pkgsrc/security
wiz a871a49684 Update to 1.1 because of a possible security problem:
The socket creation code in fshd was not paranoid enough.  There
 were are at least two possible attacks:
 - If a malicious user has symlinked /tmp/fshd-<UID> to another
   file, fshd will chmod 0700 that file.
 - A race condition made it possible for an attacker to create an
   unsafe socket directory, so that the attacker can access an
   fshd tunnel.
 The attacker must alread have a local shell on the computer where
 fsh or fshd is invoked.
Other changes:
New timeout option, fixed to work with openssh2, now also usable if
you have to enter a password to connect, and some others.
2000-12-14 11:55:03 +00:00
..
aide shuffle line for pkglint 2000-09-03 13:09:20 +00:00
amavis Update amavis to 0.2.1p3. Changes are bugfixes, enhanced MIME decoding, and 2000-10-23 14:57:10 +00:00
audit-packages touch vulnerability list after update, to make audit-package happier 2000-11-11 02:23:00 +00:00
crack Add HOMEPAGE 2000-10-20 14:45:58 +00:00
cyrus-sasl Rename pwcheck' rc.d control script to sasl_pwcheck' to avoid name clash 2000-12-13 16:24:50 +00:00
ddos-scan remove trailing empty line 2000-09-03 13:11:04 +00:00
dsniff as we now depend on shlib from devel/libnet, we must use DEPENDS, 2000-08-15 01:28:58 +00:00
egd Entrypy Gathering Daemon. depends on to security/p5-SHA. 2000-10-15 17:26:24 +00:00
fortify Update fortify to 1.4.6. Changes from 1.4.5: 2000-03-21 04:45:20 +00:00
fsh Update to 1.1 because of a possible security problem: 2000-12-14 11:55:03 +00:00
gnupg change DEPENDS on gettext to BUILD_DEPENDS on msgfmt 2000-11-30 00:11:26 +00:00
isakmpd BSD-style Makefiles require special handling of manual pages. 2000-11-25 23:51:17 +00:00
kth-krb4 Do not install bin/des in order to avoid a conflict with the 2000-10-11 16:28:53 +00:00
libbf make pkglint happy 2000-11-29 11:29:12 +00:00
libcrack Install missing 'crack.h' header file 2000-10-21 11:17:05 +00:00
libdes Initial import of libdes-4.04b, a small DES (Data Encryption Standard) lib 2000-11-23 13:16:10 +00:00
libidea Warn about IDEA licence restrictions. 2000-11-29 23:40:21 +00:00
libident USE_LIBTOOL instead of PKGLIBTOOL. 2000-06-21 07:07:40 +00:00
libmcrypt libmcrypt, an LGPL library with encryption algorithms 2000-11-10 11:33:59 +00:00
libnasl Update nessus to 1.0.6. 2000-11-12 04:32:02 +00:00
mcrypt mcrypt, a replacement for crypt(1) with bunch of algorithms 2000-11-10 11:34:44 +00:00
mhash mhash, library of hash functions 2000-11-10 11:34:22 +00:00
nessus Update nessus to 1.0.6. 2000-11-12 04:32:02 +00:00
nessus-core Update nessus to 1.0.6. 2000-11-12 04:32:02 +00:00
nessus-libraries Update nessus to 1.0.6. 2000-11-12 04:32:02 +00:00
nessus-plugins Update nessus to 1.0.6. 2000-11-12 04:32:02 +00:00
nfsbug Remove a hunk from patch-ac which prevents the expansion of 2000-10-11 16:02:44 +00:00
openssh Move code from REQ file to INSTALL. 2000-12-08 08:52:35 +00:00
openssl Undo previous commit. These packages apparently handle patches specially. 2000-12-07 13:22:40 +00:00
p5-Digest-MD5 Update p5-Digest-MD5 to 2.12. Changes from version 2.09: 2000-10-15 02:30:33 +00:00
p5-MD5 Convert packages to use PERL5_PACKLIST (part 1). These were the easy 2000-08-27 07:10:59 +00:00
p5-SHA new pkgsrc: SHA1 hash function for perl. 2000-10-15 17:23:44 +00:00
PAM Require bison to build. 2000-11-28 13:39:17 +00:00
pam-ldap Initial import of pam-ldap-77, a pluggable authentication module for 2000-10-21 18:47:46 +00:00
pgp2 add LICENCE=fee-based-commercial-use, for use of IDEA/RC5 logic. 2000-10-10 11:42:15 +00:00
pgp5 add LICENCE=fee-based-commercial-use, for use of IDEA/RC5 logic. 2000-10-10 11:42:15 +00:00
pkg remove trailing `.' 2000-03-09 13:47:31 +00:00
pks Install rc.d control script as "foo" instead of "foo.sh" to comply with 2000-09-20 05:14:10 +00:00
portsentry Initial import of portsentry into the NetBSD packages collection. 2000-02-07 16:20:19 +00:00
priv fix illegal name/version different 2000-07-20 00:33:19 +00:00
py-crypto Reorganize crypto handling, as discussed on tech-pkg. Remove all 2000-09-09 19:40:14 +00:00
racoon remove bogus bound-check. need revisit (DoS issue is not re-introduced). 2000-12-12 08:16:00 +00:00
rc5des Reorganize crypto handling, as discussed on tech-pkg. Remove all 2000-09-09 19:40:14 +00:00
rsaref Reorganize crypto handling, as discussed on tech-pkg. Remove all 2000-09-09 19:40:14 +00:00
smtpd Cleanup; don't hardcode /usr/pkg in MESSAGE 2000-09-03 13:22:31 +00:00
srp_client Fix (private) prototype of time(3), to make this compile on alpha. 2000-09-24 15:35:06 +00:00
ssh At least in 1.4Q, there was a login_cap.h, but it didn't define LOGIN_SETENV. 2000-10-19 02:02:57 +00:00
ssh-askpass ssh-askpass - X11-based passphrase dialog for OpenSSH 2000-08-11 05:22:57 +00:00
ssh-ip-tunnel remove trailing whitespace 2000-10-21 22:55:02 +00:00
ssh6 dd LICENSE (as per discussions on packages@netbsd.org 2000-10-10 09:52:00 +00:00
ssldump remove unneeded configure args 2000-10-31 03:51:26 +00:00
stunnel Don't install automatically created certificate. It is useless and will 2000-06-17 21:52:18 +00:00
sudo Look for build dependency in path instead. 2000-12-06 16:27:39 +00:00
tripwire Fix MASTER_SITES and HOMEPAGE, noted by Brian Poole. 2000-12-09 13:37:47 +00:00
uvscan We don't need all of suse_linux, just suse_libc5 2000-09-08 13:33:15 +00:00
uvscan-dat Update uvscan-dat to 4100. Detects various new viruses. 2000-10-23 14:36:03 +00:00
xdm-krb4 Update xdm-krb4 to 3.3.6.2. 2000-10-12 13:49:44 +00:00
Makefile Unify Makefiles -- mostly headers: remove FreeBSD Ids. 2000-12-12 01:30:36 +00:00