Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Approved by agc.
|
|
|
|
|
|
|
|
Get MD5 sums for files of a given path or content of a given url.
|
|
|
|
Bump PKGREVISION.
|
|
with the number of colons between the fields.
|
|
|
|
|
|
|
|
Applied Hasso Tepper recommended fix. Thank you.
|
|
MITKRB5-SA-2008-002. Bump PKGREVISION now finally.
|
|
will be bumped again once some other patches are in.
|
|
supported yet. Don't bump revision as the package didn't build before.
|
|
- telnetd username and environment sanitizing vulnerabilities ("-f root")
as described in MIT Kerberos advisory 2007-001.
- krb5_klog_syslog() problems with overly long log strings as described
in MIT Kerberos advisory 2007-002.
- GSS API kg_unseal_v1() double free vulnerability as described in the
MIT Kerberos advisory 2007-003.
|
|
- Fix flaw if 'Server Key exchange message' is omitted from a TLS handshake
which could lead to a silent crash.
- Fix double free in TLS server name extensions which could lead to a remote
crash.
Patches from upstream.
|
|
Noticed by Hasso Tepper in PR 38822.
Bump PKGREVISION.
|
|
|
|
last commit.
|
|
getpeereid() .
|
|
changes:
-Fix importing keys from hkp keyservers
-build fixes
|
|
changes:
-minor UI improvements
-bugfixes
-portability improvements, in particular for credential passing on
local sockets -- unfortunately a bit of the patch I submitted upstream
got lost
|
|
|
|
|
|
4.24: fix security problem (properly reject revoked certs)
4.23: WinNT bugfix
4.22:
- A new global option to control logging to syslog.
Simultaneous logging to a file and the syslog is now possible.
- A new service level option to control stack size.
- Restored chroot() to be executed after decoding numerical
userid and groupid values in drop_privileges().
- A few bugs fixed the in the new libwrap support code.
- TLSv1 method used by default in FIPS mode instead of
SSLv3 client and SSLv23 server methods.
4.21:
- Initial FIPS 140-2 support (see INSTALL.FIPS for details).
- Experimental fast support for non-MT-safe libwrap is provided
with pre-spawned processes.
- Stunnel binary moved from /usr/local/sbin to /usr/local/bin
in order to meet FHS and LSB requirements.
- Added code to disallow compiling stunnel with pthreads when
OpenSSL is compiled without threads support.
- Minor manual update.
- TODO file updated.
- Dynamic locking callbacks added (needed by some engines to work).
- AC_ARG_ENABLE fixed in configure.am to accept yes/no arguments.
- On some systems libwrap requires yp_get_default_domain from libnsl,
additional checking for libnsl was added to the ./configure script.
- Sending a list of trusted CAs for the client to choose the right
certificate restored.
- Some compatibility issues with NTLM authentication fixed.
|
|
|
|
many packages used to use ${PAX}. Use the common way of directly calling
pax, it is created as tool after all.
|
|
Addresses PR 38744.
|
|
patches to add it). Drop pax from the default USE_TOOLS list.
Make bsdtar the default for those places that wanted gtar to extract
long links etc, as bsdtar can be built of the tree.
|
|
And also require opencdk>=0.6.5.
|
|
security/p5-String-Random. Merge changes from the textproc one into
the security one.
|
|
* Version 2.2.5 (released 2008-05-19)
Fix flaw in fix for GNUTLS-SA-2008-1-3.
* Version 2.2.4 (released 2008-05-19)
Fix three security vulnerabilities. [GNUTLS-SA-2008-1]
[GNUTLS-SA-2008-1-1]
libgnutls: Fix crash when sending invalid server name.
[GNUTLS-SA-2008-1-2]
libgnutls: Fix crash when sending repeated client hellos.
[GNUTLS-SA-2008-1-3]
libgnutls: Fix crash in cipher padding decoding for invalid record lengths.
* Version 2.2.3 (released 2008-05-06)
Increase default handshake packet size limit to 48kb.
Fix compilation error related to __FUNCTION__ on some systems.
Documented the --priority option to gnutls-cli and gnutls-serv.
Fix fopen file descriptor leak in PSK server code.
Build Guile code with -fgnu89-inline only when supported.
Make Camellia encryption work.
|
|
Based on patch provided by Eric Schnoebelen in PR 38692.
While here, marked as DESTDIR support.
Also fix CONFIGURE option for GSSAPI implement (I don't know from when).
* Version 0.2.26 (released 2008-05-05)
** Translations files not stored directly in git to avoid merge conflicts.
This allows us to avoid use of --no-location which makes the
translation teams happier.
** Build fixes for the documentation.
** Update gnulib files.
* Version 0.2.25 (released 2008-03-10)
** gsasl: Fix buffering issue to avoid mixing stdout/stderr outputs.
This would manifest itself when redirecting output to a pipe, such as
when used with Gnus. Reported by Enrico Scholz
<enrico.scholz@informatik.tu-chemnitz.de>, see
<http://thread.gmane.org/gmane.comp.gnu.gsasl.general/123>.
** Fix non-portable use of brace expansion in makefiles.
* Version 0.2.24 (released 2008-01-15)
** Link self-tests with gnulib, to fix link failures under MinGW.
* Version 0.2.23 (released 2008-01-15)
** Improve CRAM-MD5 self-test to detect if challenges are the same.
** Improve gsasl --help and --version to conform with GNU standards.
** Use gettext 0.17.
** Update gnulib files.
* Version 0.2.22 (released 2007-10-08)
** Development git tree moved to savannah.
See <https://savannah.gnu.org/projects/gsasl/>.
** Fix warnings when building the tool 'gsasl'.
** Update gnulib files.
|
|
tech-pkg at jp.NetBSD.org => tech-pkg-ja at jp.NetBSD.org
|
|
changes:
-direct-tcpip support
-bug fixes
pkgsrc change: disable use of Python setuptools
(gives unpredictable results)
|
|
|
|
so make it only end up in the PLIST if that is the case.
|
|
Major changes since Sudo 1.6.9p15:
o There was missing whitespace before the ldap libraries in the Makefile
for some configurations.
o LDAPS_PORT may not be defined on older Solaris LDAP SDKs.
o If the LDAP server could not be contacted and the user was not present
in sudoers, a syntax error in sudoers was incorrectly reported.
|
|
|
|
Stegtunnel provides a covert channel in the IPID and sequence number
fields of any desired TCP connection. It requires the server and
client to have a previously shared secret in common to detect and
decrypt the data.
|
|
|
|
|
|
|
|
this heimdal on 3.x.
Bump PKGREVISION.
|
|
|
|
EzCrypto is an easy-to-use wrapper around the poorly documented OpenSSL
Ruby library. Features include:
* Defaults to AES 128 CBC
* Will use OpenSSL library for transparent hardware crypto support
* Single-class object-oriented access to most commonly used features
* Ruby-like syntax
|
|
Stop lying and drop maintainership of these packages. I have not
maintained them for a very long time already, so leave room for
fresh blood to take over them.
|
|
Synopsis: Support for DragonFly to security/pcsc-lite
Incorporated fix submitted by Hasso Tepper.
|