1.110720 into security/p5-Dancer-Plugin-Auth-RBAC.
Dancer::Plugin::Auth::RBAC is an authentication framework and role-based
access control system. As a role-based access control system
Dancer::Plugin::Auth::RBAC can be complex but will give you the most
flexibilty over all other access control philosophies.
The Dancer::Plugin::Auth::RBAC plugin provides your application with the
ability to easily authenticate and restrict access to specific users and
groups by providing a tried and tested RBAC (role-based access control)
system. Dancer::Plugin::Auth::RBAC provides this level of sophistication
with minimal configuration.
security/p5-Crypt-URandom.
This Module is intended to provide an interface to the strongest available
source of non-blocking randomness on the current platform. Platforms
currently supported are anything supporting /dev/urandom and versions of
Windows greater than or equal to Windows 2000.
The GuardTime Client SDK for C is intended for software developers who
want to integrate GuardTime Keyless Signature Service (KSS) into their
C and C++ based applications.
See http://www.guardtime.com/ for more information.
Noteworthy changes in version 0.8.3 (2013-04-26)
------------------------------------------------
* Build fixes for newer mingw32 toolchains.
* Add SETTIMEOUT command for the gtk+-2 pinentry.
Noteworthy changes in version 1.12 (2013-06-24)
-----------------------------------------------
* Add support for 64 bit Windows (use ./autogen.sh --build-w64).
* Fixed parsing and installing of the Windows .def file.
* Interface changes relative to the 1.11 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GPG_ERR_NO_CRYPT_CTX NEW.
GPG_ERR_WRONG_CRYPT_CTX NEW.
GPG_ERR_BAD_CRYPT_CTX NEW.
GPG_ERR_CRYPT_CTX_CONFLICT NEW.
GPG_ERR_BROKEN_PUBKEY NEW.
GPG_ERR_BROKEN_SECKEY NEW.
Changes:
0.07 2012.06.06
- Made Math::BigInt::* dependency dynamic to avoid Math::BigInt falling
back to BigInt backends that are too slow for practical use.
=== 2.6.7 / 11 Apr 2013
* Decreased default packet size to 32768 as described in RFC 4253 [Olipro]
* Added max_pkt_size and max_win_size options to Net::SSH.start [Olipro]
* Added import/export of ycfg-json format.
Invoke with -fjson to -s or -i
Add exported functions ykp_export_config() and ykp_import_config()
* Fixup output of flags when using ykp_write_config()
* Add binary builds for mac.
* Minor cleanups noticed during debian packaging.
Version 1.12.0 (released 2013-03-14)
* Recognize firmwares 2.4 and 3.1.
* Add support for setting the new extflag LED_INV
When set the behaviour of the led on the YubiKey is inversed.
(Moved HOMEPAGE and MASTER_SITES to the new GitHub project URLs)
* Add ykclient_global_init and ykclient_global_done.
* Add ykclient_version.h header file with versioning information.
New symbols are YKCLIENT_VERSION_STRING, YKCLIENT_VERSION_NUMBER,
YKCLIENT_VERSION_MAJOR, YKCLIENT_VERSION_MINOR,
YKCLIENT_VERSION_PATCH. New function ykclient_check_version.
* Modified API to use 'ykclient_rc' enum as return type instead of 'int'.
* Enum also moved to separate new header file ykclient_errors.h.
This should be backwards compatible. It makes the return type
clearer.
* Improve curl multi usage.
* ykclient: Cleanup command line tool a bit to make it more useful.
Added --help, --version and --debug. Defaults to silent output. Exit
codes are documented and more useful. Added manpage.
(Moved HOMEPAGE and MASTER_SITES to the new GitHub project pages)
Fix a UDP ping-pong vulnerability in the kpasswd (password changing) service. [CVE-2002-2443]
Improve interoperability with some Windows native PKINIT clients.
- New Features
- dnssec-nodes - Many new features, including validation tree
graphing, on-the-wire traffic display, pcap dump
file display, increased data logging and
display, improved simultaneous updating, etc.
- Libval: - Added initial support for the TLSA rrtype
- Added support for ECDSA
- Implemented checking for AI_ADDRCONFIG in getaddrinfo
- Memory optimizations to improve speed-up
- dnssec-check - increased stability across all platforms.
- All Around: - Many bug fixes and other minor improvements
1.13
- New Features
- rollerd: - Added support for the signzone command. Allow
zones to be signed while in the midst of a
rollover wait.
- Added autosigning of modified zone files. Zone
files are considered modified when their "last
modification" timestamp is more recent than that
of the associated signed zone file. This
functionality includes adding the -autosign option
and config field.
- Added additional commands (via rollctl) to allow
greater control over zone rollover actions.
- Added -zsargs option to allow global options to
be passed to zonesigner.
- realms: - Added the realms feature to manage multiple
simultaneous rollover environments. Several
commands and modules (e.g., dtrealms, realms.pm,
buildrealms) were added for the realms feature.
- zonesigner: - Added the -threshold option to specify a signing
threshold.
- Better handling of serial numbers in zone files.
- keymod: - New tool that can be used to modify key
generation parameters in a keyrec file.
- dnssec-check - significant rewrite since the 1.12 release, though
individual updates have been available already.
- Asynchronous support for non-interrupting GUI support
- Letter grades assigned to each resolver
- Various user-interface improvements
- libval: - Bug fixes
- Renamed all validator command-line apps to have
a dt- prefix in order to avoid conflicts with
pre-existing executables in certain platforms.
- dnsval python module
- Add python wrapper module for the validator
library. Code contributed by Bob Novas.
- trustman: - Added an option for use by monitoring systems.
- nagios - Added the dt_donuts plugin for running trustman on
remote machines.
- Added the dt_trustman plugin for monitoring trust
anchors.
- firefox - updated nspr and firefox patches to work with
mozilla-central and nspr-4.9
- webmin: - Added the ability to perform DNSSEC
operations on DNSSEC-Tools managed signed
zones using the Webmin front-end.
- ssh: - Update the patch for enabling local DNSSEC
validation to work with OpenSSH 6.0p1.
Support for KX, DLV, DHCID, NAPTR records.
Support for X25, ISDN, RT, PX records.
Support for MB, MG, MR, MINFO, AFSDB records.
NSEC chain validation fix.
Do not allow LP point to itself.
Miscellaneous performance improvements.
Miscellaneous portability fixes.
Miscellaneous bug fixes.
* OPENDNSSEC-367: ods-ksmutil: Require user confirmation if the algorithm for
a key is changed in a policy (as this rollover is not handled cleanly)
* OPENDNSSEC-91: Make the keytype flag required when rolling keys
* OPENDNSSEC-403: Signer Engine: new command 'ods-signer locks' that shows
locking information (for debugging purposes).
Bugfixes:
* OPENDNSSEC-247: Signer Engine: TTL on NSEC3 was not updated on SOA
Minimum change.
* OPENDNSSEC-396: Use TTLs from kasp when generating DNSKEY and DS records for
output.
* OPENDNSSEC-398: The ods-ksmutil key rollover command does not work correctly
when rolling all keys using the --policy option
* SUPPORT-40: Signer Engine: Keep occluded data in signed zone files/transfers.
2013-Jun-09 - v2.0 - Removed the unused Clone module after a report
that Clone is no longer in core Perl as of v5.18.0. Added the stats
and pwck commands. Added clipboard commands (xw/xu/xp/xx). Fixed
some long-standing tab completion bugs. Warn if multiple groups or
entries are titled the same within a group, except for /Backup
entries.
2013-Jun-10 - v2.1 - Fixed several more tab completion bugs, and
they were serious enough to warrant a quick release.
It's Dangerous
... so better sign this
Various helpers to pass data to untrusted environments and to get it back
safe and sound.
This repository provides a module that is a port of the django signing
module. It's not directly copied but some changes were applied to
make it work better on its own.
* Update buildlink3.mk.
Changelog:
5.6.0 - added AuthenticatedSymmetricCipher interface class and Filter wrappers
- added CCM, GCM (with SSE2 assembly), EAX, CMAC, XSalsa20, and SEED
- added support for variable length IVs
- added OIDs for Brainpool elliptic curve parameters
- improved AES and SHA-256 speed on x86 and x64
- changed BlockTransformation interface to no longer assume data alignment
- fixed incorrect VMAC computation on message lengths
that are >64 mod 128 (x86 assembly version is not affected)
- fixed compiler error in vmac.cpp on x86 with GCC -fPIC
- fixed run-time validation error on x86-64 with GCC 4.3.2 -O2
- fixed HashFilter bug when putMessage=true
- fixed AES-CTR data alignment bug that causes incorrect encryption on ARM
- removed WORD64_AVAILABLE; compiler support for 64-bit int is now required
- ported to GCC 4.3, C++Builder 2009, Sun CC 5.10, Intel C++ Compiler 11
5.6.1 - added support for AES-NI and CLMUL instruction sets in AES and GMAC/GCM
- removed WAKE-CFB
- fixed several bugs in the SHA-256 x86/x64 assembly code:
* incorrect hash on non-SSE2 x86 machines on non-aligned input
* incorrect hash on x86 machines when input crosses 0x80000000
* incorrect hash on x64 when compiled with GCC with optimizations enabled
- fixed bugs in AES x86 and x64 assembly causing crashes in some MSVC build configurations
- switched to a public domain implementation of MARS
- ported to MSVC 2010, GCC 4.5.1, Sun Studio 12u1, C++Builder 2010, Intel C++ Compiler 11.1
- renamed the MSVC DLL project to "cryptopp" for compatibility with MSVC 2010
5.6.2 - changed license to Boost Software License 1.0
- added SHA-3 (Keccak)
- updated DSA to FIPS 186-3 (see DSA2 class)
- fixed Blowfish minimum keylength to be 4 bytes (32 bits)
- fixed Salsa validation failure when compiling with GCC 4.6
- fixed infinite recursion when on x64, assembly disabled, and no AESNI
- ported to MSVC 2012, GCC 4.7, Clang 3.2, Solaris Studio 12.3, Intel C++ Compiler 13.0
* Update HOMEPAGE and MASTER_SITES.
* Convert custom do-install taget to patch to Makefile.in.
Changelog:
version 0.97
* Case insensitivity when responding to S/KEY challenges. RFC1760 does
not mention case sensitivity, but I've received a report of a server
implementation that is case sensitive. OTP behavior is unchanged.
The ssdeep project page describes it as a library for "...computing context
triggered piecewise hashes (CTPH). Also called fuzzy hashes, CTPH can match
inputs that have homologies. Such inputs have sequences of identical bytes in
the same order, although bytes in between these sequences may be different in
both content and length".
ssdeep is a program for computing context triggered piecewise hashes (CTPH).
Also called fuzzy hashes, CTPH can match inputs that have homologies. Such
inputs have sequences of identical bytes in the same order, although bytes in
between these sequences may be different in both content and length.
to address issues with NetBSD-6(and earlier)'s fontconfig not being
new enough for pango.
While doing that, also bump freetype2 dependency to current pkgsrc
version.
Suggested by tron in PR 47882
