Changelog:
This release fixes a serious (though not security-related) bug in the
SSL/TLS negotiation over UDP that can cause SSL/TLS handshake failures.
PR: 127392
Submitted by: Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by: portmgr (pav)
- Chase libclamav version bump on all dependant ports
- Bump necessary PORTREVISIONS
- Fix some BROKEN messages from ports that were already broken with clamav-0.93
- Mark security/klamav as BROKEN since it doesn't build with clamav-0.94
PR: ports/127122 [1], ports/127310 [2]
Submitted by: Gary Palmer <freebsd-gnats@in-addr.com> [1], delphij [2]
Approved by: portmgr (pav)
- Added entries for logcheck user in UIDs and GIDs
- Fixed package building problems (perms and empty dir creation)
Reported by: QA Tindy
Approved by: portmgr (erwin)
- Replaced hard-coded paths in pkg-plist with variables
- Cleaned up installation commands
- Moved crontab file to EXAMPLESDIR and updated pkg-install.in
to handle port knob NOPORTEXAMPLES
- Regenerated patch files with "make makepatch"
PR: ports/122842
Submitted by: Cezary Morga <cm at therek dot net>
Approved by: beech (mentor, implicit)
the best crypto algorithms from the Crypto++ library.
WWW: http://allmydata.org/trac/pycryptopp
PR: ports/126977
Submitted by: Wen Heping <wenheping at gmail.com>
SnortSam is a plugin for Snort, an open-source light-weight
Intrusion Detection System (IDS). The plugin allows for
automated blocking of IP addresses on many firewalls.
WWW: http://www.snortsam.net
PR: ports/126896
Submitted by: Danton Dorati <danton@freebsdbrasil.com.br>
for FreeBSD. The official KDE 4.1.1 release notes can be found at
http://www.kde.org/announcements/changelogs/changelog4_1to4_1_1.php.
KDE Community ships sirst translation and service release of the 4.1
dree desktop, containing numerous bugfixes, Performance Improvements
and Translation Updates.
Pretty much all applications have received the developers' attention,
resulting in a long list of bugfixes and improvements. The most significant
changes are:
* Significant performance, interaction and rendering correctness
improvements in KHTML and Konqueror, KDE's web browser
* User interaction, rendering and stability fixes in Plasma,
the KDE4 desktop shell
* PDF backend fixes in the document viewer Okular
* Fixes in Gwenview, the image viewer's thumbnailing, more
robust retrieval and display of images with broken metadata
* Stability and interaction fixes in KMail
New Ports:
- graphics/kcoloredit
* KColorEdit is a palette files editor. It can be used
for editing color palettes and for color choosing and
naming.
- graphics/kgraphviewer
* KGraphViewer is a GraphViz DOT graph viewer for KDE. The
GraphViz programs are free-software layout engines for graphs.
KGraphViewer displays the graphs in a modern, user-friendly GUI
with all the power of a well integrated KDE application.
- graphics/kiconedit
* KIconEdit is designed to help create icons for KDE using the standard
icon palette.
- graphics/skanlite
* Skanlite is a simple image scanning application that does nothing
more than scan and save images. Skanlite can open a save dialog for
every image scanned or save the images immediately in a specified
directory with auto-generated names and format. The user can also
choose to show the scanned image before saving.
Integer-divided by 1000 this means a sure zero, which brings up a
compiler warning -- a good thing.
The patch fixes the problem while maintaining compatibility for all.
Submitted by: mi
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.
To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.
To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.
Changes to Mk/*:
- Add runtime detection magic in bsd.port.mk
- Remove CONFIGURE_TARGET hack in various bsd.*.mk
- USE_GNOME=gnometarget is now an no-op
Changes to individual ports, other than removing the CONFIGURE_TARGET hack:
= pkg-plist changed (due to the ugly CONFIGURE_TARGET prefix in * executables)
- comms/gnuradio
- science/abinit
- science/elmer-fem
- science/elmer-matc
- science/elmer-meshgen2d
- science/elmerfront
- science/elmerpost
= use x86_64 as ARCH
- devel/g-wrap
= other changes
- print/magicfilter
GNU_CONFIGURE -> HAS_CONFIGURE since it's not generated by autoconf
Total # of ports modified: 1,027
Total # of ports affected: ~7,000 (set GNU_CONFIGURE to yes)
PR: 126524 (obsoletes 52917)
Submitted by: rafan
Tested on: two pointyhat 7-amd64 exp runs (by pav)
Approved by: portmgr (pav)
- Remove @ to show some install commands, and add -v to cp
- Install clamav-milter doc
- User CHOWN and CHMOD from bsd.commands.mk
PR: ports/126069 [1]
Submitted by: Matthew D. Fuller <fullermd@over-yonder.net> [1]
The main master site does not actually have this particular version of
gringotts, but it seems better to list the new URL as the old stopped
working long time ago. A new version of gringotts exists, and if anyone
is using and have an interest in this port they should look into it.
Keeping the secondary master site so that there is at least one place
to fetch the current distfile.
(arbitrary code execution).
- VulnDB update was submitted in a previous PR.
- Add PKCS#11 option which explicitly disables PKCS11 at
build time if not desired to avoid invisible pkcs11-helper
dependency, else openvpn would silently pick up security/pkcs11-helper.
PR: 126356
Submitted by: Matthias Andree <matthias.andree@gmx.de> (maintainer)
for FreeBSD. The official KDE 4.1.0 release notes can be found at
http://www.kde.org/announcements/4.1/.
Some note:
* Prefix
KDE4 will be install into a custom prefixes namely ${LOCALBASE}/kde4.
KDE4 and KDE3 can co-exist
* Sound
For sound to work, it is necessary to have dbus and hal enabled
in your system. Please see the respective documentation on how
to enable these.
For more Informations see the HEADS UP at ports@ and kde-freebsd@
or our wiki page http://wiki.freebsd.org/KDE4/Install.
Have fun!
QCA aims to provide a straightforward and cross-platform crypto
API, using Qt datatypes and conventions. QCA separates the API from
the implementation, using plugins known as Providers. The advantage
of this model is to allow applications to avoid linking to or
explicitly depending on any particular cryptographic library. This
allows one to easily change or upgrade crypto implementations
without even needing to recompile the application. QCA should work
everywhere Qt does, including Windows/Unix/MacOSX.
Capabilities:
TLS, CMS, X.509, RSA, DSA, Diffie-Hellman, PKCS#7, PKCS#12, SHA0,
SHA1, SHA224, SHA256, SHA384, SHA512, MD2, MD4, MD5, RIPEMD160,
Blowfish, DES, 3DES, AES128, AES192, AES256, CAST5, HMAC(SHA1, MD5,
RIPEMD160), PBKDF1(MD2, SHA1), PBKDF2(SHA1)
WWW: http://delta.affinix.com/qca/
- reset maintainer: Vaida Bogdan no longer uses FreeBSD. Thank you for maintaining the ports so far!
- nuke some small plists while here
PR: ports/125698
Submitted by: Andrew Stuart
to the OpenSSL programs.
ssl-admin will help you do the following tasks with SSL certificates:
* Create your own CA certificate.
* Create new Certificate Signing Requests
* Sign existing Certificate Signing Requests
* Manage Certificate Revokation Lists
* Export configurations and certificates for OpenVPN.
PR: ports/125875
Submitted by: Eric Crist <ecrist at secure-computing.net>
- Remove conditional to set PORTDOCS
- s/pre-patch/post-patch/
- Change Makefile's reinplace to use ?= instead of comment CC and CFLAGS lines
and remove MAKE_ENV declaration
- Remove redundances of program names, just set it one time and use the vars to
repeat names
Approved by: maintainer by email
- Change default OpenLDAP version to 2.4
- Remove OpenLDAP 2.2 support, the port has been gone for some time now
- Add -DDEPRECATED to CFLAGS for all OpenLDAP using ports
PR: ports/123602, ports/124115, ports/125605
Submitted by: delphij, Jens Rehsack <rehsack@web.de>,
Yuri Pankov <yuri.pankov@gmail.com>
- Remove USE_GTK, it's no longer used
PR: ports/123528
Submitted by: mezz
- Use PATCH_WRKSRC instead of WRKSRC in do-patch target
PR: ports/124169
Submitted by: Max Brazhnikov <makc@issp.ac.ru>
- Remove USE_XPM, it's been replaced by USE_XORG+=xpm
PR: ports/124506
Submitted by: Alex Kozlov <spam@rm-rf.kiev.ua>
- Minor fixups for bsd.port.mk
PR: ports/122675
Submitted by: linimon
- Remove stale comment about USE_GETOPT_LONG
PR: ports/124521
Submitted by: Alex Kozlov <spam@rm-rf.kiev.ua>
- Correct comment about default fetch arguments
PR: ports/125334
Submitted by: Gary Palmer <freebsd-gnats@in-addr.com>
sockets, fixing it now.
No bump PORTREVISION needed since MILTER option is off by default
Reported by: Gregory Shapiro <gshapiro@gshapiro.net>
Tested by: Gregory Shapiro <gshapiro@gshapiro.net>
The Crypt::OpenSSL::AES module implements a wrapper around
OpenSSL's AES (Rijndael) library.
PR: ports/125387
Submitted by: John Ferrell <jdferrell3 at yahoo.com>
tool. It is meant to complement active crawlers and manual proxies more
commonly used for this task, and is optimized specifically for an accurate and
sensitive detection, and automatic annotation, of potential problems and
security-relevant design patterns based on the observation of existing,
user-initiated traffic in complex web 2.0 environments.
WWW: http://code.google.com/p/ratproxy/
PR: ports/125249
Submitted by: Steven Kreuzer <skreuzer@exit2shell.com>
- Change clamav-milter startup script to wait clamav-milter socket be created
before try to chmod it [1]
PR: ports/124643 [1]
Submitted by: Adrian Thearle <adrian@thearle.com.au> [1]
servers via a single "gateway" host. It is useful for establishing Net::SSH
connections to servers behind firewalls, but can also be used to forward ports
and establish connections of other types, like HTTP, to servers with i
restricted access.
* Easily manage forwarded ports
* Establish Net::SSH connections through firewalls
WWW: http://net-ssh.rubyforge.org/gateway
PR: ports/125053
Submitted by: Philip M. Gollucci <pgollucci@p6m7g8.com>
SSH (and requires the Net::SSH library), and allows files and directory trees
to copied to and from a remote server.
* Transfer files or entire directory trees to or from a remote host via SCP
* Can preserve file attributes across transfers
* Can download files in-memory, or direct-to-disk
* Support for SCP URI's, and OpenURI
WWW: http://net-ssh.rubyforge.org/scp
PR: ports/125052
Submitted by: Philip M. Gollucci <pgollucci@p6m7g8.com>
"OTR button" functionality have been moved to a menu. Also, "Buddy
authentication has been revamped, based on the user study published
in SOUPS 2008." The old authentication methods are still allowed.
This version adds locale files for ar, de, hu, and ru.
Drop the specific library version number for libpurple to
(hopefully) avoid churn down the road.
Assume maintainership, and add my website to MASTER_SITES.
Approved by: Maintainer timeout
"OTR button" functionality have been moved to a menu. Also, "Buddy
authentication has been revamped, based on the user study published
in SOUPS 2008." The old authentication methods are still allowed.
In this version support for pkgconfig has been added, and the
shared library version number has been bumped.
This port has 3 consumers, net-im/climm, security/kopete-otr, and
security/pidgin-otr. Maintainers of the first two have confirmed
that this update works for them. An update for pidgin-otr is next.
This has been tested against pidgin 2.4.2 and 2.4.3.
Finally, I'm taking over maintainership per agreement with the
current maintainer.
The port is deprecated since it is not supported by the FreeBSD
Security Officer anymore. The reason for this is that the ca-roots
port makes promises with regard to CA verification which the current
Security Officer (and deputy) do not want to make.
For people who need a general root certificate list see the
security/ca_root_ns, but note that the difference in guarantees with
regard to which CAs are included in ca_root_ns vs. ca-roots. The
ca_root_ns port basically makes no guarantees other than that the
certificates comes from the Mozilla project.
Note that the ca-roots MOVED file entry on purpose does not point at
ca_root_ns due to the change in CA guarantees.
With hat: security-officer
- User RF macro.
PR: ports/125028
Submitted by: Philip M. Gollucci <pgollucci@p6m7g8.com>
Approved by: Roderick van Domburg <r.s.a.vandomburg@nedforce.nl> (maintainer)
- User RF macro.
PR: ports/125016
Submitted by: Philip M. Gollucci <pgollucci@p6m7g8.com>
Approved by: Roderick van Domburg <r.s.a.vandomburg@nedforce.nl> (maintainer)
