| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
USE_PKGSRC_GCC as appropriate, as this is handled by compiler.mk now.
|
|
# OpenSSH 3.7x currently does *not* work on IRIX!
# To compile, we would need to remove the extraneous inclusion of the
# ``inet_ntoa.h'' header in openbsd-compat/inet_ntoa.c, but even though
# sshd will not work: It seems the connection is closed by the daemon
# when it tries to spawn off a child to handle the incoming connection
#
# If you need the latest security patches for your openssh, I'm afraid you'll
# have to apply them by hand to the 3.6.1p2 version.
(Now wouldn't it be nice if we had a NOT_FOR_PLATFORM_REASON that is displayed
automatically?)
|
|
``Oops, they did it again.''
|
|
new distfile so far.
|
|
Changes since 3.7p1:
more malloc/fatal fixes; ok millert/deraadt; ghudson at MIT.EDU
|
|
PKGREVISION bump, and BROKEN= removed.
While there, fix Solaris short pkg name.
|
|
|
|
|
|
add missing word; bump date.
|
|
|
|
patch is available, as OpenSSH-3.6.1p2 contains another buffer overflow.
|
|
Large number of changes since 3.6.1p2, the most pertinent being:
* do not expand buffer before attempting to reallocate it (buffer.c)
note that NetBSD-current already includes this fix.
other changes include:
* portability fixes
* regression test fixes
* add GSSAPI support and remove kerberos support from ssh1, retaining
kerberos passwd auth for ssh1 and 2
* man page fixes
* general bug fixes
see the ChangeLog for full details.
|
|
Use the first word of ${FETCH_CMD} to determine which utility is used.
Addresses PR 22760 from Todd Vierling.
|
|
Make an informational message clearer.
|
|
Inspired by FreeBSD "ports".
Fix the PLISTs accordingly.
Also, while at it, remove now obsolete compileall.py calls in post-install
targets and insure that extension.mk is in included before builinlinks of
other Python modules.
Discussed with/ok'ed by drochner@.
|
|
|
|
* Use ${SHLIBTOOL} to build the shared plugins so we don't get the useless
lib<plugin>.a file.
|
|
include:
- Better opened() behavior when sockets close unexpectedly.
- Added support for WeakRef and Scalar::Util to allow
IO::Socket::SSL objects to auto-destroy themselves when
they go out of scope.
- Added croak()ing for unimplemented send() and recv() methods
so they are not accidentally used to transmit unencrypted
data. The Perl builtin functions cannot be reliably trapped
and are still dangerous, a fact that the POD now reflects
- Changed accept() to use inherited accept() instead of
IO::Socket::accept, so that IPv6 inheritance is possible.
- Added options to import() so that a user could specify
IPv6 or IPv4 mode of operation.
|
|
- new features: http and raw tcp support
- fixed apparent STDIO vs. sysread bug in proxy connect
- added tcpecho.pl and tcpcat.pl to MANIFEST
- fixed some further bugs with TCP read all, etc.
- fixed some const char pointer warnings
|
|
perl5/module.mk.
|
|
Don't assume PerlIO_read() works like fread() even though
it was documented like that for perl 5.6. It returns negative
on read failure.
The $md5->addfile method now croaks if it discovers
errors on the handle after reading from it. This should
make it more difficult to end up with the wrong digest
just because you are to lazy to check the error status
on your file handles after reading from them.
Improved documentation.
|
|
Don't assume PerlIO_read() works like fread() even though
it was documented like that for perl 5.6. It returns negative
on read failure.
Implemented sha1_transform, required to implement NIST FIPS 186-2.
Make it build on 64-bit platforms with 32-bit longs.
Sync up with the Digest::MD5 implementation:
- added clone method
- addfile croaks if it can't read
- the sha1*() functions warn if called as method
or with reference arguments.
|
|
USE_GCC2 or USE_GCC3 where appropriate.
the functionality of the old gcc.buildlink2.mk has been rolled into
compiler.mk now, which is automatically used.
more changes to come later...
|
|
download-vulnerability-list(8) now needs digest(1).
Hence put digest package as a runtime dependency of audit-packages
package.
|
|
|
|
just setting BUILDLINK_DEPENDS.openssl. USE_OPENSSL_VERSION wasn't
actually needed here anyway since the minimum version allowed by
openssl/buildlink2.mk exceeded the version requested here.
|
|
need by simply setting BUILDLINK_DEPENDS.openssl. This buildlink2.mk file
now functions just like any other typical buildlink2.mk file.
|
|
|
|
openssl.
|
|
configure and test phases.
|
|
|
|
bare "make" problem using tools.mk.
|
|
Support wget and curl as FETCH_CMDs, as discussed in PR 19103.
|
|
|
|
Style nits, while here.
|
|
|
|
from webpage:
>v2 is a significantly more accurate, precise and faster brother of the original
>proof-of-concept tool I released in 2000. P0f v1 is largely obsolete...
|
|
doesn't exist. It's apparently only mapped in the FTP server configuration.
|
|
|
|
SASL is a generic mechanism for authentication used by several
network protocols. Authen::SASL provides an implementation
framework that all protocols should be able to share.
The XS framework makes calls into the existing libsasl.so
shared library to perform SASL client connection functionality,
including loading existing shared library mechanisms.
Authen::SASL::Cyrus implements XS SASL Authentication.
Packages provided by Quentin Garnier via pkgsrc-wip.
|
|
SASL is a generic mechanism for authentication used by several
network protocols. Authen::SASL provides an implementation
framework that all protocols should be able to share.
The included plugin Authen::SASL::Perl implements several of
these protocols (DIGEST-MD5, CRAM-MD5, ANONYMOUS, EXTERNAL,
LOGIN and PLAIN).
Package provided by Quentin Garnier via pkgsrc-wip.
|
|
"audit-packages" script. Bump package version again.
|
|
|
|
Changes from previous version:
+ rely on an embedded sha1 digest to tell whether the vulnerabilities
file has been damaged in transit or received successfully, rather than
trusting that the file will not grow smaller
+ use the new filename "pkg-vulnerabilities"
+ use definitions from defs.${OPSYS}.mk in the download-vulnerability-list
script
+ at installation time, don't rely on "ln -sf" to DTRT - explicitly call
"rm -f" before attempting the symbolc link
With thanks to seb@ for testing.
|
|
Based on pr pkg/22356 by Adrian Portelli.
Changes since 2.0.6a:
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed bad performances issues when pinging dead hosts
- Fixed a bug which would prevent to store items larger than 2kb in the KB
- NFS and SMB file-related functions completed (open, read and cwd are
implemented)
- Plugins support for Windows 2003
- Network IPs can now be evenly sliced instead of being scanned
sequentially
- User-definable source-IP(s) for the checks (nessusd -S)
- Fixed a possible message corruption problem if a plugin was to send a too
long message back to nessusd
- Fixed a possible plugin corruption problem when the client overwrites
existing plugins
- Fixed various false positives and wording issues in several plugins
|
|
library
|
|
adresses openssl part of PR pkg/22654 by Adrian Portelli
|
|
compiles fine without
|
|
|
|
Some highlights of changes since 4.2.3:
* PCRE updated to 4.3, GD to 2.0.15
* improved Apache2 support
* much improved stream & URL wrapper support, output compression support
* added CLI (Command Line Interface) SAPI
* debug_backtrace() backported from ZendEngine2
* faster build system
* huge number of other bug fixes and improvements
Packaging changes:
* 'pcre', 'xml', and 'session' modules folded back into main package -
'pcre' and 'xml' is required by PEAR, and 'session' is just too essential
to be separate
* 'gd' module now uses bundled PHP GD library, which is better integrated
* PHP modules use shared distinfo when possible to ease future PHP updates
* ${PREFIX}/bin/php is now CLI version, ${PREFIX}/libexec/cgi-big/php
remains CGI version
|
