which the basesrc USE_KERBEROS variable. Discussed on packages@
This fixes PR#17182 from Takahiro Kambe. The problem was pointed out by
FUKAUMI Naoki on a Japanese NetBSD mailing list.
Changes since 1.15 :
- applied patch to fix CTX_set_default_passwd_cb() contributed
by Timo Kujala <timo.kujala@@intellitel_.com>, --Sampo
- similar patch by Chris Ridd <chris.ridd@messagingdirect.com>
- applied patch to add various API functions by mikem@open.com_.au
- 5.005_03 compat fix for Handle.pm from Jim Mintha <jim@@ic._uva.nl>
- further fixes for Net::SSLeay::Handle from jbowlin@@_linklint.org
- improved README.Win32 and added RECIPE.Win32 from
Hermann Kelley <hkelley@@secmon._com>
component for Gnome. Provided in PR 16341 by Julio Merino
(jmmv@hispabsd.org).
Seahorse is a GNOME front-end for GnuGP. It can be used for signing,
encrypting, verifying and decrypting text and files. The text can be
taken from the clipboard, or written directly in the little editor it
has. Seahorse is also a keymanager, which can be used to edit almost
all the properties of the keys stored in your keyrings.
Seahorse currently consists of two projects. Along with Seahorse
itself, a bonobo component called Seahorse-bonobo is being developed.
This bonobo component will serve as a backend to Seahorse, as the most
gnupg common functions are being implemented in it.
- a defect in the BSD_AUTH access control handling for
OpenBSD and BSD/OS systems:
Under certain conditions, on systems using YP with netgroups
in the password database, it is possible that sshd does ACL
checks for the requested user name but uses the password
database entry of a different user for authentication. This
means that denied users might authenticate successfully while
permitted users could be locked out (OpenBSD PR 2659).
- login/tty problems on Solaris (bug #245)
- build problems on Cygwin systems
Security Changes:
=================
- fixed buffer overflow in Kerberos/AFS token passing
- fixed overflow in Kerberos client code
- sshd no longer auto-enables Kerberos/AFS
- experimental support for privilege separation,
see UsePrivilegeSeparation in sshd(8) and
http://www.citi.umich.edu/u/provos/ssh/privsep.html
for more information.
- only accept RSA keys of size SSH_RSA_MINIMUM_MODULUS_SIZE (768) or larger
Other Changes:
==============
- improved smartcard support (including support for OpenSC, see www.opensc.org)
- improved Kerberos support (including support for MIT-Kerberos V)
- fixed stderr handling in protocol v2
- client reports failure if -R style TCP forwarding fails in protocol v2
- support configuration of TCP forwarding during interactive sessions (~C)
- improved support for older sftp servers
- improved support for importing old DSA keys (from ssh.com software).
- client side suport for PASSWD_CHANGEREQ in protocol v2
- fixed waitpid race conditions
- record correct lastlogin time
More synchronization with tweaks Jarkko have done to the
bleadperl test suite. This time various EBCDIC hacks.
Outside PERL_CORE the md5-aaa.t test loaded the wrong version of
the module (and would fail if no previous Digest::MD5 was installed).
One more test suite update from Jarkko to sync it
even better with bleadperl.
Changes #12954 and #16173 from bleadperl. Documentation typo fix
and some signed/unsigned mismatches that Microsoft's C compiler
complained about.
The EBCDIC-aware md5-aaa.t from bleadperl.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
Changes since 2.4.18:
- Corrected nasty bug in init code
- Corrected problems in Makefiles
- Minor bug fixes
- Corrected bug in mcrypt_module_open()
- Cleanups in the code.
* Secret keys are now stored and exported in a new format which
uses SHA-1 for integrity checks. This format renders the
Rosa/Klima attack useless. Other OpenPGP implementations might
not yet support this, so the option --simple-sk-checksum creates
the old vulnerable format.
* The default cipher algorithm for encryption is now CAST5,
default hash algorithm is SHA-1. This will give us better
interoperability with other OpenPGP implementations.
* Symmetric encrypted messages now use a fixed file size if
possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2,
6, and 7. Note this was only an issue with RFC-1991 style
symmetric messages.
* Photographic user ID support. This uses an external program to
view the images.
* Enhanced keyserver support via keyserver "plugins". GnuPG comes
with plugins for the NAI LDAP keyserver as well as the HKP email
keyserver. It retains internal support for the HKP HTTP
keyserver.
* Nonrevocable signatures are now supported. If a user signs a
key nonrevocably, this signature cannot be taken back so be
careful!
* Multiple signature classes are usable when signing a key to
specify how carefully the key information (fingerprint, photo
ID, etc) was checked.
* --pgp2 mode automatically sets all necessary options to ensure
that the resulting message will be usable by a user of PGP 2.x.
* --pgp6 mode automatically sets all necessary options to ensure
that the resulting message will be usable by a user of PGP 6.x.
* Signatures may now be given an expiration date. When signing a
key with an expiration date, the user is prompted whether they
want their signature to expire at the same time.
* Revocation keys (designated revokers) are now supported if
present. There is currently no way to designate new keys as
designated revokers.
* Permissions on the .gnupg directory and its files are checked
for safety.
* --expert mode enables certain silly things such as signing a
revoked user id, expired key, or revoked key.
* Some fixes to build cleanly under Cygwin32.
* New tool gpgsplit to split OpenPGP data formats into packets.
* New option --preserve-permissions.
* Subkeys created in the future are not used for encryption or
signing unless the new option --ignore-valid-from is used.
* Revoked user-IDs are not listed unless signatures are listed too
or we are in verbose mode.
* There is no default comment string with ascii armors anymore
except for revocation certificates and --enarmor mode.
* The command "primary" in the edit menu can be used to change the
primary UID, "setpref" and "updpref" can be used to change the
preferences.
* Fixed the preference handling; since 1.0.5 they were erroneously
matched against against the latest user ID and not the given one.
* RSA key generation.
* It is now possible to sign and conventional encrypt a message (-cs).
* The MDC feature flag is supported and can be set by using
the "updpref" edit command.
* The status messages GOODSIG and BADSIG are now returning the primary
UID, encoded using %XX escaping (but with spaces left as spaces,
so that it should not break too much)
* Support for GDBM based keyrings has been removed.
* The entire keyring management has been revamped.
* The way signature stati are store has changed so that v3
signatures can be supported. To increase the speed of many
operations for existing keyrings you can use the new
--rebuild-keydb-caches command.
* The entire key validation process (trustdb) has been revamped.
See the man page entries for --update-trustdb, --check-trustdb
and --no-auto-check-trustdb.
* --trusted-keys is again obsolete, --edit can be used to set the
ownertrust of any key to ultimately trusted.
* A subkey is never used to sign keys.
* Read only keyrings are now handled as expected.
April 22, 2002
New releases of RATS and EGADS
RATS 1.4 and EGADS 0.9 have been released. In addition to bugfixes for
both RATS and EGADS, RATS 1.4 includes additional win32 functions in
the database.
- Fixed COMMENT
- Updated DESCR
Changes :
- The SvPVbyte in perl-5.6.1 is buggy. Use the one from 5.7.3
instead.
- Give warning if the function interface is used as instance
methods: $md5->md5_hex().
file descriptor leak fix.
null encryption algorithm key length fix (should use 0).
couple of null-pointer reference fixes.
set port # to 500 in ID payload (possible interop issue - spec is unclear).
correctly match address pair on informational exchange.
- fmt on DESCR
Changes :
- calling context_init twice destroyed global context. fix from
Jason Heiss <jheiss@ofb.net>.
- file handle tying interface implementation moved to a separate
class to prevent problems resulting from self-tying filehandles.
Harmon S. Nine <hnine@netarx.com>.
- docs/debugging.txt file added
- require Net::SSLeay v1.08
- preliminary support for non-blocking read/write
- socketToSSL() now respects context's SSL verify setting
reported by Uri Guttman <uri@stemsystems.com>.
- change my email address
Changes since p5-Net-SSLeay-1.13 :
- added code to Makefile.PL to verify that the same C compiler
is used for both perl and openssl
- added code to Makefile.PL to support aCC on HPUX. Detective
work contributed by Marko Asplund.
- added peer certificate support to hilevel API, inspired
by mock@@_obscurity.org
- added `use bytes' from Marcus Taylor <marcus@@semantico_.com>
This avoids unicode/utf8 (as may appear in some XML docs)
from fooling the length comuptations.
OK'd by martti and garbled.
Changelog:
04 Mar 2002; changed license from "GPL, v2 or later" to "GPL v2".
04 Mar 2002; added "keychain.cygwin" for Cygwin systems. It may be time to
follow this pattern and start building separate, optimized scripts for each
platform so they don't get too sluggish. Maybe I could use a C preprocessor
for this.
06 Dec 2001; several people: Solaris doesn't like '-e' comparisons; switched
to '-f'
Rationale: get rid of the dependency on kth-krb4 on NetBSD>=1.5 systems.
For older systems, we provide full functionality via a (now buildlinked)
kth-krb4.
- Change DH group handling in the pre-generated parts of the
configuration. Add a -GRP{1,2,5} component to transform and suite
names to directly specify which group to use. If no group is
specified, use DH group 2 (MODP_1024). Earlier transforms and suites
using the MD5 hash defaulted to DH group 1, this is no longer true.
- Unbreak MD5 and SHA1 passphrases in policy check.
- Don't message_dump_raw() bad length messages, i.e too short.
- Fix a couple of snprintf length bugs.
- Compile without warnings for older/newer OpenSSL.
PR 15799
NeTraMet Version History
========================
v4.4 20 Feb 02
In examples/ directory, moved old rules.* examples
to non_srl. The srl examples are now in the
examples/ directory.
SNMP security issues. I've tested NeTraMet's
SNMP code using the PROTOS test suite. A test
for negative lengths in the ASN.1 parsing code
has been added - that was the only change needed.
The SNMP routines (in snmplib/) perform a lot of
parameter checks, and calls on an ERROR() define.
By default ERROR does nothing. If you're tesing
an SNMP manager against NeTraMet, you can turn
those messages on by adding -DDEBUG to the CFLAGS=
line in snmplib/Makefile and rebuilding the
snmp library.
Change 'interface number' attributes to use
16-bit integers instead of 8-bit. This can
be useful when using NetFlowMet.
v4.4b11 25 Nov 01 Implement -C option for nm_rc, exactly as in
NeMaC. This allows you to use nm_rc to test
rulesets against trace files being read by
crl_ntm or dd_ntm. Sample commands to do this
are:
./crl_ntm -T5 -m1234 -Strace_file -wW~com
./nm_rc -C -m1234 -rpeers.rules localhost W~com
Note: you need CoralReef version 3.5 to build
crl_ntm!
Speed improvements in flowhash:
- move code which doesn't need to be executed
on every call outside blocks in match()
- implement list of running rulesets, instead
of doing serial searches of ri[] table
- use 32-bit hash values for flow and stream
hash tables, use table size specified by
user (rather than trying to pick a prime
above it - that doesn't help, since we
use a set of distinct primes for hashing)
Use long long integers (8 bytes) for counter64
if the host supports them. Newer Pentiums do,
this provides a useful speedup.
Change 'shutdown' request character. It was
a single ESC, but it's too easy to hit a key
which sends an escape sequence! Now you have
to type ESC ESC Return to shut down the meter.
Fix little problems which gave warning messages
when building NeTraMet on an alpha running
Digital Unix. The configure script wasn't
recognising the OS correctly; this didn't
cause problems because none of the programs
have defines testing this any more.
MinPDUs gave compilation errors on alpha,
fixed by adding c64geint() define.
Linux kernel reset promiscuous mode when
forking a NeTraMet daemon. Changed meter_ux.c
to fork first, then open the interfaces.
NeTraMet, NetFlowMet, LfapMet, crl_ntm, dd_ntm
(i.e. all the meters) write error messages and
summary information to a log file using log_msg(),
in the same way as NeMaC. The name of the log
file is meter.log, it will be written in the
directory where the meter starts running.
v4.4b10 23 May 01 LfapMet: RTFM meter for LFAP, code contributed
by Remco Poortinga, <r.poortinga@home.nl>
Added files in src/meter
- README_LfapMet Notes about LfapMet
- lfapmet.h LfapMet globals
- lfapmet.c LfapMet support routines
Added two new MIB variables to reader row,
MinPDUs (default 0) and TimeMark. A flow must
have at least MinPDUs either to or from before
it will be read by a meter reader. TimeMark
is needed to associate an SNMP getnext request
with a particular reader.
MinPDUs can be set using the -M option.
nifty default is -M20, NeMaC default is -M0
Improved save.sav so that it only saves the
files we really need in the NeTraMet distribution.
v4.4b9 11 Apr 01 Fixed bug in NeMaC include statement.
getarg() no longer allows semicolon in an
argument.
Fixed srl compiler bug; optimise 3 wasn't
recognising the end of AND expressions
properly.
NeMaC could fail to open a flow data file
(e.g. because it already existed with
no write access); it now reports this
and doesn't try to run that meter/ruleset.
NeTraMet Coral interface improved to handle
two Dag cards properly. Reads blocks of
cells from each then merges them by timestamp.
NeTraMet uses -Siii to specify a Coral source
(instead of -C'source iii' *****).
- USE_GMAKE.
- use tcl's buildlink.mk.
* Release 2.3.1 (2002/03/15)
Changed any potentially unsafe sprintf/vsprintf instances to
snprintf/vsnprintf. There should never have been a remote exploit possible,
this just eliminates any theoretical local ones in case someone has a reason
to run this as root ... (Note that use of these functions may be an issue
on some platforms although they do appear in the UNIX98 spec and exist
on Windows).
Allowed CIDR address specifications for target (and server name in listenmode).
Added IP address checking with the "checkaddress" keyword.
Finally caved in and added "httpproxy" to allow connection via a web proxy
server using "CONNECT".
Added "transparent" keyword to attempt to act as a transparent proxy and
forward on the client IP address. It may work on Linux 2.0/2.2. But then
again, it might not ...
* Release 2.3.0 (2002/03/07)
New functionality (at last!).
Added "listenip" and -b option to set listening address.
Added "tcptimeout" and "idletimeout" to allow inactive TCP tunnels to be
closed.
Added "ipmode" and -U option to support mixed traffic mode for a single
client or server.
Makefile changes for Irix and HPUX from Kyle Dent. Others to use latest
version of mingw gcc and force use of "native" perl.
Note that Zebedee will now be linked with MSVCRT.DLL. That should only
be a problem on an old Win95 machine.
Japanese documentation NOT YET updated.
From DESCR:
GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
easier for applications. It provides a High-Level Crypto API for
encryption, decryption, signing, signature verification and key
management.
- eliminated initializing random numbers using /etc/passwd per
comments by Matt Messier <matt@@securesw_.com>
- tested against openssl-0.9.6c (not in pkg now :-)
all dependencies on packages depending on "png" which contain shared
libraries, all for the (imminent) update to the "png" package.
[List courtesy of John Darrow, courtesy of "bulk-build".]
Summary of changes:
- removal of USE_GTEXINFO
- addition of mk/texinfo.mk
- inclusion of this file in package Makefiles requiring it
- `install-info' substituted by `${INSTALL_INFO}' in PLISTs
- tuning of mk/bsd.pkg.mk:
removal of USE_GTEXINFO
INSTALL_INFO added to PLIST_SUBST
`${INSTALL_INFO}' replace `install-info' in target rules
print-PLIST target now generate `${INSTALL_INFO}' instead of `install-info'
- a couple of new patch files added for a handful of packages
- setting of the TEXINFO_OVERRIDE "switch" in packages Makefiles requiring it
- devel/cssc marked requiring texinfo 4.0
- a couple of packages Makefiles were tuned with respect of INFO_FILES and
makeinfo command usage
See -newly added by this commit- section 10.24 of Packages.txt for
further information.
msu (or mini/mono su) is a simple way to provide passwordless access to
accounts specified in a config file. Useful for shared accounts and suchlike.
Its more a convenient way to _reduce_ security, than increase it, but as its
related to account authorisation it goes into security...
* Build properly on systems that don't have /dev/urandom by testing for
the presence of /dev/urandom, instead of just testing for Solaris.
* Add disabled code to handle PAM (not quite working yet with security/PAM).
* Make the sshd rc.d script more /etc/rc.subr-friendly.
* Minimize amount of diffs from pristine OpenSSH sources.
pwcheck only checks against the /etc/passwd database. Users that need
CRAM-MD5 or SCRAM-MD5 authentication can initialize the sasldb and add
themselves in the process by running saslpasswd.
aware applications look for authentication mechanisms by default.
* Warn package admin if ${PREFIX}/lib/sasl is non-empty after
deinstallation, as it may contain service config files.
* Purge use of PKGDIR.
pam_smbpass is a PAM module to authenticate against a local smbpassd (Samba
password) user database, and can be used on conforming systems to keep the
smbpasswd database in sync with the UNIX password file.
incompatible changes to libpam.so; prior versions were buggy so upgrading
is highly recommended.
Pkgsrc changes from version 0.72 include:
* Honor ${PKG_SYSCONFDIR}: the config files are now found in /etc/pam.conf
and /etc/pam/*.conf, or in the appropriate ${PKG_SYSCONFBASE} directory.
* Convert to use the general INSTALL/DEINSTALL scripts.
Changes from version 0.72 include:
* bug fixes to almost every PAM module
* pam_pwdb replaced with pam_unix
* fixed a small security hole (more of a user confusion issue) with
the unix and pwdb password helper binaries.
* improved handling of the setcred/close_session and update chauthtok
stack. *Warning* This is a backwardly incompatible change, but 'more
sane' than before. (Bug 129775 - agmorgan)
* added support for '/' symbols in pam_time and pam_group config files
(support for modern terminal devices). Fixed infinite loop problem
with '\\[^\n]' in these files.
* added accessconf=<filename> feature to pam_access
o Utilize textproc/expat/buildlink.mk.
o Install data file to ${LOCALBASE}/libdata/rats instead of ${LOCALBASE}/lib.
It seems that Changes isn't available but PHP support was added.
469) Older versions of BSDi have getifaddrs() but no freeifaddrs().
470) BSDi has a fake setreuid() as do certain versions of FreeBSD and NetBSD.
471) Ignore the return value of pam_setcred(). In Linux-PAM 0.75,
pam_setcred() will return PAM_PERM_DENIED even if the setcred function
of the module succeeds when pam_authenticate() has not been called.
472) Avoid giving PAM a NULL password response, use the empty string instead.
This avoids a log warning when the user hits ^C at the password prompt
when Linux-PAM is in use. This also prevents older versions of
Linux-PAM from dereferencing the NULL pointer.
473) The user's password was not zeroed after use when AIX authentication,
BSD authentication, FWTK or PAM was in use.
Sudo 1.6.5p2 released.
+ Set local $SIG{PIPE} = \&die before $ssl->connect()
to capture the "broken pipe" error associated with connecting
to a computer that is not running a SSL web server
+ Documented differences / conflicts between LWP proxy support
and Crypt::SSLeay which seems to be a source of confusion for users.
+ Added Net::SSL::get_peer_verify call so the warning header
from LWP that says:
Client-SSL-Warning: Peer certificate not verified
can be suppressed when HTTPS_CA_FILE & HTTPS_CA_DIR environment
variables are set to invoke peer certificate verification.
+ $ENV{HTTPS_DEBUG} activates Crypt::SSLeay specific debugging,
so one can debug from LWP:: calls without using ./net_ssl_test script
- removed exit from Makefile.PL
+ Streamlined *CA* patches so only in $CTX->set_verify()
which gets called every time now.
+ Throw error instead of return undef in Net::SSL->connect()
because we loose the errors otherwise.
- Turn SSL_MODE_AUTO_RETRY on so clients can survive
changes in SSLVerifyClient changes in the modssl connection
+ Integrated patches from Gamid Isayev for CA peer verification.
- Client certs weren't working correctly, setup certs earlier in connection
now, also create new CTX per request, so cert settings don't remain
sticky from one request to the next.
+ update ./net_ssl_test to do smart parsing of host, where
host can now be of the form http://www.nodeworks.com:443/
- local $@ in Net::SSL::DESTROY so we don't kill real errors
- return undef in Net::SSL::connect() instead of die() for better LWP
support & error handling.
+ alarm() on Unix platforms around ssl ctx connect, which can hang for
process for way too long when trying to connect to dead https SSL servers.
Fixes PR/15053 by Shell Hung.
467) Visudo could access memory that was already freed.
468) If the skey.access file denied use of plaintext passwords sudo
would exit instead of allowing the user to enter an S/Key.
Sudo 1.6.5p1 released.
Added --disable-root-mailer to CONFIGURE_ARGS better security.
Changes from 1.6.3p7 to 1.6.5 is attached bellow.
417) Visudo now checks for the existence of an editor and gives a sensible
error if it does not exist.
418) The path to the editor for visudo is now a colon-separated list of
allowable editors. If the user has $EDITOR set and it matches
one of the allowed editors that editor will be used. If not,
the first editor that actually exists is used.
419) Visudo now does its own fork/exec instead of calling system(3).
420) Allow special characters (including '#') to be embedded in pathnames
if quoted by a '\\'. The quoted chars will be dealt with by fnmatch().
Unfortunately, 'sudo -l' still prints the '\\'.
421) Added the always_set_home option.
422) Strip NLSPATH and PATH_LOCALE out from the environment to prevent
reading of protected files by a less privileged user.
423) Added support for BSD authentication and associated -a flag.
424) Added check for _innetgr(3) since NCR systems have this instead
of innetgr(3).
425) Added stay_setuid option for systems that have libraries that perform
extra paranoia checks in system libraries for setuid programs.
426) Environment munging is now done by hand. The environment is zeroed
upon sudo startup and a new environment is built before the command
is executed. This means we don't rely on getenv(3), putenv(3),
or setenv(3).
427) Added a class of environment variables that are only cleared if they
contain '/' or '%' characters.
428) Use stashed user_gid when checking against exempt gid since sudo
sets its gid to SUDOERS_GID, making getgid() return that, not the
real gid. Fixes problem with setting exempt group == SUDOERS_GID.
Fix from Paul Kranenburg.
429) Fixed file locking in visudo on NeXT which has a broken lockf().
Patch from twetzel@gwdg.de.
430) Regenerated configure script with autoconf-2.52 (required some
tweaking of configure.in and friends).
431) Added mail_badpass option to send mail when the user does not
authenticate successfully.
432) Added env_reset Defaults option to reset the environment to
a clean slate. Also implemented env_keep Defaults option
to specify variables to be preserved when resetting the
environment.
433) Added env_check and env_delete Defaults options to allow the admin
to modify the builtin list of environment variables to remove.
434) If timestamp_timeout < 0 then the timestamp never expires. This
allows users to manage their own timestamps and create or delete
them via 'sudo -v' and 'sudo -k' respectively.
435) Authentication routines that use sudo's tgetpass() now accept
^C or ^Z at the password prompt and sudo will act appropriately.
436) Added a check-only mode to visudo to check an existing sudoers
file for sanity.
437) Visudo can now edit an alternate sudoers file.
438) If sudo is configured with S/Key support and the system has
skeyaccess(3) use that to determine whether or not to allow
a normal Unix password or just S/Key.
439) Fixed CIDR handling in sudoers.
440) Fixed a segv if the local hostname is not resolvable and
the 'fqdn' option is set.
441) "listpw=never" was not having an effect for users who did not
appear in sudoers--now it does.
442) The --without-sendmail option now works on systems with
a /usr/include/paths.h file that defines _PATH_SENDMAIL.
443) Removed the "secure_path" Defaults option as it does not work and
cannot work until the parser is overhauled.
444) Added new -P flag and "preserve_groups" sudoers option to cause
sudo to preserve the group vector instead of setting it to that
of the target user. Previously, if the target user was root
the group vector was not changed. Now it is always changed unless
the -P flag or "preserve_groups" option was given.
445) If find_path() fails as root, try again as the invoking user (useful
for NFS). Idea from Chip Capelik.
446) Use setpwent()/endpwent() and its shadow equivalents to be sure
the passwd/shadow file gets closed.
447) Use getifaddrs(3) to get the list of network interfaces if it is
available.
448) Dump list of local IP addresses and environment variables to clear
when 'sudo -V' is run as root.
449) Reorganized the lexer a bit and added more states. Sudo now does a
better job of parsing command arguments in the sudoers file.
450) Wrap each call to syslog() with openlog()/closelog() since some
things (such as PAM) may call closelog(3) behind sudo's back.
451) The LOGNAME and USER environment variables are now set if the user
specified a target uid and that uid exists in the password database.
452) configure will no longer add the -g flag to CFLAGS by default.
453) Now call pam_setcreds() to setup creds for the target user when
PAM is in use. On Linux this often sets resource limits.
454) If "make install" is run by non-root and the destination dir
is writable, install things normally but don't set owner and mode.
455) The Makefile now supports installing in a shadow hierarchy
specified via the DESTDIR variable.
456) config.h.in is now generated by autoheader.
Sudo 1.6.4 released.
457) Move the call to rebuild_env() until after MODE_RESET_HOME is set.
Otherwise, the set_home option has no effect.
458) Fix use of freed memory when the "fqdn" flag is set. This was
introduced by the fix for the "segv when gethostbynam() fails" bug.
459) Add 'continue' statements to optimize the switch statement.
From Solar Designer.
Sudo 1.6.4p1 released.
460) Some special characters were not being escaped properly (e..g '\,')
in command line arguments and would cause a syntax error instead.
461) "sudo -l" would not work if the always_set_home option was set.
462) Added a configure option to disable use of POSIX saved IDs for
operating systems where these are broken.
463) The SHELL environment variable was preserved from the user's environment
instead of being reset based on the passwd database even when the
"env_reset" option was set.
Sudo 1.6.4p2 released.
464) Added a configure option to cause mail sent by sudo to be run as
the invoking user instead of root. Some people consider this to
be safer.
465) If the mailer is being run as root, use a hard-coded environment
that is not influenced in any way by the invoking user's environment.
466) Fixed the call to skeyaccess(). Patch from Phillip E. Lobbes.
Sudo 1.6.5 released.
* The list of keyservers is now read form the file "keyservers" in the
GPA configuration directory which by default is ~/.gnupg. The new
option keyserver may be used in the gpa.conf file to select the
default keyserver - it implictly adds this server to the list of
keyservers.
hierarchy. Whilst this is not desirable, it's the only way to get this
package to execute properly, since it makes assumptions about absolute
and relative paths, and expects its own versions of certain commands (md5,
file), so it's best to keep these off to one side.
Here is quote from README.
$Id: README,v 1.3 2001/11/18 19:00:06 majkl Exp $
'OpenSSL for Ruby' project
Copyright (C) 2001 Michal Rokos <m.rokos@sh.cvut.cz>
All rights reserved.
This program is licenced under the same licence as Ruby.
(See the file 'LICENCE'.)
[Done] (but not fully tested)
= OpenSSL config file parser (part) --- TO BE DROPPED? (any idea?)
= PKey:: RSA,DSA keys - new, load, export
= X509::Certificate - generating new certs, load, looking inside
= X509::CRL - load, new, looking inside
= X509::Name - new, export to_str, to_a, to_h (hash)
= X509::Revoked - new, looking inside (on parameters)
= X509::Store - new, import trusted certs and CRL, verifiing certs
= Digest::... - various hashes
= X509::Request - Cert requests
= X509::Attribute - as X509Request extensions (not tested)
= X509::Extension - to Certs, CRLs...
= X509::ExtensionMaker - for easy creating new Extensions
= Netscape::SPKI - for requests from NetscapeCommunicators
= Cipher::... - various ciphers
= basic PRNG functions (random generator) for OpenSSL module and class Random
= SSLSocket (merged Gotou Yuuzou's SSLsocket-Ruby project)
= PKCS7 (signing&data_verify is working, rest needs some testing)
[To-Do]
= check for memory leaking :-))
= cleaner code
= examples
= RubyUnit to be used!
= API documentation
= comments to sources!!!
= further functionality to existing
= Std. Extensions, Attributes to be made as Classes?
= AttributeFactory?
= add aliases to to_pem as s_dump s_load to support Marshal module
= CipherFactory?
= autogen random IVs for Ciphers
= safe BigNums
= PKCS12
= PKCS8
= HMAC
= ASN.1 ???
= BIO ???
= compat tests for RSA/DSA sign/encrypt
appropriate place. Pointed out in private mail by someone who wishes
to remain anonymous.
XXX The PLIST's location for these files needs to be fixed by someone
more knowledgable than me in these black arts.
- str[n]{cpy,cat} -> strl{cpy,cat}, sprintf -> snprintf
- strftime format fixes
- Don't hang waiting for select() with SIGTERM + no active SA
- Add UI option 'R' to trigger isakmpd reinit (same as SIGHUP)
...
http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/isakmpd/
* Added a "--local" option for removing the ${HOSTNAME} from the various
files that keychain creates. Handy for non-NFS users.
* Using the Bourne shell "type" builtin rather than using the external
"which" command. Should make things a lot more robust and slightly
faster.
* Solaris' "which" command outputs "no lockfile in..." to stdout rather
than stderr. A one-line fix (test the error condition) has been
applied.
* lockfile settings tweak
* If you stop making progress providing valid passphrases, it's three
strikes and you're out.
* Some private keys can't be "ssh-keygen -l -f"'d; this patch causes
keychain to look for the corresponding public key if the private
key doesn't work. Thanks Constantine!
* CYAN color misdefined; fixed.
* A "quiet mode" (--quiet) fix; I missed an "echo".
* Missed another "kill -9"; it's now gone.
TCT is a collection of programs by Dan Farmer and Wietse Venema for a
post-mortem analysis of a UNIX system after break-in.
Notable TCT components are the grave-robber tool that captures
information, the ils and mactime tools that display access patterns of
files dead or alive, the unrm and lazarus tools that recover deleted
files, and the findkey tool that recovers cryptographic keys from a
running process or from files.
WARNING
This software is not for the faint of heart. It is relatively
unpolished compared to the software that Dan and Wietse usually
release. TCT can spend a lot of time collecting data. And although
TCT collects lots of data, many analysis tools still need to be
written.
Based on patches provided in PR 15081 by frazee.23@osu.edu.
- Fixed a bug in the mcrypt extension, where list destructors were not
properly being allocated. (Sterling)
- Fixed bugs in the mcrypt extension that caused crashes. (Derick)
1.0.10 :
Changes by Michael Scheidell <scheidell@fdma.com> :
- Backported Nessus 1.1.x plugins changes in nessus-plugins
Changes by Renaud Deraison <deraison@nessus.org> :
- Minor fixes
- Format string bug fixed in protocol.c
smtp, pop3 and nntp in client mode were affected.
(stunnel clients could be attacked by malicious servers)
- Certificate chain can be supplied with -p option or in stunnel.pem.
- Problem with -r and -l options used together fixed.
- memmove() instead of memcpy() is used to move data in buffers.
- More detailed information about negotiated ciphers is printed.
- New ./configure options: "--enable-no-rsa" and "--enable-dh".
Mirrordir is a suite of functions in one package. It contains the
following programs:
* pslogin: A remote login utility and daemon that provides a secure
shell. This can be considered as a GPL replacement to Ssh.
* copydir: A cp equivalent which additionally copies to and from ftp
servers. Use it to upload and download via ftp and via mirrordir's
secure daemon. Use it as a rigorous cp to correctly reproduce
hardlinks, permissions and access times.
* mirrordir: Mirrors filesystems over ftp or locally via a minimal
set of changes. It is optimised for locally mirroring a device as
an alternative to RAID devices. It duplicates file-systems in every
detail, even correctly recreating hardlinks, devices and access
times. It works well mirroring ftp sites that don't support ls-lR
summaries. Mirrordir can take a C script to customise the kind of
files to mirror based on their stat info, name, or other
information.
* recursdir: Pass a C script to recursdir to recursively perform
operations on files. This is a fast and overkill equivalent of find.
Taken from a suggestion by Jeff Sheinberg.
version 4.14.0 are:
- Support for ACE (WinACE) Archiver
- Support for additional packers: PKLITE32, ELiTeWrap, Joiner, PEBundle,
PEBundle Write-To-Disk, and tElock.
- Support for newer versions of packers: Petite, ASPack, UPX, NeoLite,
and PECompact.
- Support for BZIP compression format
- Support for additional LHA compression formats, LH6 and LH7
- Support for zcompress compression format
- Support for PDF 5.0 files
- Improved scanning for MIME formats
- Support for Unicode and Unicode big-endian saved scripts
- Support for Compiled Help files
- Support for Microsoft Exchange internal data-transfer format
- Support for Internet Message Connector (IMC) Archive format.
- Support for uncompressed VBA in Visio files
- Improved heuristic analysis for 32-bit Windows applications
- Support for compressed RTF and HTML in Microsoft Outlook messages
- Support for Script Component Type Libraries
- Improved performance when scanning Windows 32 applications
general INSTALL scripts and checking in the update_dat script that the
place to fetch the DAT files ends in a '/'. Changes include checking for
even more Internet worms (includes goner).
Changes :
- Patches for foreign program compatibility, initialization vectors
and padding methods from Jody Biggs <jody.biggs@paymybills.com>
- Removed debugging code
- Used Digest-MD5
Makefiles during the build process by touching various auto{conf,make}
source files to make them up-to-date. Packages that require regenerating
the configure script and Makefile.in files should make the appropriate
calls to auto{conf,make} in a pre-configure target. This allows the
various targets listed in ${_CONFIG_PREREQ} to modify the generated files
without triggering the GNU auto* tools and having the modifications be
overwritten.
* Disabled scard-install (patch/patch-ah -- Do we need/want it?)
Changes since 2.9.9.2:
- Don't allow authorized_keys specified environment variables when
UseLogin in active
- Fix IPv4 default in ssh-keyscan
- Fix early (and double) free of remote user when using Kerberos
- fix krb5 authorization check
- enable authorized_keys2 again
- ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@
- make ~& (backgrounding) work again for proto v1; add support ~& for v2, too
- pad using the padding field from the ssh2 packet instead of sending
extra ignore messages
- missing free and sync dss/rsa code
- crank c->path to 256 so they can hold a full hostname
- cleanup libwrap support
- Fix fd leak in loginrec.c
- avoid possible FD_ISSET overflow for channels established
during channnel_after_select()
- chdir $HOME after krb_afslog()
- stat subsystem command before calling do_exec
- close all channels if the connection to the remote host has been closed,
should fix sshd's hanging with WCHAN==wait
- add NoHostAuthenticationForLocalhost; note that the hostkey is
now check for localhost, too
- loginrec.c: fix type conversion problems exposed when using 64-bit off_t
- Update spec files for new x11-askpass
HMAC is used for message integrity checks between two parties that
share a secret key, and works in combination with some other Digest
algorithm, usually MD5 or SHA-1. The HMAC mechanism is described in
RFC 2104.
