| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
file integrity, into the NetBSD packages collection.
It creates a database from the regular expression rules that it finds
from the config file. Once this database is initialized it can be
used to verify the integrity of the files. It has several message
digest algorithms (md5,sha1,rmd160,tiger,haval,etc.) that are used to
check the integrity of the file. More algorithms can be added with
relative ease. All of the usual file attributes can also be checked
for inconsistencies. It can read databases from older or newer
versions. See the manual pages within the distribution for further
info. There is also a beginning of a manual at
http://www.cs.tut.fi/~rammer/aide/manual.html
This package is very similar to tripwire, but without its licen[cs]e
constraints.
|
|
|
|
|
|
|
|
|
|
|
|
<sab@zeekuschrist.com> in
Pine.NEB.4.21.0003021549090.8049-100000@blip.fish.poo on tech-pkg,
to prevent segfault
|
|
<kurek@uni-duisburg.de> in pkg/9519. Also defuzz patches.
|
|
features present in Heimdal but NOT present in MIT Kerberos (one more
reason to ditch MIT, I guess).
|
|
installation.
Still doesn't work; MIT Kerberos 5 is missing some calls that
sudo wants (tho Heimdal has them).
|
|
Takahiro Kambe <taca@sky.yamashina.kyoto.jp> in pkg/9477.
Changes since 1.0.0:
* New command --verify-files. New option --fast-list-mode.
* $http_proxy is now used when --honor-http-proxy is set.
* Fixed some minor bugs and the problem with conventional encrypted
packets which did use the gpg v3 partial length headers.
* Add Indonesian and Portugese translations.
* Fixed a bug with symmetric-only encryption using the non-default 3DES.
The option --emulate-3des-s2k-bug may be used to decrypt documents
which have been encrypted this way; this should be done immediately
as this workaround will be remove in 1.1
* Can now handle (but not display) PGP's photo IDs. I don't know the
format of that packet but after stripping a few bytes from the start
it looks like a JPEG (at least my test data). Handling of this
package is required because otherwise it would mix up the
self signatures and you can't import those keys.
* Passing non-ascii user IDs on the commandline should now work in all
cases.
* New keys are now generated with an additional preference to Blowfish.
* Removed the GNU Privacy Handbook from the distribution as it will go
into a separate one.
|
|
converted from FreeBSD, or have been disabled since. Sorted lines
alphabetically, added some missing directories.
|
|
|
|
if it exists. Minor fix-up to PLIST. Closes PR pkg/8897.
|
|
|
|
"dds" is a program to scan for a limited set of distributed denial of
service (ddos) agents.
At present, it scans for active instances of "trinoo", "Tribe Flood
Network" ("TFN") and "stacheldraht" agents, which were compiled
using the default values in known source distributions, such as those
found at:
http://packetstorm.securify.com/distributed/
It will *not* detect TFN2K agents.
For analyses of the three distributed denial of service attack
tools it scans for, and the methods being used by dds to identify
them, see:
http://staff.washington.edu/dittrich/misc/trinoo.analysis
http://staff.washington.edu/dittrich/misc/tfn.analysis
http://staff.washington.edu/dittrich/misc/stacheldraht.analysis
|
|
|
|
|
|
PortSentry is a utility which detects and respond to port scans
against a target host in real-time.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
393) Users in the 'exempt' group shouldn't get their $PATH overridden
by 'secure-path'. Patch from jmknoble@pobox.com.
394) Pam now works on HP-UX 11.0, thanks to Jeff A. Earickson.
|
|
Changes from Sudo 1.6.1:
383) Better behavior for -l and -v flags in conjunction with NOPASSWD and
added "verifypw" and "listpw" options.
384) For HP-UX with cc, add the -Aa flag along with -D_HPUX_SOURCE.
385) Fix compilation with K&R compilers.
386) For netgroup host matching, match against the short version of the
hostname as well as the long one if they are different.
387) Terminate passwd reading on '\r' in addition to '\n'
388) Visudo used to loop endlessly if a user entered ^D at the whatnow
prompt. EOF is now treaded as 'x' (exit w/o saving changes).
389) The 'shell_noargs' runtime option is back based on a patch from
bguillory@email.com.
390) Systems that return RLIM_INFINITY for RLIMIT_NOFILE (like AIX)
would loop for a very loing time during sudo startup. A value of
RLIM_INFINITY is now ignored (getdtablesize/sysconf is used instead).
391) Locking in visudo was broken. We now lock the sudoers file, not the
sudoers temp file, which should be safe.
392) PAM fixups: custom prompts now work correctly and errors are
dealt with more sanely. Patches from Cloyce D. Spradling.
|
|
the reason of failure: openssh configure.in tries to include specwise
incorrect header (netinet/in6.h), and checks for function availablility
with too high warning level.
|
|
1.2.2 (fixing PR 9304 by David Rankin <drankin@bohemians.lexington.ky.us>.
Changes:
20000125
- Fix NULL pointer dereference in login.c. Fix from Andre Lucas
<andre.lucas@dial.pipex.com>
- Reorder PAM initialisation so it does not mess up lastlog. Reported
by Andre Lucas <andre.lucas@dial.pipex.com>
- Use preformatted manpages on SCO, report from Gary E. Miller
<gem@rellim.com>
- New URL for x11-ssh-askpass.
- Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
<jmknoble@pobox.com>
- Added 'DESTDIR' option to Makefile to ease package building. Patch from
Jim Knoble <jmknoble@pobox.com>
- Updated RPM spec files to use DESTDIR
20000124
- Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
increment)
20000123
- OpenBSD CVS:
- [packet.c]
getsockname() requires initialized tolen; andy@guildsoftware.com
- AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
<drankin@bohemians.lexington.ky.us>
- Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com>
20000122
- Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor
<bent@clark.net>
- Merge preformatted manpage patch from Andre Lucas
<andre.lucas@dial.pipex.com>
- Make IPv4 use the default in RPM packages
- Irix uses preformatted manpages
- Missing htons() in bsd-bindresvport.c, fix from Holger Trapp
<Holger.Trapp@Informatik.TU-Chemnitz.DE>
- OpenBSD CVS updates:
- [packet.c]
use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
from Holger.Trapp@Informatik.TU-Chemnitz.DE
- [sshd.c]
log with level log() not fatal() if peer behaves badly.
- [readpass.c]
instead of blocking SIGINT, catch it ourselves, so that we can clean
the tty modes up and kill ourselves -- instead of our process group
leader (scp, cvs, ...) going away and leaving us in noecho mode.
people with cbreak shells never even noticed..
- [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
ie. -> i.e.,
20000120
- Don't use getaddrinfo on AIX
- Update to latest OpenBSD CVS:
- [auth-rsa.c]
- fix user/1056, sshd keeps restrictions; dbt@meat.net
- [sshconnect.c]
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- destroy keys earlier
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- [sshd.c]
- no need for poll.h; from bright@wintelcom.net
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- [sshd.c]
- no need for poll.h; from bright@wintelcom.net
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- Big manpage and config file cleanup from Andre Lucas
<andre.lucas@dial.pipex.com>
- Re-added latest (unmodified) OpenBSD manpages
- Doc updates
- NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and
Christos Zoulas <christos@netbsd.org>
20000119
- SCO compile fixes from Gary E. Miller <gem@rellim.com>
- Compile fix from Darren_Hall@progressive.com
- Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC
addresses using getaddrinfo(). Added a configure switch to make the
default lookup mode AF_INET
20000118
- Fixed --with-pid-dir option
- Makefile fix from Gary E. Miller <gem@rellim.com>
- Compile fix for HPUX and Solaris from Andre Lucas
<andre.lucas@dial.pipex.com>
|
|
1.2.2 (fixing PR 9304 by David Rankin <drankin@bohemians.lexington.ky.us>.
Changes:
20000125
- Fix NULL pointer dereference in login.c. Fix from Andre Lucas
<andre.lucas@dial.pipex.com>
- Reorder PAM initialisation so it does not mess up lastlog. Reported
by Andre Lucas <andre.lucas@dial.pipex.com>
- Use preformatted manpages on SCO, report from Gary E. Miller
<gem@rellim.com>
- New URL for x11-ssh-askpass.
- Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
<jmknoble@pobox.com>
- Added 'DESTDIR' option to Makefile to ease package building. Patch from
Jim Knoble <jmknoble@pobox.com>
- Updated RPM spec files to use DESTDIR
20000124
- Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
increment)
20000123
- OpenBSD CVS:
- [packet.c]
getsockname() requires initialized tolen; andy@guildsoftware.com
- AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
<drankin@bohemians.lexington.ky.us>
- Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com>
20000122
- Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor
<bent@clark.net>
- Merge preformatted manpage patch from Andre Lucas
<andre.lucas@dial.pipex.com>
- Make IPv4 use the default in RPM packages
- Irix uses preformatted manpages
- Missing htons() in bsd-bindresvport.c, fix from Holger Trapp
<Holger.Trapp@Informatik.TU-Chemnitz.DE>
- OpenBSD CVS updates:
- [packet.c]
use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
from Holger.Trapp@Informatik.TU-Chemnitz.DE
- [sshd.c]
log with level log() not fatal() if peer behaves badly.
- [readpass.c]
instead of blocking SIGINT, catch it ourselves, so that we can clean
the tty modes up and kill ourselves -- instead of our process group
leader (scp, cvs, ...) going away and leaving us in noecho mode.
people with cbreak shells never even noticed..
- [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
ie. -> i.e.,
20000120
- Don't use getaddrinfo on AIX
- Update to latest OpenBSD CVS:
- [auth-rsa.c]
- fix user/1056, sshd keeps restrictions; dbt@meat.net
- [sshconnect.c]
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- destroy keys earlier
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- [sshd.c]
- no need for poll.h; from bright@wintelcom.net
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- [sshd.c]
- no need for poll.h; from bright@wintelcom.net
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- Big manpage and config file cleanup from Andre Lucas
<andre.lucas@dial.pipex.com>
- Re-added latest (unmodified) OpenBSD manpages
- Doc updates
- NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and
Christos Zoulas <christos@netbsd.org>
20000119
- SCO compile fixes from Gary E. Miller <gem@rellim.com>
- Compile fix from Darren_Hall@progressive.com
- Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC
addresses using getaddrinfo(). Added a configure switch to make the
default lookup mode AF_INET
20000118
- Fixed --with-pid-dir option
- Makefile fix from Gary E. Miller <gem@rellim.com>
- Compile fix for HPUX and Solaris from Andre Lucas
<andre.lucas@dial.pipex.com>
|
|
|
|
|
|
this work on all (our at least more) platforms.
|
|
PR pkg/9242 by Christian E. Hopps.
|
|
is deprecated. Defaults to USE_IDEA=YES to match current default build.
|
|
|
|
|
|
- it is not enabled by default (need to think what to do with the ssh conflict)
- only tested under 1.4.1 so far
|
|
|
|
states that the motivation for this program was to speed up cvs work,
but it works just as well with "rsync" and other programs that use ssh
for the transport. This is a set of python scripts: "fsh" uses ssh,
(or optionally rsh or lsh) to start and set up a connection to "fshd"
on the remote host, also includes "fcp", and docs in "info" format.
|
