aboutsummaryrefslogtreecommitdiff
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* Update to 10.3.3Sunpoet Po-Chuan Hsieh2017-06-182-4/+4
| | | | | | | | | Changes: https://github.com/jaraco/keyring/blob/master/CHANGES.rst PR: 220091 Submitted by: Douglas Thrift <douglas@douglasthrift.net> (maintainer) Notes: svn path=/head/; revision=443819
* Update KDE Frameworks to 5.35Tobias C. Berner2017-06-171-3/+3
| | | | | | | | | PR: 219950 Submitted by: Adriaan de Groot <groot@kde.org> Exp-Run by: antoine Notes: svn path=/head/; revision=443783
* - security/tor: Implemented setuid featureJochen Neumeister2017-06-172-0/+15
| | | | | | | | | | | | | | | *The user should add tor_setuid=YES to /etc/rc.conf to make tor do setuid in runtime after opening the externally provided files. PR: 218587 Submitted by: xmj Approved by: Yuri Victorovich <yuri at rawbw.com> (maintainer) Approved by: miwi (mentor) Differential Revision: https://reviews.freebsd.org/D11223 Notes: svn path=/head/; revision=443770
* Update to 1.3.0Sunpoet Po-Chuan Hsieh2017-06-172-4/+4
| | | | | | | Changes: https://github.com/mattbrictson/airbrussh/blob/master/CHANGELOG.md Notes: svn path=/head/; revision=443743
* security/keepass: Update to 2.36Ben Woods2017-06-176-42/+12
| | | | | | | | | | - Also add DEBUG option (off by default) Changes this release: http://keepass.info/news/n170609_2.36.html Notes: svn path=/head/; revision=443731
* Document new vulnerabilities in www/chromium < 59.0.3071.104Carlos J. Puga Medina2017-06-161-0/+38
| | | | | | | Obtained from: https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html Notes: svn path=/head/; revision=443683
* Document cURL vulnerabilitySunpoet Po-Chuan Hsieh2017-06-151-0/+33
| | | | Notes: svn path=/head/; revision=443659
* Update to 2.0.4Sunpoet Po-Chuan Hsieh2017-06-152-4/+4
| | | | | | | Changes: https://github.com/ruby/openssl/blob/master/History.md Notes: svn path=/head/; revision=443653
* Fix the range of vulnerable versions for p5-RT-Authen-ExternalAuth --Matthew Seaman2017-06-151-1/+1
| | | | | | | | BestPractical have released a tarball of patches, but they've also pushed 0.27 up to CPAN and that has the fixes incorporated. Notes: svn path=/head/; revision=443639
* Document multiple vulnerabilities in www/rt42, www/rt44 and ↵Matthew Seaman2017-06-151-0/+99
| | | | | | | www/p5-RT-Authen-ExternalAuth Notes: svn path=/head/; revision=443637
* Document latest Flash Player vulnerabilities.Jung-uk Kim2017-06-151-0/+41
| | | | | | | https://helpx.adobe.com/security/products/flash-player/apsb17-17.html Notes: svn path=/head/; revision=443624
* Starting in 1.8.20, the sample sudoers file has been installed twice,Mathieu Arnold2017-06-152-3/+3
| | | | | | | | | | | | once as sudoers.sample and once as sudoers.dist. Remove one of them. PR: 219708 Submitted by: mat Approved by: maintainer timeout Sponsored by: Absolight Notes: svn path=/head/; revision=443616
* security/tor-devel: update 0.3.0.7 -> 0.3.1.3-alphaKurt Jaeger2017-06-142-6/+8
| | | | | | | | | | | | | | | | | - fixes two remote DoS vulnerabilities related to hidden services https://lists.torproject.org/pipermail/tor-talk/2017-June/043244.html - disabled the new compression options for now, since at least one of them has a bug, see here: https://trac.torproject.org/projects/tor/ticket/22550 PR: 219864 Submitted by: Yuri Victorovich <yuri@rawbw.com> (maintainer) MFH: 2017Q2 Relnotes: https://gitweb.torproject.org/tor.git/plain/ReleaseNotes?id=tor-0.3.1.3-alpha Security: CVE-2017-0375, CVE-2017-0376 Notes: svn path=/head/; revision=443598
* security/tor: update 0.3.0.7 -> 0.3.0.8Kurt Jaeger2017-06-142-4/+4
| | | | | | | | | | | PR: 219863 Submitted by: Yuri Victorovich <yuri@rawbw.com> (maintainer) MFH: 2017Q2 Relnotes: https://gitweb.torproject.org/tor.git/plain/ReleaseNotes?id=tor-0.3.0.8 Security: CVE-2017-0375, CVE-2017-0376 Notes: svn path=/head/; revision=443596
* Use USES=readlineSunpoet Po-Chuan Hsieh2017-06-141-5/+1
| | | | Notes: svn path=/head/; revision=443587
* * Add fetch function to rkhunterRichard Gallamore2017-06-145-21/+42
| | | | | | | | | | | | | | | * Remove wget as a dependency * Added NO_ARCH * Fixed portlint items PR: 219825 Submitted by: Helge Oldach <freebsd@oldach.net> Reviewed by: matthew (mentor) Approved by: Lukasz Wasikowski <lukasz@wasikowski.net> (maintainer), matthew (mentor) Differential Revision: https://reviews.freebsd.org/D11168 Notes: svn path=/head/; revision=443547
* security/vuxml: mark firefox < 54 as vulnerableJan Beich2017-06-131-0/+90
| | | | Notes: svn path=/head/; revision=443537
* security/lynis: Update to 2.5.1Lars Engels2017-06-132-4/+4
| | | | Notes: svn path=/head/; revision=443506
* Use USES=readline:portSunpoet Po-Chuan Hsieh2017-06-121-5/+3
| | | | | | | | - Use MAKE_CMD instead of MAKE - Use bsd.port.mk instead of bsd.port.pre.mk + bsd.port.post.mk Notes: svn path=/head/; revision=443481
* fix build with libiconv installed by USES=iconvNikolai Lifanov2017-06-121-1/+1
| | | | | | | | PR: 219937 Submitted by: John Hein <z7dr6ut7gs@snkmail.com> Notes: svn path=/head/; revision=443471
* New port: security/rubygem-doorkeeper-openid_connectTorsten Zuehlsdorff2017-06-124-0/+33
| | | | | | | | | | | | | | Implements an OpenID Connect authentication provider for Rails applications on top of the Doorkeeper OAuth 2.0 framework. OpenID Connect is a single-sign-on and identity layer with a growing list of server and client implementations. If you're looking for a client in Ruby check out omniauth-openid-connect. WWW: https://github.com/doorkeeper-gem/doorkeeper-openid_connect Notes: svn path=/head/; revision=443432
* New port: security/rubygem-securecompareTorsten Zuehlsdorff2017-06-124-0/+28
| | | | | | | | | | | | securecompare borrows the secure_compare private method from ActiveSupport::MessageVerifier which lets you do safely compare strings without being vulnerable to timing attacks. Useful for Basic HTTP Authentication in your rack/rails application. WWW: https://github.com/samuelkadolph/securecompare Notes: svn path=/head/; revision=443421
* security/nss: update to 3.31Jan Beich2017-06-116-19/+9
| | | | | | | | | | Changes: https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.31_release_notes Changes: https://hg.mozilla.org/projects/nss/shortlog/NSS_3_31_RTM ABI: https://abi-laboratory.pro/tracker/timeline/nss/ MFH: 2017Q2 Notes: svn path=/head/; revision=443402
* Mark BROKEN: missing headerAntoine Brodin2017-06-111-0/+2
| | | | | | | | | | | libtool: compile: cc -DHAVE_CONFIG_H -I. -I../.. -I../../include -O2 -pipe -fstack-protector -fno-strict-aliasing -c libwebfwlog_udf.c -fPIC -DPIC -o .libs/libwebfwlog_udf.o libwebfwlog_udf.c:13:10: fatal error: 'mysql.h' file not found #include <mysql.h> Reported by: pkg-fallout Notes: svn path=/head/; revision=443395
* Fix build error with clang 4.MANTANI Nobutaka2017-06-111-0/+11
| | | | Notes: svn path=/head/; revision=443388
* Update to 4.14.25Antoine Brodin2017-06-112-5/+5
| | | | Notes: svn path=/head/; revision=443383
* Update to 1.2.32Antoine Brodin2017-06-112-4/+4
| | | | Notes: svn path=/head/; revision=443382
* Update to 2.0.10Antoine Brodin2017-06-112-4/+5
| | | | Notes: svn path=/head/; revision=443381
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => LiveUser_Admin-0.4.0.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/LiveUser_Admin-0.4.0.tgz fetch: http://pear.php.net/get/LiveUser_Admin-0.4.0.tgz: size mismatch: expected 68873, actual 69870 Reference: https://people.FreeBSD.org/~sunpoet/checksum/LiveUser_Admin-0.4.0.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443320
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => LiveUser-0.16.14.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/LiveUser-0.16.14.tgz fetch: http://pear.php.net/get/LiveUser-0.16.14.tgz: size mismatch: expected 76857, actual 77911 Reference: https://people.FreeBSD.org/~sunpoet/checksum/LiveUser-0.16.14.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443319
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => HTML_Crypt-1.3.4.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/HTML_Crypt-1.3.4.tgz fetch: http://pear.php.net/get/HTML_Crypt-1.3.4.tgz: size mismatch: expected 4380, actual 4416 Reference: https://people.FreeBSD.org/~sunpoet/checksum/HTML_Crypt-1.3.4.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443318
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | | | - While I'm here: - Add USES=php - Fix indent Content of tarballs are unchanged (checked against [1]). => File_SMBPasswd-1.0.3.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/File_SMBPasswd-1.0.3.tgz fetch: http://pear.php.net/get/File_SMBPasswd-1.0.3.tgz: size mismatch: expected 5251, actual 5312 Reference: https://people.FreeBSD.org/~sunpoet/checksum/File_SMBPasswd-1.0.3.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443317
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => File_Passwd-1.1.7.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/File_Passwd-1.1.7.tgz fetch: http://pear.php.net/get/File_Passwd-1.1.7.tgz: size mismatch: expected 24140, actual 24547 Reference: https://people.FreeBSD.org/~sunpoet/checksum/File_Passwd-1.1.7.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443316
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => File_HtAccess-1.2.1.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/File_HtAccess-1.2.1.tgz fetch: http://pear.php.net/get/File_HtAccess-1.2.1.tgz: size mismatch: expected 4937, actual 5024 Reference: https://people.FreeBSD.org/~sunpoet/checksum/File_HtAccess-1.2.1.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443315
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => Crypt_XXTEA-0.9.0.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Crypt_XXTEA-0.9.0.tgz fetch: http://pear.php.net/get/Crypt_XXTEA-0.9.0.tgz: size mismatch: expected 6522, actual 6583 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Crypt_XXTEA-0.9.0.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443314
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => Crypt_RSA-1.2.1.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Crypt_RSA-1.2.1.tgz fetch: http://pear.php.net/get/Crypt_RSA-1.2.1.tgz: size mismatch: expected 21903, actual 22113 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Crypt_RSA-1.2.1.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443313
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => Crypt_RC4-1.0.3.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Crypt_RC4-1.0.3.tgz fetch: http://pear.php.net/get/Crypt_RC4-1.0.3.tgz: size mismatch: expected 2295, actual 2316 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Crypt_RC4-1.0.3.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443312
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => Crypt_MicroID-0.1.0.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Crypt_MicroID-0.1.0.tgz fetch: http://pear.php.net/get/Crypt_MicroID-0.1.0.tgz: size mismatch: expected 2954, actual 3009 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Crypt_MicroID-0.1.0.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443311
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => Crypt_HMAC2-1.0.0.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Crypt_HMAC2-1.0.0.tgz fetch: http://pear.php.net/get/Crypt_HMAC2-1.0.0.tgz: size mismatch: expected 8129, actual 8225 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Crypt_HMAC2-1.0.0.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443310
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | | | - While I'm here: - Add USES=php - Fix indent Content of tarballs are unchanged (checked against [1]). => Crypt_DiffieHellman-0.2.6.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Crypt_DiffieHellman-0.2.6.tgz fetch: http://pear.php.net/get/Crypt_DiffieHellman-0.2.6.tgz: size mismatch: expected 10908, actual 11062 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Crypt_DiffieHellman-0.2.6.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443309
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | | | - While I'm here: - Add USES=php - Fix indent Content of tarballs are unchanged (checked against [1]). => Crypt_CHAP-1.5.0.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Crypt_CHAP-1.5.0.tgz fetch: http://pear.php.net/get/Crypt_CHAP-1.5.0.tgz: size mismatch: expected 5549, actual 5606 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Crypt_CHAP-1.5.0.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443308
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => Crypt_CBC-1.0.1.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Crypt_CBC-1.0.1.tgz fetch: http://pear.php.net/get/Crypt_CBC-1.0.1.tgz: size mismatch: expected 3730, actual 3760 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Crypt_CBC-1.0.1.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443307
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => Crypt_Blowfish-1.1.0RC2.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Crypt_Blowfish-1.1.0RC2.tgz fetch: http://pear.php.net/get/Crypt_Blowfish-1.1.0RC2.tgz: size mismatch: expected 18548, actual 18424 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Crypt_Blowfish-1.1.0RC2.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443306
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => Auth_PrefManager-1.2.2.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Auth_PrefManager-1.2.2.tgz fetch: http://pear.php.net/get/Auth_PrefManager-1.2.2.tgz: size mismatch: expected 10376, actual 10595 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Auth_PrefManager-1.2.2.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443305
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => Auth_HTTP-2.1.8.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Auth_HTTP-2.1.8.tgz fetch: http://pear.php.net/get/Auth_HTTP-2.1.8.tgz: size mismatch: expected 8626, actual 8766 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Auth_HTTP-2.1.8.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443304
* Update distinfo and unbreak this portSunpoet Po-Chuan Hsieh2017-06-112-3/+4
| | | | | | | | | | | | | | | | - While I'm here, fix indent Content of tarballs are unchanged (checked against [1]). => Auth-1.6.4.tgz doesn't seem to exist in /usr/ports/distfiles/PEAR. => Attempting to fetch http://pear.php.net/get/Auth-1.6.4.tgz fetch: http://pear.php.net/get/Auth-1.6.4.tgz: size mismatch: expected 56048, actual 56771 Reference: https://people.FreeBSD.org/~sunpoet/checksum/Auth-1.6.4.tgz [1] Approved by: portmgr (blanket) Notes: svn path=/head/; revision=443303
* security/hydra: update to 8.5Ruslan Makhmatkhanov2017-06-102-5/+4
| | | | Notes: svn path=/head/; revision=443117
* Update to 7.3.0.Hiroki Sato2017-06-1026-234/+60
| | | | Notes: svn path=/head/; revision=443115
* security/heimdal: Fix buildMark Felder2017-06-101-0/+2
| | | | | | | | | | | | Previous backported patch for CVE requires a new build dependency. PR: 219657 Reported by: Benjamin Woods MFH: 2017Q2 Differential Revision: https://reviews.freebsd.org/D11125 Notes: svn path=/head/; revision=443103
* update security/hashcat to 3.6.0Nikolai Lifanov2017-06-103-4/+16
| | | | | | | | | | | | | | | | new hash types: BLAKE2-512 Blockchain, My Wallet, V2 DPAPI masterkey file v1 and v2 ChaCha20 JKS Java Key Store Private Keys (SHA1) Ethereum Wallet, PBKDF2-HMAC-SHA256 Ethereum Wallet, PBKDF2-SCRYPT Relnotes: https://hashcat.net/forum/thread-6630.html Notes: svn path=/head/; revision=443095
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-26 10:16:21 +0000