| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
-lcrypto NetBSD-1.5*
-lcrypto -lrsaref OpenSSL and USE_RSAREF2=NO
-lcrypto -lRSAglue -lrsaref OpenSSL and USE_RSAREF2=YES
and use the first set of libraries which work.
Closes the following PRs: 9820, 10268, 10681.
|
|
|
|
|
|
Closes PR#10774.
|
|
we need stick to 1.2.27 (use openssh).
|
|
|
|
Kerberos is simply not configured on the system.
|
|
support in Heimdal.
|
|
be true.
|
|
Add note why we have both openssh.com entries.
|
|
|
|
|
|
explicitly specified in a Phase-1 proposal statement.
Patch sent to sakane@kame.net.
|
|
What is new in Nessus 1.0.4 :
changes by Christoph Puppe (pluto at defcom-sec.com) :
added "Sort by Port" to the report window.
Reports are sorted first by holes, then by warnings, then by notes.
Previous version only sorted by holes.
changes by Renaud Deraison (renaud at nessus.org) :
ftp related checks : the user can now supply a login/password for the ftp
checks, and relies on the ftp banner if nessusd can't log into
the ftp server (requested by Jens.Oeser at connector.de).
libnessus : ftp_log_in() would sometime fail against some ftp servers
better handling of large reports on the client side
tests are saved on the server side and can be restored. Note that this is
experimental and disabled by default. Do
./configure --enable-save-sessions
to enable this feature, and read doc/session_saving.txt for details.
better handling of targets with multiple web servers running
continue to launch the DoS if the state of the remote host can not be
determined
fixed a bug in smb_login_as_users.nasl, and improved
smb_accessible_shares.nasl
added checks for unpassworded MySQLs and PostgreSQL databases
nessusd uses less memory
changes by Pavel Kankovsky (peak at argo.troja.mff.cuni.cz) :
fixed a possible deadlock in the nessusd internal communication
fixed a problem in the client that would make it crash if it received
a malformed message from the server
the client would not detect the death of the server when run in batch
mode
possible header confusion (with regex.h) fixed
possible signal deadlock when exiting fixed
Other changes :
fixed a problem in the function is_cgi_installed() that may sometime
not work against odd clients (Thomas Reinke (reinke at
e-softinc.com))
fixed a bug in snmp_default_communities.nasl (Lionel Cons
(lionel.cons at cern.ch))
fixed showmount.nasl (Paul Ewing Jr. (ewing at ima.umn.edu))
typo in showmount.nasl would prevent it to work over udp (ctor at
krixor.xy.org)
|
|
link against libintl.so, update the dependency on gettext to >=0.10.35nb1.
|
|
- improvements in multiple address case
- sync with improvements in INET2000 bakeoff
|
|
the SUBDIR entries.
|
|
Main change is the splitup into libnasl, nessus-libraries, nessus-core
and nessus-plugins.
Too many changes come with 1.0.3, but most noteable the number of checked
security vulnerabilities increased and got updated.
This is based on work Hubert Feyrer did on some former version.
|
|
Security Scanner. Based on work Hubert Feyrer did on some former version.
|
|
Network security scanner. Based on work Hubert Feyrer did on some former
version.
|
|
Security Scanner. Based on work from Hubert Feyrer for some former version.
|
|
Based on work Hubert Feyrer did for some former version.
|
|
|
|
|
|
Taken from PR#10394 by Dave Burgess <burgess@neonramp.com> with
modifications.
|
|
|
|
a working /dev/urandom if it's found not to work.
|
|
RESTRICT="foo; bar"
Fix by s/;/,/
|
|
Also default to "start" command if run with no arguments.
|
|
|
|
and PLIST.
|
|
Package changes:
* Factor out common post-install code from PLIST and package Makefile
into files/INSTALL.
* Enhance files/sshd.sh to handle start/stop/restart/status.
* Check for usable installed version of OpenSSL. This bit possibly
closes the following PRs: 10404, 10501, 10593
Changes from 2.1.1p3:
* allow multiple whitespace but only one '=' between tokens
* close can fail on AFS
* allow leading whitespace in configuration files
* Always create ~/.ssh with mode 700
|
|
appropriate variables instead.
|
|
|
|
changes: basically, result from TAHI 2nd interop test (www.tahi.org)
- phase 1/2 SA removal corrections
- remove possible memory leak
- no notify message on information exchange
- correct isakmp payload manipulation on duplicated payload types
|
|
changes:
- RFC2367 conformance for SADB_[AE]ALG_xxx.
- implement initial contact
- runs in background by default
- delete notification
- improve error handling
|
|
Patch provided by Gabriel Rosenkoetter <gr@eclipsed.net>.
|
|
|
|
correctly)
|
|
|
|
|
|
|
|
have been integrated.
Relevant Changes:
* Fixed expiration handling of encryption keys.
* Add an experimental feature to do unattended key generation.
* The user is now asked for the reason of revocation as required by
the new OpenPGP draft.
* There is a ~/.gnupg/random_seed file now which saves the state of
the internal RNG and increases system performance somewhat. This
way the full entropy source is only used in cases were it is really
required. Use the option --no-random-seed-file to disable this
feature.
* New options --ignore-time-conflict and --lock-never.
* Encryption is now much faster: About 2 times for 1k bit keys and 8
times for 4k keys.
* New encryption keys are generated in a way which allows a much
faster decryption.
* New command --export-secret-subkeys which outputs the _primary_
key with it's secret parts deleted. This is useful for automated
decryption/signature creation as it allows to keep the real secret
primary key offline and thereby protecting the key certificates and
allowing to create revocations for the subkeys. See the FAQ for a
procedure to install such secret keys.
* Keygeneration now writes to the first writeable keyring or as
default to the one in the homedirectory. Prior versions ignored all
--keyring options.
* New option --command-fd to take user input from a file descriptor;
to be used with --status-fd by software which uses GnuPG as a
backend.
* There is a new status PROGRESS which is used to show progress during
key generation.
* Support for the new MDC encryption packets. To create them either
--force-mdc must be use or cipher algorithm with a blocksize other
than 64 bits is to be used. --openpgp currently disables MDC
packets entirely. This option should not yet be used.
* New option --no-auto-key-retrieve to disable retrieving of a missing
public key from a keyerver, when a keyerver has been set.
* Danish, Esperanto, Japanese, Dutch, and Swedish translations
|
|
depend on openssl >= 0.9.5. see PR 10593.
--- 2.1.1p2 -> 2.1.1p3
20000712
- (djm) Remove -lresolve for Reliant Unix
- (djm) OpenBSD CVS Updates:
- deraadt@cvs.openbsd.org 2000/07/11 02:11:34
[session.c sshd.c ]
make MaxStartups code still work with -d; djm
- deraadt@cvs.openbsd.org 2000/07/11 13:17:45
[readconf.c ssh_config]
disable FallBackToRsh by default
- (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from
Ben Lindstrom <mouring@pconline.com>
- (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM
spec file.
- (djm) Released 2.1.1p3
20000711
- (djm) Fixup for AIX getuserattr() support from Tom Bertelson
<tbert@abac.com>
- (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de>
- (djm) NeXT: dirent structures to get scp working from Ben Lindstrom
<mouring@pconline.com>
- (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report
from Jim Watt <jimw@peisj.pebio.com>
- (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known
to compile on more platforms (incl NeXT).
- (djm) Added bsd-inet_aton and configure support for NeXT
- (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com>
- (djm) OpenBSD CVS updates:
- markus@cvs.openbsd.org 2000/06/26 03:22:29
[authfd.c]
cleanup, less cut&paste
- markus@cvs.openbsd.org 2000/06/26 15:59:19
[servconf.c servconf.h session.c sshd.8 sshd.c]
MaxStartups: limit number of unauthenticated connections, work by
theo and me
- deraadt@cvs.openbsd.org 2000/07/05 14:18:07
[session.c]
use no_x11_forwarding_flag correctly; provos ok
- provos@cvs.openbsd.org 2000/07/05 15:35:57
[sshd.c]
typo
- aaron@cvs.openbsd.org 2000/07/05 22:06:58
[scp.1 ssh-agent.1 ssh-keygen.1 sshd.8]
Insert more missing .El directives. Our troff really should identify
these and spit out a warning.
- todd@cvs.openbsd.org 2000/07/06 21:55:04
[auth-rsa.c auth2.c ssh-keygen.c]
clean code is good code
- deraadt@cvs.openbsd.org 2000/07/07 02:14:29
[serverloop.c]
sense of port forwarding flag test was backwards
- provos@cvs.openbsd.org 2000/07/08 17:17:31
[compat.c readconf.c]
replace strtok with strsep; from David Young <dyoung@onthejob.net>
- deraadt@cvs.openbsd.org 2000/07/08 19:21:15
[auth.h]
KNF
- ho@cvs.openbsd.org 2000/07/08 19:27:33
[compat.c readconf.c]
Better conditions for strsep() ending.
- ho@cvs.openbsd.org 2000/07/10 10:27:05
[readconf.c]
Get the correct message on errors. (niels@ ok)
- ho@cvs.openbsd.org 2000/07/10 10:30:25
[cipher.c kex.c servconf.c]
strtok() --> strsep(). (niels@ ok)
- (djm) Fix problem with debug mode and MaxStartups
- (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM
builds)
- (djm) Add strsep function from OpenBSD libc for systems that lack it
20000709
- (djm) Only enable PAM_TTY kludge for Linux. Problem report from
Kevin Steves <stevesk@sweden.hp.com>
- (djm) Match prototype and function declaration for rresvport_af.
Problem report from Niklas Edmundsson <nikke@ing.umu.se>
- (djm) Missing $(DESTDIR) on host-key target causing problems with RPM
builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu>
- (djm) Replace ut_name with ut_user. Patch from Jim Watt
<jimw@peisj.pebio.com>
- (djm) Fix pam sprintf fix
- (djm) Cleanup entropy collection code a little more. Split initialisation
from seeding, perform intialisation immediatly at start, be careful with
uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com>
- (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com>
Including sigaction() et al. replacements
- (djm) AIX getuserattr() session initialisation from Tom Bertelson
<tbert@abac.com>
20000708
- (djm) Fix bad fprintf format handling in auth-pam.c. Patch from
Aaron Hopkins <aaron@die.net>
- (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from
Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
- (djm) Fixed undefined variables for OSF SIA. Report from
Baars, Henk <Hendrik.Baars@nl.origin-it.com>
- (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c
Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL>
- (djm) Don't use inet_addr.
20000702
- (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com>
- (djm) Stop shadow expiry checking from preventing logins with NIS. Based
on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
- (djm) Use standard OpenSSL functions in auth-skey.c. Patch from
Chris, the Young One <cky@pobox.com>
- (djm) Fix scp progress meter on really wide terminals. Based on patch
from James H. Cloos Jr. <cloos@jhcloos.com>
20000701
- (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu>
- (djm) Login fixes from Tom Bertelson <tbert@abac.com>
- (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen
<vinschen@cygnus.com>
- (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM
- (djm) Added check for broken snprintf() functions which do not correctly
terminate output string and attempt to use replacement.
- (djm) Released 2.1.1p2
|
|
${LOCALBASE}/etc, and is the parent directory of the priv package's
user configuration data.
Modify Makefile to pick up this definition, and pass it on as an argument
to the configure script.
Modify the PLIST to include this location, and pre-process the PLIST at
install time to set the correct location.
|
|
|
|
pointed out by hubertf.
|
|
|
|
different user, into the NetBSD packages collection.
|
|
the correct printf-format. From LeRoy Miller (root@gcc.ansic.net) in PR
pkg/10478.
|
