| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Changelog for version 3.20, 2001.08.15, urgency: LOW:
* setsockopt() optlen set according to the optval for Solaris.
* Minor NetBSD compatibility fixes by Martti Kuparinen.
* Minor MSVC6 compatibility fixes by Patrick Mayweg.
* SSL close_notify timeout reduced to 10 seconds of inactivity.
* Socket close instead of reset on close_notify timeout.
* Some source arrangement and minor bugfixes.
|
|
- don't install setuid unless SSH_SUID=YES
- use libwrap (--with-tcp-wrappers) on NetBSD
I also want to fix S/Key support and Kerberos IV,
so I've left some comments in Makefile for that.
|
|
- add RC2-64,RC2-128,DES,Triple-DES
- update aicrypto lib
- some fixes,with -p7 option
|
|
|
|
- Fix telnetd origin security hole.
|
|
- increased login timeout
- fixed a possible deadlock in libpeks
- fixed a bug which would cause the client to crash when sending a too
long plugin list
- fixed the 'too many plugins selected' bug that would make the
client crash
- workaround for a Linux bug^H^H^Hfeature that makes recv()
behave completely differently than the rest of the world
(thanks to Andreas Steinmetz)
- fixed http://install.nessus.org to better work on Solaris
- various minor issues
- several new plugins
|
|
* Portability hack.
|
|
* Remove make for loop and replace with shell for loop
* Add an RCS ID and comment to uvscan.sh.
* Remove unnecessary whitespace from DESCR.
|
|
|
|
deinstall cleanly with pkg_delete, and make the update_dat script more
robust by fetching to a temporary directory, and only moving the new
DAT files into place if the fetch and untar was successful.
|
|
files. Substitute for @ID@ instead of directly using 'id', and use the
value of ${ID} already set in defs.*.mk.
|
|
Changes are updated and enhanced virus definition data.
|
|
- use 'id' instead of 'finger'. this is not a real problem but it
is enough and fixing the next problem makes it possible to use it.
- grep -q doesn't work on solaris, so use a different way to suppress
the output from the user check.
- the return code check for the user was reversed.
|
|
Based on PR pkg/13679 by Martti Kuparinen.
Changelog for version 3.19, 2001.08.10, urgency: MEDIUM:
* Critical section added around non MT-safe TCP Wrappers code.
* Problem with "select: Interrupted system call" error fixed.
* errno replaced with get_last_socket_error() for Win32.
* Some FreeBSD/NetBSD patches to ./configure from Martti Kuparinen.
* Local mode process pid logged.
* Default FQDN (localhost) removed from stunnel.cnf
* ./configure changed to recognize POSIX threads library on OSF.
* New -O option to set socket options.
|
|
|
|
|
|
|
|
|
|
New in version 1.1:
Ability to scan Perl programs for vulnerabilites.
Ability to scan Python programs for vulnerabilities.
|
|
|
|
|
|
|
|
attack described in SA2001-12 (noted by T. M. Pederson <salvage@plethora.net>
in PR pkg/13610).
Instead of applying the patch submitted by T. M. Pederson, we upgrade
kth-krb4 to 1.0.9 where the vulnerability has been fixed.
The upgrade to 1.0.9 was provided by Assar Westerlund <assar@netbsd.org>
and slightly modified by myself.
Also included is diff file for /etc/services for NetBSD-1.5 (and 1.5.1)
also submitted by T. M. Pederson <salvage@plethora.net> in PR 12540.
Note: files/services.diff resurfaces as files/services-1.4.2.diff.
Closes PR 13610 and PR 12540.
|
|
wrapped by configure.in scripts, however, we don't use them for libipsec part.
|
|
is not maintained any more. use openssh.
|
|
|
|
ftp://ftp.netbsd.org/pub/NetBSD/security/patches/SA2001-012-telnetd.patch
see also
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc
|
|
virus signatures.
|
|
Fixes pkg/13568.
|
|
installation directory in case the package isn't installed.
|
|
|
|
1.5.x does.
|
|
Changes:
* Some transfer() bugfixes/improvements.
* STDIN/STDOUT are no logner assumed to be non-socket decriptors.
* Problem with --with-tcp-wrappers patch fixed.
* pop3 and nntp support bug fixed by Martin Germann.
* -o option to append log messages to a file added.
* Changed error message for SSL error 0.
Provided by Martti Kuparinen in PR 13537.
|
|
Fri Jul 20 01:26:07 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
* ssl.c (Init_ssl): regardless of scope state, accessors
should be public. It is required with 1.6.4 (2001-06-04).
|
|
time faster from Germany and the USA.
|
|
BUILDLINK_PREFIX.<pkgname>. This allows buildlink to find X11BASE packages
regardless of whether they were installed before or after xpkgwedge was
installed. Idea by Alistair Crooks <agc@pkgsrc.org>.
|
|
BUILDLINK_PREFIX.<pkgname>. This allows buildlink to find X11BASE packages
regardless of whether they were installed before or after xpkgwedge was
installed. Idea by Alistair Crooks <agc@pkgsrc.org>.
Also overhaul code to specify the minimum version of OpenSSL needed by
a dependent package. We now set USE_OPENSSL_VERSION to the version number
in <openssl/opensslv.h>. Idea also by Alistair Crooks <agc@pkgsrc.org>.
|
|
BUILDLINK_PREFIX.<pkgname>. This allows buildlink to find X11BASE packages
regardless of whether they were installed before or after xpkgwedge was
installed. Idea by Alistair Crooks <agc@pkgsrc.org>.
|
|
in NetBSD 1.5.1.
|
|
on pth.
|
|
Based on a pkg provided by Martti Kuparinen in PR 13484.
Changes include:
* Serious bug resulting in random transfer() hangs fixed.
* Separate file descriptors are used for inetd mode.
* -f (foreground) logs are now stamped with time.
* New ./configure option: --with-tcp-wrappers by Brian Hatch.
* pop3 protocol client support (-n pop3) by Martin Germann.
* nntp protocol client support (-n nntp) by Martin Germann.
* RFC 2487 (smtp STARTTLS) client mode support.
* Transparency support for Tru64 added.
* Some #includes for AIX added.
|
|
openssl>=0.9.6.
|
|
|
|
the same.
|
|
|
|
Auditing tool for system logs on Unix boxes.
Logcheck helps spot problems and security violations in your logfiles
automatically and will send the results to you in e-mail.
Logcheck is part of the Abacus Project of security tools. It is a program
created to help in the processing of UNIX system logfiles generated by the
various Abacus Project tools, system daemons, Wietse Venema's TCP Wrapper
and Log Daemon packages, and the Firewall Toolkit(c) by Trusted Information
Systems Inc.(TIS). Logcheck also works very well at reporting on other
common operating system security violations and strange events.
|
|
Sun Jun 17 23:27:52 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
* make it the release 0.3.0
Sun Jun 17 16:23:19 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
* sample/verify_cb.rb: for SSLSocket#verify_callback=
* sample/x509.rb: new sample for X509.
* sample/login.rb: new sample for Net::Telnet.
Sun Jun 17 16:07:12 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
* lib/net/protocols.rb: split NetPrivate from https.rb.
Sun Jun 17 15:03:02 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
* lib/net/https.rb: use forwardable.rb.
* lib/net/https: follow SSLSocket.
* lib/net/telnets: ditto.
Sun Jun 17 13:00:37 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
* ssl.c: use instance variable (rb_ivar_set/rb_ivar_get) instead
of the fields in C structure.
* ssl.c: new methods SSLSocket#timeout, SSLSocket#ciphers=,
SSLSocket#verify_depth=.
* ssl.c: new class X509_STORE_CTX. and fix arguments for the Proc#call
at verify callback.
* ssl.c: new methods X509#sigAlgor, X509#key_type, X509#extension,
X509#verify, #X509#to_s
* ssl.c: change the sequence of arguments of SSLSocket.new.
Sun Jun 17 12:59:50 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
* ChangeLog: new file.
|
|
for systems where the dependent libraries aren't part of the base system.
Don't include tcl/buildlink.mk as the libraries aren't required for the
build -- only the tclsh binary is required at run-time. Also honor CFLAGS
passed in from environment during the build.
|
|
|
|
|
