aboutsummaryrefslogtreecommitdiff
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* MFH: r555585 r557829Rene Ladan2020-12-1253-408/+1227
| | | | | | | | | | | | | | | | | | | | | | | | | | security/sssd: update to 1.16.5 This fixes several security vulnerabilities and unexpires the port because it moves to Python 3. PR: 241347 Submitted by: lukas.slebodnik@intrak.sk (initial patch) Security: CVE-2018-16838 Security: CVE-2019-3811 security/sssd: fix SMB option - use Samba 4.12 instead of the removed Samba 4.10 - use ldb 2.1 instead of ldb 2.0 While here, recognize Kerberos 1.18 PR: 250864 Submitted by: joerg (patch by Richard Frewin) Approved by: maintainer timeout (14 days) Notes: svn path=/branches/2020Q4/; revision=557830
* MFH: r557748Jan Beich2020-12-111-1/+1
| | | | | | | security/libressl: re-link static library consumers after r557713 Notes: svn path=/branches/2020Q4/; revision=557749
* security/libressl: Security update to 3.1.5Bernard Spil2020-12-112-4/+4
| | | | | | | Security: 88dfd92f-3b9c-11eb-929d-d4c9ef517024 Notes: svn path=/branches/2020Q4/; revision=557716
* MFH: r557297Bernard Spil2020-12-102-4/+4
| | | | | | | | | | | security/vuxml: Security update to 1.1.1i Security: 1d56cfc5-3970-11eb-929d-d4c9ef517024 Approved by: ports-secteam (implicit) Notes: svn path=/branches/2020Q4/; revision=557457
* MFH: r556013Mark Felder2020-11-211-0/+4
| | | | | | | | | security/titus: Mark broken with base openssl on < FreeBSD 12 Approved by: ports-secteam (blanket) Notes: svn path=/branches/2020Q4/; revision=556014
* MFH: r555565Piotr Kubaj2020-11-172-4/+6
| | | | | | | | | | | | | security/wolfssl: fix build on big-endian Merge upstream patch to fix build on big-endian architectures. Also unmark mips and mips64 as broken, now builds fine. Approved by: portmgr (fix build blanket) Notes: svn path=/branches/2020Q4/; revision=555566
* MFH: r554994Yuri Victorovich2020-11-152-4/+4
| | | | | | | | | | | | | security/tor: Update 0.4.4.5 -> 0.4.4.6 Changelog: https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.4.6 Reported by: Upstream notification Approved by: ports-secteam (Riggs) Notes: svn path=/branches/2020Q4/; revision=555164
* MFH: r554658Piotr Kubaj2020-11-081-2/+5
| | | | | | | | | | | security/titus: fix build on GCC architectures Linking fails when passing -L/usr/lib when gcc9 is used because /usr/lib/ is taken over gcc9's libs. Approved by: portmgr (fix build blanket) Notes: svn path=/branches/2020Q4/; revision=554659
* MFH: r554179Mateusz Piotrowski2020-11-081-0/+6
| | | | | | | | | | | | | Fix the conditional added in r554175 This should have been caught by my poudriere testruns. Sorry for the breakage. PR: 249974 Approved by: portmgr (build fix) Notes: svn path=/branches/2020Q4/; revision=554652
* MFH: r554144Tobias C. Berner2020-11-065-15/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | Update KDE Apps to 20.08.3 Some of our projects release on their own timescale and some get released en-masse. The 20.08.3 bundle of projects was released today with dozens of bugfixes and will be available through app stores and distros soon. See the 20.08.3 releases page for details. Some of the fixes in today’s releases: * Gwenview no longer accidentally shows the thumbnail view as a separate window with newer Qt versions * Sending SMS with KDEConnect has been restored * Fixed a possible Okular crash when selecting text in annotations Announcement: https://kde.org/announcements/releases/2020-11-apps-update/ Changelog: https://kde.org/announcements/fulllog_releases-20.08.3/ Approved by: ports-secteam (fluffy) Notes: svn path=/branches/2020Q4/; revision=554166
* MFH: r553604Kurt Jaeger2020-10-294-7/+17
| | | | | | | | | | | | | security/suricata: update 5.0.2 -> 5.0.4 PR: 246093 Submitted by: Franco Fichtner <franco@opnsense.org> (maintainer) Relnotes: https://suricata-ids.org/2020/04/28/suricata-5-0-3-released/ https://suricata-ids.org/2020/10/08/suricata-4-1-9-and-5-0-4-released/ Approved by: ports-secteam (fluffy) Notes: svn path=/branches/2020Q4/; revision=553612
* MFH: r553587Fernando Apesteguía2020-10-294-39/+37
| | | | | | | | | | | | | | security/wazuh-agent: Update to 4.0.0 ChangeLog: https://github.com/wazuh/wazuh/releases/tag/v4.0.0 PR: 250636 Submitted by: m.muenz@gmail.com Approved by: ports-secteam (blanket, runtime fixes) Notes: svn path=/branches/2020Q4/; revision=553588
* MFH: r553550Mark Felder2020-10-284-69/+8
| | | | | | | | | | | security/titus: Update to 0.4 Additional fixes, final release Approved by: ports-secteam (blanket) Notes: svn path=/branches/2020Q4/; revision=553551
* MFH: r553535Jan Beich2020-10-282-0/+138
| | | | | | | | | | | | | | security/nss: unbreak non-gecko consumers after r552532 Pidgin failed with "nss: Handshake failed (-12251)" i.e., SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER -12251 "SSL received a malformed Change Cipher Spec record." PR: 250665 Submitted by: yamagi@yamagi.org Approved by: ports-secteam blanket Notes: svn path=/branches/2020Q4/; revision=553536
* MFH: r553502Mark Felder2020-10-273-6/+66
| | | | | | | | | | | security/titus: Support OpenSSL 1.1.0+ Backported patch fixes builds on FreeBSD 12 and 13 Approved by: ports-secteam (blanket) Notes: svn path=/branches/2020Q4/; revision=553503
* MFH: r553441Kyle Evans2020-10-272-1/+4
| | | | | | | | | | | | | | | | security/modsecurity3: include unicode.mapping in package This is included in the distribution and referenced in the default configuration that's installed, but hasn't been included in the package. Do so now. PR: 250669 Submitted by: Marius Halden <marius halden modirum com> (maintainer) Approved by: ports-secteam (implicit, packaging fix) Notes: svn path=/branches/2020Q4/; revision=553447
* MFH: r553061Piotr Kubaj2020-10-232-12/+8
| | | | | | | | | | | | | | | | | | | security/dropbear: change in rc DSS to ed25519 dropbear no longer supports DSS keys, use ed25519 instead. rc file needs to be updated. currently starting dropbear fails with error: % service dropbear start ... Unknown key type 'dss' ... Submitted by: waitman@waitman.net PR: 250192 Approved by: portmgr (runtime fix) Notes: svn path=/branches/2020Q4/; revision=553062
* MFH: r551624 r551582 r551608Piotr Kubaj2020-10-221-0/+1
| | | | | | | | | | | | | | | | | | | | | | | graphics/py-scikit-image: fix build on GCC architectures Use C++11 compiler: cc1plus: error: unrecognized command line option "-std=c++0x" deskutils/gnome-clocks: fix build on GCC architectures Use C11 compiler: /usr/local/include/libhandy-1/hdy-swipe-tracker.h:23: error: redefinition of typedef 'HdySwipeTracker' /usr/local/include/libhandy-1/hdy-types.h:15: error: previous declaration of 'HdySwipeTracker' was here security/seahorse: fix build on GCC architectures Use C99: ../pgp/seahorse-ldap-source.c:1317: error: 'for' loop initial declaration used outside C99 mode Approved by: portmgr (fix build blanket) Notes: svn path=/branches/2020Q4/; revision=553055
* MFH: r552920Koichiro Iwao2020-10-222-2/+10
| | | | | | | | | | | | | | | | security/py-fail2ban: Fix runtime error with Python 3.9 PR: 250356 Submitted by: Yasuhiro KIMURA <yasu@utahime.org> Approved by: theis@gmx.at (maintainer) Obtained from: https://bugzilla.redhat.com/show_bug.cgi?id=1808347 Obtained from: https://github.com/fail2ban/fail2ban/issues/2646 Obtained from: https://github.com/fail2ban/fail2ban/pull/2651 Approved by: portmgr blanket (runtime fix) Notes: svn path=/branches/2020Q4/; revision=552921
* MFH: r552850Piotr Kubaj2020-10-211-0/+11
| | | | | | | | | security/highwayhash: commit forgotten patch to fix powerpc64* Approved by: portmgr (fix build blanket) Notes: svn path=/branches/2020Q4/; revision=552851
* MFH: r552572Jan Beich2020-10-171-0/+36
| | | | | | | | | | | | | | | | | | | | | | | | | security/py-python-nss: unbreak after r552532 In file included from src/py_nss.c:341: src/py_nss.h:126:3: error: typedef redefinition with different types ('struct RSAPublicKey' vs 'struct RSAPublicKeyStr') } RSAPublicKey; ^ /usr/local/include/nss/blapit.h:281:32: note: previous definition is here typedef struct RSAPublicKeyStr RSAPublicKey; ^ In file included from src/py_nss.c:341: src/py_nss.h:136:3: error: typedef redefinition with different types ('struct DSAPublicKey' vs 'struct DSAPublicKeyStr') } DSAPublicKey; ^ /usr/local/include/nss/blapit.h:323:32: note: previous definition is here typedef struct DSAPublicKeyStr DSAPublicKey; ^ Reported by: pkg-fallout Approved by: ports-secteam blanket Notes: svn path=/branches/2020Q4/; revision=552573
* MFH: r552532Jan Beich2020-10-175-8/+9
| | | | | | | | | | | | security/nss: update to 3.58 Changes: https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes Changes: https://hg.mozilla.org/projects/nss/shortlog/NSS_3_58_RTM ABI: https://abi-laboratory.pro/tracker/timeline/nss/ Approved by: ports-secteam blanket Notes: svn path=/branches/2020Q4/; revision=552534
* MFH: r551930Tobias C. Berner2020-10-155-15/+15
| | | | | | | | | | | | | | KDE Release Service 20.08.2 update Dozens of KDE apps are getting new releases from KDE’s release service. New features, usability improvements, re-designs and bug fixes all contribute to helping boost your productivity and making this new batch of applications more efficient and pleasant to use. Approved by: ports-secteam (joneum) Notes: svn path=/branches/2020Q4/; revision=552439
* MFH: r552103Piotr Kubaj2020-10-121-0/+10
| | | | | | | | | | | | | | | | security/heaan: fix build on GCC architectures Patch created manually, because WRKSRC differs. Add include sys/time.h: In file included from ../src/TestScheme.cpp:20: ../src/TimeUtils.h:20:17: error: field 'startTime' has incomplete type 'timeval' 20 | struct timeval startTime, stopTime; | ^~~~~~~~~ Approved by: portmgr (fix build blanket) Notes: svn path=/branches/2020Q4/; revision=552104
* MFH: r551632Piotr Kubaj2020-10-111-1/+1
| | | | | | | | | | | | | | security/tpm2-tools: fix build on GCC architectures Use C11 compiler: tools/tpm2_tool.c:92: error: 'tpm2_option_flags' has no member named 'verbose' tools/tpm2_tool.c:103: error: 'tpm2_option_flags' has no member named 'quiet' tools/tpm2_tool.c:116: error: 'tpm2_option_flags' has no member named 'enable_errata' Approved by: portmgr (fix build blanket) Notes: svn path=/branches/2020Q4/; revision=552075
* MFH: r551915Piotr Kubaj2020-10-101-2/+9
| | | | | | | | | | | security/highwayhash: fix build on powerpc64, powerpc64le and probably arm architectures Remove superflous ). Add necessary ifdefs. Approved by: portmgr (fix build blanket) Notes: svn path=/branches/2020Q4/; revision=551916
* MFH: r551728Antoine Brodin2020-10-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Mark BROKEN everywhere c++ -DHAVE_CONFIG_H -I. -I./src -I. -isystem /usr/local/include -Wall -Werror -fno-exceptions -fno-rtti -D_THREAD_SAFE -pthread -I/usr/local/include -I/usr/local/include -I/usr/include -O2 -pipe -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing -isystem /usr/local/include -MT src/schwanenlied/crypto/obfsclient-base32.o -MD -MP -MF src/schwanenlied/crypto/.deps/obfsclient-base32.Tpo -c -o src/schwanenlied/crypto/obfsclient-base32.o `test -f 'src/schwanenlied/crypto/base32.cc' || echo './'`src/schwanenlied/crypto/base32.cc In file included from src/schwanenlied/crypto/base32.cc:34: In file included from ./src/schwanenlied/crypto/base32.h:37: In file included from ./src/schwanenlied/crypto/utils.h:40: In file included from ./src/schwanenlied/common.h:47: ./src/ext/easylogging++.h:1119:84: error: 'ptr_fun<int, int>' is deprecated [-Werror,-Wdeprecated-declarations] str.erase(str.begin(), std::find_if(str.begin(), str.end(), std::not1(std::ptr_fun<int, int>(&std::isspace)))); ^ /usr/include/c++/v1/functional:1107:1: note: 'ptr_fun<int, int>' has been explicitly marked deprecated here _LIBCPP_DEPRECATED_IN_CXX11 inline _LIBCPP_INLINE_VISIBILITY ^ /usr/include/c++/v1/__config:972:39: note: expanded from macro '_LIBCPP_DEPRECATED_IN_CXX11' # define _LIBCPP_DEPRECATED_IN_CXX11 _LIBCPP_DEPRECATED ^ /usr/include/c++/v1/__config:961:48: note: expanded from macro '_LIBCPP_DEPRECATED' # define _LIBCPP_DEPRECATED __attribute__ ((deprecated)) ^ In file included from src/schwanenlied/crypto/base32.cc:34: In file included from ./src/schwanenlied/crypto/base32.h:37: In file included from ./src/schwanenlied/crypto/utils.h:40: In file included from ./src/schwanenlied/common.h:47: ./src/ext/easylogging++.h:1126:73: error: 'ptr_fun<int, int>' is deprecated [-Werror,-Wdeprecated-declarations] str.erase(std::find_if(str.rbegin(), str.rend(), std::not1(std::ptr_fun<int, int>(&std::isspace))).base(), str.end()); ^ /usr/include/c++/v1/functional:1107:1: note: 'ptr_fun<int, int>' has been explicitly marked deprecated here _LIBCPP_DEPRECATED_IN_CXX11 inline _LIBCPP_INLINE_VISIBILITY ^ /usr/include/c++/v1/__config:972:39: note: expanded from macro '_LIBCPP_DEPRECATED_IN_CXX11' # define _LIBCPP_DEPRECATED_IN_CXX11 _LIBCPP_DEPRECATED ^ /usr/include/c++/v1/__config:961:48: note: expanded from macro '_LIBCPP_DEPRECATED' # define _LIBCPP_DEPRECATED __attribute__ ((deprecated)) ^ Reported by: pkg-fallout Notes: svn path=/branches/2020Q4/; revision=551729
* MFH: r551667Craig Leres2020-10-072-4/+4
| | | | | | | | | | | | | | | | | | | | | | security/zeek: Update to 3.0.11 to fix memory leaks and potential DOS: https://github.com/zeek/zeek/releases/tag/v3.0.11 - A memory leak in multipart MIME code has potential for remote exploitation and cause for Denial of Service via resource exhaustion. Other fixes: - Fix incorrect RSTOS0 conn_state determinations Reported by: Jon Siwek Security: 769a4f60-9056-4c27-89a1-1758a59a21f8 Approved by: ports-secteam (joneum) Notes: svn path=/branches/2020Q4/; revision=551670
* Remove outdated PERL_LEVEL check after lang/perl5.26 removalSunpoet Po-Chuan Hsieh2020-10-011-8/+1
| | | | | | | With hat: perl Notes: svn path=/head/; revision=550815
* Update to the latest MIT KRB5 commit on github.Cy Schubert2020-10-012-5/+5
| | | | Notes: svn path=/head/; revision=550763
* Add recent tt-rss issues.Thierry Thomas2020-09-301-0/+35
| | | | | | | | | | PR: 249472 Submitted by: Derek Schrock (tt-rss´s maintainer) MFC after: 1 day Security: https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799 Notes: svn path=/head/; revision=550746
* security/p5-PGP-Sign: Update version 1.01=>1.03Muhammad Moinur Rahman2020-09-302-4/+4
| | | | | | | Relnotes: https://metacpan.org/changes/distribution/PGP-Sign Notes: svn path=/head/; revision=550744
* security/modsecurity3: Add patch for CVE-2020-15598Li-Wen Hsu2020-09-305-1/+273
| | | | | | | | | | | PR: 249312 Submitted by: Felipe Zipitria <fzipitria@perceptyx.com> Approved by: Marius Halden <marius.halden@modirum.com> (maintainer) MFH: 2020Q3 Security: CVE-2020-15598 Notes: svn path=/head/; revision=550723
* security/aws-vault: Update to 6.2.0Dmitri Goutnik2020-09-302-14/+14
| | | | | | | Changes: https://github.com/99designs/aws-vault/releases/tag/v6.2.0 Notes: svn path=/head/; revision=550713
* Mark BROKENAntoine Brodin2020-09-301-0/+2
| | | | | | | | | vendor/gvisor.dev/gvisor/pkg/linewriter/linewriter.go:28:2: undefined: "gvisor.dev/gvisor/pkg/sync".Mutex Reported by: pkg-fallout Notes: svn path=/head/; revision=550669
* security/hash: Update g20200514 -> g20200929Yuri Victorovich2020-09-302-5/+5
| | | | Notes: svn path=/head/; revision=550645
* security/snort3: Update version 3.0.2-5=>3.0.3-1Muhammad Moinur Rahman2020-09-303-6/+11
| | | | | | | Relnotes: https://github.com/snort3/snort3/releases/tag/3.0.3-1 Notes: svn path=/head/; revision=550644
* New port: security/digestpp: Experimental C++11 header-only message digest ↵Yuri Victorovich2020-09-305-0/+95
| | | | | | | library Notes: svn path=/head/; revision=550642
* New port: security/hash: C++14 header-only easy-to-use hash libraryYuri Victorovich2020-09-305-0/+73
| | | | Notes: svn path=/head/; revision=550640
* Point to the correct perl.Cy Schubert2020-09-291-1/+2
| | | | | | | | PR: 249977 Reported by: Archit Shah <archit.shah@gmail.com> Notes: svn path=/head/; revision=550538
* Bump PORTREVISION on *-sbcl ports after lang/sbcl upgrade.Kirill Ponomarev2020-09-291-1/+1
| | | | Notes: svn path=/head/; revision=550527
* update to 0.20.3Baptiste Daroussin2020-09-293-5/+10
| | | | Notes: svn path=/head/; revision=550524
* security/p5-Crypt-Perl: update 0.29 -> 0.34Kurt Jaeger2020-09-293-5/+7
| | | | | | | | | | - Deterministic ECDSA support added - Add/fix some tests Relnotes: https://metacpan.org/changes/distribution/Crypt-Perl Notes: svn path=/head/; revision=550491
* security/testssl.sh: Turn REINPLACEs into patchesAdam Weinberger2020-09-293-23/+34
| | | | | | | While here, improve some text strings and general formatting. Notes: svn path=/head/; revision=550490
* Adopt these portsAdam Weinberger2020-09-291-1/+1
| | | | Notes: svn path=/head/; revision=550484
* security/vault: update to 1.5.4Steve Wills2020-09-282-6/+6
| | | | Notes: svn path=/head/; revision=550458
* security/py-ssh-audit: update to 2.3.0Piotr Kubaj2020-09-283-23/+4
| | | | | | | | Changelog: https://github.com/jtesta/ssh-audit/releases/tag/v2.3.0 Notes: svn path=/head/; revision=550457
* security/teleport: update to 4.3.6Steve Wills2020-09-282-8/+8
| | | | Notes: svn path=/head/; revision=550437
* security/vuxml: Add CVE-2020-1945: Apache Ant insecure temporary file ↵Kurt Jaeger2020-09-281-0/+33
| | | | | | | | | | vulnerability PR: 248098 Submitted by: mikael Notes: svn path=/head/; revision=550420
* security/vuxml: add entry dns/powerdns below 4.3.1Kurt Jaeger2020-09-281-0/+34
| | | | | | | | | | | - CVE-2020-17482 PR: 249560 Submitted by: Ralf van der Enden <tremere@cainites.net> Relnotes: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html Notes: svn path=/head/; revision=550413
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 15:38:10 +0000