| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
|
|
${PREFIX}/share/examples/smtpd, the spool setup moved into a newly added
rc script. This also handles missing configurations files better, since
the old post-install would fail e.g. if no local time was configured.
Bump revision.
|
|
the necessary headers.
XXX Ask upstream, why this isn't a #if / #elif list
Reported-by: walt <wa1ter AT myrealbox DOT com> on tech-pkg
|
|
* keychain 2.6.1 (10 Oct 2005)
10 Oct 2005; Aron Griffis <agriffis@gentoo.org>:
Change "unset evalopt" to "evalopt=false" and run through *all* the regression
tests instead of just the new ones. *sigh*
* keychain 2.6.0 (10 Oct 2005)
10 Oct 2005; Aron Griffis <agriffis@gentoo.org>:
Add the --eval option which makes keychain startup easier. See the man-page
for examples. Get rid of the release notes from README, so now this file is
where changes are tracked.
|
|
Changes since version 2.0.6:
Version 2.0.9 -- This is a bug fix release
What's new:
* support for Cisco FWSM.
* Print comments on objects.
* Add "commit" menu item.
* Spanish translation has been added.
Bugs fixed in the GUI:
* bug #1254775: "RCS checkin fails on Windows when data file is too
big".
* bug #1226069: "Segfault: Drag&Drop between two instances".
* bugs #1233165: "Illegal Logging-Limit string" and #1287755: "i18n is
breaking iptables script".
* bug #1240205: "Iilegal --log-level Information".
* bug #1277129: "script is truncated when installed by the GUI running
on Mac".
Bugs fixed in policy compiler for PF:
* bug #1276083: "Destination NAT rules". Old restriction on "rdr" rules.
Version 2.0.8 -- This is a bug fix release
What's new:
* Improvements in the GUI:
* Included updated German translation by Hans Peter Dittler.
* Print RCS Log".
* Code changes to make the code compile and work on Solaris.
* Improvements in policy compilers for pf, ipf, ipfw:
* implemented support for subnets for backup ssh access for
pf,ipf,ipfw.
* Improvements in compiler for ipfw:
* using rule sets to atomically swap old and new rules.
* added "established" rule on top of the regular backup ssh access rule.
Bugs fixed in the Standard Objects library:
* bug #210518: 'Incorrect ending day in the standard object "weekends"'.
Bugs fixed in scripts and tools:
* bug #1200902: "fwb_compile_all does not work in 2.0".
Bugs fixed in GUI:
* bug #1072842: "fwbuilder: Solaris and forkpty".
* bug #1201406: "shutdown messages should be suppressed".
* bug #1204067: "incorrect timezone handling in RCS".
* bug #1207983: "incorrect size of "I" and "L" buttons in the group view
dialog".
* bug #1212121: "sudo shutdown doesn't work".
* bug #1212123: "executing file below /tmp as root".
* bug #1212179: "tool tips for TCP services cuts off some services".
* bug #1213361: "PF on FreeBSD-5.4R".
Bugs fixed in policy compiler for iptables:
* bug #191423: "Weekend Time restriction not created correctly".
* bug #1205665: "Error with summer time when compiling script".
* bug #1215279: "rate limiting rule logs everything".
Bugs fixed in policy compiler for ipfw:
* bug #1155351: "Remote install of FW rulset fails due to race
condition".
Version 2.0.7 -- This is a bug fix release
What's new:
* Improvements in the GUI:
* "Close" button should change is caption/title to "Install".
* "Search for IP Addresses".
* Support for SNMP operations has been added in Windows packages of
Firewall Builder.
* Improvements in built-in installer:
User can specify additional command line parameters for ssh that
built-in installer runs to access firewall.
* Improvements in compiler for ipfilter fwb_ipf:
Added support for dynamic addresses in ipfilter.
* Improvements in compiler for iptables fwb_ipt:
Generated iptables script sets default policies to DROP in all ipv6
filter chains.
Bugs fixed in GUI:
* bug #1151052: "Not external interfaces marked as external".
* bug #1151212: "Collapsed sub-objects shouldn't be added if they are
hidden".
* bug #1151243: "Maintain format of description text".
* bug #1155163: "print does not print group contents".
* bug #1172620: "Add tcp service object for icslap".
* bug #1184791: "can not copy/paste multiple objects into a group".
Bugs fixed in API:
* bug #1158870: "mutexes are not properly created on FreeBSD".
* bug #1151219: "New Host creation window is not well dimensioned".
* bug #1157976: "patches to make fwbuilder compile under NetBSD 1.6".
* bug #1173801: '"&" character in prolog/epilog'.
Bugs fixed in policy compiler for iptables fwb_ipt:
* bug #1123748: "busybox grep -E".
* bug #1160186: 'IPTables Compiler - Multiport Issue'.
* bug #1176890: "block IPv6".
* bug #1176890: "block IPv6".
* bug #1179103: 'compiled rules can not be installed'.
* bug #1181359: "Missing traling space in "INVALID state" syslog message".
* bug #1195201: "getaddr function return error ip address".
Bugs fixed in policy compiler for pf fwb_ipf:
* bug #1173067: "support for port ranges in NAT rules (ipfilter)".
* bug #1173064: "support for dynamic interfaces in ipfilter".
Bugs fixed in policy compiler for pf fwb_pf:
* bug #1176051: "incorrect rule generated for TCP service ftp-data".
|
|
in a publicly-exported structure was renamed from "private" to
"opt_private". This allows <krb5.h> to be used by C++ compilers.
Bump the PKGREVISION to 1.
|
|
for the "db4" option and just rely on the appropriate BDB_* settings
via bdb.buildlink3.mk. Also, we tweak the builtin.mk file so use
krb5-config, if it's available, to check the version of the built-in
heimdal. Patches patch-ab, patch-ae and patch-af have been sent back
upstream and will be incorporated into future Heimdal releases.
Changes between version 0.6.5 and version 0.7.1 include:
* Support for KCM, a process based credential cache
* Support CCAPI credential cache
* SPNEGO support
* AES (and the gssapi conterpart, CFX) support
* Adding new and improve old documentation
* Bug fixes
|
|
the environment before letting the user execute bash scripts.
Bump PKGREVISION.
From Debian.
|
|
changes:
* Fixed crasher in seahorse-agent when used with GPG 1.4.2
* Now works with gedit 2.12 [Mike Gardiner]
* Many crasher and smaller fixes.
|
|
changes:
-added sha256 module
-Add PublicKey to Crypto.__all_
-bugfixes
|
|
header, which is expected by heimdal. Now the package builds on Solaris 9.
|
|
|
|
|
|
|
|
|
|
Don't run as root
Bump to nb3
|
|
|
|
|
|
Give the audit-pacakges a "-d" option to download the vulnerabilities file
with downloaad-vulnerability-list before scanning the installed packages.
Update the documentation accordingly.
Get rid of some inconsistent style problems in the audit-packages script.
|
|
* Version 1.2.8 (2005-10-07)
- Libgcrypt 1.2.2 is required to fix a bug for forking GnuTLS servers.
- Don't install the auxilliary libexamples library used by the
examples in doc/examples/ on "make install", report and tiny patch
from Thomas Klausner
- If you pass a X.509 CA or PGP trust database to the command line
tool, it will now abort the connection if the server certificate
validation fails. Use the parameter --insecure to continue even
after certificate validation failures. Inspired from discussion
with Alexander Kotelnikov
- The test for socklen_t has been moved to gnulib.
- Link failures for duplicate or missing "program_name" symbol has been fixed,
patch from Martin Lambers
- The command line tool and the examples no longer uses mmap or bzero,
to make them more portable, patch from Martin Lambers
- Made the PKCS #12 API handle null passwords. Based on patch by
Anton Altaparmakov
- The GTK-DOC manual should build with current released tools.
(But a copy of the output is included, so the tools are not required.)
- API and ABI modifications:
No changes since last version.
|
|
This is a maintenance release - all updates to 2.4 have been rolled into
2.5, along with some new exploits and minor features.
|
|
Solaris.
|
|
|
|
No pkgsrc changes.
Changes since version 0.96:
===========================
v0.97
- Writes now correctly return errors. (Problem noted by
Dominique Quatravaux <dom at idealx.com>).
- CA paths now work without passing an empty SSL_ca_file
argument. (Problem found by Phil Pennock, <phil.pennock
at globnix.org>).
- IO::Socket::SSL now automatically passes Proto => tcp (if
not already specified) to IO::Socket::INET to work around
/etc/services files with udp entries listed first. (Fix
suggested by Phil Pennock).
- $socket->accept() now returns the peer address in array
context for better conformance with IO::Socket::INET.
However, if you were doing "map { $_->accept } (@sockets)",
or similar tricks, you will need to use "scalar" to get the
old behavior back. (Problem noted by Nils Sowen, <n.sowen
at kon.de>).
- IO::Socket::SSL should now properly block on reads larger
than the buffer size of Net::SSLeay. (Problem found by Eric
Jergensen, <eric at dvns.com>).
- IO::Socket::SSL should now send CA Certs (if necessary)
along with certificates. (Problem found by <roy at
momentous.ca>).
- Timeouts should now work, but be aware that if multiple
reads/writes are necessary to complete a connection, then
each one may have a separate timeout. (Request from
Dominique Quatravaux <dom at idealx.com>).
- In certain cases, start_SSL() would misplace a socket's
fileno, causing problems with starting SSL. This should now
be fixed. (Problem found by <russ at zerotech.net>).
- IO::Socket::SSL now requires a minimum of Net::SSLeay 1.21.
|
|
intended. This automatically leads to a PKGREVISION bump.
|
|
0.9.7h include fixing a shared library upgrade problem where openssl-0.9.7h
had a different ABI than previous 0.9.7 sub-revisions due to a changed
constant.
|
|
|
|
web applications (or a web application firewall). Operating as an Apache Web
server module or standalone, the purpose of ModSecurity is to increase web
application security, protecting web applications from known and unknown
attacks.
This package is for both Apache 1.x and Apache 2.x
|
|
|
|
SecPanel serves as a graphical user interface for managing and running
SSH (Secure Shell) and SCP (Secure Copy) connections. SecPanel is
written entirely in pure Tcl/Tk and does not need any extensions but
it requires version 8.x of Tcl and Tk.
|
|
|
|
DIRB is a Web Content Scanner. It looks for existing (and/or hidden)
Web Objects. It basically works by launching a dictionary based
attack against a web server and analizing the response.
DIRB comes with a set of preconfigured attack wordlists for easy usage
but you can use your custom wordlists. Also DIRB sometimes can be
used as a classic CGI scanner, but remember is a content scanner not a
vulnerability scanner.
DIRB main purpose is to help in professional web application auditing.
Specially in security related testing. It covers some holes not
covered by classic web vulnerability scanners. DIRB looks for
specific web objects that other generic CGI scanners can't look for.
It doesn't search vulnerabilities nor does it look for web contents
that can be vulnerables.
|
|
|
|
Collection.
The Net::SSH::Perl Perl5 module contains implementations of both the
SSH1 and SSH2 protocols.
|
|
|
|
|
|
Changes in version 0.4.5 are:
* Fix a crash in some sync functions.
|
|
Collection.
The Perl 5 module Crypt::DH implements the Diffie-Hellman key
exchange system.
|
|
the netbsd-2-0, netbsd-2, and netbsd-3-0 branches on 2005-10-11, then
for the purposes of satisfying dependencies, pretend it's openssl-0.9.7h.
|
|
from the netbsd-1-6 branch with the 20040401 fix.
|
|
vulnerability triggered update due to CAN-2005-2969. Changes from
version 0.9.7f include:
o Fix SSL 2.0 Rollback, CAN-2005-2969
o Allow use of fixed-length exponent on DSA signing
o Default fixed-window RSA, DSA, DH private-key operations
o More compilation issues fixed.
o Adaptation to more modern Kerberos API.
o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin.
o Enhanced x86_64 assembler BIGNUM module.
o More constification.
o Added processing of proxy certificates (RFC 3820).
|
|
Hi joerg! 8-)
|
|
does mkdir or mkinstalldirs for these needed directories.
|
|
shared linking the noexec wrapper is not build.
|
|
|
|
Changes in version 0.4.4 are:
* Translation updates
* warning fixes
* require gtk 2.6
|
|
BINGRP to the MAKE_ENV to make unpriviledged builds work.
|
