aboutsummaryrefslogtreecommitdiff
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* security/gringotts: fix build on FreeBSD 13/14Christian Weisgerber2021-02-2710-6/+157
| | | | | | | Also fix up dependencies while here. Notes: svn path=/head/; revision=566736
* www/nextcloud: Mark 21 PHP 8.0 compatibleBernard Spil2021-02-273-3/+0
| | | | | | | * NOTE: Not all apps are compatible (yet) Notes: svn path=/head/; revision=566705
* security/nextcloud-end_to_end_encryption: Update to 1.7.0Bernard Spil2021-02-271-1/+1
| | | | Notes: svn path=/head/; revision=566692
* security/vault: update to 1.6.3Steve Wills2021-02-272-7/+7
| | | | | | | Security: 52bd2d59-4ab5-4bef-a599-7aac4e92238b Notes: svn path=/head/; revision=566652
* Document vault issueSteve Wills2021-02-271-0/+26
| | | | Notes: svn path=/head/; revision=566651
* security/py-ckcc-protocol: Update to 1.0.3Emanuel Haupt2021-02-262-4/+4
| | | | Notes: svn path=/head/; revision=566639
* security/openconnect-gui: update to 1.5.3Piotr Kubaj2021-02-2611-50/+102
| | | | | | | | PR: 253609 Submitted by: swills Notes: svn path=/head/; revision=566575
* security/p5-Crypt-Argon2: Update to 0.008Neel Chauhan2021-02-252-4/+4
| | | | | | | | | | Changes: https://metacpan.org/changes/release/LEONT/Crypt-Argon2-0.008 PR: 253715 Submitted by: Sergei Vyshenski <svysh.fbsd AT gmail DOT com> (maintainer) Notes: svn path=/head/; revision=566567
* Fix packaging with python 3.8Antoine Brodin2021-02-251-1/+1
| | | | | | | PR: 253815 Notes: svn path=/head/; revision=566564
* security/p11-kit: drop BASH optionRoman Bogorodskiy2021-02-252-15/+15
| | | | | | | | | | | | | | - Drop BASH option and install bash completion files unconditionally, but only add shells/bash-completion to BUILD_DEPENDS, not RUN_DEPENDS, - Improve formatting with portfmt(1), - Bump PORTREVISION for dependency changes. PR: 253843 Submitted by: swills Reported by: Andras Farkas Notes: svn path=/head/; revision=566543
* security/py-openssl: unbreak run for consumersDima Panov2021-02-254-2/+25
| | | | | | | | | | | | | | | | | | Partially revert r566075 to previous py-openssl release only for ${OSVERSION} < 1200085 and base OpenSSL 1.0.2 with PORTEPOCH bump This step is needed because since 20.0 release py-openssl have dropped off support for openssl < 1.1.0 which still in base fo FreeBSD 11.4+ branch Due to dependency on recent cryptography, bump py-cryptography to 3.3.2 release under same conditions as py-openssl. 3.3.2 was last release which not requred Rust to build With hat: ports-secteam Pointy hat to: sbz (for skip dependencies verification and no reaction to complains) Reported by: many via ML Notes: svn path=/head/; revision=566534
* security/vuxml: add FreeBSD SA-21:04.jail_removePhilip Paeps2021-02-251-0/+34
| | | | Notes: svn path=/head/; revision=566520
* security/vuxml: add FreeBSD SA-21:06.xenPhilip Paeps2021-02-251-0/+38
| | | | Notes: svn path=/head/; revision=566519
* security/vuxml: add FreeBSD SA-21:05.jail_chdirPhilip Paeps2021-02-251-0/+31
| | | | Notes: svn path=/head/; revision=566518
* security/vuxml: add FreeBSD SA-21:03.pam_login_accessPhilip Paeps2021-02-251-0/+30
| | | | Notes: svn path=/head/; revision=566517
* security/openvpn: Bugfix update to v2.5.1Matthias Andree2021-02-242-4/+4
| | | | | | | | | Changelog: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-251 MFH: 2021Q1 (point-level bugfix update) Notes: svn path=/head/; revision=566502
* security/honeytrap: Unbreak with go1.16Dmitri Goutnik2021-02-2410-20/+20
| | | | | | | | PR: 253794 Submitted by: ezri.mudde@dutchsec.com (maintainer) Notes: svn path=/head/; revision=566492
* Add security/uacmeTobias Kortkamp2021-02-245-0/+74
| | | | | | | | | | | | | | | Lightweight client for the RFC8555 ACMEv2 protocol, written in plain C with minimal dependencies (libcurl and one of GnuTLS, OpenSSL or mbedTLS). The ACMEv2 protocol allows a Certificate Authority (Let's Encrypt is a popular one) and an applicant to automate the process of verification and certificate issuance. The protocol also provides facilities for other certificate management functions, such as certificate revocation. WWW: https://github.com/ndilieto/uacme Notes: svn path=/head/; revision=566487
* security/wolfssl: Fix QA issuesTobias Kortkamp2021-02-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ====> Checking for pkg-plist issues (check-plist) ===> Parsing plist ===> Checking for items in STAGEDIR missing from pkg-plist ===> Checking for items in pkg-plist which are not in STAGEDIR Error: Missing: %%DOCSDIR%%/README.txt Error: Missing: %%DOCSDIR%%/example/client.c Error: Missing: %%DOCSDIR%%/example/echoclient.c Error: Missing: %%DOCSDIR%%/example/echoserver.c Error: Missing: %%DOCSDIR%%/example/sctp-client-dtls.c Error: Missing: %%DOCSDIR%%/example/sctp-client.c Error: Missing: %%DOCSDIR%%/example/sctp-server-dtls.c Error: Missing: %%DOCSDIR%%/example/sctp-server.c Error: Missing: %%DOCSDIR%%/example/server.c Error: Missing: %%DOCSDIR%%/example/tls_bench.c Error: Missing: %%DOCSDIR%%/taoCert.txt ===> Error: Plist issues found. *** Error code 1 Stop. make: stopped in /usr/ports/security/wolfssl =>> Error: check-plist failures detected =>> Checking for staging violations... done =======================<phase: package >============================ ===> Building package for wolfssl-4.6.0_1 pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/README.txt, fatal (developer mode) pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/example/tls_bench.c, fatal (developer mode) pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/example/sctp-server.c, fatal (developer mode) pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/example/echoserver.c, fatal (developer mode) pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/example/sctp-client-dtls.c, fatal (developer mode) pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/example/sctp-server-dtls.c, fatal (developer mode) pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/example/echoclient.c, fatal (developer mode) pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/example/client.c, fatal (developer mode) pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/example/server.c, fatal (developer mode) pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/example/sctp-client.c, fatal (developer mode) pkg-static: duplicate file listing: /usr/local/share/doc/wolfssl/taoCert.txt, fatal (developer mode) http://package21.nyi.freebsd.org/data/114amd64-default-qat/566258/logs/errors/wolfssl-4.6.0_1.log Notes: svn path=/head/; revision=566484
* security/tailscale: Update to v1.4.5Mikael Urankar2021-02-242-7/+6
| | | | | | | Changes: https://github.com/tailscale/tailscale/releases/tag/v1.4.5 Notes: svn path=/head/; revision=566475
* Update to 1.13.6Mateusz Piotrowski2021-02-242-5/+4
| | | | Notes: svn path=/head/; revision=566465
* security/py-ssh-audit: update to 2.4.0Piotr Kubaj2021-02-242-5/+4
| | | | | | | | | | | | | | | | | | | Changelog: - Added multi-threaded scanning support. - Added built-in Windows manual page (see `-m`/`--manual`); credit [Adam Russell](https://github.com/thecliguy). - Added version check for OpenSSH user enumeration (CVE-2018-15473). - Added deprecation note to host key types based on SHA-1. - Added extra warnings for SSHv1. - Added built-in hardened OpenSSH v8.5 policy. - Upgraded warnings to failures for host key types based on SHA-1. - Fixed crash when receiving unexpected response during host key test. - Fixed hang against older Cisco devices during host key test & gex test. - Fixed improper termination while scanning multiple targets when one target returns an error. - Dropped support for Python 3.5 (which reached EOL in Sept. 2020). - Added 1 new key exchange: `sntrup761x25519-sha512@openssh.com`. Notes: svn path=/head/; revision=566445
* - Update to 1.2.2Wen Heping2021-02-242-4/+4
| | | | Notes: svn path=/head/; revision=566440
* Document integer overflow on 32-bit systems (CVE-2021-21309):Sergey A. Osokin2021-02-231-0/+39
| | | | | | | | | o) databases/redis5 o) databases/redis o) databases/redis-devel Notes: svn path=/head/; revision=566398
* security/zeek: Update to 3.0.13Craig Leres2021-02-232-5/+4
| | | | | | | | | | | | | | | | | | | | | | | | https://github.com/zeek/zeek/releases/tag/v3.0.13 This release fixes the following vulnerability: - Fix ASCII Input reader's treatment of input files containing null-bytes. An input file containing null-bytes could lead to a buffer-over-read, crash Zeek, and be exploited to cause Denial of Service. And fixes the following bugs: - MIME sub-entities overwrote top-level header values cause misleading SMTP log - Fix incorrect major_subsys_version field in pe_optional_header event Reported by: Jon Siwek Notes: svn path=/head/; revision=566365
* security/vuxml: Mark zeek < 3.0.13 as vulnerable as per:Craig Leres2021-02-231-0/+28
| | | | | | | | | | | | https://github.com/zeek/zeek/releases/tag/v3.0.13 Fix ASCII Input reader's treatment of input files containing null-bytes. An input file containing null-bytes could lead to a buffer-over-read, crash Zeek, and be exploited to cause Denial of Service. Notes: svn path=/head/; revision=566361
* security/fizz: Update 2021.02.15.00 -> 2021.02.22.00Yuri Victorovich2021-02-222-4/+4
| | | | Notes: svn path=/head/; revision=566327
* security/tailscale: Switch to GO_MODULE after r566063Mikael Urankar2021-02-222-72/+7
| | | | Notes: svn path=/head/; revision=566312
* security/nextcloud-twofactor_totp: Update to 6.0.0Bernard Spil2021-02-223-6/+11
| | | | Notes: svn path=/head/; revision=566300
* security/clamtk: Update to 6.0.8Neel Chauhan2021-02-212-4/+4
| | | | | | | Changes: https://github.com/dave-theunsub/clamtk/releases/tag/6.08 Notes: svn path=/head/; revision=566233
* - Update to 5.58Ryan Steinmetz2021-02-212-4/+4
| | | | Notes: svn path=/head/; revision=566229
* Fix segfault when handling ECDSA keysMatthew Seaman2021-02-212-0/+43
| | | | | | | | | | | | | | | Import patch by Marc Deslauriers from the Ubuntu package of pam_ssh_agent_auth Ref: https://github.com/jbeverly/pam_ssh_agent_auth/pull/24/files https://github.com/jbeverly/pam_ssh_agent_auth/issues/18 https://bugs.launchpad.net/ubuntu/+source/pam-ssh-agent-auth/+bug/1869512 PR: 253693 Submitted by: Matt <opensource mtcoster.net> Obtained from: Marc Deslauriers <marc.deslauriers canonical.com>, Ubuntu Notes: svn path=/head/; revision=566222
* - Update to 2.11.3Ashish SHUKLA2021-02-212-16/+17
| | | | | | | Reported by: portscout Notes: svn path=/head/; revision=566206
* Add vuxml entry for textproc/raptor2 CVEAdriaan de Groot2021-02-201-0/+26
| | | | | | | PR: 251102 Notes: svn path=/head/; revision=566165
* Connect vuln-2020.xml (2/2)Li-Wen Hsu2021-02-201-13174/+2
| | | | Notes: svn path=/head/; revision=566136
* Connect vuln-2020.xml (1/2)Li-Wen Hsu2021-02-201-0/+1
| | | | Notes: svn path=/head/; revision=566135
* security/nss: update to 3.62Jan Beich2021-02-202-4/+4
| | | | | | | | | Changes: https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.62_release_notes Changes: https://hg.mozilla.org/projects/nss/shortlog/NSS_3_62_RTM ABI: https://abi-laboratory.pro/tracker/timeline/nss/ Notes: svn path=/head/; revision=566134
* Split out vuln-2020.xmlLi-Wen Hsu2021-02-201-0/+13173
| | | | Notes: svn path=/head/; revision=566133
* Document Jenkins Security Advisory 2021-02-19Li-Wen Hsu2021-02-201-0/+27
| | | | | | | Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=566132
* security/gpg-gui: Update to 0.2.2Neel Chauhan2021-02-202-4/+4
| | | | Notes: svn path=/head/; revision=566131
* Deprecate security/certificate-transparencyDmitry Marakasov2021-02-191-0/+3
| | | | | | | | | | | | The port is BROKEN for more than 6 months in mutiple ways (inherits from protobuf generated classes which is prohibited and cannot find OpenSSL) and unmaintained PR: 234182, 246530 Reported by: many Notes: svn path=/head/; revision=566119
* Switch to GO_MODULE after r566063Dmitri Goutnik2021-02-198-343/+28
| | | | Notes: svn path=/head/; revision=566088
* security/krb5-devel: update to the latest MIT/KRB5 github commit.Cy Schubert2021-02-192-5/+5
| | | | Notes: svn path=/head/; revision=566077
* security/krb5: update 1.19 --> 1.19.1.Cy Schubert2021-02-192-4/+4
| | | | Notes: svn path=/head/; revision=566076
* - Update to 20.0.1Sofian Brabez2021-02-192-5/+5
| | | | Notes: svn path=/head/; revision=566075
* security/p5-Crypt-LibSCEP: allow build with clang, pet portlintDmitry Marakasov2021-02-181-7/+7
| | | | | | | | PR: 252444 Submitted by: svysh.fbsd@gmail.com (maintainer) Notes: svn path=/head/; revision=566006
* security/libscep: allow build with clang, pet portlintDmitry Marakasov2021-02-181-3/+3
| | | | | | | | PR: 252444 Submitted by: svysh.fbsd@gmail.com (maintainer) Notes: svn path=/head/; revision=566005
* - Update gvm ports to 20.8.1Jose Alonso Cardenas Marquez2021-02-1820-79/+116
| | | | | | | | | | | ChangeLog at: https://github.com/greenbone/gvmd/releases/tag/v20.8.1 https://github.com/greenbone/openvas-scanner/releases/tag/v20.8.1 https://github.com/greenbone/gsa/releases/tag/v20.8.1 https://github.com/greenbone/ospd-openvas/releases/tag/v20.8.1 https://github.com/greenbone/gvm-libs/releases/tag/v20.8.1 Notes: svn path=/head/; revision=565985
* - Update to 20.8.2Jose Alonso Cardenas Marquez2021-02-182-5/+4
| | | | | | | ChangeLog at: https://github.com/greenbone/ospd/releases/tag/v20.8.2 Notes: svn path=/head/; revision=565984
* - Update to 21.1.0Jose Alonso Cardenas Marquez2021-02-183-6/+6
| | | | | | | ChangeLog at: https://github.com/greenbone/gvm-tools/releases/tag/v21.1.0 Notes: svn path=/head/; revision=565983