Botan is a crypto library written in C++. It provides a variety of
cryptographic algorithms, including common ones such as AES, MD5, SHA,
HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that
are more obscure or specialized. It also offers X.509v3 certificates
and CRLs, and PKCS #10 certificate requests. A message processing
system that uses a filter/pipeline metaphor allows for many common
cryptographic tasks to be completed with just a few lines of code.
Assembly optimizations for common CPUs, including x86, x86-64, and
PowerPC, offers further speedups for critical tasks such as SHA-1
hashing and multiple precision integer operations.
from brad
tested by aja@ and me@
ok aja@
SSL 2.0 is disabled by default.
A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack
demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default.
SHA-224 is supported.
additional blacklist CA's. Malaysia-based DigiCert Sdn. Bhd
Ok sthen@
Start using MODRUBY_REGRESS with ruby, rspec2, and testrb entries.
Switch away from manual do_regress targets where possible. Add
some patches to make regress tests run for some ports.
couple of fallouts. Note that these ports are only the ones that used to
have a direct dependency on devel/libusb so there may be some other
hidden ports that may break because of the switch. If that's the case,
no need to start ranting all over but instead tell me which one(s)
break. Thanks.
Note: sysutils/nut hasn't been fixed yet but will be today.
in typical clamav tradition, release notes say "ClamAV 0.97.3 is a
minor bugfix release and is recommended for all users", secunia says:
A vulnerability has been reported in ClamAV, which can be exploited by
malicious people to cause a DoS (Denial of Service) and potentially
compromise a vulnerable system.
The vulnerability is caused due to errors related to the handling of
recursion levels within the "cli_bcapi_extract_new()"
(libclamav/bytecode_api.c) and "cli_bytecode_runhook()"
(libclamav/bytecode.c) functions, which can be exploited to e.g. cause
a crash via specially crafted files.
- note that this breaks p5-Mail-SpamAssassin regression tests,
as it removes obsolete SSLv2 support
- no USE_GROFF
- adjust Makefile to template
ok sthen
