Commit graph

10752 commits

Author SHA1 Message Date
Jun Kuriyama
ec0efcad92 - Add a note "require LDAP" in GPGSM knob for $OPTIONS. This may help
to reduce confusion when "WITHOUT_LDAP and WITH_GPGSM selected, but
  OpenLDAP dependency exists" situcation.

PR:		ports/116558
Reported by:	Jo Rhett <jrhett@netconsonance.com>
2007-10-13 11:10:09 +00:00
Martin Wilke
10c764870c nagios-plugins -- Long Location Header Buffer Overflow Vulnerability
Reviewed by:	simon
2007-10-13 09:45:26 +00:00
Alex Dupre
c08b1b7c9d Update to 1.05 release. 2007-10-13 07:30:17 +00:00
Mark Linimon
a19c7d44c5 Reset delta@lackas.net due to maintainer-timeouts and no response to email.
Hat:		portmgr
2007-10-11 21:59:47 +00:00
Johan van Selst
d91c0633d7 - Fix compilation with gcc 4.2
- Note: testfile still fails, but does exactly the same with old gcc
  might be a broken test - leaving this to somebody with ruby-foo
2007-10-11 19:59:57 +00:00
Johan van Selst
c2f042be13 - Fix compilation on FreeBSD 7 (openssl issues)
- Fix libnss option
- Grab maintainership (and feed patches upstream)
2007-10-11 19:32:20 +00:00
Renato Botelho
3521e70b8b - Update to 20071011 to reflect 0.92RC2 2007-10-11 18:31:17 +00:00
Martin Wilke
7690f9d607 Document png -- multiple vulnerabilities
Reviewed by:	simon
2007-10-11 17:28:01 +00:00
Renato Botelho
e8a017c37d Update WWW 2007-10-11 16:35:05 +00:00
Cy Schubert
bdb7d01307 Fix build under 7.0-CURRENT (gcc 4.2.1 20070719).
PR:		112884
Submitted by:	Scot Hetzel<swhetzel@gmail.com>
2007-10-10 19:12:46 +00:00
Remko Lodder
279fd2f245 Document ImageMagick - Multiple vulnerabilities
Submitted by:		Nick Barkas
2007-10-10 12:47:22 +00:00
Remko Lodder
d325269732 Correct mediawiki package names.
Spotted by:	Nick Barkas
2007-10-10 12:35:43 +00:00
Cheng-Lung Sung
4236f3410c - Update to 1.10 2007-10-10 09:46:18 +00:00
Martin Wilke
de0d021646 - Update to 0.9.1084
PR:		116859
Submitted by:	Sergei Vyshenski <svysh@pn.sinp.msu.ru> (maintainer)
2007-10-09 22:36:58 +00:00
Martin Wilke
92faf13e1e - Update to 0.9.957
PR:		116860
Submitted by:	Sergei Vyshenski <svysh@pn.sinp.msu.ru> (maintainer)
2007-10-09 22:35:36 +00:00
Martin Wilke
d60173b8a8 - Update to 0.9.985
PR:		116858
Submitted by:	Sergei Vyshenski <svysh@pn.sinp.msu.ru> (maintainer)
2007-10-09 22:34:53 +00:00
Martin Wilke
a0d840679d - Update to 0.9.1068
PR:		116863
Submitted by:	Sergei Vyshenski <svysh@pn.sinp.msu.ru> (maintainer)
2007-10-09 22:33:49 +00:00
Martin Wilke
d028564739 - Update to 0.9.1068
PR:		116861
Submitted by:	Sergei Vyshenski <svysh@pn.sinp.msu.ru> (maintainer)
2007-10-09 22:32:49 +00:00
Martin Wilke
4e7867b2f5 - Update to 0.9.1086
PR:		116862
Submitted by:	Sergei Vyshenski <svysh@pn.sinp.msu.ru> (maintainer)
2007-10-09 22:31:43 +00:00
Martin Wilke
801fee5af1 - Mark DEPRECATED (distribution is broken and no longer supported.)
PR:		116870
Submitted by:	Sergei Vyshenski <svysh@pn.sinp.msu.ru> (maintainer)
2007-10-09 22:30:21 +00:00
Oliver Lehmann
6fc4b47407 update to 0.60.1 2007-10-09 20:03:32 +00:00
David Thiel
71e2b0222a Update to 0.11.7. 2007-10-09 18:48:35 +00:00
Martin Wilke
85cbee74af - Dokument jdk/jre -- Applet Caching May Allow Network Access Restrictions to be Circumvented
Reviewed by:	remko
2007-10-09 07:18:11 +00:00
Cy Schubert
049f43b12b Update 0.11 --> 0.13.1 2007-10-09 06:18:28 +00:00
Florent Thoumie
19c9068753 Document xfs -- multiple vulnerabilities. 2007-10-08 12:05:08 +00:00
Mark Linimon
37688beae5 Mark as broken on gcc4.2. 2007-10-07 12:42:36 +00:00
Stefan Walter
cca9adb7db Respect OPENSSLBASE.
PR:		116986 [1], 109041 [2]
Submitted by:	maintainer [1], supraexpress@globaleyes.net [2]
2007-10-07 12:36:46 +00:00
Chin-San Huang
ef978159f3 - Update security/chntpw to 070923.
PR:		ports/116967
Submmitter:	maintainer
2007-10-06 06:36:21 +00:00
Andrew Pantyukhin
12053ed044 - Update to 3.04 2007-10-06 00:06:25 +00:00
Andrew Pantyukhin
123d815215 - Sort category Makefiles
Inspired by:	Jason Harris <jharris@widomaker.com>
Howto:		http://twiki.cenkes.org/Cenkes/SortingCategoryMakefiles
2007-10-05 23:33:27 +00:00
Oliver Lehmann
279889d2e3 fix the patch I messed up!
*sigh*
2007-10-05 19:50:19 +00:00
Marcus Alves Grando
6263358d77 - Update gsskex patch to 20070927
- Update HPN patch to hpn12v19 [1]

Notified by:	ale [1]
2007-10-05 12:41:25 +00:00
Martin Wilke
30f9615ad2 - Document tcl/tk -- buffer overflow in ReadImage function
PR:		116881
Submitted by:	Nick Barkas <snb@threerings.net>
Reviewed by:	simon
2007-10-05 09:35:49 +00:00
Alex Dupre
6b7a9b8cd6 Update to 1.04 release. 2007-10-05 06:09:00 +00:00
Cheng-Lung Sung
83da1daa95 - Update to 2.24 2007-10-05 05:13:03 +00:00
Edwin Groothuis
9ab4c6dd21 Remove errornous # DO NOT DELETE lines caused by makedepend(1) 2007-10-05 03:07:12 +00:00
Cheng-Lung Sung
af1fe83651 - update prelude library dependency
PR:		ports/116111
Submitted by:	Robin Gruyters <r dot gruyters_AT_yirdis dot nl>
2007-10-05 01:48:34 +00:00
Cheng-Lung Sung
bdf32af2dd - update dependency on libprelude
PR:		ports/116110
Submitted by:	maintainer (Robin Gruyters)
2007-10-05 01:47:09 +00:00
Cheng-Lung Sung
a285174426 - Update to 0.9.13
- bump libprelude library

Changelog libpreludedb:
- Source and Target now use a 16 bits index (required for CorrelationAlert
  with large number of source/target). CorrelationAlert Alertident now use a
  32 bits index (required to link large number of Alert together).
- Fix compilation on system without ENOTSUP (fix #227):
  Include modified patch from Alexandre Anriot <aanriot@atlantilde.com>.
- [pgsql] Patch by Pierre Chifflier <chifflier@inl.fr>, that fixes type
  conversions preventing PostgreSQL to use indexes (fix #225).
- [preludedb-admin] Use separate alert / heartbeat command: this is done to
  have a coherent implementation of the --offset and --count command line
  options.
- [preludedb-admin] Fix --offset with the load command.
- [preludedb-admin] Give the delete table a decent size, should speedup the
  delete command.
- [documentation] preludedb-admin manpage (fix #230), by Pierre Chifflier
  <chifflier@inl.fr>.

PR:		ports/116109
Submitted by:	maintainer (Robin Gruyters)
2007-10-05 01:46:14 +00:00
Cheng-Lung Sung
17114d625b - Update to 0.9.9.1
- bump libprelude library

Changelog prelude-manager:
- Fix for new libprelude (0.9.15) runtime warning.
- Add documentation for SQLite3 in the template configuration file
  (S??繅astien Tricaud <toady at gscore.org>).

PR:		ports/116108
Submitted by:	maintainer (Robin Gruyters)
2007-10-05 01:45:06 +00:00
Cheng-Lung Sung
1e36b84691 - Update to 0.9.15.2
- Updated patch-Makefile.in
- Added Man page

Changelog libprelude:
- prelude-adduser has been renamed to prelude-admin, and now include command
  to print or send files containing binary IDMEF data.
- Brand new failover implementation, Feature a real 'journaling' log,
  allowing to restart where we were interupted. Allow multiple process to write to
  the same failover, and is chroot safe.
- prelude-admin manpage, thanks to Frederic Motte <fred at ubixis com>.
- Use SHA1 in place of MD5 for Analyzer checksum.
- Do not set TCP option on UNIX socket, avoid un-necessary warning.
- New measure all over the public interface to protect against bad API
  usage, when a function is not used correctly, a critical warning is triggered.
- [logging]: New PRELUDE_LOG_CRIT logging priority.
- [logging]: Correctly map Prelude log level to Syslog priority.
- [logging]: Improved logging format (include timestamp, level, process pid).
- [logging]: New LIBPRELUDE_ABORT variable, useful if you'd like libprelude
  to abord on critical assertion.
- [logging]: Automatically switch to syslog mode if we detect stdout/stderr
  closure.
- [IDMEF-Criteria]: When we try to match a value against a path that is not
  part of a message using a 'not' operator, the match should succeed
  (Example:
   alert.classification.text != 'stuff' should match if the message has no
   classification object).
- [IDMEF-Criteria]: When matching multiple listed values within the same
  path using a 'not' operator, return an explicit 'no match' if the provided
  comparison value was found at least once.
- [IDMEF-Path] (fix #251): Fixes NULL pointer dereference when the last
  element of an IDMEF path to an enumeration is not the enumeration itself
  (S??鞋bastien Tricaud <toady at gscore.org>
- Fix a possible race condition with the internal libprelude reference to
  the program idmef_analyzer_t when asynchronous timer were used.
- Workaround possible deadlock at exit on OpenBSD, Linux Glibc.
- Only configure libltdl if it is required.
- Various bug fixes, minor enhancements.
- Write the children PID into specified pidfile (fixes #257).
- Fix double free on idmef_criterion_value_t cloned regexp object (thanks
  to Helmut Azbest <helmut.azbest at gmail.com>).
- Allow Python thread to run, while entering libprelude C function.
- Return PRELUDE_ERROR_ASSERTION when API check fail, in place of
  PRELUDE_ERROR_GENERIC.
- Make prelude_plugin_unsubcribe() work as expected (call the plugin
  instance destroy function).
- Various bug fixes, minor enhancements.

PR:		ports/116107
Submitted by:	maintainer (Robin Gruyters)
2007-10-05 01:44:07 +00:00
Diane Bruce
369baeaa34 - This patch fixes broken install.
PR:		ports/116875
Reported by:	db
Submitted by:	Maintainer
2007-10-05 01:21:47 +00:00
Edwin Groothuis
c947287940 Remove always true/always false OSVERSION conditions. 2007-10-04 23:08:40 +00:00
Xin LI
d42f9fd9d4 Document firebird multiple remote buffer overflow vulnerabilities 2007-10-04 22:56:29 +00:00
Oliver Lehmann
b3950a7bca fix build of courier-authlib-vchkpw 2007-10-04 14:57:29 +00:00
Rong-En Fan
2866a78221 Wapiti allows you to audit the security of your web applications.
It performs "black-box" scans, i.e. it does not study the source code of
the application but will scans the webpages of the deployed webapp,
looking for scripts and forms where it can inject data.
Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to
see if a script is vulnerable.

WWW: http://wapiti.sourceforge.net/

PR:		ports/116873
Submitted by:	Philippe Audeoud <jadawin at tuxaco.net>
2007-10-04 13:21:39 +00:00
Edwin Groothuis
678db880d8 remove double bsd.port.mk 2007-10-04 09:21:59 +00:00
Edwin Groothuis
13441eac4b Remove always-false/true conditions based on OSVERSION 500000 2007-10-04 06:02:06 +00:00
Edwin Groothuis
0d263e77cb Remove support for OSVERSION < 5 2007-10-04 00:00:38 +00:00
Edwin Groothuis
f1826a6393 [PATCH] security/fwbuilder: cleanup non-supported FreeBSD versions
- removed support to 4.X (EOL)
	- add correct NOPORTDOCS

PR:		ports/111822
Submitted by:	Marcelo Araujo <araujo@bsdmail.org>
Approved by:	maintainer timeout
2007-10-03 12:19:22 +00:00