cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
17,958 Commits 1 Branch 0 Tags 554 MiB
d79d0fc832
Commit Graph

17958 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dhartmei
644418c929 add symon 2002-10-08 08:11:04 +00:00
dhartmei
f0d7843bec symon is a system monitoring tool consisting of a small probe which 
gathers various data (cpu, memory, network interfaces, pf statistics,
disk io) and transfers it to a central server which stores it in
RRD databases.
 2002-10-08 07:56:42 +00:00
brad
0da69615f6 Fix security issue with Python 2.1/2.2 
Zack Weinberg found a vulnerability in the way the exevpe() method
from the os.py module uses a temporary file name. A file which
supposedly should not exist is created in a unsafe way and the method
tries to execute it. The objective of such code is to discover what
error the operating system returns in a portable way.

By exploiting this vulnerability a local attacker can execute
arbitrary code with the privileges of the user running python code
which uses the execvpe() method.

http://python.org/sf/590294
http://python.org/sf/601077
 2002-10-08 02:52:25 +00:00
lebel
54ecef0709 update p5-Mail-SpamAssassin to version 2.42; from MAINTAINER 2002-10-07 14:32:33 +00:00
jcs
7cf71674a5 update to gaim-0.59.4 2002-10-07 00:42:32 +00:00
lebel
ea6f05a89e p5-Mail-SpamAssassin tries to install files outside the fake area. 2002-10-06 23:34:26 +00:00
naddy
c04b8344d6 Make this compile with gcc3. 2002-10-06 22:31:10 +00:00
naddy
9759e5be25 - Regen patches. 
- Honor CC, CFLAGS.
- Make this compile with gcc3.
 2002-10-06 22:28:49 +00:00
naddy
a1df5b0207 - Fix signal handler type for C++/gcc3. 
- Don't bother to patch files that will be clobbered anyway.
 2002-10-06 21:03:18 +00:00
jakob
aae29753fe split into stable and development 2002-10-06 13:15:55 +00:00
brad
46b253732d upgrade to gwenview 0.15.0 2002-10-06 06:54:25 +00:00
naddy
52fab76073 - Regen ancient patches. 
- C++ fix for gcc3.
ok espie@
 2002-10-06 00:49:02 +00:00
jakob
a153356c22 syslog-ng 2002-10-05 21:58:09 +00:00
fgsch
6347e76401 byebye NEED_VERSION. 2002-10-05 21:11:09 +00:00
fgsch
d9eb6d95e4 update to pan 0.13.0. 2002-10-05 20:25:50 +00:00
fgsch
ba71248fc7 more workarounds for sha1.c on sparc64; this works fine now. 2002-10-05 19:41:17 +00:00
fgsch
2331d3ee68 - update to distrib. patch 20020203. 
- switch to distinfo.
- remove NEED_VERSION.
- update HOMEPAGE and MASTER_SITES.
 2002-10-05 19:09:26 +00:00
naddy
41c87c7bd3 home page/master site moved 2002-10-05 16:15:44 +00:00
jakob
1037c47789 update to rc7, -stable will be update once we have a final release 2002-10-05 15:22:27 +00:00
jakob
a34e359be4 syslog-ng, a syslogd replacement 2002-10-05 14:18:16 +00:00
jakob
dca4cd382f security update to version 1.5b 2002-10-05 13:22:23 +00:00
espie
94a5faf4ac non-insane name for libstdc++. 2002-10-05 09:40:58 +00:00
naddy
5fcfc6d7b3 Update to 2.2.6. 2002-10-04 19:22:59 +00:00
naddy
3ccbc67563 Update to FreeBSD-CVSweb 2.0.6. Notable changes: 
- Make annotate work under mod_perl.
- New config variable annotate_options.
 2002-10-04 19:21:48 +00:00
naddy
8e4fd4868f * Respect CC/CFLAGS/CXX/CXXFLAGS. 
* C++ fix for gcc3; from Craig Rodrigues <rodrigc@attbi.com> via FreeBSD.

ok jakob@
 2002-10-04 19:20:24 +00:00
brad
36a9392a98 Fix security issue with gv. 
When GV detects that the document is either a PDF file or a
GZip compressed file, it executes some commands with the help of the
system() function. Unfortunately, these commands contain the
filename, which can be considered as untrusted user input. It is then
possible to distribute a file (with a meticulously chosen filename,
that even seems innocent) that causes execution of arbitrary
shell commands when it is read with GV.

http://www.epita.fr/~bevand_m/asa/asa-0000
 2002-10-04 18:29:14 +00:00
brad
6709a2465e upgrade to gmake 3.80 2002-10-04 18:06:28 +00:00
brad
b0766fdf67 upgrade to Squid 2.5.STABLE1 2002-10-04 13:52:48 +00:00
brad
5ff4346bf3 mark this BROKEN on sparc64, even with the supposed workaround this 
still will not compile, GCC seems to like chewing through VM like
it's going out of style.
 2002-10-04 13:22:25 +00:00
brad
9f0d73fa37 better sed usage. 
--
From: Waba <wabasoft@yahoo.fr>
 2002-10-04 13:10:34 +00:00
brad
271ccb8964 upgrade to openbox 2.1.1 2002-10-04 12:58:52 +00:00
jakob
a06c39c1c3 update to version 0.9.7. important changes: 
- name resolution disabled by default
 2002-10-04 09:08:50 +00:00
jakob
16ec0cb3e4 fix broken db flavour 2002-10-04 08:45:32 +00:00
jakob
a57708277f install and deinstall /usr/lib/sasl as needed 2002-10-04 08:45:26 +00:00
brad
45599a96fc update INDEX (2013) 2002-10-02 16:07:06 +00:00
naddy
1884e35fb5 Fix install by not triggering a secondary configure run. 
Problem reported by J.A. Neitzel <jneitzel@sdf.lonestar.org>,
analyzed by danh@, this fix from me.
 2002-10-01 12:23:42 +00:00
naddy
a653eafeac Protect against meta-characters in library names (e.g. "libestdc++"). 
Mostly from pvalchev@
 2002-10-01 12:16:38 +00:00
naddy
ca2365aa6a - Fix CNAME resolving problem; IPv6 testing by henning@ 
- Add mirrors, switch to .bz2 because older distfiles are only preserved
  in this format.
From: Nick Nauwelaerts <nick@wanadoo.be>
 2002-10-01 12:13:02 +00:00
pvalchev
bcb9e8d8e9 This ridiculous port installs the daemon 'ceptd' as setuid root and advises 
to be run as root via inetd, while it really only needs access to the modem
It also needs INSTALL/DEINSTALL scripts to handle the configuration files,
etc.  Try to bring it to a usable state, and advise the user to run it
as follows:

xcept   stream  tcp     nowait  xcept   ${PREFIX}/libexec/ceptd ceptd

After creating a 'xcept' user belonging in group 'dialer'.  And, no
longer install this setuid root, which is really not needed.

XXX The user creation and the configuration files installation should
be automatic, but this will have to do for now and help the users.
 2002-10-01 06:51:05 +00:00
pvalchev
6df2dfa2a9 For the zoltrix flavor where this is installed setuid (for a sysarch() call... 
to get access for direct I/O port access) only run as root for that small
amount of code; from maintainer Vladimir Popov
XXX this should probably be changed later
 2002-10-01 06:36:31 +00:00
pvalchev
4ced5538f9 Make this work again on -current; from maintainer Vladimir Popov 
bump PKGNAME
 2002-10-01 06:18:24 +00:00
pvalchev
26c44cb3a1 Advise users against using this since it installs a setuid root 
executable and no one has the time to currently check this; ok naddy
 2002-10-01 05:56:28 +00:00
brad
317d1a5f0a Fix a directory traversal vulnerability in GNU tar 1.13.25 which allows 
attackers to overwrite arbitrary files durring extraction via a ".."
in an extracted filename.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0399
 2002-10-01 02:03:52 +00:00
naddy
655a5a57a4 Sync version number. 
From: David Krause <openbsd@davidkrause.com>
 2002-10-01 00:34:17 +00:00
naddy
22478210d4 Split libestdc into a separate package so we can add a dependency 
for ports built with g++-3.  From pvalchev@ and yours truly; ok pvalchev@
 2002-09-30 20:52:45 +00:00
fgsch
b95d7ecb1a License issues; ignore for now. See http://cdrdao.sourceforge.net/news.html for details. 
From FreeBSD via naddy@, naddy@ ok
 2002-09-30 19:50:06 +00:00
brad
6260e312ef upgrade to fetchmail 6.1.0 
- fixes a few buffer overflows and a broken boundary check
which could potentially lead to a remote vulnerability.

http://marc.theaimsgroup.com/?l=bugtraq&m=103340148625187&w=2
--
Ok'd by: pvalchev@
 2002-09-30 16:37:14 +00:00
couderc
f3275cd0a8 Mark as BROKEN. 
Distfiles no longer available, needs an update.
Does not handle CXX correctly.
 2002-09-30 16:17:39 +00:00
naddy
808532288d Build native executable where supported, byte code elsewhere. 
From: Nikolay Sturm <sturm@sec.informatik.tu-darmstadt.de>
 2002-09-30 15:48:27 +00:00
danh
4a235c98de unsigned long was assumed to be 32 bits. fixes a crash on sparc64 
originally reported by Matt Hess.

ok naddy@
 2002-09-30 15:19:40 +00:00