| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
noticed by Zafer Aydogan in private mail.
|
|
Also change HOMEPAGE.
|
|
Switch HOMEPAGE and MASTER_SITES to new location.
|
|
Switch to *.tgz, no differ from *.tbz.
|
|
|
|
|
|
configuration files are installed in the usual pkgsrc place, not in
/etc. PKGREVISION++
Ok'ed by jlam@.
|
|
27 Nov 2007 - 2.1.4
-------------------
* Updated included Core Ruleset to version 1.5 and noted in the docs that
XML support is required to use the rules without modification.
* Fixed an evasion FP, mistaking a multipart non-boundary for a boundary.
* Fixed multiple warnings on Solaris and/or 64bit builds.
* Do not process subrequests in phase 2-4, but do hand off the request data.
* Fixed a blocking FP in the multipart parser, which affected Safari.
11 Sep 2007 - 2.1.3
-------------------
* Updated multipart parsing code adding variables to allow checking
for various parsing issues (request body abnormalities).
* Allow mod_rpaf and mod_extract_forwarded2 to work before ModSecurity.
* Quiet some compiler warnings.
* Do not block internal ErrorDocument requests after blocking request.
* Added ability to compile without an external API (use -DNO_MODSEC_API).
27 Jul 2007 - 2.1.2
-------------------
* Cleaned up and clarified some documentation.
* Update included core rules to latest version (1.4.3).
* Enhanced ability to alert/audit failed requests.
* Do not trigger "pause" action for internal requests.
* Fixed issue with requests that use internal requests. These had the
potential to be intercepted incorrectly when other Apache httpd modules
that used internal requests were used with mod_security.
* Added Solaris and Cygwin to the list of platforms not supporting the hidden
visibility attribute.
* Fixed decoding full-width unicode in t:urlDecodeUni.
* Lessen some overhead of debugging messages and calculations.
* Do not try to intercept a request after a failed rule. This fixes the
issue associated with an "Internal Error: Asked to intercept request
but was_intercepted is zero" error message.
* Added SecAuditLog2 directive to allow redundent concurrent audit log
index files. This will allow sending audit data to two consoles, etc.
* Small performance improvement in memory management for rule execution.
|
|
created in unprivileged pkgsrc mode. PKGREVISION++
|
|
base OS on NetBSD.
|
|
|
|
* Install config files by CONF_FILES instead of install directly.
* Correct path of tools and config in sample config files and a manual page.
* Add DESTDIR support.
Bump PKGREVISION.
|
|
|
|
Honor PKGMANDIR and DESTDIR ready.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
rc5, and replace with {idea,mdc2,rc5}-nonlicense. Because pkgsrc does
not yet handle multiple licenses, set LICENSE to
openssl-patented-algorithms-nonlicense.
|
|
PKGREVISION++
|
|
|
|
|
|
|
|
|
|
find the qca2.pc file so copy to where it can.
OKed jdolecek. Bump PKGREVISION.
|
|
the removal), rather then revision 1.1 of all files, used for original revival
test compiled on Mac OS X 10.5
|
|
be installed at the same time
bump PKGREVISION
|
|
|
|
Major changes since Sudo 1.6.9p9:
o Moved LDAP options into a table for simplified parsing/setting.
o Fixed a problem with how some LDAP options were being applied.
o Added support for connecting directly to LDAP servers via SSL/TLS
for servers that don't support the start_tls extension.
|
|
be installed at the same time; also speedup build by disabling building
tests and other miscellaneous cleanup
bump PKGREVISION
|
|
|
|
(for qca 1.x), so that kdenetwork3 works again
XXX these should be renamed to qca1* after current freeze
|
|
|
|
|
|
having both qca 1.x and qca 2.x in tree
|
|
|
|
|
|
|
|
is not available, but the project now depends on QT 4.2 and was incorporated
into KDE4 too
|
|
versions, fixes PR pkg/37545 by Ondrej Tuma, and makes special handling
of Darwin unnecessary (tested by Matthias Scheler)
|
|
Changes:
Update to version 1.7.1. Changes:
v1.7.1 (Amy) 10jun07
--------------------
* windows SSH agent support can use the 'ctypes' module now if 'win32all' is
not available [patch from alexander belchenko]
* SFTPClient.listdir_attr() now preserves the 'longname' field [patch from
wesley augur]
* SFTPClient.get_channel() API added
* SSHClient constuctor takes an optional 'timeout' parameter [patch from
james bardin]
v1.7 (zubat) 18feb07
--------------------
* added x11 channel support (patch from david guerizec)
* added reverse port forwarding support
* (bug 75370) raise an exception when contacting a broken SFTP server
* (bug 80295) SSHClient shouldn't expand the user directory twice when reading
RSA/DSS keys
* (bug 82383) typo in DSS key in SSHClient
* (bug 83523) python 2.5 warning when encoding a file's modification time
* if connecting to an SSH agent fails, silently fallback instead of raising
an exception
v1.6.4 (yanma) 19nov06
----------------------
* fix setup.py on osx (oops!)
* (bug 69330) check for the existence of RSA/DSA keys before trying to open
them in SFTPClient
* (bug 69222) catch EAGAIN in socket code to workaround a bug in recent
Linux 2.6 kernels
* (bug 70398) improve dict emulation in HostKeys objects
* try harder to make sure all worker threads are joined on Transport.close()
v1.6.3 (xatu) 14oct06
---------------------
* fixed bug where HostKeys.__setitem__ wouldn't always do the right thing
* fixed bug in SFTPClient.chdir and SFTPAttributes.__str__ [patch from
mike barber]
* try harder not to raise EOFError from within SFTPClient
* fixed bug where a thread waiting in accept() could block forever if the
transport dies [patch from mike looijmans]
v1.6.2 (weedle) 16aug06
-----------------------
* added support for "old" group-exchange server mode, for compatibility
with the windows putty client
* fixed some more interactions with SFTP file readv() and prefetch()
* when saving the known_hosts file, preserve the original order [patch from
warren young]
* fix a couple of broken lines when exporting classes (bug 55946)
v1.6.1 (vulpix) 10jul06
-----------------------
* more unit tests fixed for windows/cygwin (thanks to alexander belchenko)
* a couple of fixes related to exceptions leaking out of SFTPClient
* added ability to set items in HostKeys via __setitem__
* HostKeys now retains order and has a save() method
* added PKey.write_private_key and PKey.from_private_key
v1.6 (umbreon) 10may06
----------------------
* pageant support on Windows thanks to john arbash meinel and todd whiteman
* fixed unit tests to work under windows and cygwin (thanks to alexander
belchenko for debugging)
* various bugfixes/tweaks to SFTP file prefetch
* added SSHClient for a higher-level API
* SFTP readv() now yields results as it gets them
* several APIs changed to throw an exception instead of "False" on failure
|
|
- added USE_TOOLS - it should build now on NetBSD, Dragonfly
- new maintainer
- PKGREVISION bump
|
|
|
|
* Bug fix release
|
|
bump PKGREVISION.
A little bug fix seems to applied.
-rw-r--r-- 1 taca taca 578259 Dec 3 19:38 sudo-1.6.9p9.tar.gz-prev
-rw-r--r-- 1 taca taca 578262 Dec 5 00:27 sudo-1.6.9p9.tar.gz
diff -dupNr sudo-1.6.9p9-20071203/parse.c sudo-1.6.9p9/parse.c
--- sudo-1.6.9p9-20071203/parse.c 2007-11-28 08:29:59.000000000 +0900
+++ sudo-1.6.9p9/parse.c 2007-12-05 00:26:40.000000000 +0900
@@ -90,7 +90,7 @@
#endif /* HAVE_EXTENDED_GLOB */
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: parse.c,v 1.160.2.14 2007/10/24 16:43:27 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: parse.c,v 1.160.2.15 2007/12/04 15:26:40 millert Exp $";
#endif /* lint */
/*
@@ -202,7 +202,7 @@ sudoers_lookup(pwflag)
return(VALIDATE_OK |
(no_passwd == TRUE ? FLAG_NOPASS : 0) |
(no_execve == TRUE ? FLAG_NOEXEC : 0) |
- (setenv_ok == TRUE ? FLAG_SETENV : 0));
+ (setenv_ok >= TRUE ? FLAG_SETENV : 0));
} else if ((runas_matches == TRUE && cmnd_matches == FALSE) ||
(runas_matches == FALSE && cmnd_matches == TRUE)) {
/*
@@ -212,7 +212,7 @@ sudoers_lookup(pwflag)
return(VALIDATE_NOT_OK |
(no_passwd == TRUE ? FLAG_NOPASS : 0) |
(no_execve == TRUE ? FLAG_NOEXEC : 0) |
- (setenv_ok == TRUE ? FLAG_SETENV : 0));
+ (setenv_ok >= TRUE ? FLAG_SETENV : 0));
}
}
top--;
diff -dupNr sudo-1.6.9p9-20071203/sudo.c sudo-1.6.9p9/sudo.c
--- sudo-1.6.9p9-20071203/sudo.c 2007-12-03 02:13:52.000000000 +0900
+++ sudo-1.6.9p9/sudo.c 2007-12-04 01:12:03.000000000 +0900
@@ -730,8 +730,10 @@ parse_args(argc, argv)
while (NewArgc > 0) {
if (NewArgv[0][0] == '-') {
- if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0')
+ if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') {
warnx("please use single character options");
+ usage(1);
+ }
switch (NewArgv[0][1]) {
case 'p':
|
|
Major changes since Sudo 1.6.9p8:
o The ALL command in sudoers now implies SETENV permissions.
o The command search is now performed using the target user's
auxiliary group vector, not just the target's primary group.
o When determining if the PAM prompt is the default "Password: ",
compare the localized version if possible.
o New passprompt_override option in sudoers to cause sudo's prompt
to be used in all cases. Also set when the -p flag is used.
|
|
|
