kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
105234 commits 42 branches 80 tags 2.7 GiB
Commit graph

568 commits

Author SHA1 Message Date
Oliver Eikemeier
580eeeff30 Test OSVERSION instead of pkg_info -P to enable cross-version builds 
Requested by:	kris
 2004-07-02 00:31:18 +00:00
Oliver Eikemeier
6de9071e46 phpMyAdmin code injection 2004-07-01 19:03:36 +00:00
Oliver Eikemeier
2e23771c68 - update to version 0.5 
*** NOTE ***

The preferences file format has changed, as have the periodic.conf(5) names.
Normally the default settings should be adequate, except when you need to
configure a proxy. Use $PREFIX/etc/portaudit.conf.sample as an example.

- moved portaudit to sbin
- clean up, merging stuff into the portaudit script
- better return codes and errors to stderr
- -f can check stdin now
- dropped ports tree auditing
- merged the periodic(8) scripts into one
- run daily auditing as `nobody'
 2004-07-01 10:59:48 +00:00
Akinori MUSHA
8f484b7d54 Update to 20040701. New distfile. 
portupgrade:
  - Make -PP/--use-packages-only work better, just as I originally
    intended.  Now packages are correctly identified using
    pkg_info(1), "LATEST_LINK" files are also properly detected.
    Related informational messages have also been improved.

    It turned out that the LATEST_LINK/NO_LATEST_LINK detection was
    broken long ago and hasn't been working for long.

pkg_fetch(1):
  - Properly rename a "latest link" file with a full package name with
    version part.

pkgtools.conf(5):
  - Improve and unify the method for pattern matching in MAKE_ARGS,
    BEFOREBUILD, BEFOREDEINSTALL and AFTERINSTALL variables.

    This should fix some cases where it looks like MAKE_ARGS entries
    are ignored.
 2004-07-01 04:05:16 +00:00
Oliver Eikemeier
9bf7f5a9d0 - SSLtelnet remote format string vulnerability 
(guys, this is a public list)

- add some references
 2004-06-30 23:39:00 +00:00
Oliver Eikemeier
ccceaf623b update to 20040629: sync with -CURRENT 2004-06-30 10:31:45 +00:00
Oliver Eikemeier
f83bfb08cc add MIT Kerberos 5 krb5_aname_to_localname() buffer overflow 2004-06-29 10:33:03 +00:00
Oliver Eikemeier
cbfa0839a2 add isakmpd security association deletion vulnerability 2004-06-29 10:21:53 +00:00
Oliver Eikemeier
0f651b2743 add Apache input header folding DoS vulnerability 2004-06-28 22:09:24 +00:00
Oliver Eikemeier
0c0041370a xine-lib RTSP handling vulnerabilities 2004-06-28 09:55:46 +00:00
Tom Rhodes
4e1d155d33 Move MoinMoin entry to VuXML. 2004-06-28 03:58:47 +00:00
Oliver Eikemeier
8a65d874ab diversify url conversion 2004-06-28 01:16:35 +00:00
Joe Marcus Clarke
35c8dae828 Update to 2.6.6 
* Fix a typo in the libtool archive hint [1]
* Check for ports that have a poorly specified CONFLICTS line as well as ports
  that conflict with themselves [2]
* Check for proper handling of gconf schemas
* Check for explicit listing of %gconf keys in the plist

Spotted by:	lofi [1]
Submitted by:	eik [2]
 2004-06-27 20:58:47 +00:00
Oliver Eikemeier
9c7b32a018 add portaudit2vuxml.pl to easy the migration of entries to VuXML 2004-06-26 00:40:17 +00:00
Tom Rhodes
2da36a743f Add an entry for recent isc-dhcp3-server buffer overflows. 
Remove the one in portaudit.txt.
 2004-06-25 20:01:28 +00:00
Tom Rhodes
e28b04324b Move giFT-FastTrack to VuXML. 2004-06-25 17:18:57 +00:00
Oliver Eikemeier
44285aa4ba giFT-FastTrack remote DoS 2004-06-25 13:34:38 +00:00
Michael Landin
a9c369d7ef Add patch with bugfixes. 
- Fix chmod behavior
	- Ignore irrelevant directories
	- Index creation speedup

Bump PORTREVISION.

Submitted by:		Radim Kolar <hsn@netmag.cz>
 2004-06-25 13:11:30 +00:00
Oliver Eikemeier
627e20be53 Update to 0.2.2 
- correct some URLs
 2004-06-25 12:39:35 +00:00
Oliver Eikemeier
a77dbe0db0 correct rlpr version 2004-06-25 12:37:32 +00:00
Oliver Eikemeier
6a45552c43 Pure-FTPd DoS when the max number of connection is reached 2004-06-25 10:31:30 +00:00
Tom Rhodes
974bc49c9d Move the Gallery entry to VuXML. 2004-06-25 01:35:17 +00:00
Oliver Eikemeier
41c24e6c48 update to version 0.4.1 
Use
  portaudit [packagename ...]
to check if package is listed as vulnerable
 2004-06-25 01:21:20 +00:00
Oliver Eikemeier
979289bd12 rlpr local and remote exploitable buffer overflow (CAN-2004-0393, CAN-2004-0454) 2004-06-24 14:52:26 +00:00
Oliver Eikemeier
f78eb5764e CAN-2004-0451: format string vulnerabilities in sup 2004-06-24 11:23:32 +00:00
Oliver Eikemeier
7fdc9f0a99 Security flaw in rssh 2004-06-24 11:01:56 +00:00
Oliver Eikemeier
96ddfca118 Icecast remote DoS vulnerability 2004-06-24 10:45:20 +00:00
Oliver Eikemeier
8d9c87c405 Add pkg-req file which was forgotten in the last commit. 2004-06-23 16:02:23 +00:00
Oliver Eikemeier
f5b10d70f9 Update to version 0.4, with a new `-f' option. 
To check which of the current ports have known vulnerabilities, do

  portaudit -f /usr/ports/INDEX

This port requires pkg_install(-devel)>=20040623
 2004-06-23 16:01:38 +00:00
Oliver Eikemeier
358542a875 update to version 20040623, which has a new `filter mode' for pkg_version -T. 
If you want to know which ports match '{,??-}apache{,-*}<2.*', do

  /usr/local/sbin/pkg_version -T - '{,??-}apache{,-*}<2.*' < /usr/ports/INDEX | awk -F\| '{print$1}'
 2004-06-23 15:55:44 +00:00
Oliver Eikemeier
bf6d0ee746 it seems like isc-dhcp3-{client,devel} are unaffected 2004-06-23 12:11:34 +00:00
Oliver Eikemeier
d8f20aab80 reword gallery entry 
add multiple isc-dhcp3 vulnerabilities
 2004-06-23 11:56:52 +00:00
Oliver Eikemeier
a1cb510643 Update of port which supports FreeBSD-5 alike INDEX-5 file parsing 
PR:		68212
Submitted by:	Anselm Garbe <anselmg@t-online.de> (maintainer)
 2004-06-22 22:33:38 +00:00
Oliver Eikemeier
dc9ea0fae4 Sqwebmail 4.0.4 XSS vulnerability 2004-06-22 09:41:14 +00:00
Akinori MUSHA
957f9e448a Oops, the previous patch was bogus. Sorry. 2004-06-22 04:09:43 +00:00
Michael Nottebrock
fffa7a8da4 Upgrade to version 0.4 
PR: ports/68175
Submitted by: Heiner Eichmann <h.eichmann@gmx.de>
 2004-06-21 20:24:05 +00:00
Oliver Eikemeier
c60724f5cd Roundup remote file disclosure vulnerability 2004-06-21 18:27:02 +00:00
Akinori MUSHA
67b44cc4ca Support the new, extended INDEX format. 2004-06-21 17:38:48 +00:00
Oliver Eikemeier
9dec4894a1 make expiry date customizable via daily_status_portaudit_expiry 2004-06-21 16:04:27 +00:00
Oliver Eikemeier
d9017ab9ff mailman allows 3rd parties to retrieve member passwords (CAN-2004-0412)w 2004-06-21 15:29:53 +00:00
Oliver Eikemeier
fc1f0d94bc super format string vulnerability 2004-06-21 14:44:44 +00:00
Oliver Eikemeier
5e081dab71 Scorched 3D server chat box format string vulnerability 2004-06-21 09:21:05 +00:00
Oliver Eikemeier
da23cae179 BNBT Authorization Header DoS 2004-06-21 08:46:20 +00:00
Thierry Thomas
f705e2b990 - The previous commit included ruby18-raspell-0.1, which is not affected. 
- Add a separate entry for linux-aspell.

Reported by:	Oliver Eikemeier.
 2004-06-20 16:56:48 +00:00
Thierry Thomas
6fcb668607 Security: fix a buffer overflow in word-list-compress: 
- <http://marc.theaimsgroup.com/?l=bugtraq&m=108761564006503&w=2>
	- <http://nettwerked.mg2.org/advisories/wlc>

Since I'm there, switch from libtool 1.3 to 1.5, to cope with
PR ports/63944.

Obtained from:	Robert Nagy <robert@openbsd.org>.
 2004-06-20 09:04:32 +00:00
Oliver Eikemeier
017af34e32 ircd-hybrid-7 low-bandwidth DoS 2004-06-20 07:26:27 +00:00
Oliver Eikemeier
cfaf552880 Fetch the database from http://www.FreeBSD.org/ports/ first. 
Thanks to:	kuriyama
 2004-06-18 08:07:29 +00:00
Oliver Eikemeier
99a5cf7b63 make BASEURL customizable 2004-06-18 07:42:06 +00:00
Oliver Eikemeier
5f0c117b40 add subversion-perl, subversion-python 2004-06-18 06:33:31 +00:00
Oliver Eikemeier
a0b53a8c5e added racoon certificate validation bug 2004-06-17 08:02:23 +00:00