ONLY_FOR_PLATFORMS setting and simply allow the build to fail on systems
on which it currently doesn't build. Replace the cascading if statement
that set the Makefile target with something more compact. Lastly, teach
tcp_wrappers to partially honor PKG_SYSCONFDIR -- it will default to the
historic locations /etc/host.{allow,deny} for the config files, but if
PKG_SYSCONFDIR.tcp_wrappers is set in /etc/mk.conf, then it will use that
instead.
not defined yet until bsd.pkg.mk. Explicitly use "openssl" instead. This
correctly forces NetBSD installations of openssl to use /etc/openssl as
the configuration file directory as originally intended.
Changes between 0.9.6l and 0.9.6m [17 Mar 2004]
*) Fix null-pointer assignment in do_change_cipher_spec() revealed
by using the Codenomicon TLS Test Tool (CAN-2004-0079)
[Joe Orton, Steve Henson]
- use <stdarg.h> instead of <varargs.h>
- don't declare errno assuming nicluding <errno.h> is sufficient.
- check strerror(3) and don't use own alternative one.
available any more.
(c) FRISK Software International
http://www.f-prot.com/
F-PROT Antivirus for BSD, version 4.4.1
Version 4.4.1 contains various bugfixes and improvements to the documentation
and software.
o Further enhancements of scanning password encrypted zip files.
o Added detection of encrypted archives (since various new viruses
spread through encrypted archives).
o Minor bug-fixes in the F-Prot daemon.
o Minor bug-fixes in scan-mail.pl (smtp proxying).
o Critical bug-fixes in f-prot-milter.
by moving the inclusion of buildlink3.mk files outside of the protected
region. This bug would be seen by users that have set PREFER_PKGSRC
or PREFER_NATIVE to non-default values.
BUILDLINK_PACKAGES should be ordered so that for any package in the
list, that package doesn't depend on any packages to the left of it
in the list. This ordering property is used to check for builtin
packages in the correct order. The problem was that including a
buildlink3.mk file for <pkg> correctly ensured that <pkg> was removed
from BUILDLINK_PACKAGES and appended to the end. However, since the
inclusion of any other buildlink3.mk files within that buildlink3.mk
was in a region that was protected against multiple inclusion, those
dependencies weren't also moved to the end of BUILDLINK_PACKAGES.
While here, update to 4.4.0 since previous distfile disappeared.
Changes:
o Added detection of encrypted archives (since various new viruses
spread through encrypted archives).
o Minor bug-fixes in the F-Prot daemon.
o Minor bug-fixes in scan-mail.pl (smtp proxying).
o Critical bug-fixes in f-prot-milter.
o Minor modifications to the check-updates.pl script (disable proxy caching
by default).
changes:
- Added support for removing files recursivly
- Incudes checking for file type and size.
- Displays the file being destroyed and its size.
- Added command line flags:
- Added Security Level Flag (Destroy Severity)
- Added Output suppression flag for non-verbose output.
- Added Help flag.
- Added a Manual page for the program in section 1.
While here bl3ify.
Changes since previously packaged version (3.2.5):
2003-12-03 Sami J. Lehtinen <sjl@ssh.com>
* ssh-3.2.9.1.
* non-commercial: removed cert hash compat stuff, which broke
compilation.
2003-09-26 Sami J. Lehtinen <sjl@ssh.com>
* ssh-3.2.9.
* ssh2,sshd2: (by Patrick Irwin): Critical security fix: fixed
several bugs in ASN.1 decoding functionality, which were caused
by invalid assumptions on the format of input BER data.
Certificates malformed in certain ways could cause a crash or
buffer overflow. No known exploits at this time, but you are
strongly advised to upgrade.
Admins unwilling or unable to upgrade need to disable
certificates, but this may not be enough for "hostbased"
authentication. "publickey" auth should be safe even with the
old version with certificates disabled. Clients are probably
vulnerable against malicious servers in the initial key exchange
regardless of configuration.
Users of noncommercial version are not affected by this
vulnerability.
2003-09-25 Sami J. Lehtinen <sjl@ssh.com>
* sshd2, ssh2: Implemented DisableVersionFallback, with which you
can disable fallback compatibility code for older, or otherwise
incompatible versions of software. Don't disable unless you know
what you're doing. See sshd2_config(5) for details. For really
paranoid people (using this option will probably hurt usability
somewhat, especially in environments where multiple versions of
SSH are used from different vendors).
* sshd2, ssh2: Implemented Cert.RSA.Compat.HashScheme. Older SSH
Secure Shell clients and servers used hashes in an incoherent
manner (sometimes MD5, sometimes SHA-1). With this option, you
can set what hash is used. See sshd2_config(5) for details.
* Previous: ssh-3.2.8.
2003-08-07 Tomi Salo <ttsalo@ssh.com>
* Added a new general configuration option, MaxCRLSize. This sets
the maximum size for CRLs and CA certs used in validating
received certificates. (The size is the total size of all CRLs
and certs, not the maximum individual size.)
2003-06-11 Sami J. Lehtinen <sjl@ssh.com>
* ssh-3.2.7.
* ssh-signer2: Fixed a bug, which caused the application to
intermittently call fatal because the read() operation was
interrupted by a signal (SIGCHLD).
2003-06-04 Sami J. Lehtinen <sjl@ssh.com>
* ssh-3.2.6.
* SecurID certified binaries, no code changes.
built-in or not into a separate builtin.mk file. The code to deal
checking for built-in software is much simpler to deal with in pkgsrc.
The buildlink3.mk file for a package will be of the usual format
regardless of the package, which makes it simpler for packagers to
update a package.
The builtin.mk file for a package must define a single yes/no variable
USE_BUILTIN.<pkg> that is used by bsd.buildlink3.mk to decide whether
to use the built-in software or to use the pkgsrc software.
