- Install sample jail.conf and fail2ban.conf files so that when users
modify the fail2ban.conf and jail.conf files they are not removed.
- Add an IPFW example using IPFW tables
- Created freebsd sshd and ftp example conf files.
Submitted by: Ken Menzel <kmenzel@whisolutions.com> (via e-mail)
functions, according to NIST FIPS 180-2 (with the SHA-224 addendum), as
well as the SHA-based HMAC routines. The functions have been tested
against most of the NIST and RFC test vectors for the various functions.
While some attention has been paid to performance, these do not
presently reach the speed of well-tuned libraries, like OpenSSL.
WWW: http://hackage.haskell.org/package/SHA
Update security/openvpn20 to 2.0.9, revising pkg-message.
Move security/openvpn-devel to security/openvpn and
update security/openvpn to 2.1.1.
Remove security/openvpn-devel, adding a MOVED entry.
Update security/Makefile to remove openvpn-devel and add openvpn20 to
SUBDIRS.
Add a UPDATING entry for this shuffle. Currently without upgrade
instructions since neither portupgrade nor portmaster are up to the
task (because of the CONFLICTS).
Approved by: garga@ (mentor)
Update security/openvpn20 to 2.0.9, revising pkg-message.
Move security/openvpn-devel to security/openvpn and
update security/openvpn to 2.1.1.
Remove security/openvpn-devel, adding a MOVED entry.
Update security/Makefile to remove openvpn-devel and add openvpn20 to
SUBDIRS.
Add a UPDATING entry for this shuffle. Currently without upgrade
instructions since neither portupgrade nor portmaster are up to the
task (because of the CONFLICTS).
Approved by: garga@ (mentor)
- Mark jobs safe
- Cleanup whitespace in OPTIONS
- [1] Add ability to specify syslog facility at build time (defaults to local2,
no functional change)
- [2] Add ability to specify ldap configuration file (defaults to
${PREFIX}/etc/ldap.conf, no functional change)
PR: [2]: ports/127822
Submitted by: [1]: skreuzer@ (private mail)
[2]: Sergey Skvortsov <skv@freebsd.org>
- Logfile monitoring has been enhanced with three new features:
(1) reporting on bursts of very similar/repeated messages
(2) reporting on expected yet missing messages (e.g. heartbeat messages)
(3) reporting on correlated events (e.g. event A is followed by event B
within X seconds)
- Better caching of UIDs/GIDs to reduce lookups
- Hostnames of clients are matched case-insensitively now
PR: ports/136065 ports/127469
Submitted by: N.J. Mann <njm@njm.me.uk> and Aldis Berjoza <killasmurf86@gmail.com>
- Early identify port CONFLICTS
PR: 137855
Submitted by: Piotr Smyrak <smyru@heron.pl>
- Add --no-same-permissions to the EXTRACT_AFTER_ARGS command.
Tijl Coosemans has been reported an issue that when root is extracting from the
tarball, and the tarball contains world writable files
(sysutils/policykit as an example), there is a chance that the files
gets changed by malicious third parties right after the extraction,
which makes it possible to inject code into the package thus compromise
the system.
Submitted by: Tijl Coosemans <tijl@coosemans.org> Xin LI (delphij@)
- Fix some whitespaces
Tested with: exp-run
