From 9b49b69865754ad73cf2f23bb23262e7e4f3029c Mon Sep 17 00:00:00 2001 From: salo Date: Wed, 7 Jun 2006 00:14:26 +0000 Subject: Pullup ticket 1689 - requested by adrianp security update for base Revisions pulled up: - pkgsrc/security/base/Makefile 1.8, 1.10 - pkgsrc/security/base/PLIST 1.3, 1.4 - pkgsrc/security/base/distinfo 1.3, 1.4 - pkgsrc/security/base/patches/patch-aa 1.2 Module Name: pkgsrc Committed By: adrianp Date: Fri May 12 22:31:38 UTC 2006 Modified Files: pkgsrc/security/base: Makefile PLIST distinfo pkgsrc/security/base/patches: patch-aa Log Message: Update to BASE 1.2.4 > Changes: > - Fixed issue with PostGRES and schema in base_db.inc.php -- Kevin J and Nikns > - Fixed bug 1284695 Error in SQL with PostgreSQL -- Kevin J and Nikns > - Fixed issues displaying PortScans -- Nikns > - Fixed sig_class (bug 1407325) and sig_priority filter bug -- Nikns and Max Valdez (garaged) > - Fixed bug 1408387 Archive move and Email summary issues -- Nikns > - Fixed bug when, after setup, archive database wasn't used -- Nikns > - Fixed PostgreSQL archive database support -- Nikns > - Fixed bug 1313261 Unable to use actions in base_stat_sensor.php -- Nikns > - Fixed bug 1371532 First of month timestamp issue -- Nikns > - Fixed bug 1406945 Lost alert order when switching between payload display -- Nikns > - Fixed bug 1413712 base_conf.php file path issue under MS Windows -- garaged > - Fixed search by signature name -- Nikns > - Converted sql/create_base_tbls_mssql_extra.sql to CRLF line terminators -- Nikns > - Fixed broken auth system for MSSQL -- Nikns > - Changed MSSQL schema for table acid_event, sig_name now has type VARCHAR instead of TEXT -- Nikns > - Fixed bug 1307250 broken base_stat_alerts.php with MSSQL -- Nikns > - Fixed bug 1413594 Force to use alert database for auth system stuff -- Nikns > - Setup fix, on error form values are remembered, default language is English -- garaged > - Uppercased name 'Archive' in base_main.php (in sync with base_hdr1.php) -- Nikns > - Fixed support for actions in base_stat_class.php -- Nikns > - Fixed bug 1418660 Broken search by IP criteria -- Nikns > - Added checkboxes and fixed support for actions in base_stat_iplink.php -- Nikns > - Implemented RFE 1123382 support for actions in base_stat_uaddr.php -- Nikns > - Implemented support for actions in base_stat_ports.php -- Nikns > - Fixed bug 1422575 when empty email sent even if action unsuccessful -- Nikns > - Fixed bug 1424033 Unable to Graph Alert Detection Time -- Nikns > - Fixed bug 1426089 Score removed from email address -- Nikns > - Fixed bug 1210542 and 1288402 Packet display mode issues -- Nikns > - Detect archiving duplicates with select queries instead of catching db conflict error -- Nikns > - Fixed bug 1430686 Update alert cache for archived alert right after it is coppied to archive db -- Nikns > - Implemented archiving support for schema 107 -- Nikns > - Added sig_gid (signature generator id) to snort signature reference url for schema 107 -- Nikns > - session_start() on base_conf.php avoiding repetition, easier to handle with debug output -- garaged > - debug_mode needs to be off on login (index.php:45 ) -- garaged > - Fixed bug 1275536 Unable to download binary payload in Internet Explorer when using SSL -- Nikns > - Implemented archiving support for FLoP extended database schema -- Nikns > - Implemented rebuild of packet in pcap format for FLoP extended database -- Nikns > - Added display of MAC addresses in base_query_alert.php for FLoP extended database -- Nikns > - Fixed BASE authentication bypass in standalone mode for base_maintenance.php -- Nikns > - Added HTTP response codes on authentication failure in base_maintenance.php for standalone mode -- Nikns > - Fixed bug 1341286 Show IP header length in bytes, not words -- Juergen Leising > - In plain display mode several sequential non-ASCII payload characters join together displaying their count -- Nikns > - Changed input type of the password field in useradmin -- Kevin Johnson --- Module Name: pkgsrc Committed By: adrianp Date: Tue Jun 6 19:41:43 UTC 2006 Modified Files: pkgsrc/security/base: Makefile PLIST Log Message: Update to 1.2.5 > - 6/4/2006 1.2.5 (sarah) > - Added base64 encoding support for MAC addresses presented on the screen for FLoP extended database -- Juergen Leising > - Added base64 encoding support for rebuild of packet in pcap format for FLoP extended database -- Juergen Leising > - Fixed issue with Oracle and schema version in base_db.inc.php -- Nikns > - Fixed bug when alerts with sig references would fail to archive causing duplicates error -- Nikns > - Added base64 encoding support for ICMP payload additional table in base_qry_alert.php -- Juergen Leising > - Added check for PHP Logging Level against E_NOTICES in setup/index.php -- Nikns > - Fixed bug when certain preprocessor alerts would not be cached (for example arpspoof) -- Nikns > - Added setup/setup_db.inc.php with CreateBASEAG() to resolve redundancy in setup and base_db_setup.php -- Nikns > - Removed unnecessary and broken search index stuff from Create BASE AG, since schemas are already with them -- Nikns > - Added XSSPrintSafe() (array safe htmlspecilchars() function) and made filterSql() use ADOdb qmagic() -- Nikns > - Changed input type of the password field to actually be password in setup3.php -- Nikns > - Filtered all unfiltred (mainly auth system stuff) $_POST and $_GET variables using filterSql() -- Nikns > - Santized all $_SERVER variables to be protected against XSS attacks -- Nikns > - Added "Clear Data Tables" option in base_maintenance.php and "Repair Tables" option to execute CreateBASEAG() -- Nikns > - Make use of FLoP's event reference. Signature name of alert which trigered "Tagged Packet" alert is shown too -- Nikns > - Updated chinese.lang.php -- Johnson Chiang > - Fixed Time error in searches -- Jeff Kell > - Fixed refresh issue with ~ directories -- Kevin Johnson > - Fixed cookie stored data and authentication scheme to correct Nikns' report on session forge issue -- GaRaGeD > - Updated link to the Nessus plug in DB -- Jonathan W Miner > - Fixed display after deleting alerts -- Bruce Briggs > - Fixed Bug #1466392 - Back button doesn't work after refresh. -- Juergen Leising > - Patches from jhart@spoofed.org to add missing ICMP and TCP type and codes - GaRaGeD > - add support for ICMP redirect decoding. - Jon Hart > - add decoding support for ICMP source quench and ICMP parameter problem - Jon Hart > - split up "flags" into DF and MF, much like tcp flags are currently handled - Jon Hart --- Module Name: pkgsrc Committed By: adrianp Date: Tue Jun 6 20:09:50 UTC 2006 Modified Files: pkgsrc/security/base: distinfo Log Message: Update distinfo missed in the update to 1.2.5 --- security/base/Makefile | 12 +++++++----- security/base/PLIST | 7 ++++--- security/base/distinfo | 10 +++++----- security/base/patches/patch-aa | 32 ++++++++++++++++---------------- 4 files changed, 32 insertions(+), 29 deletions(-) diff --git a/security/base/Makefile b/security/base/Makefile index 9591a660a40..95bc25215cc 100644 --- a/security/base/Makefile +++ b/security/base/Makefile @@ -1,12 +1,12 @@ -# $NetBSD: Makefile,v 1.7 2006/03/14 20:43:23 jlam Exp $ +# $NetBSD: Makefile,v 1.7.2.1 2006/06/07 00:14:26 salo Exp $ # -DISTNAME= base-1.2.2 +DISTNAME= base-1.2.5 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=secureideas/} MAINTAINER= adrianp@NetBSD.org -HOMEPAGE= http://secureideas.sourceforge.net/ +HOMEPAGE= http://secureideas.sourceforge.net/ COMMENT= Analysis engine to process a database of security events DEPENDS+= adodb>=1.2:../../databases/adodb @@ -22,6 +22,8 @@ DEPENDS+= pear-Image_Graph-[0-9]*:../../graphics/pear-Image_Graph NO_BUILD= YES +.include "../../mk/bsd.prefs.mk" + DOC_FILES= CHANGELOG CREDITS README README.mssql TODO UPGRADE base_faq.rtf BASE_DIR= ${PREFIX}/share/base EGDIR= ${PREFIX}/share/examples/base @@ -61,11 +63,11 @@ do-install: ${INSTALL_SCRIPT} ${WRKSRC}/*.php ${BASE_DIR} . for f in ${DOC_FILES} - ${INSTALL_DATA} ${WRKSRC}/docs/${f} ${PREFIX}/share/doc/base + ${INSTALL_DATA} ${WRKSRC}/docs/${f:Q} ${PREFIX}/share/doc/base . endfor . for i in ${PAX_DIRS} - cd ${WRKSRC}/${i} && ${PAX} -rw . ${BASE_DIR}/${i} + cd ${WRKSRC}/${i:Q} && ${PAX} -rw . ${BASE_DIR}/${i:Q} . endfor @${CHOWN} ${WWW_USER} ${BASE_DIR} diff --git a/security/base/PLIST b/security/base/PLIST index c9e1d61318c..575a6157765 100644 --- a/security/base/PLIST +++ b/security/base/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.2 2006/03/13 13:11:05 adrianp Exp $ +@comment $NetBSD: PLIST,v 1.2.2.1 2006/06/07 00:14:26 salo Exp $ share/base/admin/base_roleadmin.php share/base/admin/base_useradmin.php share/base/admin/index.php @@ -62,8 +62,8 @@ share/base/includes/base_state_criteria.inc.php share/base/includes/base_state_query.inc.php share/base/includes/base_template.php share/base/includes/base_user.inc.php -share/base/includes/class.ezpdf.php -share/base/includes/class.pdf.php +share/base/includes/fpdf_class.php +share/base/includes/fpdf_fonts.php share/base/index.php share/base/languages/chinese.lang.php share/base/languages/czech.lang.php @@ -88,6 +88,7 @@ share/base/languages/turkish.lang.php share/base/scripts/base_maintenance.pl share/base/setup/base_conf_contents.php share/base/setup/index.php +share/base/setup/setup_db.inc.php share/base/setup/setup1.php share/base/setup/setup2.php share/base/setup/setup3.php diff --git a/security/base/distinfo b/security/base/distinfo index 636c9fa4ed9..83bef77f346 100644 --- a/security/base/distinfo +++ b/security/base/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.2 2006/03/13 13:11:05 adrianp Exp $ +$NetBSD: distinfo,v 1.2.2.1 2006/06/07 00:14:26 salo Exp $ -SHA1 (base-1.2.2.tar.gz) = 34d389aec22d7c99cfe344c3df8c1a488529a723 -RMD160 (base-1.2.2.tar.gz) = c3e22f216e6ab67e9ded3050692bdb4479a65130 -Size (base-1.2.2.tar.gz) = 346518 bytes -SHA1 (patch-aa) = 643f22ba268bf712bfc969b6e3e5d086106f466f +SHA1 (base-1.2.5.tar.gz) = ea53ea599e0fb52679ac04d6fae8151f84928732 +RMD160 (base-1.2.5.tar.gz) = 212a931d3c77aec6520e4eebce3fae3f8e1c1feb +Size (base-1.2.5.tar.gz) = 335285 bytes +SHA1 (patch-aa) = 71c95cbf0bfe45ee818c409bfe9d57753b71689d diff --git a/security/base/patches/patch-aa b/security/base/patches/patch-aa index fe5c81387ad..b9c9d2f92ef 100644 --- a/security/base/patches/patch-aa +++ b/security/base/patches/patch-aa @@ -1,31 +1,31 @@ -$NetBSD: patch-aa,v 1.1.1.1 2006/01/03 21:09:44 adrianp Exp $ +$NetBSD: patch-aa,v 1.1.1.1.2.1 2006/06/07 00:14:26 salo Exp $ ---- base_conf.php.dist.orig 2005-10-31 11:33:27.000000000 +1100 +--- base_conf.php.dist.orig 2006-03-19 22:22:43.000000000 +0000 +++ base_conf.php.dist -@@ -39,7 +39,7 @@ $Use_Auth_System = 0; +@@ -40,7 +40,7 @@ $Use_Auth_System = 0; But also put the preceding slash. e.g. Your URL is http://127.0.0.1/base set this to /base */ --$BASE_urlpath = ""; -+$BASE_urlpath = "/base"; +-$BASE_urlpath = ''; ++$BASE_urlpath = '/base'; /* Unique BASE ID. The below variable, if set, will append its value to the * title bar of the browser. This is for people who manage multiple installs -@@ -61,7 +61,7 @@ $base_custom_footer = ""; - * $foo = "c:\tmp" [OK] - * $foo = "c:\tmp\" [WRONG] +@@ -62,7 +62,7 @@ $base_custom_footer = ''; + * $foo = 'c:\tmp' [OK] + * $foo = 'c:\tmp\' [WRONG] */ --$DBlib_path = ""; -+$DBlib_path = "@PREFIX@/share/adodb"; +-$DBlib_path = ''; ++$DBlib_path = '@PREFIX@/share/adodb'; + /* The type of underlying alert database - * -@@ -70,7 +70,7 @@ $DBlib_path = ""; - * MS SQL Server : "mssql" - * Oracle : "oci8" +@@ -72,7 +72,7 @@ $DBlib_path = ''; + * MS SQL Server : 'mssql' + * Oracle : 'oci8' */ --$DBtype = "mysql"; -+$DBtype = "@DBTYPE@"; +-$DBtype = 'mysql'; ++$DBtype = '@DBTYPE@'; /* Alert DB connection parameters * - $alert_dbname : MySQL database name of Snort alert DB -- cgit v1.2.3