PMSA-2016-16.
(For anyone wondering about the suspicious gap in the sequence:
PMSA-2016-15 only affected unreleased code in their git master
development branch)
longer. This is a no-op because KDE4_PREFIX is equal to LOCALBASE
Fix up properties for misc/kde4-l10n/files/bsd.l10n.mk to make svn happy.
PR: 209014 (partial)
Submitted by: myself
Approved by: portmgr (bapt)
Differential Revision: https://reviews.freebsd.org/D6542
It simplifies the handling of the XML and SMGL catalog
It brings a big of consistency by always specifying the catalog path absolute
instead of mixing absolute and relative path.
The keyword is also written a PKG_ROOTDIR friendly to simplify cross installing
Reviewed by: hrs
Differential Revision: https://reviews.freebsd.org/D6539
A vulnerability was found in how hostapd and wpa_supplicant writes the
configuration file update for the WPA/WPA2 passphrase parameter. If this
parameter has been updated to include control characters either through
a WPS operation (CVE-2016-4476) or through local configuration change
over the wpa_supplicant control interface (CVE-2016-4477), the resulting
configuration file may prevent the hostapd and wpa_supplicant from
starting when the updated file is used. In addition for wpa_supplicant,
it may be possible to load a local library file and execute code from
there with the same privileges under which the wpa_supplicant process
runs.
These patches were developed upstream and published as a response
to the security advisories CVE-2016-4476 and CVE-2016-4477.
PR: 209564
Requested by: Sevan Janiyan
- No longer required to run pkcs11_startup.
pkcs11_startup and pkcs_slotd were shell scripts that created the
config file, pk_config_data, which was read by pkcsslotd to get
available slot information.
The pk_config_data configuration file has been replaced with
/etc/opencryptoki/opencryptoki.conf.
In version 3, the pkcsslotd daemon reads opencryptoki.conf to get slot
information. The opencryptoki.conf by default contains slot information
for each token currently supported by opencryptoki with the exception of
the ICSF token, which requires some initial setup.
Please see man page for opencryptoki.conf for further information.
Since pk_config_data is no longer required, pkcs11_startup and
pkcs_slotd have been removed.
- Update to 0.3.13.
- Remove CONFLICTS with emulators/tpm-emulator.
Two separate binaries, sbin/tcsd (for actual TPM device) and
sbin/tcsd_emu (for TPM emulator) are now installed. rc.d/tcsd chooses
one of them depending on $tcsd_mode. When tcsd_mode="native" (default)
it runs sbin/tcsd, and when tcsd_mode="emulator" it runs sbin/tcsd_emu.
Note that sbin/tcsd_emu depends on tpmd in emulators/tpm-emulator.
- Simplify @sample.
emulators/tpm-emulator:
- Remove CONFLICTS with security/trousers.
- Simplify rc.d/tpmd.
