summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Collapse)AuthorFilesLines
2010-05-20Pullup ticket #3127 - requested by teztron3-4/+24
security/mit-krb5: security patch Revisions pulled up: - security/mit-krb5/Makefile 1.49 - security/mit-krb5/distinfo 1.25 - security/mit-krb5/patches/patch-bx 1.1 --- Module Name: pkgsrc Committed By: tez Date: Thu May 20 14:21:23 UTC 2010 Modified Files: pkgsrc/security/mit-krb5: Makefile distinfo Added Files: pkgsrc/security/mit-krb5/patches: patch-bx Log Message: fix CVE-2010-1321 (MITKRB5-SA-2010-005) and take maintainership
2010-04-17Pullup ticket 3079 - requested by tacaspz3-13/+13
security update Revisions pulled up: - pkgsrc/security/sudo/Makefile 1.120 - pkgsrc/security/sudo/distinfo 1.62 - pkgsrc/security/sudo/patches/patch-aa 1.23 -------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Fri Apr 16 15:33:52 UTC 2010 Modified Files: pkgsrc/security/sudo: Makefile distinfo pkgsrc/security/sudo/patches: patch-aa Log Message: Update sudo package from sudo-1.7.2p4 to sudo-1.7.2p6. Sudo versions 1.7.2p6 and 1.6.9p22 are now available. These releases fix a privilege escalation bug in the sudoedit functionality. Summary: A flaw exists in sudo's -e option (aka sudoedit) in sudo versions 1.6.8 through 1.7.2p5 that may give a user with permission to run sudoedit the ability to run arbitrary commands. This bug is related to, but distinct from, CVE 2010-0426. Sudo versions affected: 1.6.8 through 1.7.2p5 inclusive. To generate a diff of this commit: cvs rdiff -u -r1.119 -r1.120 pkgsrc/security/sudo/Makefile cvs rdiff -u -r1.61 -r1.62 pkgsrc/security/sudo/distinfo cvs rdiff -u -r1.22 -r1.23 pkgsrc/security/sudo/patches/patch-aa
2010-03-31Fix PLIST when installing in Linux.jmmv1-1/+5
2010-03-26Apply some sense to the build system by always linking the .la archivesjoerg5-32/+27
in src/lib as that is the location it wants to pick it up. Work around the dependencies in other places by symlinking to that, effectively reverting the direction. Link telnet(d) consistently. Add DESTDIR support.
2010-03-26Add a patch for Fix for CVE-2010-0740, DoS problem.taca3-3/+23
http://www.openssl.org/news/secadv_20100324.txt Bump PKGREVISION.
2010-03-24Recursive revision bump for GMP update.asau5-8/+10
2010-03-23Install data files to share/examples to make sure they end up in thejoerg4-20/+35
binary package. Fixes DESTDIR installation at the same time. Bump revision.
2010-03-23Reset maintainer, lost his commit bit.wiz1-2/+2
2010-03-21Reset maintainer, developer lost his commit bit.wiz2-4/+4
2010-03-21use PHP_VERSIONS_ACCEPTED=52 rather then PHP_VERSIONS_REQD=5 for packages,jdolecek1-2/+2
which are PHP 5.2.* only
2010-03-21Store the result of dbm_fetch() before dbm_close() (apparently) clobbers it.scottr2-1/+17
2010-03-21Work around a bug described in security/39313.scottr1-1/+10
2010-03-19Needs pkg-config.joerg1-2/+2
2010-03-16Restrict to php5 with PHP_VERSION_REQD.taca1-1/+3
These packages are dropped on PHP 5.3 or has build problem. No functional change.
2010-03-16Updating security/p5-Net-DNS-SEC from 0.15 to 0.16sno2-8/+9
pkgsrc changes: - Adjust dependencies - Add license definition Upstream changes: ***0.16 March 12, 2010 Feature: KEY inherits DNSKEY This helps maintenance in one part of the code. Feature: keylength methode rt.cpan.org #53468 Added keylength method for RSA and DSA Acknowledgements Hugo Salgado Fix: rt.cpan.org #51778 Empty bitmap would cause error about undefined ARRAY in NSEC/NSEC3. Now the code will allow empty bitmaps gracefully Feature: New Algorithm Support (rt.cpan.org #51092) SHA2 algorithm support, including NSEC3 algorithm parameters updated Acknowledgement Jakob Shlyter Fix: rt.cpan.org #42089 NSEC3 Algorithm support in NSEC3 broken patch by Wes Hardaker
2010-03-16Updating security/p5-Authen-SASL from 2.13 to 2.14sno2-6/+6
Upstream changes: Authen-SASL 2.14 -- Thu Mar 11 08:21:07 CST 2010 * Documentation updates [Yann Kerherve] * Added server API description [Yann Kerherve] * Bugfixes to LOGIN, PLAIN and DIGEST_MD5 [Yann Kerherve] * Added server support for LOGIN, PLAINaand DIGEST_MD5 [Yann Kerherve] * Compatiblity with Authen::SASL::XS [Yann Kerherve]
2010-03-16Updating security/p5-Crypt-Eksblowfish from 0.007 to 0.008sno2-9/+10
pkgsrc changes: - Adding license definition - Adjusting dependencies Upstream changes: version 0.008; 2010-03-11 * bugfix: avoid memory leak when returning block to Perl space * check for required Perl version at runtime * in XS, avoid using "class" as a variable name, for compatibility with C++ compilers * in Build.PL, explicitly declare configure-time requirements * remove bogus "exit 0" from Build.PL
2010-03-15+ opensamlpettai1-1/+2
2010-03-15OpenSAML is a set of open source C++ libraries meant to support developerspettai5-0/+154
working with the Security Assertion Markup Language (SAML). OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0.
2010-03-15Installs shlibs nowadays, so don't default to a build-only dependency.schmonz1-2/+1
2010-03-14Take over MAINTAINERpettai1-2/+2
2010-03-14Version 0.13.1pettai6-70/+19
* Fixed bug with reading gzipped aide.db files * Removed dead ustat code Version 0.13 * Added support for selinux and xattr attributes * Added support for the Linux Audit System * Fixed usage of libgcrypt instead of libmhash * Added file locking for output files * Fixed bugs Version 0.12 * Fixed bugs * Allow http/https/ftp URLs through libcurl * Support posix_fadvice() to avoid caching files Version 0.11 * Fixed many bugs * Updated automake/autoconf scripts * Use snprintf by Mark Martinec if not in C library * Support for more (legacy) Unix systems and cygwin * Open files with O_NOATIME on supported Linux systems * Added I/ANF/ARF directives
2010-03-14Update pkgsrc/security/netpgp to 2.99.1/20100313agc2-6/+6
Changes to 2.99.1/20100313 + add functionality to parse basic signature subkeys + in doing so, add expiration of keys + at the same time, add revocation of keys + recognise the primary user id, and use it when displaying user ids + recognise self signed keys and subkeys + rework the indentation of output + add the --list-sigs [userid] option to netpgpkeys(1) + use memcmp(3) rather than strcmp(3) when checking binary user ids to be exported + add expiration display to subkey signature output + update libnetpgp library version major number to 3
2010-03-13+ zktpettai1-1/+2
2010-03-13ZKT is a tool to manage keys and signatures for DNSSEC-zones.pettai4-0/+57
The Zone Key Tool consist of two commands: * dnssec-zkt to create and list dnssec zone keys and * dnssec-signer to sign a zone and manage the lifetime of the zone signing keys Both commands are simple wrapper commands around the dnssec-keygen(8) and dnssec-signzone(8) commands provided by BIND.
2010-03-13+ softhsmpettai1-1/+2
2010-03-13Fixed wip errorspettai2-5/+5
2010-03-13SoftHSM is an implementation of a cryptographic store accessible through apettai7-0/+122
PKCS#11 interface. You can use it to explore PKCS#11 without having a Hardware Security Module. It is being developed as a part of the OpenDNSSEC project. SoftHSM uses Botan for its cryptographic operations.
2010-03-13Removed not needed lines (to a removed patch-file)pettai1-6/+1
2010-03-13Updte lsh to 2.0.4.obache4-18/+23
While here, * set LICENSE=gnu-gpl-v2 * marked as user-destdir installation ready * switch to use system argp * add missing zlib buildlink News for the 2.0.4 release Fixed x11 forwarding bug in the lsh client. News for the 2.0.3 release At startup, lshd now tries to close any spurious open file descriptors. New test case for lshd fd leakage. lshd --daemonic --no-syslog now sets up a proper daemonic environment, except that log messages are still sent to stderr. Improved testing of this feature.
2010-03-12+ pam-tacpluspettai1-1/+2
2010-03-12TACACS+ protocol client library and PAM module in C.pettai5-0/+58
This PAM module support authentication, authorization (account management) and accounting (session management) performed using TACACS+ protocol designed by Cisco.
2010-03-10Added LICENSEpettai1-1/+2
2010-03-09Fix MAINTAINERpettai1-2/+2
(also imported from pkgsrc-wip)
2010-03-09+ p5-Authen-TacacsPluspettai1-1/+2
2010-03-09Authen::TacacsPlus allows you to authenticate using tacacs+ serverpettai4-0/+52
2010-03-08Updating security/p5-Crypt-Blowfish from 2.10nb1 to 2.12sno2-8/+10
pkgsrc changes: - Add recommeded minimum version for Crypt::CBC dependency Upstream changes: 2.12 04 Mar 2010 - updated Changes to mesh with revision. 2.11 Feb 2010 - patched _blowfish.c to stop spurious warnings. - updated POD
2010-03-08Bump PKGREVISION for previous, on the grounds that fixing errno.h affectsdholland1-2/+2
more than just the Linux build.
2010-03-08Fix Linux build broken since 2006. Two issues: (1) do _FILE_OFFSET_BITS=64dholland3-3/+45
instead of rolling a private _llseek syscall using now-nonexistent type declarations; (2) as noted in PR 33893 use errno.h instead of "extern int errno".
2010-03-06update to latest releasespz2-27/+32
DESTDIRify ok'd by manu@
2010-03-05Update to netpgp-20100305agc2-6/+6
+ clean up some lint + the obligatory ''build on os x'' fixes - include <inttypes.h>
2010-03-05Update netpgp to version 1.99.20/20100304 - portability improvements, and ↵agc3-13/+16
bug fixes: Changes to 1.99.20/20100304 + move args to some functions around to be consistent + use uint*_t where appropriate + fix bug in verify memory + add documentation to manual pages to show how to do combined signing/encryption and decryption/verification + make verification of ascii-armoured memory work the same as binary + eliminate use of strdup(3), strcasecmp(3), and strptime(3). NetBSD/pkgsrc PR 42922 applies - need to define _XOPEN_SOURCE and _BSD_SOURCE for newer linux platforms with glibc 2.10.1. solved a bit differently, by implementing strdup(3) and strcasecmp(3) independently, and using regexps to avoid calling strptime(3).
2010-03-04Update php-suhosin package to 0.9.29.taca2-6/+6
2009-08-15 - 0.9.29 - Fixing crash bugs with PHP 5.3.0 caused by unexpected NULL in EG(active_symbol_table) - Added more compatible way to retrieve ext/session globals - Increased default length and count limit for POST variables (for people not reading docu) 2009-08-14 - 0.9.28 - Fixed crash bug with PHP 5.2.10 caused by a change in extension load order of ext/session - Fixed harmless parameter order error in a bogus memset() - Disable suhosin.session.cryptua by default because of Internet Explorer 8 "features" - Added suhosin.executor.include.allow_writable_files which can be disabled to disallow inclusion of files writable by the webserver
2010-03-01Fix broken PLIST.taca2-2/+72
(I wonder why "make print-PLIST" generated wrong result before...") Bump PKGREVISION.
2010-02-26Reset maintainer for developers who gave back their commit bit.wiz2-4/+4
2010-02-26Update openssl to 0.9.8m.taca10-198/+34
The OpenSSL project team is pleased to announce the release of version 0.9.8m of our open source toolkit for SSL/TLS. This new OpenSSL version is a security and bugfix release which implements RFC5746 to address renegotiation vulnerabilities mentioned in CVE-2009-3555. For a complete list of changes, please see http://www.openssl.org/source/exp/CHANGES.
2010-02-26Update sudo package to 1.7.2p4.taca2-6/+6
Major changes between version 1.7.2p3 and 1.7.2p4: * Fix a bug that could allow users with permission to run sudoedit to run arbitrary commands. Major changes between version 1.7.2p2 and 1.7.2p3: * Fix printing of entries with multiple host entries on a single line. * Fix use after free when sending error messages via email. * Use setrlimit64(), if available, instead of setrlimit() when setting AIX resource limits since rlim_t is 32bits. * Fix size arg when realloc()ing include stack. * Avoid a duplicate fclose() of the sudoers file.
2010-02-25Explicitly pull PREFIX/lib into the normal library search path too.joerg2-6/+8
DESTDIR support
2010-02-25Reset MAINTAINER, mail bounced.joerg2-4/+4
2010-02-25+pinentry-qt4drochner1-1/+2
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-12 11:34:57 +0000