Changes:
2010-12-27 - Barnyard 2.1.9
[*] Additions
* spo_database. Support of encrypted connections to postgresql is now
available. See README.database for the appropriate options.
* spo_sguil. Fixed issue with duplication of alerts.
[*] Improvements
* spooler. Fixed issue with borking when reading unrecognised records.
There is now sufficient information to skip and move on.
* spooler. Fixed early termination of non-readable files, causing the
dreaded SEGFAULT.
* classifications. Tweaked output for classification identification if the
appropriate node can't be found.
PR: ports/154400
Submitted by: Paul Schmehl <pauls _at_ utdallas.edu> (maintainer)
Feature safe: yes
- always enable bpf in libdnet-stripped to support build in Jail [1]
Announcement and Changelog are very long and covered by last updates.
Announcement: http://seclists.org/nmap-hackers/2011/0
Changelog: http://nmap.org/changelog.html
PR: ports/154353 [1]
Submitted by: Mars G Miro <spry _at_ anarchy.in.the.ph> [1]
Feature safe: yes
that can break non-sandboxed builds when
some other (poorly-configured) ports are
installed (For example, lang/libutils or
textproc/irstlm)
- Remove a problematic mirror, based on
distilator results
Approved by: makc, miwi (mentors, implicit)
Feature safe: yes
- Remove an unnecessary addition to CPPFLAGS
that can break non-sandboxed builds when
some other (poorly-configured) ports are
installed (For example, lang/libutils or
textproc/irstlm)
- Remove a problematic mirror, based on
distilator results
Approved by: makc, miwi (mentors, implicit)
Feature safe: yes
which is not always true. When PATH is being configured to a
non-standard sequence, we may found an as(1) newer than the base
one and draw wrong conclusion which leads to failed builds.
Use the result given by c++. This is also accepted to upstream.
PR: ports/154325
Submitted by: swell.k gmail.com
Feature safe: yes
length (128, 192, or 256 bits) key, developed by Counterpane Labs.
It is unpatented and free for all uses, as described at
http://www.counterpane.com/twofish.html. It has been one of the
five finalists for AES.
This module is written in pure Perl, it should run everywhere
where Perl runs.
WWW: http://search.cpan.org/dist/Crypt-Twofish_PP/
PR: ports/154142
Submitted by: Konstantin Menshikov <kostjnspb@yandex.ru>
Feature safe: yes
"This release fixes a bug in the I/O logging support that could cause visual
artifacts in full-screen programs such as text editors. This bug was listed as
fixed in sudo 1.7.4p5 but the fix was merged incorrectly."
Feature safe: yes
the authors intended by adding:
USE_AUTOTOOLS= libtool
USE_GNOME= ltverhack
to security/libassuan/Makefile.
Update the libassuan shared library version number and/or bump
PORTREVISION in the dependent ports.
Requested by: ale
Feature safe: yes
Special thanks to rea@ for commiting the appropriate VuXML for me. :)
PR: ports/153939
Submitted by: rea@
Security: 908f4cf2-1e8b-11e0-a587-001b77d09812
Feature safe: yes
Two DoS conditions:
- CVE-2010-4539, DoS via walking of SVNParentPath
collections;
- CVE-2010-4644, DoS via memory leaks triggered
by the option "-g" of the blame command.
Approved by: delphij (secteam), erwin (mentor)
Feature safe: yes
Many reasons:
- some vulnerabilities were present only in the specific
PHP modules and not in the core PHP;
- it is better to group vulnerabilities by-topic (DoS, code
execution, etc);
- PHAR vulnerability is present only in 5.3.x;
- extract() vulnerability was fixed both in 5.2 and 5.3:
http://www.mail-archive.com/php-cvs@lists.php.net/msg47722.html
- NULL-byte poisoning was fixed only in 5.3, 5.2.x is still
vulnerable to this design error;
- DFS-related fixes are not relevant for FreeBSD, since DFS
is Windows file system that is unsupported by us.
PR: 153433
Approved by: remko (secteam), erwin (mentor)
Feature safe: yes
- rewrite the rc script so it works with this version
- patch the Gemfile, else it will not detect
rubygem-sqlite3 or ruby-dbd_sqlite3
PR: 153293
Submitted by: Dax Labrador <semprix at bsdmail.org> (maintainer)
- remove subshell to use basename, and use ## substitution [1]
- remove FreeBSD 5.X compatibility comment [1]
- remove FreeBSD 5.X compatibility code
The parts marked with [1] above were
Submitted by: dougb (Doug Barton)
- remove dead mirror servers
Changelog: http://nmap.org/changelog.html
Mayjor changes are NSE script related, some highlihts:
o [NSE] Added stuxnet-detect.nse
o [NSE] Added the ftp-proftpd-backdoor.nse
and many more interesting NSE scripts.
files, Hongfuzz supplies and modifies input to a test program and utilize the
ptrace() API/POSIX signal interface to detect and log crashes.
WWW: http://code.google.com/p/honggfuzz/
a way a bit different (and a bit more generic) than the one in the PR.
While I'm here, declare the GPL-2+ license and remove the MD5 checksum.
PR: 153568
Submitted by: Jason Helfman <jhelfman@experts-exchange.com>
and no one has any of interest to fix it. It's an ancient software and
is part of GNOME 1. It's time for us to get rid of some of GNOME 1 stuff as
the GNOME 3 is coming sometimes in 2011. Any ports that required libcappet
are removed and ports that have optional aren't remove.
PR: ports/153355
Discussed with: My team, FreeBSD GNOME Team
Tested by: pointyhat-exp (thanks pav!)
http://www.torproject.org/getinvolved/mirrors.html.en
- fix conditional openssl requirements [1] (thanks to Pascal Stumpf
for raising this issue, and that of CVE 2010-1676)
PR: 151181 [1]
Approved by: makc, miwi (mentors, implicit)
2010-12-30 databases/p5-sqlrelay: broken and upstream disapeared
2010-12-30 devel/php-dbg2: No upstream support
2010-12-30 dns/fourcdns: upstream has disapeared
2010-12-31 emulators/win4bsd: Development has ceased and distfile is no longer available
2010-12-31 french/mozilla-flp: www/seamonkey port is deprecated. Consider using the www/firefox-i18n.
2010-12-31 french/xtel: Minitel services will be discontinued at the end of 2010.
2010-12-30 ftp/ftpq: upstream has disapeared
2010-12-30 graphics/paintlib: does not compile with new tiff and no more maintained upstream
2010-12-30 graphics/g3dviewer: does not build with gcc 4.2, upstream disapeared
2010-12-30 lang/scriba: Does not compile with gcc 4.2+, looks like abandonware
2010-12-30 math/rascal: Broken on every arch since 2008, looks like an abandonware
2010-12-31 net-mgmt/nrg: Project has vanished. Use cacti instead.
2010-12-31 security/hostsentry: Project is dead.
2010-12-31 sysutils/kcube: Project has vanished
2010-12-31 www/cybercalendar: has been unmaintained since 2001 and is unusable with dates after 2010 (see ports/150974)
2010-12-31 www/flock: Flock 3 moves from Firefox to Chromium
2010-12-31 www/linux-flock: Flock 3 moves from Firefox to Chromium
2010-12-30 x11-clocks/xtu: Looks like abandonware
Leave java/tya in for now, as it has outstanding PRs.
