| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
20.1.0:
It is now possible to manually override the detection of SSE2 using the ARGON2_CFFI_USE_SSE2 environment variable.
|
|
1.14.3:
Bug Fixes
catch exceptions.RefreshError
|
|
These PLIST files have been autogenerated by mk/haskell.mk using
HS_UPDATE_PLIST=yes during a bulk build. They will help to track changes
to the packages. The Haskell packages didn't have PLIST files because
their paths contained package hashes. These hashes are now determined by
mk/haskell.mk, which makes it easy to generate easy to read PLIST files.
|
|
|
|
This is not only a Perl module, it also runs the Perl interpreter
directly.
|
|
These files are not installed as executables, therefore they don't need a
script interpreter. The paths to the files were wrong anyway.
|
|
|
|
|
|
|
|
1.4.0:
Added
* Turn off session tickets for apache plugin by default when appropriate.
* Added serial number of certificate to the output of `certbot certificates`
* Expose two new environment variables in the authenticator and cleanup scripts used by
the `manual` plugin: `CERTBOT_REMAINING_CHALLENGES` is equal to the number of challenges
remaining after the current challenge, `CERTBOT_ALL_DOMAINS` is a comma-separated list
of all domains challenged for the current certificate.
* Added TLS-ALPN-01 challenge support in the `acme` library. Support of this
challenge in the Certbot client is planned to be added in a future release.
* Added minimal proxy support for OCSP verification.
* On Windows, hooks are now executed in a Powershell shell instead of a CMD shell,
allowing both `*.ps1` and `*.bat` as valid scripts for Certbot.
Changed
* Reorganized error message when a user entered an invalid email address.
* Stop asking interactively if the user would like to add a redirect.
* `mock` dependency is now conditional on Python 2 in all of our packages.
* Deprecate certbot-auto on Gentoo, macOS, and FreeBSD.
Fixed
* When using an RFC 8555 compliant endpoint, the `acme` library no longer sends the
`resource` field in any requests or the `type` field when responding to challenges.
* Fix nginx plugin crash when non-ASCII configuration file is being read (instead,
the user will be warned that UTF-8 must be used).
* Fix hanging OCSP queries during revocation checking - added a 10 second timeout.
* Standalone servers now have a default socket timeout of 30 seconds, fixing
cases where an idle connection can cause the standalone plugin to hang.
* Parsing of the RFC 8555 application/pem-certificate-chain now tolerates CRLF line
endings. This should fix interoperability with Buypass' services.
More details about these changes can be found on our GitHub repo.
|
|
1.14.2:
Bug Fixes
support string type response.data
|
|
|
|
This release updates Firefox to 68.8.0esr, NoScript to 11.0.25, and OpenSSL to 1.1.1g.
Also, this release features important security updates to Firefox.
The full changelog since Tor Browser 9.0.9 is:
All Platforms
Update Firefox to 68.8.0esr
Bump NoScript to 11.0.25
Windows + OS X + Linux
Bug 34017: Bump openssl version to 1.1.1g
|
|
Changes:
(No changelog available but main changes inspecting commits):
- Add check for wordpress installer in subdir
- Remove CVS test, produces too false positives and hardly any true positives
- Add installer check for common PHP web applications
- Add info check for composer files
- Add info check for mailman
- Add check for monit default webinterface credentials
- Rework optionsbleed check and avoid ReDoS attack (upstream issue #24)
|
|
Add the map file for the BSD Makefile's symbol exports.
|
|
|
|
brought over from src.
|
|
|
|
|
|
|
|
ensure all exported functions use a unique prfix, so that they don't
conflict with symbols (both data and text) in libcrypto. this works for
statically linked binaries and libraries, rather then the version map which
only works for dynalically-linked.
|
|
|
|
Add ruby-chef-vault package version 4.0.1.
Chef-Vault
Chef-Vault allows you to encrypt a Chef Data Bag Item using the public keys
of a list of chef nodes. This allows only those chef nodes to decrypt the
encrypted values.
For a more detailed explanation of how chef-vault works, please refer to
this blog post Chef Vault - what is it and what can it do for you? by Nell
Shamrell-Harrington.
|
|
fail2ban-client does not contain any paths.
|
|
Install and use the fonts distributed with the Linux binary of tor-browser.
Reduces fingerprinting possibilities based on installed fonts.
Idea from Caspar Schutijser, the OpenBSD ports maintainer, and
based on his patch for OpenBSD ports.
|
|
|
|
And while there, sort PLIST
|
|
PyCryptodomex is a self-contained Python package of low-level cryptographic
primitives.
All modules are installed under the Cryptodome package.
|
|
XXX upstream
|
|
Depend on tor-browser-https-everywhere.
|
|
|
|
tor-browser-https-everywhere-2020.3.16
HTTPS Everywhere is a browser extension that encrypts your
communications with many major websites, making your browsing more
secure.
|
|
versions of netbsd. unlikely that anyone is using netbsd<3.
|
|
This is a hack to work around a mistake in the NetBSD openpam build
which leaked into the public header files. We will fix this in the
NetBSD build but it's been in the public header files for nearly a
decade now, with each individual pam module sometimes having this
workaround, so let's apply the workaround uniformly for now.
PR security/39313
PR security/55216
|
|
|
|
Inspired by a XKCD webcomic and by Steve Gibson's Password Haystacks
page, HSXKPasswd is a Perl module (Crypt::HSXKPasswd) and terminal
command (hsxkpasswd) for generating passwords that are secure,
memorable, and easy to read, type, and share over the phone.
|
|
Automatically install the noscript extension.
(https-everywhere package is ready, but doesn't work.)
Change the default path in the home directory to ".tor-browser"
to be more similar to other mozilla products.
By default, use the standard tor port. No separate instance
of tor is started for tor-browser from pkgsrc.
|
|
|
|
The NoScript Firefox extension provides extra protection for
browsers: this free, open source add-on allows JavaScript, Java,
Flash, and other plugins to be executed only by trusted web sites
of your choice (e.g., your online bank).
|
|
Bug Fixes
support es256 raw format signature (#490) (cf2c0a9)
|
|
Import from wip
Fork of the CP ABE library libbswabe (http://hms.isi.jhu.edu/acsc/cpabe/)
replacing OpenSSL with libgcrypt and fixing some bugs.
|
|
|
|
|
|
Update sudo to 1.8.31p1.
Major changes between sudo 1.8.31p1 and 1.8.31
* Sudo once again ignores a failure to restore the RLIMIT_CORE
resource limit, as it did prior to version 1.8.29. Linux
containers don't allow RLIMIT_CORE to be set back to RLIM_INFINITY
if we set the limit to zero, even for root, which resulted in a
warning from sudo.
|
|
The Makefile has changed to GNU format, using round parentheses, which
turned the substitution a no-op.
|
|
|
|
|
|
lxqt-openssh-askpass is a tool used with openssh to prompt the user for
a password. (Packaged in wip by pin@, final review by myself.)
(It would be nice if security/openssh had a builtin.mk to avoid
unnecessarily building it from pkgsrc. The version in NetBSD's base
offers more.)
|
|
lxqt-sudo is a graphical front-end of the sudo and su commands.
(Packaged in wip by pin@, final review by myself.)
|
|
This is the LXQt Policykit authentication agent. (Packaged in wip by
pin@, final review by myself.)
|
