| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
rather
make all packages that use linux emulation include bsd.pkg.mk as the
last files just like any normal package.
|
|
|
|
|
|
sfssd: support "reload"
sfssd: call sfskey gen with "-K -l sfs_host_key" to prevent interactive Q's
bump PKGREVISION (to 2)
|
|
|
|
use /var/sfs instead of /usr/pkg/var/sfs
use OWN_DIRS_PERMS
bump PKGREVISION
|
|
|
|
|
|
reference to them in the distribution, either):
bin/fake-agent
bin/rpc_pcl
bin/rpc_psrv
bin/smkdirall
bin/smount
bin/snfsfstab
bin/snfshost
bin/snfsmount
bin/snfspsrv
bin/snfsumount
bin/snfsuser
bin/sumount
bin/sumountall
etc/rpc_pcl.conf
lib/perl5/site_perl/5.6.1/SNFS.pm
lib/perl5/site_perl/5.6.1/auto/SNFS/autosplit.ix
|
|
Sort the Makefile a bit. Install a default configuration file in place.
Bump PKGREVISION to 1.
|
|
Researchers have discovered a timing attack on RSA keys, to which
OpenSSL is generally vulnerable, unless RSA blinding has been turned
on.
Typically, it will not have been, because it is not easily possible to
do so when using OpenSSL to provide SSL or TLS.
The enclosed patch switches blinding on by default. Applications that
wish to can remove the blinding with RSA_blinding_off(), but this is
not generally advised. It is also possible to disable it completely by
defining OPENSSL_NO_FORCE_RSA_BLINDING at compile-time.
The performance impact of blinding appears to be small (a few
percent).
This problem affects many applications using OpenSSL, in particular,
almost all SSL-enabled Apaches. You should rebuild and reinstall
OpenSSL, and all affected applications.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0147 to this issue.
* Add patch from http://www.openssl.org/news/secadv_20030319.txt:
Czech cryptologists Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa
have come up with an extension of the "Bleichenbacher attack" on RSA
with PKCS #1 v1.5 padding as used in SSL 3.0 and TLS 1.0. Their
attack requires the attacker to open millions of SSL/TLS connections
to the server under attack; the server's behaviour when faced with
specially made-up RSA ciphertexts can reveal information that in
effect allows the attacker to perform a single RSA private key
operation on a ciphertext of its choice using the server's RSA key.
Note that the server's RSA key is not compromised in this attack.
* Bump PKGREVISION.
|
|
|
|
This is the Cyrus SASL plugin that implements the NTLM (MS Windows NT)
authentication mechanism.
|
|
This is the Cyrus SASL plugin that implements the LOGIN authentication
mechanism. It's recommended that it only be used if absolutely necessary
since it is not a secure authentication scheme.
|
|
plugin packages.
|
|
redundant command.
|
|
|
|
|
|
This is the Cyrus SASL plugin that implements the LOGIN authentication
mechanism. It's recommended that it only be used if absolutely necessary
since it is not a secure authentication scheme.
|
|
should be included in package Makefiles.
|
|
plugin packages.
|
|
|
|
Based on the sfs-0.6 package provided by Michael Santos in PR 18528.
SFS is a secure, global network file system with completely
decentralized control. SFS lets you access your files from anywhere
and share them with anyone, anywhere. Anyone can set up an SFS
server, and any user can access any server from any client. SFS
lets you share files across administrative realms without involving
administrators or certification authorities.
|
|
Makefiles simply need to use this value often, for better or for
worse.
(2) Create a new variable FIX_RPATH that lists variables that should
be cleansed of -R or -rpath values if ${_USE_RPATH} is "no". By
default, FIX_RPATH contains LIBS, X11_LDFLAGS, and LDFLAGS, and
additional variables may be appended from package Makefiles.
|
|
Changes:
- The progress status is sent via the progress callbacks in
gpgme_op_edit.
- Bug fix for signing operations with explicit signer settings
for the CMS protocol.
|
|
This release changes the output format slightly to improve integration with
other tools, and improves the RPM packaging.
|
|
Use Bugzilla for bug reporting.
* README: Mention Bugzilla.
* fsh.texi (Bugs): Mention Bugzilla.
Port to Python 2.2. (Bug 332).
* fshcompat.py: New module, that finds some constants in os,
fcntl, FCNTL or thin air depending on Python version.
* fshlib.py: Use fshcompat instead of FCNTL.
* infshd.py: Ditto.
* Makefile.am (pkgdata_DATA): Added fshcompat.py.
|
|
when openssl is not in places planned by Makefile.PL (like
LOCALBASE).
|
|
|
|
Bump PKGREVISION.
|
|
|
|
21Feb2003: Version 2.6.4
- Updated Spanish-Argentina translation by Ariel
Fermani.
- Some fixes for compiling under win32.
- Some fixes to allow compiling gaaout.c with external
CFLAGS and CPPFLAGS.
04Oct2002: Version 2.6.3
- Added support for 64 bit file offsets. Based on patch by
Keven Belanger.
23Jun2002: Version 2.6.2
- Corrections in localization
- Added Spanish-Argentina translation. Translated by Ariel
Fermani.
15Jun2002: Version 2.6.1
- Better error checking
- Added rndunix random gatherer from gnupg. It is
a gatherer for random bytes, written by Peter Gutmann.
- Added some kind of random byte generator for Win32
systems.
- Corrected bug in configuration file parsing.
- Corrected bug in bare mode which put an IV in the
encrypted file even if the mode did not support IV.
29May2002: Version 2.6.0
- Added OpenPGP support (added by Timo Schulz)
- Removed all of file locking code.
- Several improvements and corrections on the old
codebase (still a mess).
11Mar2002: Version 2.5.13
- Corrected stream modes in block algorithms
29Jan2002: Version 2.5.12
- Added some missing files
26Jan2002: Version 2.5.11
- SHA1 is the default digest used
01Dec2001:
- Added --time option
|
|
January 19 2003: (version 2.5.6)
- Fixes in win32 detection and DLL building.
- Fixes for solaris (a symbol was not exported)
- Corrected bug which made algorithm symbols to be inserted
twice in symbol table.
December 22 2002: (version 2.5.5)
- Better win32 detection and DLL building.
- Changed some variables names in gost.c to allow compiling
with gcc and K6 optimizations.
- Some buffer overrun checks on input. Patches and suggestions
by Ilia A.
- Made the default behaviour to include all algorithms into
the main library, instead of using dynamic modules. Dynamic
loading is disabled by default. The --enable-dynamic-loading flag
can be used in the configure script, to get the old behaviour.
- Some fixes in ECB mode.
August 16 2002: (version 2.5.3)
- The const keyword is now used in the exported functions
- Corrected problem in libltdl's configure script
June 22 2002: (version 2.5.2)
- Fixed bug in the returned IV size of ARCFOUR
- Fixed bug in mcrypt_readdir() which prevented the test programs
to work.
May 30 2002: (version 2.5.1)
- Corrected the license. COPYING.LIB (LGPL) is now included
instead of COPYING (GPL)
Mar 09th 2002: (version 2.5.0)
- Several corrections in stream and block cipher modes.
- Added --disable-dynamic-loading configure option
- The IV modifications in Arcfour and Wake have been disabled
by default.
- Added CTR mode for block ciphers.
- Fixes in nCFB and nOFB modes.
- Added mcrypt_enc_get_state() function.
- Added test for nCFB, CFB, nOFB and CTR with AES
Feb 14th 2002:
- nOFB and nCFB modes can now encrypt and decrypt plaintext
of size less than block size.
|
|
portable. Bump PKGREVISION accordingly.
|
|
|
|
New in 2.1.12
-------------
* Distribute in Solaris tar (not GNU tar format)
* Fix a number of build/configure related issues.
New in 2.1.11
-------------
* Add the fastbind auth method to the saslauthd LDAP module.
* Fix a potential memory leak in the doors version of saslauthd.
* NTLM now only requires one of LM or NT, not both.
* Fix a variety of Berkeley DB, LDAP, OpenSSL, and other build issues.
* Win32 support compiles, but no documentation as of yet.
|
|
In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
via timing by performing a MAC computation even if incorrrect
block cipher padding has been found. This is a countermeasure
against active attacks where the attacker has to distinguish
between bad padding and a MAC verification error. (CAN-2003-0078)
Bump PKGREVISION.
|
|
configuration database from beeing modified by packages that do not honour
the --disable-schemas-install option. There is no need to patch these broken
packages any more.
Okay'ed by wiz.
|
|
rebuild the documentation database at install/deinstall time. This means
that:
- PLIST's do not need to call scrollkeeper-{update,rebuilddb} directly;
this is done by a bsd.pkg.install.mk template.
- The share/omf directory is only removed by scrollkeeper, which is the
last package in the dependancy tree.
- PKGREVISION is bumped.
Reviewed by wiz.
|
|
addresses PR pkg/19416
|
|
|
|
From Juan RP in PR 20346.
KSSH is a KDE front-end to ssh.
It can work as a standard KDE application that launches ssh connections in
a terminal or as a konsole session. This means that you can press in any
konsole "New Session" and then select "Secure Shell".
|
|
seahorse 0.7.0
--------------
* Add a user ID
* Add a subkey
* Delete a subkey
* Change a subkey's expiration
* Revoke a subkey
* Properties shows subkey status (good, revoked, expired)
* Key Manager shows user IDs instead of subkeys
* Sort keys by user ID & validity in Key Manager and Recipients
* Subkeys hidden by default in properties
seahorse 0.6.2
--------------
* Bug fix in GPGME check
* Supported languages: cs, de, es, hu, ja, nl, no, sv, tr
* Interface fixups so buttons are not sensitive when they cannot be
used
seahorse 0.6.1
--------------
* Correctly check for GPGME 0.3.14 and GnuPG 1.2 during build
* More and updated translations
* Key manager updates all keys when changed
* Preferences loads faster
* More HIG compliant windows & dialogs
* Failure to install schemas does not stop installation
* Better about dialog: shows version & lists translators
seahorse 0.6.0
--------------
* Key properties cleanups
* Less passphrase crashes
* Only one window of each type or of each type per key allowed open
* Less memory leaks
* Preferences is slower to load, but keeps track of default signer
better
* Updated help manual with figures
* More translations
* Migration to GNOME
(missed in previous commit)
|
|
seahorse 0.7.0
--------------
* Add a user ID
* Add a subkey
* Delete a subkey
* Change a subkey's expiration
* Revoke a subkey
* Properties shows subkey status (good, revoked, expired)
* Key Manager shows user IDs instead of subkeys
* Sort keys by user ID & validity in Key Manager and Recipients
* Subkeys hidden by default in properties
seahorse 0.6.2
--------------
* Bug fix in GPGME check
* Supported languages: cs, de, es, hu, ja, nl, no, sv, tr
* Interface fixups so buttons are not sensitive when they cannot be
used
seahorse 0.6.1
--------------
* Correctly check for GPGME 0.3.14 and GnuPG 1.2 during build
* More and updated translations
* Key manager updates all keys when changed
* Preferences loads faster
* More HIG compliant windows & dialogs
* Failure to install schemas does not stop installation
* Better about dialog: shows version & lists translators
seahorse 0.6.0
--------------
* Key properties cleanups
* Less passphrase crashes
* Only one window of each type or of each type per key allowed open
* Less memory leaks
* Preferences is slower to load, but keeps track of default signer
better
* Updated help manual with figures
* More translations
* Migration to GNOME
|
|
|
|
Changes from 0.45
+ Added patch from Pavel Hlavnicka for freeing memory leaks
from SSL_CTX_use_pkcs12_file() whose functionality is triggered
by the $ENV{HTTPS_PKCS12_*} settings
+ Set timeout to 15 seconds for ./net_ssl_test and lwp-ssl-test
sample scripts for better testing of timeout behavior
+ Added alarm() during Net::SSL->read() to honor socket timeout setting
for more robust applications. read() will die_with_error() which
in consistent with previous semantics used during SSL read() failure
Thanks to Pavel Hlavnicka for prompting this change.
+ Removed code that supported versions of SSLeay before version 0.8
I believe SSLeay v.8 was released back in 1998
+ Added patch from Devin Heitmueller so that initial random seed
would be taken from /dev/urandom if available via RAND_load_file API
|
|
|
