aboutsummaryrefslogtreecommitdiff
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* security/tailscale: Update to 1.12.1Mikael Urankar2021-07-302-6/+6
| | | | | | Changes: https://github.com/tailscale/tailscale/releases/tag/v1.12.0 https://github.com/tailscale/tailscale/releases/tag/v1.12.1
* security/openssl-devel: Update to 3.0.0-beta2Bernard Spil2021-07-293-5352/+10
| | | | * Refactor MAN3 option plist generation
* security/vuxml: add fetchmail < 6.4.20 vulnMatthias Andree2021-07-281-0/+28
| | | | | Security: cbfd1874-efea-11eb-8fe9-036bd763ff35 Security: CVE-2021-36386
* *: Drop maintainership on most of my ports.Lars Engels2021-07-281-1/+1
| | | | Unfortunately I cannot give them the love they deserve at the moment.
* security/py-mnemonic: Update to 0.20Emanuel Haupt2021-07-282-4/+4
|
* x11/plasma5-plasma: Update KDE Plasma Desktop to 5.22.4Tobias C. Berner2021-07-275-11/+9
| | | | | | | | | | | | | | | | Plasma 5.22 was released in June 2021 with many feature refinements and new modules to complete the desktop experience. This release adds three weeks' worth of new translations and fixes from KDE's contributors. The bugfixes are typically small but important and include: * Discover: Address the keyboard shortcut tooltip. * Sort Unsplash POTD image categories alphabetically. * Info Center: Unbreak about CPU value when solid is missing a product string. [1] https://kde.org/announcements/plasma/5/5.22.4/
* security/vuxml: Document integer overflow vulnerability in redisYasuhiro Kimura2021-07-271-0/+43
| | | | PR: 257325
* security/vuxml: Document dns/powerdns CVE-2021-36754rob2g22021-07-271-0/+26
| | | | PR: 257435
* security/krb5-118: Update to 1.18.4Cy Schubert2021-07-262-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The announcement as follows: The MIT Kerberos Team announces the availability of MIT Kerberos 5 Releases 1.19.2 and 1.18.4. Please see below for a list of some major changes included, or consult the README file in the source tree for a more detailed list of significant changes. Retrieving krb5-1.19.2 and krb5-1.18.4 ====================================== You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the following URL: https://kerberos.org/dist/ The homepage for the krb5-1.19.2 and krb5-1.18.4 releases are: https://web.mit.edu/kerberos/krb5-1.19/ https://web.mit.edu/kerberos/krb5-1.18/ Further information about Kerberos 5 may be found at the following URL: https://web.mit.edu/kerberos/ Triple-DES transition ===================== Beginning with the krb5-1.19 release, a warning will be issued if initial credentials are acquired using the des3-cbc-sha1 encryption type. In future releases, this encryption type will be disabled by default and eventually removed. Beginning with the krb5-1.18 release, single-DES encryption types have been removed. Major changes in 1.19.2 and 1.18.4 (2021-07-22) =============================================== These are bug fix releases. * Fix a denial of service attack against the KDC encrypted challenge code [CVE-2021-36222]. * Fix a memory leak when gss_inquire_cred() is called without a credential handle. MFH: 2021Q3 Security: CVE-2021-36222
* security/krb5-119: Update to 1.19.2Cy Schubert2021-07-262-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The announcement as follows: The MIT Kerberos Team announces the availability of MIT Kerberos 5 Releases 1.19.2 and 1.18.4. Please see below for a list of some major changes included, or consult the README file in the source tree for a more detailed list of significant changes. Retrieving krb5-1.19.2 and krb5-1.18.4 ====================================== You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the following URL: https://kerberos.org/dist/ The homepage for the krb5-1.19.2 and krb5-1.18.4 releases are: https://web.mit.edu/kerberos/krb5-1.19/ https://web.mit.edu/kerberos/krb5-1.18/ Further information about Kerberos 5 may be found at the following URL: https://web.mit.edu/kerberos/ Triple-DES transition ===================== Beginning with the krb5-1.19 release, a warning will be issued if initial credentials are acquired using the des3-cbc-sha1 encryption type. In future releases, this encryption type will be disabled by default and eventually removed. Beginning with the krb5-1.18 release, single-DES encryption types have been removed. Major changes in 1.19.2 and 1.18.4 (2021-07-22) =============================================== These are bug fix releases. * Fix a denial of service attack against the KDC encrypted challenge code [CVE-2021-36222]. * Fix a memory leak when gss_inquire_cred() is called without a credential handle. MFH: 2021Q3 Security: CVE-2021-36222
* security/libreswan: Fix manpages build by providing awk=gawkYuri Victorovich2021-07-262-1/+35
|
* security/gpg-tui: update to version 0.7.3Stefan Eßer2021-07-262-7/+7
|
* security/elixir-jose: update to 1.11.1.Vanilla I. Shu2021-07-263-24/+5
|
* security/erlang-jose: update to 1.11.1.Vanilla I. Shu2021-07-263-4/+6
|
* security/distcache: fix strip-related comment and take maintainershipAlexey Dokuchaev2021-07-261-2/+2
| | | | | | | | | | | The comment said ``INSTALL_TARGET=install-strip isn't working'', that is, does not strip shared libraries as expected, while actually this is not a bug but intended behavior, per this quote from the INSTALL file: [...] Fortunately, the GNU autotools have built-in support for this functionality, all you need to do is to specify "make install-strip" instead of "make install". Note however that only executables are stripped, libraries are not touched [...]
* security/libreswan: Fix build by providing xmlto.Yuri Victorovich2021-07-261-0/+1
| | | | | | W/out xmlto build is broken on some systems. Reported by: fallout
* security/solana: Update 1.7.4 -> 1.7.8Yuri Victorovich2021-07-253-81/+126
| | | | Reported by: portscout
* security/py-coincurve: Update 15.0.0 -> 15.0.1Yuri Victorovich2021-07-252-4/+4
| | | | Reported by: portscout
* security/pkcs11-tools: Update to 2.4.0Eric Devolder2021-07-252-4/+4
| | | | | | | Changelog: https://github.com/Mastercard/pkcs11-tools/blob/v2.4.0/CHANGELOG.md PR: 257348 Approved by: lwhsu (mentor, implicit)
* security/keybase: Update to 5.7.1Po-Chuan Hsieh2021-07-242-4/+4
| | | | Changes: https://github.com/keybase/client/releases
* security/theonionbox: Fix build with py-urllib3 1.26.5Po-Chuan Hsieh2021-07-242-2/+2
| | | | - While I'm here, update version requirement of RUN_DEPENDS
* security/py-python3-saml: Update to 1.11.0Po-Chuan Hsieh2021-07-243-17/+5
| | | | Changes: https://github.com/onelogin/python3-saml/releases
* security/libfido2: Update to 1.8,0Po-Chuan Hsieh2021-07-243-5/+25
| | | | | Changes: https://developers.yubico.com/libfido2/Release_Notes.html https://github.com/Yubico/libfido2/blob/master/NEWS
* security/vuxml: Mark mosquitto >= 2.0.0, < 2.0.10 vulnerable as per:Craig Leres2021-07-241-0/+31
| | | | | | | | | | | https://github.com/eclipse/mosquitto/blob/d5ecd9f5aa98d42e7549eea09a71a23eef241f31/ChangeLog.txt - If an authenticated client connected with MQTT v5 sent a malformed CONNACK message to the broker a NULL pointer dereference occurred, most likely resulting in a segfault. PR: 255229 Reported by: Daniel Engberg
* security/wolfssl: Updates to v4.8.1Santhosh Raju2021-07-243-5/+5
| | | | | | | | | | | | | | | | | Changes since v4.8.0: wolfSSL Release 4.8.1 (July 16, 2021) Release 4.8.1 of wolfSSL embedded TLS has an OCSP vulnerability fix: Vulnerabilities * [High] OCSP verification issue when response is for a certificate with no relation to the chain in question BUT that response contains the NoCheck extension which effectively disables ALL verification of that one cert. Users who should upgrade to 4.8.1 are TLS client users doing OCSP, TLS server users doing mutual auth with OCSP, and CertManager users doing OCSP independent of TLS. Thanks to Jan Nauber, Marco Smeets, Werner Rueschenbaum and Alissa Kim of Volkswagen Infotainment for the report.
* security/vuxml: Document new pjsip vulnerabilityGuido Falsi2021-07-231-0/+30
|
* security/vuxml: Document new asterisk vulnerabilitiesGuido Falsi2021-07-231-0/+105
|
* security/distcache: unbreak the build when using OpenSSL from portsAlexey Dokuchaev2021-07-221-2/+2
| | | | | | | | | | While appropriate --with-ssl=${OPENSSLBASE} switch is passed to the configure script, the SSLeay_version -> OpenSSL_version adjustment was performed not relative to ${OPENSSLINC}, which is wrong. Also, this check cannot be executed at `post-patch' because OpenSSL from ports is not yet available at this early stage. PR: 236820
* security/vaultwarden: Update to 1.22.1Bernard Spil2021-07-213-296/+320
| | | | | | | * Update Web Vault to 2.20.4b PR: 256908 Approved by: Maintainer timeout
* security/krb5-devel: update to the latest MIT/KRB5 github commitCy Schubert2021-07-212-5/+5
|
* security/wpa_supplicant-devel: Update to latest GH commitCy Schubert2021-07-212-6/+5
| | | | Update to the latest w1.fi commit, proxied through my GH account.
* security/wpa_supplicant-devel: sync up with baseCy Schubert2021-07-212-0/+18
| | | | Add a patch already in base.
* security/py-google-auth: Update to 1.33.1Po-Chuan Hsieh2021-07-212-4/+4
| | | | | Changes: https://github.com/googleapis/google-auth-library-python/releases https://github.com/googleapis/google-auth-library-python/blob/master/CHANGELOG.md
* devel/libfmt: Update to 8.0.0Po-Chuan Hsieh2021-07-212-1/+2
| | | | | | | | - Bump PORTREVISION of dependent ports for shlib change Changes: https://github.com/fmtlib/fmt/releases PR: 257026 Exp-run by: antoine
* security/vuxml: document Chromium < 92.0.4515.107Rene Ladan2021-07-211-0/+112
|
* security/vuxml: fix `make validate'Rene Ladan2021-07-211-2/+2
|
* security/gpg-tui: update to version 0.7.2Stefan Eßer2021-07-212-4/+4
|
* security/vuxml: Document cURL 7.77.0 vulnerabilitiesBernard Spil2021-07-211-0/+34
|
* security/rhash: the port had been updated (+)Alexey Dokuchaev2021-07-213-4/+31
| | | | | | | | - Update RHash to version 1.4.2 - Revert one change in the configure script which breaks the build on FreeBSD (at least) Reported by: portscout
* security/fizz: Update 2021.07.12.00 -> 2021.07.19.00Yuri Victorovich2021-07-212-4/+4
|
* security/arti: Update and port improvementsCarlo Strub2021-07-204-24/+32
| | | | | | - Update to 0.0.0.20210720 - Add pkg-message with usage warning - Change www
* security/vuxml: Document MySQL vulnerabilities Jul2021Bernard Spil2021-07-201-0/+34
|
* security/p5-CryptX: update to 0.073.Vanilla I. Shu2021-07-202-4/+4
|
* security/zeek: Add @sample for local.zeekCraig Leres2021-07-192-1/+2
| | | | | | | | | | | This github issue: https://github.com/zeek/zeekctl/issues/35 complained about the lack of a local.zeek file on a fresh install; adding @sample for local.zeek solves this. Reported by: shadonet
* security/keepassxc: Update to 2.6.6Li-Wen Hsu2021-07-191-1/+1
| | | | | | | | - Take maintainership - Fix KEESHARE option PR: 256797 Approved by: maintainer timeout (3 times)
* security/keepassxc: Update to 2.6.6Li-Wen Hsu2021-07-194-7/+20
|
* security/rubygem-webpush: Update to 1.1.0Po-Chuan Hsieh2021-07-182-6/+7
| | | | | | | - Change RUN_DEPENDS from rubygem-hkdf to rubygem-hkdf0 - Update version requirement of RUN_DEPENDS Changes: https://github.com/zaru/webpush/blob/master/CHANGELOG.md
* security/rubygem-six: Update to 0.2.2Po-Chuan Hsieh2021-07-183-8/+9
| | | | | | | | - Add LICENSE_FILE - Update WWW Changes: https://github.com/dzaporozhets/six/blob/master/CHANGELOG https://github.com/dzaporozhets/six/commits/master
* security/rubygem-openssl: Update to 2.2.0Po-Chuan Hsieh2021-07-183-5/+5
| | | | | | - Update WWW Changes: https://github.com/ruby/openssl/blob/master/History.md
* security/rubygem-omniauth-saml: Update to 1.10.3Po-Chuan Hsieh2021-07-182-6/+5
| | | | | Changes: https://github.com/omniauth/omniauth-saml/releases https://github.com/omniauth/omniauth-saml/blob/master/CHANGELOG.md
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-30 07:37:59 +0000