summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Collapse)AuthorFilesLines
2006-06-17Fixed the set of installed files when the "qt" or "gtk" options arerillig3-27/+37
selected. Fixed pkglint warnings. Bumped PKGREVISION.
2006-06-16Support checking passwords using either Kerberos or PAM via PKG_OPTIONS.jlam3-3/+39
This fixes the PLIST on systems that have PAM natively. Bump the PKGREVISION to 5.
2006-06-16Update to 0.9.5. Changes:shannonjr3-8/+9
- Store Prelude-Manager FIFO into the profile backup directory so that FIFO are per profile. Fix #151. - Update libwrap check, don't statically link libwrap. Cleanup. Fix #144. - XMLmod: Implement CorrelationAlert processing. - XMLmod: No ntpstamp attribute in File/Inode element datetime fields. - XMLmod: permission -> Permission, as per IDMEF DTD requirements. - XMLmod: Process the Checksum IDMEF element. - XMLmod: Make AdditionalData validation pass (IDMEF v15 -> v16 change). - XMLmod: disable-buffering option argument is optional. - XMLmod: Correct DTD loading error. - XMLmod: Avoid NULL libxml warning.
2006-06-16REPLACE_PERL without a runtime dependency to Perl is useless. Bumpedrillig1-2/+3
PKGREVISION.
2006-06-16Converted to the SUBST framework.rillig1-11/+7
2006-06-16Removed the leading "@" from shell commands.rillig1-5/+5
2006-06-14PKGMANDIR instead of "man".reed1-21/+21
2006-06-14Make sudo use VARBASE.reed1-2/+6
Always use "man" instead of catpages. Make sure "run" directory is precreated, so you don't get: /usr/bin/sudo sudo: can't mkdir /var/run/sudo: No such file or directory Bump PKGREVISION. Okayed by maintainer back in December. The only concern was that /var/run may not be for all platforms, but this is same as other packages to (not specific to sudo).
2006-06-13py-cheetah needs Python 2.2+joerg1-1/+2
2006-06-13Forgotten patchsum update.joerg1-2/+2
2006-06-12Add DragonFly support.joerg4-12/+45
2006-06-11Rename to match Python naming convention. Depend on py-cheetah.joerg2-3/+63
Fix PLIST. Conflict on old name.
2006-06-11Needs pkg-config.joerg1-1/+2
2006-06-09Forgotten patchsum. Detected by wizd(8).joerg1-1/+2
2006-06-08Removed temporary code that should not have been committed in my lastshannonjr1-4/+1
update.
2006-06-07Updated to version 5.41.heinz2-6/+6
Pkgsrc changes: - none Relevant changes since version 5.31: ==================================== - modified addfile to accept indirect filehandles -- ref. rt.cpan.org #19627 and #19641 - modified shasum to warn rather than die for file errors -- to follow conventions of GNU sha1sum/md5sum - added new capabilities to the "addfile" method -- now able to accept file names as well as handles -- includes mode for portable digest calculation -- thanks to Adam Kennedy for emails and ideas ref. File::LocalizeNewlines - used expanded addfile interface to simplify shasum (sumfile) -- regex a tad less general than 5.37, but handles all known newline variants in UNIX/Windows/MacOS - enhanced WARNING messages from shasum checkfile processing -- to mimic behavior of md5sum - improved error handling of checksum files in shasum -- to better mimic the behavior of md5sum - refined line-break regex in shasum (ref. sub sumfile) -- catches multiple CR's preceding LF thanks to Gisle Aas for suggested patch - changed loop vars to signed int's in shadump (ref. src/sha.c) -- to prevent type mismatch warnings - added "portable" option to shasum -- to make digests match across Windows/Unix/MacOS - enabled bundling of shasum command line options -- to mimic behavior of md5sum - removed \r's from text files in t/nist directory -- resolves SIGNATURE clashes (rt.cpan.org #18983) - changed suffix on SHA64_MAX (src/sha.h) to ULL -- eliminates gcc warnings (rt.cpan.org #18988) - specified minimum Perl version for module and Makefile.PL -- closes rt.cpan.org #18984 - made minor code changes to silence compiler warnings -- resulting from signed/unsigned integer mixing
2006-06-07Needs bison.joerg1-1/+2
2006-06-07Don't use BIOCIMMEDIATE if it doesn't exist.joerg1-0/+13
2006-06-06Update distinfo missed in the update to 1.2.5adrianp1-4/+4
2006-06-06Update to 1.2.5adrianp2-4/+4
> - 6/4/2006 1.2.5 (sarah) > - Added base64 encoding support for MAC addresses presented on the screen for FLoP extended database -- Juergen Leising > - Added base64 encoding support for rebuild of packet in pcap format for FLoP extended database -- Juergen Leising > - Fixed issue with Oracle and schema version in base_db.inc.php -- Nikns > - Fixed bug when alerts with sig references would fail to archive causing duplicates error -- Nikns > - Added base64 encoding support for ICMP payload additional table in base_qry_alert.php -- Juergen Leising > - Added check for PHP Logging Level against E_NOTICES in setup/index.php -- Nikns > - Fixed bug when certain preprocessor alerts would not be cached (for example arpspoof) -- Nikns > - Added setup/setup_db.inc.php with CreateBASEAG() to resolve redundancy in setup and base_db_setup.php -- Nikns > - Removed unnecessary and broken search index stuff from Create BASE AG, since schemas are already with them -- Nikns > - Added XSSPrintSafe() (array safe htmlspecilchars() function) and made filterSql() use ADOdb qmagic() -- Nikns > - Changed input type of the password field to actually be password in setup3.php -- Nikns > - Filtered all unfiltred (mainly auth system stuff) $_POST and $_GET variables using filterSql() -- Nikns > - Santized all $_SERVER variables to be protected against XSS attacks -- Nikns > - Added "Clear Data Tables" option in base_maintenance.php and "Repair Tables" option to execute CreateBASEAG() -- Nikns > - Make use of FLoP's event reference. Signature name of alert which trigered "Tagged Packet" alert is shown too -- Nikns > - Updated chinese.lang.php -- Johnson Chiang > - Fixed Time error in searches -- Jeff Kell > - Fixed refresh issue with ~ directories -- Kevin Johnson > - Fixed cookie stored data and authentication scheme to correct Nikns' report on session forge issue -- GaRaGeD > - Updated link to the Nessus plug in DB -- Jonathan W Miner > - Fixed display after deleting alerts -- Bruce Briggs > - Fixed Bug #1466392 - Back button doesn't work after refresh. -- Juergen Leising > - Patches from jhart@spoofed.org to add missing ICMP and TCP type and codes - GaRaGeD > - add support for ICMP redirect decoding. - Jon Hart > - add decoding support for ICMP source quench and ICMP parameter problem - Jon Hart > - split up "flags" into DF and MF, much like tcp flags are currently handled - Jon Hart
2006-06-06Make this package build on platforms without native pcap.minskim3-2/+19
2006-06-06Added MESSAGE file.shannonjr1-0/+13
2006-06-06PLIST correction.shannonjr1-4/+1
2006-06-06Added sql to create additional database indices supporting deletion. Withoutshannonjr4-8/+17
these indices web browser will often timeout before delete operation completes. Update to libpreludedb 0.9.8. Changes: - Always use prelude_escape_binary() when inserting additional data, even in case we're inserting a string, since the database field might be of a type that require binary kind of escaping. Fix #143. - Implement reading of message_processing_model, security_model, security_level. Handling of community member is deprecated (IDMEFv16 update). - Fix a bug where Service->ip_version would not be read from database. - Error reporting improvement.
2006-06-06Update to libprelude 0.9.9. Changes:shannonjr3-10/+13
- Correct IDMEF v16 checksum algorithms letter case. - Detailed, verbose error reporting when failing to read IDMEF message. - Detailed, verbose error reporting for unsupported value operation.
2006-06-06Do not install files directly into etc; it should be handled throughminskim2-1/+17
CONF_FILES.
2006-06-05Update to 2.6adrianp3-12/+59
The changes since the 2.5 release include: msfconsole: * Tab completion improvements * Remember last used exploit after save * Improved reload/rexploit/rcheck commands * Security fixes for handling terminal escapes msfcli: * Security fixes for handling terminal escapes msfweb: * Security fixes when using defanged mode meterpreter: * Addition of the SAM password dump extension * Improvements to the VNC injection msfpescan: * PE fingerprinting via the -S option * Additional information via the -D option * Major bug fixes to PE format parser exploits: * Major rewrites of many exploit modules * Reliability improvements across the entire set * 42 new exploits added since 2.5 was released * Improved IPS evasion for SMB/DCERPC/HTTP modules libraries: * Human-friendly SMB and DCERPC error codes * Reworking of the entire DCERPC API * Incremental improvements to the SMB stack * Integration of commonly-duplicated routines * Major improvements to PEInfo module
2006-06-04Fix CONFLICTS of php/pear packages, the asterix was missing (thanks tv).joerg2-4/+4
While going through the tree, fix some more packages which had similiar issues with too strict conflicts, bump the revisions of those.
2006-06-04Remove OPENSSH_GID and OPENSSH_UID, it happened to work before,joerg2-6/+2
since those are the values in NetBSD. In reality, they haven't been used for ages though.
2006-06-04I don't see any reason for kth-krb4 to conflict with zephyr,joerg1-3/+2
maintainer didn't respond to the question either. So remove the CONFLICT and bump revision.
2006-06-04Uses C++.joerg1-1/+2
2006-06-02Rename all PHP 4 packages to php4-*, all PHP 5 packages to php5-*,joerg3-14/+17
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or ap2-* respectively. Add new variables to simplify the Makefile handling. Add CONFLICTS on the old names. Reset revisions of bumped packages. ap-php will now depend on the default Apache and PHP version. All programs using it have an implicit option of the Apache version as well. OK from jlam@ and adrianp@.
2006-06-02Needs Python 2.2 or later.joerg1-1/+3
2006-06-01Move docs under share/doc/p0f, fix INSTALLATION_DIRS, bump revision.joerg2-8/+9
2006-05-31The databases/openldap package has been split in -client and -server componentghen9-24/+24
packages. Convert LDAP-based applications to depend on openldap-client, and bump PKGREVISION for those that depend on it by default.
2006-05-26Added additional environment cleanup before exec'ing prelude-manager.shannonjr2-1/+23
2006-05-26Modify run-prelude-lml to properly start prelude-lml as daemon. This worksshannonjr3-6/+22
around a problem where prelude-lml is not connecting to prelude-manager when passed the -d command line argument.
2006-05-25Fix pasto/thinko: it's PKG_HOME.${DIRMNGR_USER}seb1-2/+2
not PKG_SHELL.${DIRMNGR_USER}
2006-05-22Move the check-shlibs target from bsd.pkg.mk to bsd.pkg.check.mk wherejlam1-2/+1
it will live with other "check" targets run after package installation. Get rid of SHLIB_HANDLING, whose meaning had mutated over the years from one thing to another. Currently, it is used to basically note whether the system's "ldd" command can be usefully run on the package's binaries and libraries. Rename this variable to CHECK_SHLIBS_SUPPORTED for more clarity. CHECK_SHLIBS is now a variable set exclusively by the user in /etc/mk.conf to note whether the check for missing run-time search paths is performed after a package is installed. It defaults to "no" unless PKG_DEVELOPER is set.
2006-05-22Added 2 missing files to PLISTshannonjr1-1/+3
2006-05-221) Update to 0.9.5shannonjr3-14/+26
2) Changed permissions on plugins.rules and prelude-lml.conf so that prelude-lml can run unpriviledged 3) Changed confdir in configure so that plugins.rules and prelude-lml.conf are found. Changes in 0.9.5: - Experimental context support (ala SEC): we now handle multiline log matching. - Update PAX rules so that it use the new context feature. - Don't exit on statistics signal, improve statistics precision, make them easier to read. - Fix some problem with user & group options. - text-output argument is optional. - New experimental ruleset: Sonicwall and Spamassassin. These need to be manually hooked to pcre.rules if you plan to use them. - Fix FAM activation switches.
2006-05-21Fixed pkglint warnings.rillig2-12/+12
2006-05-21It is spelled CONF_FILES_PERMS, USE_GNU_TOOLS is dead and remove somejoerg1-6/+6
bogus :Q.
2006-05-21Forgotten patchsums for last changes. Noticed by rillig.joerg1-2/+4
2006-05-21Support fetching the pkg-vulnerabilities file over httpadrianp4-39/+74
Bump to version 1.43
2006-05-21Build using -fno-common under Darwin, it is needed to be able to long gnutlstonio1-1/+3
against libtasn1 bump pkgrevisoin, and the binary package changed on Darwin
2006-05-20Forgotten patches.joerg2-0/+26
2006-05-20Use config file framework.joerg4-28/+89
2006-05-20Fix PLIST, bump revision.joerg2-3/+11
2006-05-20Uses C++.joerg1-1/+2