cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
83,063 Commits 1 Branch 0 Tags 554 MiB
8a0195a1b7
Commit Graph

3227 Commits

Author SHA1 Message Date
ajacoutot
5211924705 +cvechecker 2013-03-08 09:55:59 +00:00
ajacoutot
639694f0e0 Import cvechecker-3.2. 
The goal of cvechecker is to report about possible vulnerabilities on
your system, by scanning the installed software and matching the results
with the CVE database.
<...>

ok jasper@
 2013-03-08 09:54:49 +00:00
gsoares
665d95b509 Security UPDATE to 4.55; Fix CVE-2013-1762 
full changelog at:
https://www.stunnel.org/sdf_ChangeLog.html

OK sthen@
 2013-03-05 14:10:40 +00:00
ajacoutot
e693f2833d Update to p11-kit-0.16.0. 2013-03-05 09:53:20 +00:00
jasper
25451b93b7 Security update of ruby-openid to 2.2.2, addresses CVE-2013-1812, 
ruby-openid Gem Denial of Service Vulnerability
 2013-03-05 09:09:57 +00:00
benoit
ce84d37edd - update py-paramiko to 1.10.0 
- regen PLIST
 2013-03-04 07:37:46 +00:00
ajacoutot
c4b67d5612 Update to gnutls-3.1.9. 2013-03-02 14:07:22 +00:00
ajacoutot
cd449ffa52 No need to @sample pkcs11.conf.example. 
spotted by sthen@
 2013-03-02 13:55:56 +00:00
ajacoutot
f44bdb4a47 Remove an annoying warning at pkg_add/delete time due to an empty manpage. 
Theo confirmed this can still go in.
prodded by and ok sthen@, ok jasper@
 2013-02-21 15:55:32 +00:00
sthen
f5a323c546 Don't use ${FLAVOR:L}, we only support lower-case flavours now. 
OK ajacoutot@ espie@
 2013-02-09 14:49:50 +00:00
sthen
8979f7fde1 take MAINTAINER, suggested by reyk@ 2013-02-07 12:32:08 +00:00
bluhm
8a08e28a3e update p5-IO-Socket-SSL to 1.83 2013-02-06 23:38:11 +00:00
sthen
b013715fc5 - enable reading PKCS12 certificates from files; from Gregor Best who 
wants this for use with Eduroam.

- add an rc script and README.

- remove non-useful wpa_priv patch.

README tweak from ajacoutot, ok gsoares dcoppa
 2013-02-06 17:27:13 +00:00
sthen
23ca7d6c7d bump; make sure static binaries get updated 2013-02-05 14:49:29 +00:00
ajacoutot
68dcc506da SECURITY update to gnutls-3.1.7. 
GNUTLS-SA-2013-1: http://www.isg.rhul.ac.uk/tls/
 2013-02-05 07:37:33 +00:00
rpointel
0b6e8563dc Update to 0.5.4. 
security fix, more info http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/
 2013-02-04 21:32:46 +00:00
sthen
e3e6f35472 don't try to access list members to free them unless already initialised; 
fixes a crash with wpa_priv usage(); wpa_priv not yet enabled
 2013-02-04 10:04:44 +00:00
dcoppa
3a19c3d8e5 Explicitly ignore the result of write(2): even if write(2) fails, 
the show must go on (upstream svn revision 6511)

While here, merge PFRAG.shared into PLIST, to quiesce update-plist
 2013-02-04 09:25:20 +00:00
bcallah
d38af15ac6 Fix an "elseif if ..." statement, allowing this to build on mips64*. 
ok jasper@
 2013-02-03 14:52:46 +00:00
sthen
9ea83ca085 drop MAINTAINER, "I'm not actively maintaining this port anymore" 
as per his mail copied to ports@.
 2013-02-03 14:04:24 +00:00
brad
17a27f0965 Update to Botan 1.10.4. 
ok ajacoutot@
 2013-02-03 09:55:15 +00:00
bluhm
fca76ba974 update p5-IO-Socket-SSL to 1.82 2013-01-30 22:20:42 +00:00
benoit
02793fd7be - update py-pykpass to 0.5 
maintainer timeout
 2013-01-29 16:14:48 +00:00
sthen
c162d4f3bf update DESCR, pointed out by stsp 2013-01-28 11:56:55 +00:00
sthen
2cef9b9eb4 honour CFLAGS/CC 2013-01-28 11:36:09 +00:00
sthen
6a6bfb1f9f - update WPA-Supplicant to 2.0 
- add OpenBSD WPA support written by kettenis@ (also tested by matthieu@
and Gregor Best)
- enable smartcard support via PCSC-Lite
- garbage collect OS compatibility patches which are no longer needed
(one found by me, one by kettenis@)

ok phessler@
 2013-01-28 11:03:16 +00:00
jasper
8174011a7f - update to kc-2.2.1 
- enable regress tests

from LEVAI Daniel (MAINTAINER) with some tweaks by me.
 2013-01-25 11:09:20 +00:00
jasper
7de3737014 sync 2013-01-23 08:39:27 +00:00
jasper
6b8e95cd2c import xca-0.9.3 
X Certificate and Key management is an interface for managing asymetric
keys like RSA or DSA. It is intended as a small CA for creation and
signing certificates. It uses the OpenSSL library for the cryptographic
operations.

ok aja@
 2013-01-23 08:38:53 +00:00
benoit
81293c2093 - update cracklib to 2.8.22 
- bump SHARED_LIBS
- regen PLIST
 2013-01-22 16:49:51 +00:00
dcoppa
692f0d39e1 Update to ccid-1.4.9. 
Added support for some new readers from Reiner SCT and Aktiv Co.
 2013-01-22 12:14:24 +00:00
dcoppa
f88b58971a Bugfix update to pcsc-lite-1.8.8 2013-01-22 12:07:47 +00:00
jasper
7040346c60 - update to ccrypt-1.10 
ok kevlo@ (MAINTAINER)
 2013-01-20 20:03:44 +00:00
kili
be7ce949cf Regenerate plist for profiling libs. 2013-01-20 17:56:05 +00:00
benoit
36f681d3ed - update libssh2 to 1.4.3 
- bump SHARED_LIBS
- regen PLIST
- remove USE_GROFF
- remove the test concerning mansyntax.sh (spotted by rpointel@)
 2013-01-20 09:00:41 +00:00
ajacoutot
ba8cb1bad6 Fix relocation errors on (at least) sparc64. 
breakage reported by Markus Lude
 2013-01-19 07:04:01 +00:00
ajacoutot
cb5f7d6c3c Bugfix update to gnutls-3.1.6. 2013-01-18 10:41:25 +00:00
ajacoutot
54820153df Update to libnettle-2.6. 2013-01-18 10:41:00 +00:00
nigel
3203e81ecb original update from gsoares@, sthen@ comments "no checksum" 
shouldn't be used, removed and updates placed into /var/db/nikto
instead by changing nikto.conf.

Ok benoit@
 2013-01-12 17:38:14 +00:00
bluhm
0527f13caf update p5-Net-SSLeay to 1.52 2013-01-12 00:38:22 +00:00
jeremy
fce8bfc4d3 Revision bump ruby C extension ports after addition of pthread to 
WANTLIB.

OK sthen@
 2013-01-09 17:38:52 +00:00
benoit
21544b8785 - update py-paramiko to 1.9.0 
- update HOMEPAGE and MASTER_SITES
- regen PLIST
 2013-01-08 16:19:02 +00:00
matthieu
d743772fda fix path to LDAP_SASLAUTHD doc file. ok ajacoutot@ 2013-01-07 19:35:20 +00:00
benoit
cf702a8f56 - update assl to 1.2.0 
- bump SHARED_LIBS
- regen PLIST

From David Hill
 2013-01-04 18:19:57 +00:00
sthen
872e4d2976 SECURITY update GnuPG to 1.4.13; earlier versions were vulnerable to memory 
access violations and public keyring database corruption when importing
manipulated public keys.  http://seclists.org/bugtraq/2012/Dec/151

Tweaked from a submission from David Hill.
 2012-12-31 16:34:35 +00:00
landry
a0ef5c0b5f Update to nss-3.14.1.with.ckbi.1.93, which explicitely distrusts 
"TURKTRUST Mis-issued Intermediate CA 1" & "TURKTRUST Mis-issued
Intermediate CA 2".
(added in #768547, removed in #825022)
 2012-12-31 08:41:27 +00:00
landry
e6eff40b58 Update to nss 3.14.1, required by upcoming fx 18. 
Tested on sparc64 & hppa, and went into an amd64 bulk build.

Node that builtins/certdata.c patch goes to the attic since it's
autogenerated at build time from builtins/certdata.txt (which we patch
too for CACert roots) since bug #683266.

There might be a chemspill for a TURKTRUST CA distrust soon (bug
#825022, sg-only) but let's get this in now.
 2012-12-29 20:03:17 +00:00
bluhm
38a2720d33 update p5-IO-Socket-SSL to 1.81 2012-12-29 18:08:31 +00:00
bluhm
35c1bb1a9c - update p5-Net-SSLeay to 1.51 
- remove some left over directories from source tree
 2012-12-29 18:06:20 +00:00
bluhm
466efe1bd2 update p5-Module-Signature to 0.70 2012-12-29 15:36:59 +00:00
ajacoutot
ef8e77410e New MASTER_SITES. 2012-12-23 10:39:21 +00:00
landry
2bca310300 Fix on hppa: add a gratuitous tab before .section in sha1-sse2.S. For some 
reason the hppa asm doesnt like .section to start at column 0. No fallout on
amd64.
With hints from kettenis@
 2012-12-21 17:10:39 +00:00
naddy
1e474f48e1 remove Peter Stromberg as maintainer: 
"I haven't used any of those ports myself for a long time, so I think it's
best you remove me as maintainer."
 2012-12-13 16:34:47 +00:00
landry
b1324216b8 Fix on hppa, broken since the PIE switch. 
mpi/hppa1.1/udiv-qrnnd.S is not PIE-safe, let's use mpi/hppa/udiv-qrnnd.S
instead.
with kettenis@
 2012-12-11 21:12:36 +00:00
landry
48209fe2c9 Regen patches 2012-12-11 20:47:45 +00:00
ajacoutot
01ba45e2f4 Update to gnutls-3.1.5. 2012-12-08 08:20:10 +00:00
ajacoutot
f9e0bfceee Update to libtasn1-3.2. 2012-12-08 08:19:57 +00:00
abieber
4e0f83330f Make node-bcrypt work with libv8 
OK jeremy@
 2012-12-05 00:46:38 +00:00
kili
4414830a0f Bump. 2012-12-02 20:40:09 +00:00
chrisz
0081341c9f update lang/ocaml to 4.00.1. 
Let all ocaml ports RUN_DEPEND on the version of ocaml they were built with.
 2012-11-30 19:38:09 +00:00
dcoppa
f4f35fb4b2 Bugfix update to pcsc-lite-1.8.7 
Fix a problem when a reader is unplugged (and the reader is still
in use)
 2012-11-29 11:28:47 +00:00
sthen
b6ba65dffb +yubikey-personalization-gui 2012-11-28 11:40:04 +00:00
sthen
c9f2767b04 import ports/security/yubikey-personalization-gui, tested by various, 
ok/feedback jasper@

The YubiKey Personalization Tool is a Qt based cross-platform utility
designed to facilitate re-configuration of YubiKeys on Windows, Linux
and MAC platforms. The tool provides a sane simple step-by-step
approach to make configuration of YubiKeys easy to follow and
understand, while still being powerful enough to exploit all
functionality of both the YubiKey 1 and YubiKey 2 generations of
keys. The tool provides the same functionality and user interface on
Windows, Linux and MAC platforms.

The Cross-Platform YubiKey Personalization Tool provides the following
main functions:

* Programming the YubiKey in "Yubico OTP" mode
* Programming the YubiKey in "OATH-HOTP" mode
* Programming the YubiKey in "Static Password" mode
* Programming the YubiKey in "Challenge-Response" mode
* Checking type and firmware version of the YubiKey
 2012-11-28 11:39:35 +00:00
sthen
2961c34245 update maintainer's email address. 2012-11-23 10:59:11 +00:00
sthen
e5bef61946 SECURITY update to libssh 0.5.3 
More info at http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/

- CVE-2012-4559: multiple double free() flaws
- CVE-2012-4560: multiple buffer overflow flaws
- CVE-2012-4561: multiple invalid free() flaws
- CVE-2012-4562: multiple improper overflow checks

ok rpointel@ jasper@
 2012-11-22 20:54:11 +00:00
ajacoutot
1bacafccba Update to cyrus-sasl-2.1.26. 2012-11-22 16:01:38 +00:00
sthen
e332ab40cd import ports/security/spiped, from James Turner, ok landry@ 
spiped (pronounced "ess-pipe-dee") is a utility for creating
symmetrically encrypted and authenticated pipes between socket
addresses, so that one may connect to one address (e.g., a UNIX socket
on localhost) and transparently have a connection established to another
address (e.g., a UNIX socket on a different system). This is similar to
'ssh -L' functionality, but does not use SSH and requires a pre-shared
symmetric key.

spipe (pronounced "ess-pipe") is a utility which acts as an spiped
protocol client (i.e., connects to an spiped daemon), taking input from
the standard input and writing data read back to the standard output.
 2012-11-19 22:14:52 +00:00
sthen
54fe7aeb13 +spiped 2012-11-19 22:14:31 +00:00
landry
b87f41935b +ssh-ldap-helper 2012-11-14 18:43:31 +00:00
landry
2846773fbd Import ssh-ldap-helper, extracted with great prejudice from Red Hat's 
openssh-5.3p1.src.rpm.

ssh-ldap-helper is a small helper for sshd's AuthorizedKeysCommand
config keyword, allowing to fetch the AuthorizedKeys from an LDAP
directory with a given schema.
Note that you'll need an sshd with ssh/auth2-pubkey.c r1.33 for it
to work fine.

ok ajacoutot@ sthen@
 2012-11-14 18:42:50 +00:00
landry
051b961835 Remove the chunks only containing #@!#@!$@! rcs ids changes, patch was 
not applying properly because of them.
Reported by ajacoutot@
 2012-11-13 08:26:25 +00:00
landry
40547a68f6 Update to nss 3.14. 
- use ${SUBST_CMD} instead of old-style perl -pi -e commands
- update nss-config from debian's nss-config.in, since apparently it
comes from there.. needed to fix detection by mozillas, otherwise the
current script returns 3.14 for --version while configure scripts
expect 3.14.0... grab version via awk on nss.h at runtime.

Tested on amd64/i386/powerpc and in an amd64 bulk build. Needed by
firefox 18.

ok sthen@ ajacoutot@ jasper@
 2012-11-12 20:43:09 +00:00
ajacoutot
857cce9611 Update to gnutls-3.1.3. 2012-11-05 10:41:24 +00:00
jeremy
d3683cfa3f Update to ruby-bcrypt 3.0.1. 2012-10-31 22:04:42 +00:00
sthen
e502b3db04 Don't override an earlier CONFIGURE_ARGS at the bottom of the Makefile; 
fixes a problem where gnupg2 was picking up openldap even for the non-ldap
build.  Build problem spotted by naddy, ok pea@
 2012-10-31 10:26:12 +00:00
gsoares
0f5e86d72b add missing rcs id 
OK aja
 2012-10-30 14:21:36 +00:00
kili
2acb3c8385 Move the @exec and @unexec lines running the {,un}register.sh scripts 
and the line with the unregister.sh script down to the bottom of
the plist. Silences all the blurb about ".../*.haddock doesn't exist
or isn't a file."
 2012-10-28 23:24:28 +00:00
kili
b0bf1ff3f7 Update to hs-mwc-random-0.12.0.1. 2012-10-21 18:33:39 +00:00
kili
79897baa59 Bump, because the updates of hs-crypto-api and/or hs-tagged caused haskell 
library signature changes.
 2012-10-21 18:32:49 +00:00
kili
f52bc03ebc Update to hs-crypto-api-0.10.2. 
ok jasper@ (maintainer)
 2012-10-21 18:29:29 +00:00
kili
26e409b3d3 Update to hs-skein-0.1.0.9. 2012-10-21 18:27:49 +00:00
sebastia
332c8d424a Update to 5.1.0 
feedback and OK steven@
 2012-10-21 14:20:53 +00:00
gsoares
9520aca711 - update to 2.54 
- take maintainership

OK sthen@ (former maintainer)
 2012-10-20 15:37:40 +00:00
kili
a60b728a39 Update to hs-pwstore-fast-2.3. 2012-10-19 18:49:01 +00:00
kili
bace6db5b2 Bupm (required due to haskell package signature change after the 
update of hs-base64-bytestring).
 2012-10-17 20:08:38 +00:00
sthen
9615c3d6d8 zap trailing whitespace in files where it's present on PERMIT_* lines 2012-10-15 15:18:31 +00:00
sthen
3a1c6d10f6 zap trailing whitespace where it's present in MASTER_SITES/COMMENT 
lines in ports Makefiles
 2012-10-15 15:06:41 +00:00
sthen
aa66ceb738 zap some trailing whitespace mostly on HOMEPAGE lines 2012-10-15 14:55:43 +00:00
dcoppa
545f83df7b Update to hs-cereal-0.3.5.2, needed by an upcoming port of hs-dbus 
(it wants Data.Serialize.IEEE754).
Bump the other ports where necessary (because their haskell package
signatures changed).

Suggestion about bumps, and ok kili@
 2012-10-12 14:02:21 +00:00
bluhm
5c0677688a - update p5-Crypt-SSLeay to 0.64 
- this fixes an "undefined symbol 'SSLv2_client_method'" bug
- take maintainer
OK ajacoutot@
 2012-10-12 09:16:07 +00:00
dcoppa
29d3b3280f Add a comment about why we need to link gnupg-pcsc-wrapper with 
'-lpthread'.
 2012-10-10 11:47:21 +00:00
ajacoutot
8ccd0f1799 RCS IDs. 2012-10-10 08:31:42 +00:00
robert
0fb7803519 +openpam 2012-10-10 08:27:49 +00:00
robert
b12db7e287 import openpam 
this version comes from the freebsd sources and it has
a bsdauth module added.

ok ajacoutot@
 2012-10-10 08:26:55 +00:00
ajacoutot
fc8fe31412 Fix my email. 2012-10-08 10:43:15 +00:00
dcoppa
c1e33e2536 Update to ccid-1.4.8 ; add pthread to WANTLIB 2012-10-08 09:19:52 +00:00
dcoppa
1f77ee7a0e Do not refer to ports in the pkg/README. 
While here, fix pthread related stuff.
 2012-09-30 16:28:07 +00:00
ajacoutot
235bf21a91 Update to p11-kit-0.14. 2012-09-27 09:30:06 +00:00
ajacoutot
3b94f059a4 Update to gnutls-3.1.2. 2012-09-27 06:35:07 +00:00
ajacoutot
1023cc198f Update to libtasn1-2.14. 2012-09-27 06:22:50 +00:00