summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Collapse)AuthorFilesLines
2004-06-25Cede maintainership to the hard-working people on tech-pkg@NetBSD.org.jlam1-2/+2
2004-06-25Whitespace nits.jlam1-11/+11
2004-06-24Set BUILDLINK_RECOMMMENDED to mit-krb5>=1.3.4 due to the security advisory:jlam1-3/+4
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-001-an_to_ln.txt
2004-06-24Update to security/mit-krb5 to 1.3.4. Major changes from version 1.3.3jlam2-6/+5
include a fix for security advisory [MITKRB-SA-2004-001]: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-001-an_to_ln.txt Please read the security advisory to see if you are affected and should update your MIT krb5 installation.
2004-06-23Update flawfinder to 1.26. Don't set PY_PATCHPLIST, as it is useless.snj2-12/+6
Don't include python/extension.mk, as it is also useless. Don't set NO_CONFIGURE, because it makes PYTHON_PATCH_SCRIPTS useless. Don't set MAKEFILE, as we don't actually use the included makefile for anything. Changes since 1.24: * Added more support for Microsoft's approach to internationalization. * Added two new rules for GLib functions, "g_get_home_dir" and g_get_tmp_dir". * Added curl_getenv(). * Added several rules for input functions (for -I) - recv, recvfrom, recvmsg, fread, and readv. * Tightened the false positive test slightly; if a name is followed by = or - or + it's unlikely to be a function call, so it'll be quietly discarded. * Modified the summary report format slightly. * Modified the getpass text to remove an extraneous character. * Added rules for cuserid, getlogin, getpass, mkstemp, getpw, memalign, as well as the obsolete functions gsignal, ssignal, ulimit, usleep. * Modified text for strncat to clarify it. * Fixed error in --columns format, so that the output is simply "filename:linenumber:columnnumber" when --columns (-C) is used. * Eliminated "Number of" phrase in the footer report * Added more statistical information to the footer report. * Added shortcut single-letter commands (-D for --dataonly, -Q for --quiet, -C for --columns), so that invoking from editors is easier. * Tries to autoremove some false positives. In particular, a function name followed immediately by "=" (ignoring whitespace) is automatically considered to be a variable and NOT a function, and thus doesn't register as a hit. There are exotic cases where this won't be correct, but they're pretty unlikely in real code. * Added a "--falsepositive" (-F) option, which tries to remove many more likely false positives.
2004-06-21update to 0.42drochner3-21/+27
Many fixes and feature additions since 0.38. Too many to list here.
2004-06-21Update to 0.4.4:jmmv4-20/+8
This is mainly a bugfix release. Sometimes EOF was not properly detected while reading the password file. This would result in an 'Line too long' error message (and some wierd behavour). Also, the current password file is now backed up before each write.
2004-06-17upgrade to 20040617a. includes important certificate mangement change.itojun2-7/+7
2004-06-15Add and enable openssh+gssapi.kristerw1-1/+2
2004-06-15Resurrect openssh+gssapi per request of jwise@.kristerw16-0/+568
2004-06-14Update priv to 1.0beta2nb1.uebayasi1-1/+4
* Make sure ${PKG_SYSCONFDIR} is passed to configure. * Care ${PRIV_CONF_DIR} as an obsoleted variable. Pointed out by Matt Green.
2004-06-10Convert to subst.mk.jmmv1-4/+6
2004-06-10Fix build (SSL not found during configuration, causing missing includes).jmmv1-2/+2
Problem probably introduced during the conversion to buildlink3. Exposed by latest kristerw@'s bulk build in NetBSD 2.0_BETA/i386.
2004-06-08Add USE_INET6 to BUILD_DEFS as these packages use it. Part of PR#25743 fromcjep1-1/+3
Georg Schwarz.
2004-06-06Add simple rc.d script. Bump PKGREVISION.schmonz2-2/+21
2004-06-06Update audit-packages to 1.32, with fixes for the problems mentionedagc4-21/+27
in PR 25654 from Hauke Fath. Take any non-standard values from audit-packages.conf file in audit-packages as well as download-vulnerability-list. Fix the pre-formatted documentation so that filenames to be substituted are not formatted with the bold or underline "overstrikes" on ttys, so that the correct sed substitutions take place at package install time.
2004-06-01Remove obsolete packages, per discussion on tech-pkg.kristerw63-8643/+1
2004-06-01Since we set ALL_TARGET to irix6 (under, IRIX 6.x), we don't need to patchjschauma2-11/+3
the irix6.5 target into the Makefile.
2004-05-31Depend on security/openssh instead of security/ssh for machines thatkristerw1-2/+2
do not have /usr/bin/ssh.
2004-05-28Fixed bug, which only appeared in the NetBSD 2.0 systems where thekivinen3-2/+32
write can return 0 even when the select has indicated that socket is writable. Do not consider this error, but call select again.
2004-05-27Use versioned distfile.wiz2-8/+5
2004-05-27The libopencdk.so.8.0 used libgcrypt.so.11.reed2-3/+4
libgcrypt was recently upgraded. So when using binary packages it is possible for new libgcrypt (libgcrypt.so.12.1) to be installed with old opencdk-0.5.4 package. So bump PKGREVISION and BUILDLINK_DEPENDS (to force a new package to be required).
2004-05-26Make chklastlog useful on NetBSD; from Makoto Fujiwara in PR 25701.wiz3-2/+19
Bump PKGREVISION.
2004-05-26PKGREVISION bump because of libidn shlib major bump.wiz1-2/+2
2004-05-26Add tacshell.sekiya1-1/+2
2004-05-26tacshell-0.91: RSA ACE/Server sdshell workalike, using TACACS+sekiya5-0/+31
2004-05-26buildlink3 now requires libgcrypt 1.2.0 or higheradam1-2/+2
2004-05-26Remove me as maintainer of this package.tron1-2/+2
2004-05-24${PKG_SYSCONFDIR} is created by INSTALL scripts via OWN_DIRS. No need touebayasi1-3/+1
run @exec mkdir/rmdir here.
2004-05-23Make this package compile when using gcc 3.3.kristerw2-1/+20
2004-05-23Fix MASTER_SITES. From Robert Elz in PR pkg/25681.snj1-3/+3
2004-05-22Shared library major version change, so buildlink3.mk has to be updated, right?adam1-2/+2
2004-05-22Changes 1.0.13:adam4-18/+34
- Some complilation fixes. - Added the --xml parameter to the certtool utility. Changes 1.0.12: - Corrected bug in OpenPGP key loading using a callback. - Renamed gnutls-srpcrypt to srptool - Allow handshake requests by the client. * Things backported from the development branch: - Added support for authority key identifier and the extended key usage X.509 extension fields. The certtoool was updated to support them. - Added batch support to certtool. Now it can use templates. - The RC2 cipher is no more included. The one in libgcrypt is now used. Changes 1.0.11: - Added gnutls_sign_algorithm_get_name() and gnutls_pk_algorithm_get_name() - Corrected bug in TLS renegotiation. Changes 1.0.10: - Corrected bug in RSA parameters handling which could cause unexpected crashes. - Corrected bug in SSL 3.0 authentication.
2004-05-22Changes 1.2.0adam4-37/+21
* First stable release. Changes 1.1.94 * The support for multi-threaded users goes into its third incarnation. We removed compile time support for thread libraries. To support the thread library of your choice, you have to set up callback handlers at initialization time. New data structures, a new control command, and default initializers are provided for this purpose. * Interface changes relative to the 1.1.93 release: libgcrypt-config --thread OBSOLETE libgcrypt-pth.la REMOVED libgcrypt-pthread.la REMOVED GCRYCTL_SET_THREAD_CBS NEW struct gcrypt_thread_cbs NEW enum gcry_thread_option NEW GCRY_THREAD_OPTION_PTH_IMPL NEW GCRY_THREAD_OPTION_PTHREAD_IMPL NEW Changes 1.1.93 * The automatic thread library detection has finally been removed. From now on, only linking explicitely to libgcrypt, libgcrypt-pth or libgcrypt-pthread is supported.
2004-05-22Changes 0.2.10adam3-11/+16
- Added scripts to assist in libtasn1 version detection from configure scripts. - Corrected a DER decoding bug which was reported by Max Vozeler <max@hinterhof.net>. Changes 0.2.9 - Accept negative numbers as range in INTEGER declarations Changes 0.2.8 - Add asn1_delete_element function
2004-05-21Only use the NetBSD-specific MESSAGE.urandom for NetBSD.reed1-1/+3
It says to use "pseudo-device rnd" kernel configuration. TODO: if the above instructions are fine for other operating systems with /dev/urandom then add.
2004-05-21The makefile had a comment saying PAM authentication causes memoryreed1-13/+12
faults, and haven't tracked down why yet. No allow PAM authentication if Linux (and USE_PAM is defined). This will close my 20846 PR from March 2003. Also, install the contrib/sshd.pam.generic file as the example sshd.pam instead of the FreeBSD version, but this okay since it was commented out in the first place. TODO: test the PAM support on other platforms and allow if USE_PAM is defined.
2004-05-20Require at least version 2.0.10 of the "nessus-libraries" package becausetron1-3/+2
"nessus-core" won't build otherwise.
2004-05-19Use -lcrypto with Heimdahl if it exists.kim3-25/+100
Fixes PR pkg/25623
2004-05-19Changes 2.0.10a:adam12-38/+139
* Fixed MacOS X portability issues * Non-intrusive OS-fingerprinting (based on xprobe's techniques) * DNS fingerprinting * killall -1 nessusd does not restart the bpf server on BSD systems * longer connect() timeout for TCP sockets * Fixed hydra.nes * WWW fingerprinting * IP addresses are now sorted in EVERY reports * Automagically rewrite banners to handle distributions which do backporting of security fixes (ie: Debian)
2004-05-19/usr/adam/nessus.txtadam2-8/+5
2004-05-18There is no ${PREFIX}/include/kerberosIV directory as part of this package.jlam1-2/+1
2004-05-17Garbage collect BUILDLINK_PKGBASE.<pkg> from buildlink3: it is not anymoreseb1-2/+1
used since revision 1.139 of mk/buildlink3/bsd.buildlink3.mk.
2004-05-17Add explanation of -v switch to man page. (Okay'd by agc@.)reed3-7/+13
audit-packages version is now 1.31.
2004-05-16add USE_GNU_TOOLS+=make so that libsasldb.a gets built correctly.danw1-1/+2
(Nothing in the build actually uses the static version of the library, and it doesn't get installed either, so this has no effect beyond making the build not bomb out on Darwin, pkg/25575).
2004-05-16Fix HOMEPAGE.xtraeme1-2/+2
2004-05-16Grammar fixes.wiz1-3/+4
2004-05-16Added sign-1.0.4.xtraeme1-1/+2
2004-05-16Initial import of sign-1.0.4.xtraeme4-0/+34
sign is a file signing and signature verification utility. It's main purpose is to be a simple and convenient extension to a tar/gz/bzip2 line of tools that performs file integrity and authenticity checks. It's small and simple, it does just one thing and hopenfully does it well. It is distributed under the BSD license.
2004-05-15Update to 0.2.1: new and updated translations.jmmv3-6/+8