Girish Venkatachalam.
ipguard prevents unregistered hosts from operating correctly on an
ethernet segment by sending a fake ARP reply when a device transmits
with a MAC/IP pair not listed in its configuration file.
Use in-tree security/libtasn1 and archivers/lzo instead of the included ones.
Backport a patch from upstream git to fix symbol conflicts.
ok naddy@ ajacoutot@
ctunnel is a software for proxying and forwarding TCP connections via
a cryptographic tunnel.
ctunnel can be used to secure any existing TCP based protocol, such
as HTTP, VNC, Telnet, FTP, RSH, MySQL, etc.
You can also chain/bounce connections to any number of intermediary hosts.
from Pierre-Emmanuel Andre <pea@raveland.org>, thanks!
Nipper enables network administrators, security professionals and auditors
to quickly produce reports on key network infrastructure devices.
tested by rui and Nigel J. Taylor
ok rui@
Nipper enables network administrators, security professionals and auditors
to quickly produce reports on key network infrastructure devices.
testing by rui and Nigel J. Taylor who also provided a patch
ok rui@
- A vulnerability in ClamAV's chm-parser allowed remote attackers to
cause a denial of service (application crash) via a malformed CHM file
(CVE-2008-1389).
- A vulnerability in libclamav would allow attackers to cause a
denial of service via vectors related to an out-of-memory condition
(CVE-2008-3912).
- Multiple memory leaks were found in ClamAV that could possibly allow
attackers to cause a denial of service via excessive memory consumption
(CVE-2008-3913).
- A number of unspecified vulnerabilities in ClamAV were reported that
have an unknown impact and attack vectors related to file descriptor
leaks (CVE-2008-3914).
various OpenBSD patches rolled in upstream. thanks to sturm@
for looking over systrace.filter (needed for the test of sendmsg()
in configure to enable FD passing).
