Commit graph

11298 commits

Author SHA1 Message Date
nia
95b2698ddd go-xxhash: remove
deprecated go-package; no users in pkgsrc
2021-07-05 14:36:47 +00:00
nia
c187d9c7ca polkit: Include a replacement getgrouplist for SunOS in the duktape backend
Should hopefully fix the SunOS builds.
2021-07-05 13:22:39 +00:00
adam
7f7984109e py-gssapi: updated to 1.6.14
Release v1.6.14: Meyer (Patch 14)

Support for 32-bit Windows python
Enable specification of krb5-config via environment variable
Support for GSS_C_CHANNEL_BOUND_FLAG
Support for docs build with sphinx 4
Fix undefined variable in get_all_statuses()
Add support for str objects in the cred store dict
2021-07-05 12:02:22 +00:00
gutteridge
4e7963ddd9 py-requests-gssapi: fix bulk builds
py-gssapi is no longer compatible with Python 2.7.
2021-07-05 00:45:19 +00:00
wiz
2810e68a26 security/Makefile: + py-requests-gssapi 2021-07-04 12:41:23 +00:00
wiz
a31c994de2 security/py-requests-gssapi: import py-requests-gssapi-1.2.3
Requests is an HTTP library, written in Python, for human beings.
This library adds optional GSSAPI authentication support and supports
mutual authentication.
2021-07-04 12:40:40 +00:00
wiz
0163e84d8d py-spake2: add do-test target
From Matthias Ferdinand.
2021-07-03 21:02:54 +00:00
thor
7a08372f57 security/p11-kit: make gettext-lib dependency explicit
It uses gettext, libintl. Enough said.
2021-07-03 21:02:45 +00:00
nia
83f2305d38 go-crypt: remove
deprecated go-package; no users in pkgsrc
2021-07-03 09:43:05 +00:00
nia
2e404ebda6 p5-Crypt-CBC: Update to 3.04.
Fix packaging on 32-bit platforms by disabling int128 dependency.

3.04	 Mon 17 May 2021 10:58:37 AM EDT
        - Fixed bug involving manually-specified IV not being used in some circumstances.
2021-07-02 11:27:21 +00:00
nia
e8059d2f92 go-sftp: remove
deprecated go-package; no users in pkgsrc
2021-07-01 06:04:47 +00:00
wiz
a2f0c9cac5 security/Makefile: + libuecc. 2021-07-01 05:54:12 +00:00
adam
108faa32ba py-asyncssh: updated to 2.7.0
Release 2.7.0 (19 Jun 2021)

Added support for the ProxyCommand config file option and a corresponding proxy_command argument in the SSH connection options, allowing a subprocess to be used to make the connection to the SSH server. When the config option is used, it should be fully compatible with OpenSSH percent expansion in the command to run.
Added support for accessing terminal information as properties in the SSHServerProcess class. As part of this change, both the environment and terminal modes are now available as read-only mappings. Thanks again to velavokr for suggesitng this and submitting a PR with a proposed version of the change.
Fixed terminal information passed to pty_requested() callback to properly reflect requested terminal type, size, and modes. Thanks go to velavokr for reporting this issue and proposing a fix.
Fixed an edge case where a connection object might not be cleaned up properly if the connection request was cancelled before it was fully established.
Fixed an issue where some unit tests weren’t properly closing connection objects before exiting.
2021-06-29 13:36:26 +00:00
gutteridge
8a5b96f219 polkit: fix sandboxed builds
The newly-added autoreconf processing here requires gtkdocize.
2021-06-29 01:58:55 +00:00
pin
78a1644ea0 security/gpg-tui: update to 0.6.2
0.6.2 - 2021-06-27
Changed:
- Bump the Rust version in Dockerfile
- Use entrypoint for the docker container
- Update the docker command for quickly launching the app

0.6.1 - 2021-06-26
Changed:
- Run the container as non-root/dedicated user
- Update the docker alias in README.md

0.6.0 - 2021-06-25
Added:
- Support importing keys from the clipboard (#3)
- Add git-cliff configuration file

Changed:
- Update the keyserver link

Fixed:
- Apply clippy lints
- Update application command tests
2021-06-28 20:03:47 +00:00
nia
2a2102e013 polkit: Add duktape backend. Disable mozjs dependency.
Based on an unmerged merge request by Wu Xiaotian:
https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/35

Bump PKGREVISION.
2021-06-28 12:38:46 +00:00
wiz
bb2c579f69 keepassxc: update to 2.6.6.
## 2.6.6 (2021-06-11)

### Fixed

- Fix focusing search when pressing hotkey [#6603]
- Trim whitespace from TOTP key input prior to processing [#6604]
- Fix building on macOS [#6598]
- Resolve compiler warnings for unused return values [#6607]

## 2.6.5 (2021-06-07)

### Added

- Show search bar when toolbar is hidden or in overflow [#6279]
- Show countdown for clipboard clearing in status bar [#6333]
- Command line option to lock all open databases [#6511]
- Allow CSV import of bare TOTP secrets [#6211]
- Retain file creation time when saving database [#6576]
- Set permissions of saved attachments to be private to the current user [#6363]
- OPVault: Use Text instead of Name for attribute names [#6334]

### Changed

- Reports: Allow resizing of reports columns [#6435]
- Reports: Toggle showing expired entries [#6534]
- Save Always on Top setting [#6236]
- Password generator can exclude additional lookalike characters (6/G, 8/B) [#6196]

### Fixed

- Allow setting MSI properties in unattended install [#6196]
- Update MainWindow minimum size to enable smaller verticle space [#6196]
- Use application font size when setting default or monospace fonts [#6332]
- Fix notes not clearing in entry preview panel in some cases [#6481]
- macOS: Correct window activation when restoring from tray [#6575]
- macOS: Better handling of minimize after unlock when using browser integration [#6338]
- Linux: Start after the system tray is available on LXQt [#6216]
- Linux: Allow selection of modal dialogs on X11 in Auto-Type [#6204]
- KeeShare: prevent crash when file extension is missing [#6174]
2021-06-28 08:37:22 +00:00
tnn
9defde537e hitch: update to 1.7.0
2020-10-27: Hitch 1.7.0 released. This introduces support for PROXYv2 in --proxy-proxy mode,
adds new command line switches for various settings, and fixes a bug relating to an imbalance
in worker process load distribution, among other things. See the changelog for more information.

2020-08-31: Hitch 1.6.1 released. Fixes an issue in the PROXYv2 handling where we sometimes would
transmit the wrong 'verify' status for client certificate verification. (changelog)
2021-06-27 10:12:10 +00:00
adam
b10ccd73d4 py-oauthlib: updated to 3.1.1
3.1.1 (2021-05-31)
------------------
OAuth2.0 Provider - Bugfixes

  * Fix acceptance of valid IPv6 addresses in URI validation

OAuth2.0 Client - Bugfixes

  * Base OAuth2 Client now has a consistent way of managing the `scope`: it consistently
    relies on the `scope` provided in the constructor if any, except if overridden temporarily
    in a method call. Note that in particular providing a non-None `scope` in
    `prepare_authorization_request` or `prepare_refresh_token` does not override anymore
    `self.scope` forever, it is just used temporarily.
  * MobileApplicationClient.prepare_request_uri and MobileApplicationClient.parse_request_uri_response,
    ServiceApplicationClient.prepare_request_body,
    and WebApplicationClient.prepare_request_uri now correctly use the default `scope` provided in
    constructor.
  * LegacyApplicationClient.prepare_request_body now correctly uses the default `scope` provided in constructor

OAuth2.0 Provider - Bugfixes
  * client_credentials grant: fix log message
  * OpenID Connect Hybrid - fix nonce not passed to add_id_token
  * Different prompt values are now handled according to spec (e.g. prompt=none)
  * OpenID Connect - fix Authorization: Basic parsing

General
  * improved skeleton validator for public vs private client
  * replace mock library with standard unittest.mock
  * build isort integration
  * python2 code removal
  * add python3.8 support
  * bump minimum versions of pyjwt and cryptography
2021-06-25 21:00:12 +00:00
micha
92bc54dc23 security/mdigest: Add additional licenses for statically linked libmdigest 2021-06-25 13:50:45 +00:00
micha
32793c9ab9 security/mdigest: Added version 1.6
mdigest reads the files from the argument list and computes a message
digest hash for the file content.

If the argument list is empty mdigest reads from standard in.
2021-06-25 10:13:57 +00:00
nia
0a5a9233da add security/libuecc
libuecc is a very small generic-purpose Elliptic Curve Cryptography library
compatible with Ed25519.
2021-06-24 13:55:26 +00:00
wiz
76a25c3ca1 security/Makefile: + py-spake2. 2021-06-23 21:07:42 +00:00
wiz
638a0a7d40 security/py-spake2: import py-spake2-0.8
Packaged for wip by Matthias Ferdinand.

This library implements the SPAKE2 password-authenticated key exchange
("PAKE") algorithm. This allows two parties, who share a weak password,
to safely derive a strong shared secret (and therefore build an
encrypted+authenticated channel).
2021-06-23 21:07:29 +00:00
wiz
403e55ce3f security/Makefile: + py-hkdf 2021-06-23 21:05:44 +00:00
wiz
527907fe76 security/py-hkdf: import py-hkdf-0.0.3
Packaged for wip by Matthias Ferdinand.

This module implements the HMAC Key Derivation function, defined at

    http://tools.ietf.org/html/draft-krawczyk-hkdf-01

There are two interfaces: a functional interface, with separate extract
and expand functions as defined in the draft RFC, and a wrapper class
for these functions.
2021-06-23 21:05:17 +00:00
wiz
f54850eaba age: update to 1.0.0rc3.
Never two without three

Maybe™️ actually™️ the last v1.0.0 release candidate!

Encrypted identity files are now supported. Regular passphrase-encrypted
age files can be used with -i, the passphrase will be requested
interactively, and the decrypted file will be read line-by-line as
a standard identity file.

Passphrases can now be requested interactively from the terminal
on Windows even if standard input is in use.

Errors are now tidier and all start with age: error: .
2021-06-23 21:00:24 +00:00
nia
55394cf036 Revbump for MySQL default change 2021-06-23 20:33:06 +00:00
nia
c696cc1eb6 lynis: remove list of operating systems from COMMENT 2021-06-23 20:27:16 +00:00
bacon
156cfcb98f security/munge: Release maintainership
Narrowing my focus to biology packages
2021-06-23 19:44:16 +00:00
schmonz
948eb5a666 Probably make cvm-checkpassword actually work as an alternative
checkpassword. Bump PKGREVISION.
2021-06-23 18:51:03 +00:00
wiz
e61238c406 tor-browser: update to 10.0.18.
This version updates Tor to 0.4.5.9, including important security
fixes.

Warning:

Tor Browser will stop supporting version 2 onion services later
this year. Please see the previously published deprecation timeline.
Migrate your services and update your bookmarks to version 3 onion
services as soon as possible.
2021-06-22 11:25:07 +00:00
spz
7e9ac86133 build fix for NetBSD-8/m68k which calls itself netbsdelf 2021-06-19 11:17:53 +00:00
markd
4641b802ee kauth: more files needed in buildlink. These get k3b building again. 2021-06-16 20:46:56 +00:00
markd
efa2aeb518 kauth: buildlink libexec/kauth/* files. needed for latest cmake 2021-06-16 10:38:05 +00:00
taca
06a582b0a0 security/ruby-metasploit_payloads-mettle: update to 1.0.10
Quote from commit logs:

1.0.10 (2021-06-09)

* Support enumerating platforms for a extension
* Fixup enumerating the extensions for a platform
* Remove an extra word word
2021-06-14 15:31:12 +00:00
taca
5f8dc03c0e security/ruby-metasploit-payloads: update to 2.0.47
Quote from commit logs:

2.0.47 (2021-06-09)

* Support enumerating all extension names
* Support enumerating Meterpreter extension suffixs
* Fix a typo in how suffixes is spelled
* Rename a function and update a regex
2021-06-14 15:27:07 +00:00
adam
dd27eb365c py-certifi: updated to 2021.5.30
2021.5.30:
Unknown changes
2021-06-14 13:29:01 +00:00
adam
17cf3dccf2 py-acme py-certbot*: updated to 1.16.0
Certbot 1.16.0

Changed

DNS plugins based on lexicon now require dns-lexicon >= v3.1.0
Use UTF-8 encoding for renewal configuration files
Windows installer now cleans up old Certbot dependency packages
before installing the new ones to avoid version conflicts.
This release contains a substantial command-line UX overhaul,
based on previous user research. The main goal was to streamline
and clarify output. If you would like to see more verbose output, use
the -v or -vv flags. UX improvements are an iterative process and
the Certbot team welcomes constructive feedback.
Functions certbot.crypto_util.init_save_key and certbot.crypto_util.init_save_csr,
whose behaviors rely on the global Certbot config singleton, are deprecated and will
be removed in a future release. Please use certbot.crypto_util.generate_key and
certbot.crypto_util.generate_csr instead.

Fixed

Fix TypeError due to incompatibility with lexicon >= v3.6.0
Installers (e.g. nginx, Apache) were being restarted unnecessarily after dry-run renewals.
Colors and bold text should properly render in all supported versions of Windows.
2021-06-14 12:15:39 +00:00
pin
8c912f94c2 security/gpg-tui: update to 0.5.0
[0.5.0] - 2021-06-13

Added:
-Support setting the default signing key via options menu

Changed:
-Update Dockerfile about crate dependency location
-Update COMMANDS.md about getting/setting default signing key
-Update README.md about setting the default signing key
2021-06-14 07:39:02 +00:00
adam
aa031aa5d6 py-trustme: updated to 0.8.0
Trustme 0.8.0 (2021-06-08)
Features
It’s now possible to set an expiry date on server certificates, either with --expires-on in the CLI or with not_after in trustme.CA.issue_cert.
Support Python 3.10
Set correct KeyUsage and ExtendedKeyUsage extensions, per CA/B Forum baseline requirements
2021-06-13 18:46:29 +00:00
taca
5d4d06a853 security/sudo: update to 1.9.7p1
1.9.7p1 (2021-06-11)

What's new in Sudo 1.9.7p1

 * Fixed an SELinux sudoedit bug when the edited temporary file
   could not be opened.  The sesh helper would still be run even
   when there are no temporary files available to install.

 * Fixed a compilation problem on FreeBSD.

 * The sudo_noexec.so file is now built as a module on all systems
   other than macOS.  This makes it possible to use other libtool
   implementations such as slibtool.  On macOS shared libraries and
   modules are not interchangeable and the version of libtool shipped
   with sudo must be used.

 * Fixed a few bugs in the getgrouplist() emulation on Solaris when
   reading from the local group file.

 * Fixed a bug in sudo_logsrvd that prevented periodic relay server
   connection retries from occurring in "store_first" mode.

 * Disabled the nss_search()-based getgrouplist() emulation on HP-UX
   due to a crash when the group source is set to "compat" in
   /etc/nsswitch.conf.  This is probably due to a mismatch between
   include/compat/nss_dbdefs.h and what HP-UX uses internally.  On
   HP-UX we now just cycle through groups the slow way using
   getgrent().  Bug #978.
2021-06-13 15:20:52 +00:00
nia
6a221f4ed5 acmesh: update to 2.9.0
ACME v1 is removed.
    Bug fixes.
    fixed --preferred-chain
    more DNS APIs are supported.
2021-06-12 07:04:46 +00:00
abs
6a4fb3e9c9 Add missed "include go-modules.mk" 2021-06-10 15:56:39 +00:00
pin
271a42033a security/gpg-tui: update to 0.4.1
[0.4.1] - 2021-06-09

Fixed:
-Expand tilde character to the home directory (fixes #22)
2021-06-10 11:47:17 +00:00
wiz
5f9c924231 p11-kit: update to 0.24.0.
0.24.0 (stable)
 * Use inclusive language on certificate distrust.  Note: This changes
   the directory and attribute names to distrust certain CAs to
   "blocklist" [PR#324]
 * Fix issues spotted by coverity and ASan [PR#349, PR#351]
 * Integrate gettext with tools more tightly [PR#358]
 * rpc: Forbid use of array of attributes [PR#365, PR#367]
 * Build fixes [PR#342, PR#344, PR#345, PR#353, PR#362, PR#364]
2021-06-10 10:20:50 +00:00
abs
215cff19e1 +security/age 2021-06-09 17:04:26 +00:00
abs
0497c35a07 Added security/age version 1.0.0rc2
age is a simple, modern and secure file encryption tool, format,
and Go library.

It features small explicit keys, no config options, and UNIX-style
composability

The format specification is at age-encryption.org/v1. age was
designed by @Benjojo12 and @FiloSottile.

An alternative interoperable Rust implementation is available at
github.com/str4d/rage.
2021-06-09 17:03:49 +00:00
pin
0a9f419092 security/gpg-tui: update to 0.4.0
[0.4.0] - 2021-06-07

Changed:
-Extract get_output_file from export_keys method
-Support exporting secret subkeys (#15)
-Update COMMANDS.md about export command
-Update README.md about exporting secret subkeys
2021-06-08 10:20:37 +00:00
manu
db3a7cc491 Update security/crudesaml, cy2-saml and pam-saml to 1.10
Change since 1.9 from the Changelog file

crusdesaml-1.10         2021-06-06
Shutdown/reinit lasso in a process liftime is not supported (Florian Best)
2021-06-08 07:38:18 +00:00