Upgrade drupal-pubcookie and drupal-textile to the 4.7 versions.
Submitted by: Nick Hilliard <nick at foobar dot org> (upgrade to 4.7.4)
Security: vid:3d8d3548-9d02-11db-a541-000ae42e9b93
2006-12-01 print/ec-fonts-mftraced: Installs files before 'make install'
2006-12-01 print/yatex-xemacs-mule: hangs during build
2006-12-01 security/gnu-crypto: Does not compile
2006-12-01 www/linux-beonex: Security issues. From http://www.beonex.com/ 'The currently available Beonex Communicator 0.8 builds have several known security bugs'
files.
The Windows systems (98, ME, 2000, XP and 2003 Server) can store thumbnails
and metadata of the picture files contained in the directories of its FAT32
or NTFS filesystems.
The thumbnails and associated metadata are stored in Thumbs.db files.
The Thumbs.db files are undocumented OLE structured files.
Once a picture file has been deleted from the filesystem, the related thumbnail
and associated metada remain stored in the Thumbs.db file. So, the data
contained in those Thumbs.db files are an helpful source of information
for the forensics investigator.
WWW: http://vinetto.sourceforge.net/
PR: ports/107235
Submitted by: Aleksander Fafula <alex at BSDGuru.org>
Pantera uses an improved version of SpikeProxy to provide a powerful web
application analysis engine.
Goals:
The primary goal of Pantera is to combine automated capabilities with complete
manual testing to get the best penetration testing results.
WWW: http://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project
PR: ports/105291
Submitted by: Yonatan <onatan at gmail.com>
before 2.0 upgrade.
- Add a patch to fix info/dir entry in gnupg1.info [1].
- Recover symlink during removing this port after installing
security/gnupg (2.0) (I forgot to add this before...).
PR: ports/106819 [1]
Submitted by: Dmitry A Grigorovich <odip@bionet.nsc.ru>
failing and proceeding to the next module, even when the user has not
enrolled yet.
This patchset adds a command line option to skip this behaviour.
NOTE: This patch will go into the next upstream release.
PR: 106564
Submitted by: Eugene M. Kim <freebsd.org@ab.ote.we.lv>
Approved by: Fredrik Lindberg <fli@shapeshifter.se> (maintainer)
depending on $PREFIX/bin/gpg for security/gnupg1 (1.4.x) is not
correct. To work around this, change dependency line from bin/gpg
to bin/gpgv which exists in security/gnupg1 port only.
Spotted by: ume
I've got a brand new hosting, so change my email to the new
one. Also, now I can mirror some distfiles, so update
MASTER_SITES for some ports.
PR: ports/107038
Submitted by: Dmitry Marakasov <amdmi3@mail.ru>
- Updated patch Perl Prelude bindings
Changelog libprelude-0.9.12:
- Correctly pack and unpack float value when sending/receiving.
- More error checking on IDMEF object copy.
- Fix a crash that occured when destroying a copied object.
- Correct registration warning when using AF_UNIX socket.
- Compile on systems lacking poll().
- IpV6 compatibility fixes.
- Fix OS X compilation issues.
- Various portability fixes.
PR: ports/107009
Submitted by: Robin Gruyters <r.gruyters@yirdis.nl> (maintainer)
Changelog libpreludedb-0.9.11:
- Avoid using GNU sed extension when generating postgresql/sqlite schema.
- Fix a Python binding memory leak upon alert list deletion.
- Compile and run on OS X.
- Various bugfixes.
- Various portability fixes.
PR: ports/107008
Submitted by: Robin Gruyters <r.gruyters@yirdis.nl> (maintainer)
Changelog prelude-manager-0.9.7:
- Fix a startup problem on system with different address of different family
mapping to the same IP.
- Fix for system using the GnuLib poll replacement modules. The module was
broken when used in conjunction with server socket.
- Various portability fixes (this release should compile and run on OSX out
of the box).
PR: ports/107010
Submitted by: Robin Gruyters <r.gruyters@yirdis.nl> (maintainer)
Changelog prelude-lml-0.9.8.1:
- Compile and run under OS X.
- Various portability fixes.
PR: ports/107011
Submitted by: Robin Gruyters <r.gruyters@yirdis.nl> (maintainer)
decentralized and doesn't entirely crumble if one company turns evil
or goes out of business.
An OpenID identity is just a URL. You can have multiple identities in
the same way you can have multiple URLs. All OpenID does is provide a
way to prove that you own a URL (identity).
Anybody can run their own site using OpenID, and anybody can be an
OpenID server, and they all work with each other without having to
register with or pay anybody to "get started". An owner of a URL can
pick which OpenID server to use.
WWW: http://www.openidenabled.com/openid/libraries/perl/
specification as well as making API changes that should make
integration with applications easier.
This library allows the use of XRI as OpenID identifiers, allowing users
to log in with their i-names. For full XRI compatibility,
relying parties integrating this library should take note of the user's
CanonicalID, as described in the "Identifying the End User" section of
the OpenID 2.0 specification.
WWW: http://www.openidenabled.com/openid/libraries/python/
maintains compatibility with Password Safe files. MyPasswordSafe has the
following features:
* Safes are encrypted when they are stored to disk.
* Passwords never have to be seen, because they are copied to the clipboard.
* Random passwords can be generated.
* Window size, position, and column widths are remembered.
* Passwords remain encrypted until they need to be decrypted at the dialog and
file levels.
* A safe can be made active so it will always be opened when MyPasswordSafe
starts.
* Supports Unicode in the safes.
* Languages supported: English and French.
WWW: http://www.semanticgap.com/myps/
adjusting some package names, and collapsing some ruby entries that
can be combined. Also properly sort the <bid> and <cvename> tags.
b comes before c.
The port security/blocksshd has the location of the config file hard-coded
into it as "/etc/blocksshd.conf", while the port places the config file
into "/usr/local/etc/blocksshd.conf"
- bump PORTREVISION
PR: ports/106629
Submitted by: Rob B<rbyrnes_AT_mailshack dot com>
Bump PORTREVISION of all dependent ports.
Fix the build errors in the few ports that still use the long deprecated,
and now obsoleted, cURL options.
Thanks to everyone who took the time to look over the patch!
Discussed on: -ports
Python secure hash and message digest module MD5, SHA1, SHA224, SHA256,
SHA384 and SHA512 (backported from Python 2.5 for use on 2.3 and 2.4)
WWW: http://code.krypto.org/python/hashlib/
Vadim Kurland, the author of libfwbuilder and fwbuilder, wishes that I
maintain this port for him.
Submitted by: Vadim Kurland <vadim@fwbuilder.org>
Approved by: Maintainer: Vadim Kurland <vadim@fwbuilder.org>
o Use the FDP style to fill in the entry.
o Remove the secunia references and use the libxine information.
o Properly sort the references section
o Add the modified tag (since I changed it).
(not connected in ../Makefile)
- Tweak installation directory for documents to avoid conflict against
coming gnupg upgrade (2.0.1).
I'm still testing my patch to upgrade to 2.0.1, so please wait. :-)
examines the sequence of client-server exchanges, their relative
layer 7 payload sizes, and transmission intervals (as opposed to
inspecting the contents, which is what most passive fingerprinters
and "smart" sniffers would do to analyze transmissions). This is
then matched against a database of traffic pattern signatures to
infer some interesting facts about the traffic.
PR: ports/106351
Submitted by: trasz <trasz at pin.if.uz.zgora.pl>
- Don't quote amavis_p0f_daemon_flags in the p0f rc.d script [1]
- Don't use -p option of daemon on 4.X since it doesn't have such [1]
Requested by: Michael Scheidell <scheidell@secnap.net> [1]
PR: 105862
Submitted by: gabor (maintainer)
- library version update of related ports
Changelog libprelude:
- Hook class comparison function. Accept NULL, equal, not equal operator.
- Introduce better error checking in the idmef-class API, which is now
considered public and might be used by external application. Rename
error code to reflect the API.
- Change to the way IDMEF listed element are handled. Specifying negative
number as the position of the element from the low level API now allow
to position the element at the specified (reversed) index. Using the
high level API a negative index permit to address a list of element
backward (replace an element).
- Build fixes for SWIG > 1.3.27.
- Modify idmef_value_match() so that it always unroll listed value
(do it for both val1 and val2. Remove assertion, and let
idmef_value_type_compare() return an error code in case there is an issue.
- Handle path using IDMEF_LIST_APPEND or IDMEF_LIST_PREPEND as
path using an undefined list index on idmef_path_get() call.
- Make criteria parser accept (*) list index.
- Implement comparison function for all IDMEF object.
PR: ports/104328
Submitted by: maintainer (Robin Gruyters)
Approved by: portmgr (pav)
ClamAV clamd service - an anti-virus daemon process.
You can find more information about clam anti-virus at
WWW: http://www.clamav.net/
File::Scan::ClamAV was originally based on the Clamd module
Submitted by: Jan-Peter Koopmann <Jan-Peter.Koopmann at seceidos.de>
an open source intrusion detection system.
The actual interface and GUI server are written in tcl/tk.
Sguil also relies on other open source software
in order to function properly.
The client requires gpg, iwidgets and other tcl packages and may
also use wireshark, festival and tls depending on your selection
of options. Run "make config" in the port to see what options
are available.
Sguil currently functions as an analysis interface and has
no snort sensor or rule management capabilities.
WWW: http://sguil.sourceforge.net/index.phppauls@utdallas.edu
PR: ports/105496
Submitted by: Paul Schmehl <pauls at utdallas.edu>
Update earleir bugzilla entry with better topic, add ja-bugzilla as
also potentially vulnerable (thought the version currently in
ja-bugzilla isn't), and add more references.
Platform-independent tool for Authenticode signing of EXE/CAB files - uses
OpenSSL and libcurl. It also supports timestamping.
PR: ports/105353
Submitted By: Nick Barkas <snb@threerings.net>
Approved By: flz (mentor)
