strings don't match" operator
- NASL2 : fixed a vicious case of freed memory copy.
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a small bug in the plugin scheduler
- Ported to IRIX
- Several small bugfixes
. changes by Xueyong Zhi <zhi@mail.eecis.udel.edu>
- Added nmap_osfingerprint
1.3.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Re-written the process manager for the hosts
- Lots of bugfixes in the plugins text store manager
- New port scanner "synscan" which uses the RTT of the packets to do
its job.
- Fixed several small issues in nasl and nessusd (bug fixes, code cleanup)
- Added cryptographic hashing functions in NASL
- Added the function get_kb_list() which returns the content of a KB
without forking the plugin
- Updated the manpages of nessusd and nasl
. changes by Michel Arboi (arboi@alussinan.org)
- Fixed scanner_get_port() when running in standalone mode
- Fixed possible uninitiliazed memory issues in libnasl
- Started to write the NASL2 reference guide (to be found in libnasl/doc/)
1.3.3 :
. changes by Michel Arboi (arboi@alussinan.org)
- Implement bit xor, logical & aithmetic right shift, power
- Fix operator precedence
- Added new NASL functions
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- The plugin texts are not loaded in memory any more, thus reducing
the consumption of the nessus daemon of two megs. This also speeds up
the loading of nessusd.
- Fixed a bug in the plugins scheduler (if optimizations were enabled,
the scan would sometime hang)
- Added a new NASL function (int())
- Fixed strings substraction to handle null values properly
- find_services.nes runs in parallel mode, for improved speed
- new plugin (synscan) which should perform well against firewalled
hosts (computes the RTT before the scan)
1.3.2 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Added fixes so that nessus-core/nessusd/pluginscheduler.c compiles with
the latest version of GCC
- Fixed a bug in nessus-libraries/libnessus/bpf_share.c : a timer would not
be reset, causing plugins which call bpf_next() to sometimes crash
- Set the timer of bpf_share.c to a much lower value, thus making it work
much better
- Improved tcp_ping()
- Fixed two bugs in the plugins scheduler :
- If the option "enable dependencies at runtime" is set,
it would enable ALL the plugins which are depended on, instead
of only those we use ;
- In some cases, it may terminate too early, thus preventing a scan
from being complete
- DESTDIR support
1.3.1 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Rewrote the plugins scheduler (which determines the order in which
the plugins are to be launched). The new one is much more efficient
but as a result, it is not possible to accurately determine the
order in which the plugins will be ran, so the 'plugin name' in
the client is now totally bogus
- Fixed various issues with NASL scripts so that they work better
with NASL2
- Fixed bugs relative to the creation of icmp and udp packets in nasl
- Fixed some fatal bugs in the bpf sharer
- NASL scripts do not read /dev/urandom any more, and use time() as a
random seed instead. As a result, the loading and execution of nasl
scripts if faster on systems where /dev/urandom can be blocking
- Fixed the tcp NIDS evasion techniques on BSD systems
- Full support for Bugtraq IDs
- The HTML reports add links for URLs, and show the ID number of
the plugin that issues the report.
- Speed up the calls to arg_get_value() by using a hash of the name
being searched for.
- Changed the licence of NASL2 to the GPLv2 (with the consent of Michel Arboi)
. changes by Michel Arboi (arboi@alussinan.org)
- Better handling of the arrays in NASL2
. changes by Erik Anderson (eanders@carmichaelsecurity.com)
- CVE and bugtraq cross references
. changes by Jay (jay@kinetic.org)
- Fixed multiple typos in the plugins
. changes by Javier Fernandez-Sanguino (jfernandez@germinus.com)
- Nessus now ships Hydra 2.2
- Fixed various compilation scritps (see bug#63)
1.3.0 :
. changes by Michel Arboi (arboi@alussinan.org)
- Use our own nessus-services file (re-generated at first start to include
/etc/services and nmap-services)
- Added new families of plugins (ACT_KILL_HOST and ACT_END)
- Rewrote libnasl
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- The 'cancel' button of several file selection dialogs is now working
- Optimized several plugins :
- Web-related checks now use http_recv() instead of recv()
- open_priv_sock_tcp() has a lower timeout
- RPC related checks now use get_rpc_port(), a function equivalent
to libc's getrpcport() but with a much smaller timeout
- Decreased the default value of checks_read_timeout from 15 to 5
- Fixed a bug in the plugin selection GUI which would not refresh
the list of plugins of a given family properly (bug#3)
- Fixed memory leaks in NASL
- Fixed a bug in nessusd which would make it leak memory when receiving a SIGHUP
(bug#10)
- Fixed a compatibility problem with Nmap 3.10ALPHA (bug#11)
- Nessus now accepts nmap's U: and T: notation for the port range (bug#5)
- Helped Michel Arboi to give the last touches to the new libnasl
. changes by Erik Anderson (eanders@pobox.com)
- Added CVE and BID links, added urls and removed dead links from the plugins
. changes by Michel Scheidell (scheidell@secnap.net)
- Improved several SMB-related checks
. changes by Rodolfo Baader (rbaader@activesec.biz)
- Quotes and apostrophes are properly escaped in the XML output report
|
|
|
|
net/mrstat: 1.19
security/msu: 1.06
security/msudir: 0.13
Do not unconditionally set CFLAGS'.
|
|
|
|
|
|
|
|
|
|
is accepted. Suggested by Grant.
|
|
Should anybody feel like they could be the maintainer for any of thewe packages,
please adjust.
|
|
the shared share/mime-info directory. Bump PKGREVISION.
|
|
Changes in 0.7.3:
* More key loading optimizations
* Import and Export dialogs now use the clipboard instead of a text view
* Nautilus component that provides a context menu for crypto operations
* Removed Tools menu in favor of nautilus component
* PGP gconf schemas in /desktop/pgp
* Depends on gnome-mime-data for mime types
* Widgets no longer insensitive during progress operations
* Key edit dialogs are key modal so operations do not conflict
* Can do concurrent operations, except for editing the same key
* Can sign, export, and delete multiple keys
* Export dialog has a default filename
* Control center capplet for configuring pgp
* Can select keys & do operations while keys are loading
Changes in 0.7.2:
* GConf notification for preferences and ui settings
* More gnome preferences
* More listing improvements and optimizations for large key rings
* Key properties now a property window
* Owner trust values are restricted based on key type
* Key manager toolbar preferences
* General interface updates
* Nicer passphrase entry dialog
* Nicer change passphrase dialog
* More columns available in key-manager, can customize which ones are shown,
and each column is sortable
* Main window not completely insensitive during progress and startup
* Key Properties shows a formatted fingerprint, tabs are scrollable
* Recipients allows multiple selection, has statusbars to show number selected
* Can expand and collapse all rows in key-manager
|
|
* Changed File menu to Key menu
* Added context menu for keys
* Added buttons/menu items for possible, but not-yet-implemented features
* Sign an entire key
* Add a revoker to a key
* Bug fix when setting Ascii Armor Preferences
* Removed File Manager, replaced with file operations in Tools
* Key pairs initially listed first
* Performance improvements with large key rings, especially in loading
preferences
* Progress display at startup for listing of keys
* Can delete subkeys of non key-pairs
* General interface cleanups
|
|
|
|
* several bug fixes
Approved by chris.
|
|
* several bug fixes
Approved by chris.
|
|
From the change log:
- Changed the fileno() function to support returning the fileno
of server sockets. (Problem found by Roland Giersig
<RGiersig at cpan org>).
- Fixed SSL_version incorrectly defaulting to SSLv2 (patch from
Roland Alder <roland.alder at celeris ch>).
|
|
- improved DESCRiption (and spelling fixed)
- more MASTER_SITES
- improved COMMENT
- variable for enabling --with-libcrack
- install limits.conf if under Linux
- make sure it doesn't have an interactive configuration
|
|
Don't assume that $0 is this script.
Remove a directory check since we check for a file in the directory anyway.
Closes PR 21353 by Jeremy C. Reed.
|
|
From Jeremy C. Reed in PR 20843.
|
|
The directory ${PKGVULNDIR)} holding the 'vulnerabilities' file
which default value is determined at configure time can now be
overridden at runtime from the environment.
As a side effect the strings substituted at configure time in
files/{audit-packages,download-vulnerability-list} are now of the
form '@VAR@' and not '${VAR}'.
|
|
* Supporting MacOS X.
* Catching up to 2440bis-07.
* A bug fix of old_Public_Key_Packet.
|
|
and uses the correct HAVE_GETSPNAM.
From Jeremy C. Reed in PR 21413.
|
|
|
|
|
|
GnuTLS is a portable ANSI C based library which implements the TLS 1.0 and SSL
3.0 protocols. The library does not include any patented algorithms and is
available under the GNU Lesser GPL license.
Important features of the GnuTLS library include:
- Thread safety
- Support for both TLS 1.0 and SSL 3.0 protocols
- Support for both X.509 and OpenPGP certificates
- Support for basic parsing and verification of certificates
- Support for SRP for TLS authentication
- Support for TLS Extension mechanism
- Support for TLS Compression Methods
Additionaly GnuTLS provides an emulation API for the widely used OpenSSL
library, to ease integration with existing applications.
Package provided by Juan RP via pkgsrc-wip with modifications by me.
|
|
libtasn1 library was developed for ASN1 (Abstract Syntax Notation One)
structures management.
The main features of this library are:
- on-line ASN1 structure management that does
not require any C code file generation;
- off-line ASN1 structure management with C code
file generation containing an array;
- DER (Distinguish Encoding Rules) encoding;
- no limits for INTEGER and ENUMERATED values
Package provided bu Juan RP via pkgsrc-wip with some modifications by me.
|
|
|
|
OpenCDK (Open Crypto Development Kit) provides basic parts of the OpenPGP
message format. The aim of the library is *not* to replace any available
OpenPGP version. There will be no real support for key management (sign,
revoke, alter preferences, ...) and some other parts are only rudimentary
available. The main purpose is to handle and understand OpenPGP packets and
to use basic operations. For example to encrypt/decrypt or to sign/verify
and packet routines.
Provided by Juan RP via pkgsrc-wip with some modifications by me.
|
|
Based on a patch sent by Juan RP via PR pkg/21559.
Changes:
- DESCR has 80 columns
- style nits
1.1.12:
=======
- gcry_pk_sign, gcry_pk_verify and gcry_pk_encrypt can now handle an optional
pkcs1 flags parameter in the S-expression. A similar flag may be passed to
gcry_pk_decrypt but it is only syntactically implemented.
- New convenience macro gcry_md_get_asnoid.
- There is now some real stuff in the manual.
|
|
Based on a patch sent by Hiramatsu Yoshifumi via PR pkg/21540.
Changes:
- fix all installed scripts
- simplify installation
- DESCR has 80 columns
- style nits
20021111.1:
===========
- alerts with original packet included now have both sets of ports and first
set of IPs as links
- added -obfuscateip option to change the IP addresses in alerts to randomly
(but consistently) chosen alternates (not presently available for database
input)
- Updated parsing for Snort 1.9.0 full alert files
- new-style Spade reports now processed (Spade version 021008.1 and on)
- spp_portscan2 log files now processed (these entries are displayed somewhat
prettified)
- updated linking to ICMP log files; this involved updates for new ICMP header
format in Snort 1.9.0
- more robust recognition of non-packet alerts in different formats(these get
ignored)
- clarified warning about unknown ICMP type text and added repeat warning
suppression (you'll now only get a warning about a particular string twice)
- SnortSnarf will now ignore lines beginning with '#' between alerts, so you
can use that to begin a comment
|
|
|
|
This package provides the same secure shell software as the ssh2 package but
without X Windows support.
|
|
|
|
509) Fixed a typo that caused a compilation error on Heimdal.
510) Darwin (MacOS X) doesn't have a real setreuid() system call.
511) Fixed a problem with large numbers of environment variables.
|
|
|
|
|
|
|