ClusterSSH opens terminal windows with connections to specified hosts
and an administration console. Any text typed into the administration
console is replicated to all other connected and active windows.
This tool is intended for, but not limited to, cluster administration
where the same configuration or commands must be run on each node within
the cluster. Performing these commands all at once via this tool ensures
all nodes are kept in sync.
ok steven@, ajacoutot@
While here, update PLISTs, some WANTLIBs, some license
markers and use MODPY_EGG_VERSION where it may help to
keep future PLIST diffs smaller.
help, nitpicking and ok jasper@, ok wcmaier@
note that print/py-reportlab/reportlab needs some more
love.
HOMEPAGE does not exist anymore, distfile is nowhere to be fetch and
cannot be mirrored because of PERMIT_* restrictions.
No objections from anyone and as sthen@ pointed out, people should be
using security/dante instead.
This module implements the Catalyst::Authentication API using
Catalyst::Model::DBI.
It uses DBI to let your application authenticate users against a
database and it provides support for
Catalyst::Plugin::Authorization::Roles.
- default to dropping to _ipguard user
- add installation instructions including directory setup needed
for dropped privileges
- explicitly depend on the fixed version of libnet, this software
doesn't work correctly without it
maintainer ok
the function it's in is never actually called, so it's not a real
problem, add the header anyway so people grepping build logs for
possible 64-bit problems don't need to look at this again.
- the PKGNAME bump is probably unnecessary, but done anyway
since it's cheap.
Girish Venkatachalam.
ipguard prevents unregistered hosts from operating correctly on an
ethernet segment by sending a fake ARP reply when a device transmits
with a MAC/IP pair not listed in its configuration file.
Use in-tree security/libtasn1 and archivers/lzo instead of the included ones.
Backport a patch from upstream git to fix symbol conflicts.
ok naddy@ ajacoutot@
ctunnel is a software for proxying and forwarding TCP connections via
a cryptographic tunnel.
ctunnel can be used to secure any existing TCP based protocol, such
as HTTP, VNC, Telnet, FTP, RSH, MySQL, etc.
You can also chain/bounce connections to any number of intermediary hosts.
from Pierre-Emmanuel Andre <pea@raveland.org>, thanks!
Nipper enables network administrators, security professionals and auditors
to quickly produce reports on key network infrastructure devices.
tested by rui and Nigel J. Taylor
ok rui@
Nipper enables network administrators, security professionals and auditors
to quickly produce reports on key network infrastructure devices.
testing by rui and Nigel J. Taylor who also provided a patch
ok rui@
- A vulnerability in ClamAV's chm-parser allowed remote attackers to
cause a denial of service (application crash) via a malformed CHM file
(CVE-2008-1389).
- A vulnerability in libclamav would allow attackers to cause a
denial of service via vectors related to an out-of-memory condition
(CVE-2008-3912).
- Multiple memory leaks were found in ClamAV that could possibly allow
attackers to cause a denial of service via excessive memory consumption
(CVE-2008-3913).
- A number of unspecified vulnerabilities in ClamAV were reported that
have an unknown impact and attack vectors related to file descriptor
leaks (CVE-2008-3914).
various OpenBSD patches rolled in upstream. thanks to sturm@
for looking over systrace.filter (needed for the test of sendmsg()
in configure to enable FD passing).
this change requires bumping other ports which use it. pointed
out by naddy, thanks!
- add a comment in Makefile to warn others not to do the same.
ok naddy@
- fixes DoS with MailFollowURLs (CVE-2008-2713)
- improves handling of PDF, CAB, RTF, OLE2 and HTML files
and includes various bugfixes for 0.93 issues.
"if it works" mbalmer@
Object oriented interface to create salted (or seeded) hashes of clear
text data. The original formalization of this concept comes from
RFC-3112 and is extended by the use of different digital agorithms.
from Jim Razmus
logs, such as those found in OpenBSD. It offers a browser-based interface
for quickly reviewing log events and performing deeper analysis.
help from okan@ and merdely@
ok ajacoutot@
The Catalyst::Authentication::Store::DBIx::Class class provides access
to authentication information stored in a database via DBIx::Class.
tested by Jim Razmus, thanks
functionality. The bug allows a revoked certificate to successfully
authenticate. Any installations with OCSP enabled should be upgraded ASAP.
Other users are not affected.
libssh2 is a library implementing the SSH2 protocol as defined by
Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25),
SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*,
SECSH-DHGEX(04), and SECSH-NUMBERS(10).
From Eric Sproul (MAINTAINER)
Help and ok okan@ and jasper@
Steghide is a steganography program that is able to hide data in various kinds
of image- and audio-files. The color- respectively sample-frequencies are not
changed thus making the embedding resistant against first-order statistical
tests.
from Giovanni Bechi
ok steven@
least one highly critical (remote). See http://secunia.com/advisories/29000
for details.
Thanks to kurt@ for helping analyzing the threaded code issues.
