aboutsummaryrefslogtreecommitdiff
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* One more small cleanup, forgotten yesterday.Mathieu Arnold2021-04-07413-413/+0
| | | | Reported by: lwhsu
* security/wpa_supplicant-devel: Update to latest GH commitCy Schubert2021-04-072-5/+5
| | | | Update to the latest w1.fi commit, proxied through my GH account.
* security/krb5-devel: update to the latest MIT/KRB5 github commit.Cy Schubert2021-04-072-5/+5
|
* Update to 0.071.Vanilla I. Shu2021-04-072-4/+4
|
* security/gvm-libs: portlint, fix plistAdriaan de Groot2021-04-062-1/+5
| | | | | One orphaned directory shows up in poudriere bulk -t; while here, add missing (transitive) LIB_DEPENDS.
* security/openvpn-devel: Update to 2021-W13 development snapshotMatthias Andree2021-04-062-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit history from 202049 to 202113: 5ac8c3c7 Fix async push broken after auth deferred refactor 8ccce69d log file descriptor in more socket related error messages c5fec838 Move auth deferred related members into its own struct 6ea62d50 Remove deprecated option '--keysize' 60f5889a Deprecate non TLS mode in OpenVPN 79ff3f79 Allow running a default configuration with TLS libraries without BF-CBC 9e702a5d Always disable TLS renegotiations 203afbe9 reliable: retransmit if 3 follow-up ACKs are received 343b6119 Remove do_init_socket_2 and do_init_socket_1 wrapper function 9fe0b2c2 Extract multi_assign_peer_id into its own function 18b4a838 Remove thread_mode field of multi_context aba8776e Fix 'compress migrate' for 2.2 clients. 8fa8a175 Implement '--compress migrate' to migrate to non-compression setup 72e1ecb5 Move is_proto function to the socket.h header 9eb285f4 Remove unused variable pass_config_info c0b36e9f Remove unused function tls_test_auth_deferred_interval 3667df1d Remove unused field txqueuelen from struct tuntap 14061e3e Remove pointless tun_adjust_frame_parameters function 137eb670 Remove code for aligning non-swapped compression bdc11ae4 Rename tunnel_server_udp_single_threaded to tunnel_server_udp 213fd3ee Remove superflous ifdefs around enum like defines 997b006a Get rid of last PLUGIN_DEF_AUTH #ifdef 76ccc62d Stop using deprecated getpass() 2d5c437f Remove automatic service d11c273b Fix #elif TARGET_LINUX missing defined() call f91e2116 Remove support for non ISO C99 vararg support 7975e33b Remove flexible array member autoconf check ca570706 Cleanup print_details and add signature/ED certificate print 467b16dc Use correct types for OpenSSL and Windows APIs e756e12a Fix socket related functions using int instead of socket_descriptor_t 7fc608da Make buffer related function conversion explicit when narrowing 5a2ed714 Restore also ping related options on a reconnect 7064ccb9 Move NCP saving and restore to the prepush restore code 528a78fb Move restoring pre pull options to initialising of c2 context 1e938c50 openvpnserv: Cache last error before it is overridden 1b71f859 Remove empty dummy functions 5b8a1231 Deprecate the --verify-hash option 26117a82 Document the simple self-signed certificate setup in examples 423ced96 Support fingerprint authentication without CA certificate e5e9a07e tapctl: Resolve MSVC C4996 warnings c3a7065d Implement peer-fingerprint to check fingerprint of peer certificate d1fe6d52 Extend verify-hash to allow multiple hashes df471f4d iservice: Resolve MSVC C4996 warnings 709c3810 interactive.c: Resolve MSVC C4996 warning 26540310 tun.c: Remove dead code 6eb28f7c Wipe Socks5 credentials after use f9d9fe55 Move extract_iv_proto to ssl_util.c/h 45e7d412 Fix multiple problems when compiling with LLVM/Windows (clang-cl) 1480903e README.wolfssl Update 9b2e8034 Remove compat-lz4 references from VS project files 60c18b45 build: Add support for pkg-config < 0.28 for old autoconf versions f38819b7 Add README.wolfssl documentating the state of WolfSSL in OpenVPN f6dca235 Support for wolfSSL in OpenVPN 4524feb2 Avoid generating unecessary mbed debug messages 24596b25 build: Remove compat-lz4 4170da07 Do not print Diffie Hellman parameters file to log file 476990d4 EVP_DigestSignFinal siglen parameter correction b0bff559 Require at least 100MB of mlock()-able memory if --mlock is used. fdb4f276 Allow pending auth to be send from a auth plugin d8ed5932 Change parameter of send_auth_pending_messages from context to tls_multi 88664aba Refactor extract_var_peer_info into standalone function and add ssl_util.c 53229047 Implement server side of AUTH_PENDING with extending timeout 4cf01c8e Fix EVP_PKEY_CTX_... compilation with LibreSSL 06f6cf3f Prefer TLS libraries TLS PRF function, fix OpenVPN in FIPS mode 3338f2d5 Quote the domain name argument passed to the wmic command 04876274 Add S_EXITCODE flag for openvpn_run_script to report exit code b29f7dff Introduce management client state for AUTH_PENDING notifications 3f8fb2b2 Implement client side handling of AUTH_PENDING message 0714ed80 Check return values in md_ctx_init and hmac_ctx_init fdfbd444 Explain structver usage in sample defer plugin. 413580b6 Change pull request timeout use a timeout rather than a number ce652e7d Remove inetd support from OpenVPN a385a3e8 More explicit versioning compatibility in sample-plugins/defer/simple.c 7d1361c1 Update openvpn_plugin_func_v2 to _v3 in sample-plugins/defer/simple.c 595be121 Documentation fixes around openvpn_plugin_func_v3 in openvpn-plugin.h.in 2d7e1954 Fix naming error in sample-plugins/defer/simple.c 452e016c clean up / rewrite sample-plugins/defer/simple.c 6a0c51ba Make OPENVPN_PLUGIN_ENABLE_PF failures FATAL ef2405a6 Document common uses of 'echo' directive, re-enable logging for 'echo'. 15daa988 Fix tls-auth mismatch OCC message when tls-cryptv2 is used. 3b1ded39 Man page sections corrections e0e7625c Skip DHCP renew with Wintun adapter b1a8213e Remove 1 second delay before running netsh 8a8ee283 Clarify --block-ipv6 intent and direction. aa58035a Zero initialise msghdr prior to calling sendmesg 86d7e990 ssl_common.h: fix 'not all control paths return a value' msvc warning ab4688e3 Fix too early argv freeing when registering DNS a686f7e2 Fix line number reporting on config file errors after <inline> segments PR: 254785 Submitted by: Eric F. Crist (maintainer) -- Diese und die folgenden Zeilen werden ignoriert -- > Description of fields to fill in above: 76 columns --| > PR: If and which Problem Report is related. > Submitted by: If someone else sent in the change. > Reported by: If someone else reported the issue. > Reviewed by: If someone else reviewed your modification. > Approved by: If you needed approval for this commit. > Obtained from: If the change is from a third party. > MFC after: N [day[s]|week[s]|month[s]]. Request a reminder email. > MFH: Ports tree branch name. Request approval for merge. > Relnotes: Set to 'yes' for mention in release notes. > Security: Vulnerability reference (one per line) or description. > Sponsored by: If the change was sponsored by an organization (each collaborator). > Differential Revision: https://reviews.freebsd.org/D### (*full* phabric URL needed). > Empty fields above will be automatically removed. M openvpn-devel/Makefile M openvpn-devel/distinfo
* security/fizz: Update 2021.03.29.00 -> 2021.04.05.00Yuri Victorovich2021-04-062-4/+4
|
* security/aws-vault: Update to 6.3.1Dmitri Goutnik2021-04-062-7/+6
| | | | Changes: https://github.com/99designs/aws-vault/releases/tag/v6.3.1
* security/nettle: move patches to filesPiotr Kubaj2021-04-062-0/+0
|
* all: Remove all other $FreeBSD keywords.Mathieu Arnold2021-04-06127-301/+31
|
* Remove # $FreeBSD$ from Makefiles.Mathieu Arnold2021-04-061323-1326/+0
|
* security/vuxml: Document XML round-trip vulnerability of REXML in RubyKoichiro Iwao2021-04-061-0/+39
| | | | | | | | Document XML round-trip vulnerability of REXML in Ruby. PR: 254793 Reported by: Yasuhiro Kimura <yasu@utahime.org> Security: CVE-2021-28965
* security/nettle: fix build on powerpc64*Piotr Kubaj2021-04-062-0/+38
| | | | | | | | | | | Due to the string "swap_mask" being replaced with the vector register, the assembly label pointing at the local data variable .swap_mask was being replaced as well, causing the local label to be named ".0", which the clang integrated assembler treats as a syntax error. Change the name to .swap_data. Submitted by: bdragon
* security/openssl: Fix /dev/crypto issue with 1.1.1kBernard Spil2021-04-061-2/+9
| | | | | | PR: 254643 Reported by: <cryx-freebsd h3q com> Reviewed by: wollman
* Removed svn keywords again.Matthias Fechner2021-04-061-1/+1
| | | | | They went in by accident while merging older commits. Reported by: jbeich
* Add vuln-flat.xml to the ignore list and remove the one committed by accidentRene Ladan2021-04-061-180293/+0
|
* Document new vulnerabilities in www/chromium < 89.0.4389.114Rene Ladan2021-04-061-0/+49
| | | | Obtained from: https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html
* Document gitlab-ce vulnerabilities.Matthias Fechner2021-04-062-0/+180329
|
* Update to 1.1.0 which is required for gitlab-ce 13.10.Matthias Fechner2021-04-062-6/+5
|
* Update libgit2 to 1.1.0.Matthias Fechner2021-04-061-1/+1
| | | | | | | | | This update is also required for www/gitlab-ce 13.10 upgrade. Changelog: https://github.com/libgit2/libgit2/releases/tag/v1.1.0 PR: 252098
* security/openssl-unsafe: Unbreak with FreeBSD 13Bernard Spil2021-04-062-2/+11
|
* Build and install example applicationsSunpoet Po-Chuan Hsieh2021-03-303-1/+70
| | | | | | | - Bump PORTREVISION for package change Notes: svn path=/head/; revision=569597
* Clean up TEST_DEPENDSSunpoet Po-Chuan Hsieh2021-03-301-2/+1
| | | | Notes: svn path=/head/; revision=569591
* Update to 3.7.2Sunpoet Po-Chuan Hsieh2021-03-303-12/+37
| | | | | | | | | Changes: https://git.lysator.liu.se/nettle/nettle/blob/master/NEWS Exp-run by: antoine Notes: svn path=/head/; revision=569572
* security/suricata: Update to 5.0.6Rainer Hurling2021-03-303-7/+10
| | | | | | | | | | Changelog: https://redmine.openinfosecfoundation.org/versions/164 PR: 254579 Submitted by: Franco Fichtner <franco@opnsense.org> (maintainer) Notes: svn path=/head/; revision=569557
* security/fizz: Update 2021.03.22.00 -> 2021.03.29.00Yuri Victorovich2021-03-292-4/+4
| | | | Notes: svn path=/head/; revision=569513
* Fix @sample usage, problem exposed by r569271.Guido Falsi2021-03-291-1/+1
| | | | Notes: svn path=/head/; revision=569503
* Update to the latest w1.fi commit, proxied through my GH account.Cy Schubert2021-03-292-5/+5
| | | | Notes: svn path=/head/; revision=569495
* security/krb5-devel: update to the latest MIT/KRB5 github commit.Cy Schubert2021-03-292-5/+5
| | | | Notes: svn path=/head/; revision=569493
* Rebuild lang/rust consumers after r569489Tobias Kortkamp2021-03-297-5/+7
| | | | Notes: svn path=/head/; revision=569491
* Bump PORTREVISION on *-sbcl ports after lang/sbcl upgrade.Kirill Ponomarev2021-03-291-1/+1
| | | | Notes: svn path=/head/; revision=569434
* security/gopass: Update to 1.12.5Nuno Teixeira2021-03-293-19/+23
| | | | | | | | | | ChangeLog: https://github.com/gopasspw/gopass/blob/v1.12.5/CHANGELOG.md Approved by: dbaio (mentor) Differential Revision: https://reviews.freebsd.org/D29466 Notes: svn path=/head/; revision=569429
* security/linux-c7-nettle: mark vulnerable, tooMatthias Andree2021-03-281-0/+4
| | | | | | | | | | See https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254355#c14 PR: 254355 Reported by: Graham Perrin <grahamperrin@gmail.com> Notes: svn path=/head/; revision=569416
* security/proxytunnel: Update to 1.10.20210128Emanuel Haupt2021-03-282-4/+4
| | | | Notes: svn path=/head/; revision=569407
* Remove expired ports:Rene Ladan2021-03-289-144/+0
| | | | | | | | 2021-03-28 security/apg: Abandonware. Please try security/makepasswd or security/rndpassw instead 2021-03-28 lang/Gofer: Old, unmaintained language Notes: svn path=/head/; revision=569404
* Add entry about recent Samba4* vulnerabilities:Timur I. Bakeyev2021-03-281-0/+47
| | | | | | | | | | | CVE-2020-27840: An anonymous attacker can crash the Samba AD DC LDAP server by sending easily crafted DNs as part of a bind request. More serious heap corruption is likely also possible. CVE-2021-20277: User-controlled LDAP filter strings against the AD DC LDAP server may crash the LDAP server. Security: CVE-2020-27840 CVE-2021-20277 Notes: svn path=/head/; revision=569371
* security/create-cert: Update to 2.9.Craig Leres2021-03-272-4/+4
| | | | | | | | | - Add missing line escape for multiline conditional. - Add support for Subject Alt Names including IP addresses. Notes: svn path=/head/; revision=569367
* vuln.xml: mention nettle < 3.7.2 ECDSA verify bugsMatthias Andree2021-03-271-0/+39
| | | | | | | Security: 80f9dbd3-8eec-11eb-b9e8-3525f51429a0 Notes: svn path=/head/; revision=569321
* security/py-fido2: Update to 0.9.1Emanuel Haupt2021-03-272-5/+5
| | | | | | | | | | | Use upstream prefered command to to invoke tests. PR: 254487 Approved by: koobs (python) MFH: No (0.9/0.9.1 backward incompatible) Notes: svn path=/head/; revision=569306
* security/py-merkletools: Remove tests from plist because they cause conflictsYuri Victorovich2021-03-271-1/+10
| | | | Notes: svn path=/head/; revision=569293
* security/libgcrypt: Fix armv7 buildCy Schubert2021-03-271-1/+1
| | | | | | | | | | | Similar to armv6, armv7 fails to build jitterentropy-base.c without optimization, falling flat on the #pragma GCC optimize statement. Like armv6, avoid building jitterentropy-base.c altogether. PR: 253698 Notes: svn path=/head/; revision=569290
* security/yubioath-desktop: Update to 5.0.4Tobias C. Berner2021-03-264-18/+19
| | | | | | | | | | | Changes can be found here: https://developers.yubico.com/yubioath-desktop/Release_Notes.html Submitted by: Daniel Shafer <daniel@shafer.cc> (maintainer) Differential Revision: https://reviews.freebsd.org/D29347 Notes: svn path=/head/; revision=569259
* security/sops: Update to 3.7.0Dmitri Goutnik2021-03-262-7/+6
| | | | | | | Changes: https://github.com/mozilla/sops/releases/tag/v3.7.0 Notes: svn path=/head/; revision=569254
* security/openssl: Security update to 1.1.1kBernard Spil2021-03-262-7/+6
| | | | | | | | | | PR: 254551 Submitted by: Pascal Christen <pascal christen hostpoint ch> MFH: 2021Q1 Security: 5a668ab3-8d86-11eb-b8d6-d4c9ef517024 Notes: svn path=/head/; revision=569247
* security/vuxml: Document High OpenSSL vulnerabilitiesBernard Spil2021-03-261-1/+39
| | | | | | | * While here, fix incorrect year in ec04f3d0-8cd9-11eb-bb9f-206a8a720317 Notes: svn path=/head/; revision=569246
* security/dehydrated: Update to 0.7.0Koichiro Iwao2021-03-264-8/+10
| | | | | | | | | | | | While here, - Update WWW - Install manpage which is added 3 years ago Relnotes: https://github.com/dehydrated-io/dehydrated/releases/tag/v0.7.0 Sponsored by: HAW International Notes: svn path=/head/; revision=569238
* editors/emacs: Update to 27.2Joseph Mingrone2021-03-261-1/+1
| | | | | | | | | | | | This is a bug-fix release with no new features. https://www.gnu.org/software/emacs/news/NEWS.27.2 Reviewed by: ashish Differential Revision: https://reviews.freebsd.org/D27700 Notes: svn path=/head/; revision=569232
* update to 3.3.1p1Baptiste Daroussin2021-03-252-4/+4
| | | | Notes: svn path=/head/; revision=569206
* Added new ports required for gitlab-ce 13.10 upgrade.Matthias Fechner2021-03-254-0/+26
| | | | Notes: svn path=/head/; revision=569199
* security/tailscale: Update to 1.6.0Mikael Urankar2021-03-252-6/+6
| | | | | | | Changes: https://github.com/tailscale/tailscale/releases/tag/v1.6.0 Notes: svn path=/head/; revision=569190
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-18 23:33:56 +0000