ZoneMinder is intended for use in single or multi-camera video security
applications, including commercial or home CCTV, theft prevention and child,
family member or home monitoring and other domestic care scenarios such as
nanny cam installations. It supports capture, analysis, recording, and
monitoring of video data coming from one or more video or network cameras
attached to a system. ZoneMinder also support web and semi-automatic control
of Pan/Tilt/Zoom cameras using a variety of protocols. It is suitable for use
as a DIY home video security system and for commercial or professional video
security and surveillance. It can also be integrated into a home automation
system via X.10 or other protocols.
As mentionned on the upstream page (https://github.com/bitprophet/ssh):
"This library started life as a fork of Paramiko but has now been
fully been merged back upstream.
As such, 'ssh' is defunct and will receive no future releases or
attention: please change your dependencies back to Paramiko,
and file any feature requests or bugfixes over on Paramiko's tracker."
F-PROT Antivirus for Unix, version 6.2.3
* Fixed a problem with multiple connections in fpscand.
* Startup scripts have been tuned and improved.
* fpscand now overrides the loglevel when run in foreground mode, forces
it to 7 (DEBUG).
* scan-mail.pl had trouble with multiple instances and temporary file cleanup,
this had been fixed.
* The installer now has the wrapper script option for fpscan as default.
Upstream changes:
5.84 Sat Mar 9 17:36:08 MST 2013
- untweaked Makefile.PL to remove dependencies of SHA.c
-- dependencies were breaking builds on VMS
-- retaining dependencies provides too little benefit
for cost of portable workaround
5.83 Mon Mar 4 08:12:00 MST 2013
- removed code for standalone C operation (no longer used)
-- eliminates need for external symbols
-- consolidates SHA and HMAC code
-- reduces size of object files
-- thanks to Marc Lehmann for suggestions
- tweaked Makefile.PL to show dependencies of SHA.c
5.82 Thu Jan 24 04:54:12 MST 2013
- introduced workaround to SvPVbyte bug in Perl 5.6
-- module behavior now consistent under all Perls 5.6+
-- ref: new test script t/unicode.t
-- SHA routines now always croak on wide chars (5.6+)
- removed "static" message schedules from C code
-- default "auto" is now just as fast
-- thread-safe option (-t) no longer necessary
-- still allowed, but ignored
-- simplifies source and header files
-- eliminates SHA_STO_CLASS and SHA_THREAD_SAFE
-- ref. Bug #82784
-- thanks to Steve Hay for initial patch
- provided documentation to describe Unicode handling
-- ref: Bug #82378
- updated documentation of NIST statement on SHA-1
This is a bugfix release.
Fix null PKINIT pointer dereference vulnerabilities [CVE-2012-1016, CVE-2013-1415]
Prevent the KDC from returning a host-based service principal referral to the local realm.
This minor update incorporates the "--tgt-known-iids" option, which
can be used to track systems across networks, even if they employ the
so-called "Privacy Address" (and yes, that includes Microsoft Windows
systems).
Upstream appears to have no changelog or NEWS; the included README is
about changes in 1.8.0. Browsing github makes this look like minor
features and bugfixes.
timeline using information found within various log files and other
files that contain timestamps. The tool can be used to augment
traditional timeline analysis where the focus has generally been on
solely the timestamps found within the filesystem itself.
The tool is also capable of outputting into various formats that
can be used to either import into analysis tools or to read directly
using whatevery suits you (spreadsheet/vim/less/...)
Changelog:
Version 4.55, 2013.03.03, urgency: HIGH:
Security bugfix
OpenSSL updated to version 1.0.1e in Win32/Android builds.
Buffer overflow vulnerability fixed in the NTLM authentication of the CONNECT protocol negotiation. See https://www.stunnel.org/CVE-2013-1762.html for details.
New features
SNI wildcard matching in server mode.
Terminal version of stunnel (tstunnel.exe) build for Win32.
Bugfixes
Fixed write half-close handling in the transfer() function (thx to Dustin Lundquist).
Fixed EAGAIN error handling in the transfer() function (thx to Jan Bee).
Restored default signal handlers before execvp() (thx to Michael Weiser).
Fixed memory leaks in protocol negotiation (thx to Arthur Mesh).
Fixed a file descriptor leak during configuration file reload (thx to Arthur Mesh).
Closed SSL sockets were removed from the the transfer() c->fds poll.
Minor fix in handling exotic inetd-mode configurations.
WCE compilation fixes.
IPv6 compilation fix in protocol.c.
Windows installer fixes.
- Added google search for indexable directories
- Changed X scan debug output so it won't give output all the time
- Fixed major bug in googlescan
- Added sendmail < 8.12.9 check
created, so put the new version of the distfile into a DIST_DUBDIR.
New distfile has been verified to contain the pkgsrc patch -- which actually
caused the change in the distfile.
What's new in Sudo 1.7.10p7?
* A time stamp file with the date set to the epoch by "sudo -k"
is now completely ignored regardless of what the local clock is
set to. Previously, if the local clock was set to a value between
the epoch and the time stamp timeout value, a time stamp reset
by "sudo -k" would be considered current.
What's new in Sudo 1.7.10p6?
* The tty-specific time stamp file now includes the session ID
of the sudo process that created it. If a process with the same
tty but a different session ID runs sudo, the user will now be
prompted for a password (assuming authentication is required for
the command).
What's new in Sudo 1.7.10p5?
* On systems where the controlling tty can be determined via /proc
or sysctl(), sudo will no longer fall back to using ttyname()
if the process has no controlling tty. This prevents sudo from
using a non-controlling tty for logging and time stamp purposes.
What's new in Sudo 1.7.10?
* If the user is a member of the "exempt" group in sudoers, they
will no longer be prompted for a password even if the -k flag
is specified with the command. This makes "sudo -k command"
consistent with the behavior one would get if the user ran "sudo
-k" immediately before running the command.
* The sudoers file may now be a symbolic link. Previously, sudo
would refuse to read sudoers unless it was a regular file.
* The user/group/mode checks on sudoers files have been relaxed.
As long as the file is owned by the sudoers uid, not world-writable
and not writable by a group other than the sudoers gid, the file
is considered OK. Note that visudo will still set the mode to
the value specified at configure time.
* /etc/environment is no longer read directly on Linux systems
when PAM is used. Sudo now merges the PAM environment into the
user's environment which is typically set by the pam_env module.
* The initial evironment created when env_reset is in effect now
includes the contents of /etc/environment on AIX systems and the
"setenv" and "path" entries from /etc/login.conf on BSD systems.
* On systems with an SVR4-style /proc file system, the /proc/pid/psinfo
file is now uses to determine the controlling terminal, if possible.
This allows tty-based tickets to work properly even when, e.g.
standard input, output and error are redirected to /dev/null.
* The sudoreplay command can now properly replay sessions where
no tty was present.
* Fixed a race condition that could cause sudo to receive SIGTTOU
(and stop) when resuming a shell that was run via sudo when I/O
logging (and use_pty) is not enabled.
in PR 47600.
NaCl (pronounced "salt") is a new easy-to-use high-speed
software library for network communication, encryption, decryption,
signatures, etc.
NaCl's goal is to provide all of the core operations needed to
build higher-level cryptographic tools.
libsodium is a library for network communication, encryption,
decryption, signatures, etc.
libsodium is a portable, cross-compilable, installable,
packageable, API-compatible version for NaCl.
One minor change was to take the "check" target out of the post-build
state and put it into the TEST_TARGET definition.
netpgpverify is a standalone program to verify a PGP signature
on a file or document. Both RSA and DSA signatures are supported,
as are binary and document signatures.
netpgpverify is compliant with RFC 4880.
netpgpverify is a small frontend for libnetpgpverify, to allow PGP digital
signatures to be verified from the command line.
signatures.
This library has no pre-requisites other than -lz and -lbz2.
This is libnetpgpverify, a standalone library to verify PGP
signatures.
It uses its own internal MPI/BIGNUM functions, which are a vastly
cut-down version of libtommath. For this reason, utilities and other
libraries can embed PGP signature verification, using a BSD-licensed
library.
Bugfixes:
* OPENDNSSEC-388: Signer Engine: Internal serial should take into account
the inbound serial.
* OPENDNSSEC-242: Signer Engine: Could get stuck on load signconf while
signconf was not changed.
* Signer Engine: Fixed locking and notification on the drudge work queue,
signals could be missed so that drudgers would stall when there was work to
be done.
Changes since previous version:
+ Minor documentation updates
+ gmake no longer needed to build
+ updated patch - still needed to quieten compiler for ctype warnings
(reported upstream)
OpenSSL version 1.0.1e released
===============================
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.1e of our open source toolkit for SSL/TLS. This new
OpenSSL version is a new feature release. For a complete
list of changes, please see
http://www.openssl.org/source/exp/CHANGES.
The most significant changes are:
o Corrected fix for CVE-2013-0169
troubleshooting package for ipv6, into the Packages Collection. This is version
1.3b.
The SI6 Networks' IPv6 toolkit is a set of IPv6
security/trouble-shooting tools, that can send arbitrary IPv6-based
packets.
flow6: A tool to perform a security asseessment of the IPv6 Flow Label.
frag6: A tool to perform IPv6 fragmentation-based attacks and to
perform a security assessment of a number of fragmentation-related
aspects.
icmp6: A tool to perform attacks based on ICMPv6 error messages.
jumbo6: A tool to assess potential flaws in the handling of IPv6 Jumbograms.
na6: A tool to send arbitrary Neighbor Advertisement messages.
ni6: A tool to send arbitrary ICMPv6 Node Information messages, and
assess possible flaws in the processing of such packets.
ns6: A tool to send arbitrary Neighbor Solicitation messages.
ra6: A tool to send arbitrary Router Advertisement messages.
rd6: A tool to send arbitrary ICMPv6 Redirect messages.
rs6: A tool to send arbitrary Router Solicitation messages.
scan6: An IPv6 address scanning tool.
tcp6: A tool to send arbitrary TCP segments and perform a variety of
TCP-based attacks.
=== 2.1.0 / 06 Feb 2013
* Added public cert. All gem releases are now signed. See INSTALL in readme.
* Remove self-require, it causes a warning in Ruby 1.9.2. [jbarnette]
* Allow for upload to use the filename of the local file by default [czarneckid]
* Properly handle receiving less data than requested. [thedarkone]
* Added option to create directory on directory upload [Pablo Merino]
* Remove a warnings in tests [kachick]
