sensors, managers, and a display console. This
is Prelude DB Library. It allow the interface
allowing Prelude to use a DBMS for alert storage.
While libprelude support a choice of MySQL or
postgreSQL, this package uses MySQL because it
was nearly an order of magnitude faster during
test operation.
This is one of several new packages in the Prelude family.
sensors, managers, and a display console. LibPrelude
is the glue that binds all aspects of Prelude together.
LibPrelude is a library which enables Prelude
components to communicate in a standard IDMEF method.
This is one of several new packages in the Prelude family.
struct timeval on DragonFly. Use BSD_INSTALL_PROGRAM, removing
the unportable -r flag at the same time. Fix build with newer
OpenSSL versions by including openssl/sha.h explicitly.
/usr/pkg/include and /usr/include can appear in any order, PREFIX can be
!= /usr/pkg.
XXX Why this hack and not split + filter to remove the include pathes?
krb5-config then create one to use in the buildlink tree. Useful
for packages that expect krb5-config to exist to determine kerberos
existence/locations.
This addresses pr/32620, using the patch provided by Christian Gall.
Notable changes include:
* Fixed an endless loop encountered in a corrupted WMF sample.
* A bug in the ELF scanner could cause a crash.
* Using a symlink as a path element to f-protd could cause f-protd not to
start.
* A race issue with startproc (start-stop-daemon in LSB terms) could lead
to old DEF files being used by f-protd even after updates.
* UPX packed files could cause crash on Solaris/sparc.
* Better handling for corrupt mime files.
* A bug in MS office scanner on big-endian platforms was fixed.
* Anomy extended to do content-type fingerprinting which allows
scan-mail.pl to block attachments with false extension based on their
'real' extensions,
e.g. .wmf files claiming to be .jpg or .png files.
* A bug in scan-mail.pl's rc-script, which could cause problems in Debian
when shutting scan-mail.pl down, has been fixed.
* Tweaks and optimizations should improve scanning speed by appr. 15-40%
over previous releases.
* Engine version 3.16.10 will now try to scan zip files which falsly claim
to use 64-bit compression methods. 64 bit compression is not supported,
but the scanner will now try to scan those files using 32 bit methods.
* Improved handling of some types of corrupt files, which were previously
skipped with I/O error.
* A corrupt arj file could crash the scanner. This has been fixed.
* Fixed a bug in scan-mail.pl where attachments would sometimes be left in
quarantine.
* Trying to scan a device special file now results in non-zero exit code.
* Scanning of redirected stdin is now possible, e.g. 'f-prot /dev/fd/0 <
/path/to/file'
script not to find any system-installed compile_et.
(This should really be done by using our own PATH that doesn't include
any system paths, but we're not quite ready to do that yet.)
Patch submitted in PR 32598 by pancake <at> phreaker <dot> net
In other words:
- Add more checks and fixups on the engine.
- More keywords in wordlists database.
- Add new mode called 'silent mode'
- more charsets availables for gendict
- add some more examples
- add fine tuning for words in NEC=200
"extract" script for extraction. Many cases where a custom EXTRACT_CMD
simply copied the distfile into the work directory are no longer
needed. The extract script also hides differences between pax and
tar behind a common command-line interface, so we no longer need code
that's conditional on whether EXTRACT_USING is tar or pax.
** New API to access the TLS master secret.
When possible, you should use the TLS PRF functions instead.
** Improved handling when multiple libraries use GnuTLS at the same time.
Now gnutls_global_init() can be called multiple times, and
gnutls_global_deinit() will only deallocate the structure when it has
been called as many times as gnutls_global_init() was called.
** Added a self test of TLS resume functionality.
** Fix crash in TLS resume code, caused by TLS/IA changes.
** Add 'const' keywords in various places, from Frediano ZIGLIO.
** The code was indented again, including the external header files.
** API and ABI modifications:
New functions to retrieve the master secret value:
gnutls_session_get_master_secret
Add a 'const' keyword to existing API:
gnutls_x509_crq_get_challenge_password
Grab maintainership
From the ChangeLog (Summarised)
> * ike-backoff-patterns: Added backoff patterns for Netgear ProSafe
> and Netgear ADSL Firewall Router. Submitted by Paul Askew.
> * ike-scan.c, ike-scan.h, configure.ac: Added new --writepkttofile
> option. This option writes the output packet to the specified file
> rather than sending it to the remote host. It is intended for
> debugging and testing purposes, to allow the IKE packet to be
> easily checked. This option is not documented, because it is
> designed purely for testing.
> * check-packet: New test to check IKE scan packet data. Currently
> tests two sample packets: one default proposal, and one custom
> proposal.
> * ike-scan.c: Added --exchange option to allow the exchange field
> in the ISAKMP header to be set to arbitrary values.
> * ike-scan.c, isakmp.c: Added --hdrflags and --hdrmsgid options to
> allow Flags and MsgID fields in the ISAKMP header to be specified.
> * ike-scan.c: Added --cookie option to allow the initiator cookie in
> the ISAKMP header to be set to a static value.
> * ike-scan.c, isakmp.c: Add --spisize option to allow a random SPI
> of the specified size to be added to the proposal payload.
> * ike-vendor-ids: Added 16 new Vendor IDs, and revised some comments
> on existing entries.
> * ike-scan.c: Added --doi (-D) and --situation (-S) options to allow
> the DOI and Situation in the SA of the outbound packets to be changed
> from the default of DOI_IPSEC and SIT_IDENTITY_ONLY.
> * ike-scan.c: Added --protocol (-j) and --transid (-k) options to
> allow the proposal protocol and transform id of the outbound packets
> to be changed from the defaults.
> * ike-scan.c: Added --certreq (-C) option to add a
> CertificateRequest payload to the outgoing packet.
> * ike-scan.c: Added --headerlen (-L) option to allow the ISAKMP header
> length to be manually specified. Normally, ike-scan will
> automatically calculate the correct length; however, you can use this
> option if you want to use an incorrect length value instead.
> * ike-scan.c, isakmp.c: Added --mbz (-Z) option to allow the value for
> the reserved (MBZ) fields to be set to non-zero values. Doing so
> will make the outgoing packet non-RFC compliant.
> * ike-scan.c, isakmp.c: Added --headerver (-E) option to allow the
> version field in the ISAKMP header to be altered from the default of
> 0x10 (v1.0).
> * ike-scan.c: Added --bandwidth (-B) option to allow the outgoing
> bandwidth to be specified directly instead of using --interval.
> The --bandwidth option calculates the appropriate interval setting,
> taking into account the size of the packet.
> * ike-scan.c: Added --noncelen (-c) option to allow the length of the
> nonce data to be changed. This is only applicable to aggressive
> mode.
This fixes PR pkg/30290 by Nicolas Joly so the latest DAT files are working
again.
- Moved included DAT-files to shares/examples/uvscan/.
- Works with PKG_CONFIG=no.
- PDF manual included in share/doc/uvscan/.
- Some small improvements to update_dat.sh:
Option "-h" shows the available options.
All the "exit" statements use distinct values.
Fixed a small logic bug (-z vs. -n).
Changes according to McAfee's website:
- Includes technology to combat the latest and
future threats.
- Improved detection and cleaning.
- Support for many more Packed Executable formats
in which known malware is often re-packaged
for obfuscation purposes.
- Specific detection and reporting of files
compressed or packaged with known suspicious
applications.
- Enhancements to the emergency DAT file (EXTRA.DAT)
structure allowing a larger DAT file size.
- Enhancements to enable scanning of non-standard
ZIP archives.
Additionally, fix it to compile against openssl-0.9.7i, the
current pkgsrc version; due to its way of checking compatibility,
py-m2crypto is extremely picky about constness.
If this works with other versions too, just add them to the pattern.
Changes since 0.12/0.11
-------------------------
- Patches from Artur Frysiak. Thanks Artur.
= Allow using a passphrase callback in class SMIME.
= Added method get0_signers to class PKCS7, which retrieves signers'
certificates from a PKCS7 blob.
= Added methods as_pem and save_pem to class X509.
= Added file version.py.
= Allow SSL.Context.load_verify_locations to accept both 'cafile' and
'capath'.
- Fixed BIO.read() not reading until EOF. Thanks to Egil Muller
for suggestion.
- Honour 'mode' parameter in SSL.Connection.makefile. Thanks again to Egil
Muller.
- Roger Binns contributed epydoc-generated docs for M2Crypto. Thanks Roger.
- Peter Teniz contributed patches to create X.509 requests and certificates.
Thanks Peter.
- Updated Medusa to 0.54.
- Make various OpenSSL bignum functions (written long ago) available to Python.
long. PR#32378 by Stefan Krüger.
Changes:
Added PS4 and SHELLOPTS to the list of variables to remove from
the environment. (Already in pkgsrc)
Added JAVA_TOOL_OPTIONS to the list of variables to remove from
the environment.
Added PERLLIB, PERL5LIB and PERL5OPT to the list of variables to
remove from the environment. (Already in pkgsrc)
