and update the third-party ClamAV signature databases provided by
Sanesecurity, SecuriteInfo, MalwarePatrol, OITC, INetMsg and ScamNailer.
PR: ports/144509
Submitted by: Marko Njezic <sf at maxempire.com>
NOTE that the port is more of a development snapshot than it used to be,
so it should be used SOLELY for testing and development, NOT IN PRODUCTION.
PR: ports/144115
Approved by: mandree@ (previous maintainer)
Approved by: garga@ (mentor)
Feature safe: yes
nmap interface for Users, in order to management all options of this powerful
security net scanner!
WWW: http://www.nmapsi4.org
PR: ports/142118
Submitted by: Gvozdikov Veniamin <g.veniamin at googlemail.com>
2010-01-08 x11-fm/velocity: has been broken for 7 months
2010-01-08 x11-drivers/xf86-video-nsc: has been broken for 5 months
2010-01-08 www/rubygem-merb: has been broken for 5 months
2010-01-08 security/shibboleth-sp: has been broken for 3 months
limits, as a random UID, and with limited access to the X server
WWW: http://code.google.com/p/isolate/
PR: ports/142350
Submitted by: Steve Wills <steve@mouf.net>
file. This is a simple automation of the things normally done by
the user when having an "offending key" in his/her known_hosts file
caused by a changing host key of the destination.
WWW: http://unssh.sourceforge.net/
PR: ports/137254
Submitted by: Dax Labrador <semprix at bsdmail.org>
functions, according to NIST FIPS 180-2 (with the SHA-224 addendum), as
well as the SHA-based HMAC routines. The functions have been tested
against most of the NIST and RFC test vectors for the various functions.
While some attention has been paid to performance, these do not
presently reach the speed of well-tuned libraries, like OpenSSL.
WWW: http://hackage.haskell.org/package/SHA
Update security/openvpn20 to 2.0.9, revising pkg-message.
Move security/openvpn-devel to security/openvpn and
update security/openvpn to 2.1.1.
Remove security/openvpn-devel, adding a MOVED entry.
Update security/Makefile to remove openvpn-devel and add openvpn20 to
SUBDIRS.
Add a UPDATING entry for this shuffle. Currently without upgrade
instructions since neither portupgrade nor portmaster are up to the
task (because of the CONFLICTS).
Approved by: garga@ (mentor)
through a PKCS #11 interface. You can use it to explore PKCS #11
without having a Hardware Security Module. It is being developed
as a part of the OpenDNSSEC project. SoftHSM uses Botan for its
cryptographic operations.
WWW: http://www.opendnssec.org/
PR: ports/141932
Submitted by: Jaap Akkerhuis <jaap at NLnetLabs.nl
security/freebsd-update||2009-12-24|Incorporated into base system long ago
sysutils/est||2009-12-24|Incorporated into base system long ago
sysutils/estctrl||2009-12-24|Incorporated into base system long ago
sysutils/freebsd-sha1||2009-12-24|Incorporated into base system long ago
sysutils/freebsd-sha256||2009-12-24|Incorporated into base system long ago
written in C. PolarSSL is written with embedded systems in mind and has
been ported on a number of architectures, including ARM, PowerPC, MIPS
and Motorola 68000.
Features include:
* Small memory footprint
* Clean and simple API for integration
* Loose coupling of cryptographic code.
* Symmetric encryption algorithms: AES, Triple-DES, DES, ARC4, Camellia, XTEA
* Hash algorithms: MD2, MD4, MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
* HAVEGE random number generator
* RSA with PKCS#1 v1.5 padding
* SSL version 3 and TLS version 1 client support
* X.509 certificate and CRL reading from memory or disk in PEM and DER formats
* Over 900 regression and code coverage tests
* Example applications
LICENSE: GPL2
WWW: http://polarssl.org/
functionality into their applications and devices.
Features
SSL version 3 and TLS versions 1, 1.1 and 1.2 (client and server)
Minimum size of 60-100kb, depending on build options
Runtime memory usage between 5-50kb
DTLS support (client and server)
OpenSSL compatibility layer
zlib compression support
integration in MySQL, stunnel, Lighttpd availible.
MD2, MD4, MD5, SHA-1, RIPEMD, HMAC, DES, 3DES, AES, ARC4, TWOFISH, BLOWFISH,
RSA, DSS, DH, and PKCS#5 PBKDF2
ia32 assembly for AES, 3DES, BLOWFISH, TWOFISH, ARC4, MD5, SHA, and RIPEMD
SSE2 instructions for Large Integers
Simple API
Interchangeable crypto and certificate libraries
PEM and DER certificate support
Very fast
LICENSE: GPL2 with FOSS extension
WWW: http://www.yassl.com/
to use nettle 2.0, and there is no longer any reason to keep
separate ports for nettle versions 1.x and 2.x.
PR: 139482 139484
Submitted by: Charlie Kester <corky1951@comcast.net> (maintainer)
PAM is a system of libraries that handle the authentication tasks of
applications and services. The library provides a stable API for
applications to defer to for authentication tasks.
WWW: http://pecl.php.net/package/PAM/
release can be found at http://library.gnome.org/misc/release-notes/2.28/ .
Officially, this is mostly a polishing release in preparation for GNOME 3.0
due in about a year.
On the FreeBSD front, though, a lot went into this release. Major thanks
goes to kwm and avl who did a lot of the porting work for this release.
In particular, kwm brought in Evolution MAPI support for better Microsoft
Exchange integration. Avl made sure that the new gobject introspection
repository ports were nicely compartmentalized so that large dependencies
aren't brought in wholesale.
But, every GNOME team member (ahze, avl, bland, kwm, mezz, and myself)
contributed to this release.
Other major improvements include an updated HAL with better volume
probing code, ufsid integration, and support for volume names containing
spaces (big thanks to J.R. Oldroyd); a new WebKit; updated AbiWord;
an updated Gimp; and a preview of the new GNOME Shell project (thanks to
Pawel Worach).
The FreeBSD GNOME Team would like to that the following additional
contributors to this release whose patches and testing really helped
make it a success:
Andrius Morkunas
Dominique Goncalves
Eric L. Chen
J.R. Oldroyd
Joseph S. Atkinson
Li
Pawel Worach
Romain Tartière
Thomas Vogt
Yasuda Keisuke
Rui Paulo
Martin Wilke
(and an extra shout out to miwi and pav for pointyhat runs)
We would like to send this release out to Alexander Loginov (avl) in
hopes that he feels better soon.
PR: 136676
136967
138872 (obsolete with new epiphany-webkit)
139160
134737
139941
140097
140838
140929
servers suitable for non-standard scenarios where authentication
needs to consider multiple factors. The RADIUS responses may be
created by arbitrarily complex rules that process the request packet
as well as any external data accessible to Perl.
WWW: http://search.cpan.org/dist/Net-Radius-Server/
PR: ports/138164
Submitted by: Gea-Suan Lin <gslin@gslin.org>
Feature safe: yes
processing and on-forwarding to a variety of output plugins. Unfortunately
it has not seen an updated in over 4 years and is not going to be maintained
by the original developers. With the new version of the unified format
(ie. unified2) arriving we need something to bridge this gap.
The SXL team love barnyard. So much so that we want it to stay and have been
tinkering around with the code to give it a breath of new life. Here is what
we have achieved to far for this reinvigorated code base:
* Parsing of the new unified2 log files.
* Maintaining majority of the command syntax of barnyard.
* Addressed all associated bug reports and feature requests arising since
barnyard-0.2.0.
* Completely rewritten code based on the GPLv2 Snort making it entirely
GPLv2.
This is an effort to fuse the awesome work of Snort and the original concept
of barnyard giving it a fresh update along the way. We've come a long way so
far and have a very stable build that we've integrated into our NSMnow
framework. If you have any feature requests, bugs or gripes then send them
our way.
WWW: http://www.securixlive.com/barnyard2/
PR: 138326
Submitted by: Paul Schmehl <pauls@utdallas.edu>
service from Python. It can be used in any application that needs safe password
storage. It supports OSX, KDE, Gnome and Windows's native password storing
services. Besides this, it is shipped with kinds of Python implemented keyring
for the left environments.
WWW: http://pypi.python.org/pypi/keyring
PR: ports/138513
Submitted by: Douglas Thrift
quarantine. Users can view their own quarantine, release/delete messages
or request the release of messages. MailZu is written in PHP and requires
Amavisd-new version greater than 2.3.0.
WWW: http://sourceforge.net/projects/mailzu/
PR: ports/137197
Submitted by: Sahil Tandon <sahil at tandon.net>
security/trans-proxy-tor: trans-proxy-tor is rendered obsolete by Tor\'s TransPort option (currently only available in tor-devel)
Approved by: maintainer
System (CAS). Only a basic Perl library is provided with CAS whereas
AuthCAS is a full object-oriented library.
WWW: http://cpan.uwinnipeg.ca/dist/AuthCAS
PR: ports/136956
Submitted by: Frank Wall <fw at moov.de>
version delegates to LuaSocket the TCP connection establishment between the
client and server. Then LuaSec uses this connection to start a secure TLS/SSL
session.
WWW: http://www.inf.puc-rio.br/~brunoos/luasec/
PR: ports/136266
Submitted by: Andrew Lewis <dru at silenceisdefeat.net>
The Cyrus SASL (Simple Authentication and Security Layer)
SASL is the Simple Authentication and Security Layer, a method
for adding authentication support to connection-based protocols.
To use SASL, a protocol includes a command for identifying and
authenticating a user to a server and for optionally negotiating
protection of subsequent protocol interactions. If its use is
negotiated, a security layer is inserted between the protocol
and the connection.
WWW: http://cyrusimap.web.cmu.edu/
Obtained from: Peter Jeremy <peterjeremy@optushome.com.au>
passwords.
Generated passwords may consist of any specified length and any combination of
upper- or lower-case alphanumeric characters or punctuation. ranpwd can also
generate passwords consisting of hexadecimal, decimal, octal or binary numbers,
and format these as valid C constants for inclusion in source code.
WWW: http://freshmeat.net/projects/ranpwd
PR: ports/135540
Submitted by: corky1951 at comcast.net
signatures attached to files were signed by a given user identifier.
netpgp can also encrypt files using the public or private keys of
users and, in the same manner, decrypt files which were encrypted.
The netpgp utility can also be used to generate a new key-pair for a
user. This key is in two parts, the public key (which can be used by
other people) and a private key.
In addition to these primary uses, the third way of using netpgp is to
maintain keyrings. Keyrings are collections of public keys belonging
to other users. By using other means of identification, it is
possible to establish the bona fides of other users. Once trust has
been established, the public key of the other user will be signed.
The other user's public key can be added to our keyring. The other
user will add our public key to their keyring.
WWW: http://www.NetBSD.org/
PR: ports/134997
Submitted by: bapt <baptiste.daroussin at gmail.com>
supported by IOS 12.4(9)T or later on Cisco SR500, 870, 880,
1800, 2800, 3800, 7200 Series and Cisco 7301 Routers.
Like vpnc, OpenConnect is not officially supported by, or
associated in any way with, Cisco Systems. It just happens to
interoperate with their equipment.
WWW: http://www.infradead.org/openconnect.html
PR: ports/135274
Submitted by: Damian Gerow
Those ports are intended to be used with 8-CURRENT at least
with SVN r192206.
If you want to switch to linux-f10 ports, please define at /etc/make.conf:
OVERRIDE_LINUX_BASE_PORT=f10
OVERRIDE_LINUX_NONBASE_PORTS=f10
An upgrading procedure is shown at /usr/ports/UPDATING, entries 20090401
and 20070327.
For the first time all tested linux ports work as expected(!):
. acroread8;
. google-earth;
. skype;
. seamonkey.
Many thanks for kernel folks who really did the main work
(and I wrote only some lines of ports).
There is a good chance that those ports may become a default
for 8.0-RELEASE. Please, test and report back to emulation@ ML.
the Tarsnap online backup system and is designed to be far more secure
against hardware brute-force attacks than alternative functions such as
PBKDF2 or bcrypt.
WWW: http://www.tarsnap.com/scrypt/
PR: ports/134961
Submitted by: Wen Heping <wenheping at gmail.com>
to be very modular, distributed, rock solid and fast.
Prelude-PFlogger Listens at OpenBSD PF redirect logged packet, and
send alerts to the Prelude Manager.
WWW: http://www.prelude-ids.org/
PR: ports/134746
Submitted by: Anders Troback <freebsd at troback.com>
