Commit Graph

7822 Commits

Author SHA1 Message Date
sthen
e038c687d7 update to py3-libnacl-1.8.0, ok maintainer 2022-11-27 18:32:00 +00:00
tb
2c6903e76e Update rust-openssl-tests to 20221127 2022-11-27 10:43:50 +00:00
sthen
d858b7cc2a Ports built with setuptools on python 3.10 don't need a RUN_DEPENDS on
setuptools (it's used as a package locator but importlib.metadata in
newer Python core or the external importlib_metadata are preferred).
So drop the RDEP in that case (it's still kept for py27) and bump
revisions.
2022-11-26 23:28:11 +00:00
sthen
079016a9c7 update to py3-acme/certbot-2.0.0 2022-11-25 22:11:48 +00:00
sthen
1497c50b7d use MODPY_PYBUILD 2022-11-25 19:30:34 +00:00
sthen
1b093447a2 update to wesng-1.0.2.1 2022-11-25 19:29:25 +00:00
sthen
a12e970540 Patch away veracrypt's use of vnconfig -c, kn removed the backwards
compat for -c in vnconfig.c r1.8.  From Yifei Zhan, ok tb@
2022-11-25 11:21:44 +00:00
tb
4a16fc7db6 openssl-ruby-tests: remove no longer needed patch.
ok jeremy
2022-11-23 21:51:00 +00:00
kn
d813739fc0 Remove security/hatchet
WWW is dead behind cloudflare, README.OpenBSD doesn't work because
it still uses old mod_perl which was superseded by ap2-mod_perl in 2016.

OK sthen
2022-11-23 20:47:26 +00:00
tb
70cb11e9fb openssl-ruby-test: one more merged pull request. Hopefully last one
for today, sorry for the noise.
2022-11-23 20:07:43 +00:00
kn
895f3cac6a Remove security/libperseus
WWW throws 404, no update since import in 2011, no consumers, only we
package it.

maintainer timeout
OK jca
2022-11-23 19:51:55 +00:00
kn
354b16bcd6 Remove security/ikeman
This port remains unmaintained since import in 2011, only on life support by
tb and his LibreSSL efforts.

Previous changes saw no response maintainer and this port is already a
maintainence burden for porters.

maintainer timeout (again)
OK tb
2022-11-23 19:48:28 +00:00
tb
ef04f4152f Update to rust-openssl-tests 20221123 2022-11-23 17:22:42 +00:00
tb
94b0caf5af openssl-ruby-tests: move to new HEAD, PR was merged instantly. 2022-11-23 16:49:55 +00:00
tb
e4c467ac5d openssl-ruby-tests: add link to PR 2022-11-23 16:17:22 +00:00
tb
6c22dd0b66 openssl-ruby-tests: enable HKDF support via EVP. 2022-11-23 15:47:00 +00:00
tb
3e8a688700 Update to openssl-ruby-tests 20221123 2022-11-23 15:33:44 +00:00
bluhm
5c62788e0a update p5-IO-Socket-SSL to 2.077 2022-11-22 19:51:54 +00:00
bluhm
e03e3c0a12 update botan2 to 2.19.3
CVE-2022-43705: A malicious OCSP responder could forge OCSP responses.
2022-11-22 19:27:08 +00:00
bluhm
45d942c214 update p5-IO-Socket-SSL to 2.076 2022-11-22 18:46:55 +00:00
sthen
c58bdbee52 update to clamav-0.105.1-3, upstream updated the bundled rust deps again 2022-11-21 20:45:24 +00:00
kn
1731751950 update homepage and license marker
devel/angr and and security/angrop could really use an update and/or maintainer...
2022-11-20 14:21:15 +00:00
sthen
ce8978925b set --openssldir=/etc/ssl so openssl ports can find cert.pem etc
found by phessler@
2022-11-19 22:26:53 +00:00
ajacoutot
df1eac83dd Update to libpwquality-1.4.5. 2022-11-19 09:18:48 +00:00
kmos
c7854fb36e Update to 6.2.1
ok jeremy@ sthen@
2022-11-19 00:58:42 +00:00
kn
9d573349ec Remove security/fragroute
Unmaintained upstream, no update since import in 2002, segfaults on start.

OK sdk
2022-11-18 21:26:56 +00:00
kn
c2f488ef58 Remove security/smbsniff
Upstream is dead, LAN Manager is long dead, noone else packages it.

OK jca
2022-11-18 17:17:48 +00:00
kn
984850d087 Remove security/samdump2
Last updated over ten years ago, up-to-date security/ophcrack can do the
same and more, linux live CDs and what not offer better service than this
port.

OK benoit (maintainer)
2022-11-17 00:47:02 +00:00
kn
699c6f1012 Remove security/slurpie
Upstream is completely dead, we're the only ones packaging it, never
updated since import in 2001, unresponsive maintainer already removed,
got some clang fix in 2017, but that's it.

There plenty of password cracking tools available, most of which are
maintained.

OK sthen
2022-11-16 18:50:08 +00:00
kn
a2d2c28794 Remove security/zebedee
HOMEPAGE is dead, last updated in 2014, only BSDs and Arch AUR package it.
Use socat(1) or ssh(1) or any other up-to-date tunneling solution.

OK benoit (maintainer)
2022-11-16 15:52:09 +00:00
ajacoutot
e272af69b3 Unbreak, need python to build. 2022-11-16 13:26:16 +00:00
kn
9321c94ae0 Remove security/despoof
Dead upstream, unmaintained since import in 2001, noone else packages it.

OK sthen
2022-11-16 12:53:00 +00:00
robert
a5096d7cdb security update to 7.8.0; fixes several CVEs:
CVE-2022-42898 PAC parse integer overflows
CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array
CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
CVE-2021-3671 A null pointer de-reference when handling missing sname in TGS-REQ
CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec

ok aja@
2022-11-16 08:47:37 +00:00
landry
a7b25ba306 security/nss: update to 3.85.
relnotes should be at
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_85.html
but in the meantime use
https://hg.mozilla.org/projects/nss/file/tip/doc/rst/releases/nss_3_85.rst

drop patch from #1384827, i386 was fixed by #1796308
2022-11-15 09:12:15 +00:00
sthen
5f45f23a5f update to yubikey-manager-5.0.0, still no OpenBSD HID support for the
OTP part of the yubikey, there is now upstream support for FreeBSD's
uhid(4) (as well as more modern uhidraw) so it seems a bit closer to
what we need, but still doesn't work directly with our uhid(4).
2022-11-15 01:23:20 +00:00
jeremy
ff4f6c6118 Update to easy-rsa 3.1.1
Fixes issue with LibreSSL 3.6.0.

Add upstream patch to work around bug in number_only option parsing
in 3.1.1.

OK tb@ sthen@
2022-11-14 22:39:20 +00:00
sdk
266f2ff88c Update gopass v1.13.0 => v1.14.10
v1.13.1:
[BUGFIX] Handle from prefix correctly on mv (#2110, #2079)
[BUGFIX] Handle unencoded secret on cat

v1.14.0:
[BUGFIX] Always re-encrypt when fsck is invoked with --decrypt. (#2119, #2015)
[BUGFIX] Body only entries are detected now by show -o (#2109)
[BUGFIX] Do not hide git error messages (#2118, #1959)
[BUGFIX] Fix completion when password name contains (#2150)
[BUGFIX] Fix template func arg order (#2117, #2116)
[BUGFIX] Fixes an issue where recipients remove may fail (#2147, #1964)
[BUGFIX] Handle from prefix correctly on mv (#2110, #2079)
[BUGFIX] Handle unencoded secret on cat (#2105)
[BUGFIX] Make man page consistent with other docs (#2133)
[BUGFIX] Reject invalid salt with MD5Crypt templates (#2128)
[BUGFIX] depend *.deb on gnupg instead of dummy (#2050)
[CLEANUP] Deprecate gopasspw/pinentry (#2095)
[CLEANUP] Use Go 1.18 (#2156)
[CLEANUP] Use debug.ReadBuildInfo (#2032)
[DOCUMENTATION] Fixed link to passwordstore.org (#2129)
[DOCUMENTATION] document 'gopass cat' (#2051)
[DOCUMENTATION] improve 'gopass cat' (#2070)
[DOCUMENTATION] improve 'gopass show -revision -' (#2070)
[ENHANCEMENT] Add --chars option to print subset of secrets (#2155, #2068)
[ENHANCEMENT] Add age subcommand (#2103, #2098)
[ENHANCEMENT] Add gopass audit --expiry (#2067)
[ENHANCEMENT] Add gopass process (#2066, #1913)
[ENHANCEMENT] Allow overriding GPG path (#2153)
[ENHANCEMENT] Automatically export creators key to the (#2159, #1919)
[ENHANCEMENT] Bump to Go 1.18 (#2058)
[ENHANCEMENT] Enforce TLSv1.3 (#2085)
[ENHANCEMENT] Generics (#2034, #2030)
[ENHANCEMENT] Hide password on MacOS clipboards (#2065)
[ENHANCEMENT] Passage compat improvements (#2060, #2060)
[ENHANCEMENT] gopass git invokes git directly (#2102)
[ENHANCEMENT] Template support for the create wizard (#2064)
[ENHANCEMENT] Check for MacOS Keychain storing the GPG (#2144)
[EXPERIMENTAL] Support the Fossil SCM (#2092, #2022)
[FEATURE] Add env variables for custom clipboard commands. (#2091, #2042)
[FEATURE] only accept keys with "encryption" key capability (#2047, #1917, #1917)
[TESTING] Improve two line test ambiguity. (#2091, #2042)
[TESTING] Use a helper to unset env vars in clipboard tests. (#2091, #2042)
[UX] OTP code now runs in loop until canceled or used with -o (#2041)

v1.14.2:
[BUGFIX] Do not print missing public key for age. (#2166)
[BUGFIX] Improve convert output (#2171)
[BUGFIX] fix errors in zsh completions (#2005)
[CLEANUP] Migrating to a maintained version of openpgp (#2193)
[ENHANCEMENT] Avoid decryption on move or copy (#2183, #2181)
[UX] Upgrade xkcdpwgen to a new version that removes German (#2187)

v1.14.3:
[BUGFIX] Fix gpg identity detection (#2218, #2179)
[BUGFIX] Handle different line breaks in recipient (#2221, #2220)
[BUGFIX] Stop eating secrets on move (#2211, #2210)
[ENHANCEMENT] Add flag to keep env variable capitalization (#2226, #2225)
[ENHANCEMENT] Environment variable GOPASS_PW_DEFAULT_LENGTH can be used to overwrite default
password length of 24 characters. (#2219)

v1.14.4:
[BREAKING] gopass otp will automatically update the counter key in HTOP secrets! (#2278)
[BUGFIX] Allow removing unknown recipients with --force (#2253)
[BUGFIX] Honor PASSWORD_STORE_DIR (#2272)
[BUGFIX] Honor OTP key period from URL (#2278)
[BUGFIX] Wizard: Enforce min and max length. (#2293)
[CLEANUP] Use Go 1.19 (#2296)
[ENHANCEMENT] Automatically sync once a week (#2191)
[ENHANCEMENT] Scan for vulnerabilities and add SBOM on (#2268)
[ENHANCEMENT] Use packages.gopass.pw for APT packages (#2261)

v1.14.5:
[BUGFIX] Fix fsck progress bar. Mostly. (#2303)
[DOCUMENTATION] fix in recommended vim setting (#2318)

v1.14.6:
[BUGFIX] Do not show setup message on version (#2327)
[BUGFIX] Remove exported public keys of removed (#2328, #2315)
[ENHANCEMENT] Document extension model. (#2329, #2290)

v1.14.7:
[BUGFIX] Do not ignore symlinks when listing (#2344, #2173)
[BUGFIX] Do not shadow entries behind folders. (#2341, #2338)
[BUGFIX] Fix updater on Windows. (#2345, #2011)
[BUGFIX] Handle Ctrl+C in TOTP (#2342, #2320)
[ENHANCEMENT] Set vim options instead of sniffing (#2343, #2317)

v1.14.8:
[BUGFIX] Ignore not-existing .ssh dir (#2347, #2333)
[BUGFIX] Use Wait() to avoid Zombies (#2354, #1666)
[ENHANCEMENT] Allow modifying default create templates (#2349, #2291)
[ENHANCEMENT] Improve passage support (#2352, #2059)
[ENHANCEMENT] Use OS keychain for age passphrase caching (new config option, off by default).
(#2351, #2350)

v1.14.9:
[ENHANCEMENT] Make DBus notifications transient (#2364, #2358)

v1.14.10:
[BUGFIX] Correctly handle key removal on Windows (#2372, #2371)
[DOCUMENTATION] (#1878)
[ENHANCEMENT] Ignore comments in recipient files. (#2394, #2393)
[ENHANCEMENT] Improve key expiration handling (#2383, #2369)
[ENHANCEMENT] allow re-encrypting entire directory when (#2373)

OK sthen, op
2022-11-14 18:56:32 +00:00
kn
cf8bcd8a3f Remove security/nbaudit
No upstream, just a mirror left, no update since import in 1998, noone
else packages it.

We have net/nbtscan as a more recent alternative that is packaged by all
the major OSes as well;  it has a dead homepage and lacks behind in
updates, but still seems in better shape.

OK sthen
2022-11-14 15:08:09 +00:00
sthen
6db4f14108 update to py3-bcrypt-4.0.1 2022-11-14 11:34:47 +00:00
kn
d8a8a8a280 Remove security/chntpw
Upstream last released in 2014, we never updated since import in 2010.
Use a linux live CD if you want to crack your Windows <= 7 passwords.

OK sdk ian
2022-11-14 09:08:11 +00:00
pvk
d833210218 Remove security/softhsm
Superseeded by security/softhsm2 since 2016.
ok jca@
2022-11-14 08:24:41 +00:00
kn
31c2568d66 Remove security/sslScanner
No update since import in 2013, upstream github moved to gitlab were
the last commit is ten years old, we're the only ones packaging it,
plain doesn't work unless you manually install two missing RDEPs.

Use the actively maintained security/sslscan instead.

OK sdk
2022-11-13 22:09:45 +00:00
kn
51b26895d3 Remove security/sentinel
Unmaintained since import in 2001, not packaged due to lack of license,
noone else packages it, builds but crashes at runtime.

OK danj
2022-11-13 22:04:52 +00:00
kn
22b13c9952 Remove security/klaxon
An ident checker from 2000 wrapping inted services that hasn't been updated
since import;  noone else packages it...

OK sthen jca
2022-11-13 21:24:52 +00:00
kn
51e6afa81b Remove security/opencdk
The Open Crypto Development Kit is stuck in 2007, no major linux distro
packages it, out port's homepage points at the gnutls homepage which does
not seem to have any reference to this code, no port uses this.

OK jca
2022-11-13 19:00:14 +00:00
sthen
1427b990d1 bump for MODPY_DEFAULT_VERSION_3 change 2022-11-13 15:29:41 +00:00
sthen
716f142842 bump for MODPY_DEFAULT_VERSION_3 change 2022-11-13 15:29:09 +00:00
sthen
d58dc02cc4 bump for MODPY_DEFAULT_VERSION_3 switch and remove importlib-metadata dep 2022-11-13 15:26:05 +00:00
tb
f2ea66a166 security/py-cryptography: Fix build after Ed25519 and raw key API addition
to libcrypto. Also expose Ed25519 tests. A variant is being discussed in
https://github.com/pyca/cryptography/pull/7803
2022-11-13 14:12:56 +00:00
aisha
3ff92a0f15 security/letsencrypt: update to 1.32.0
ok sthen
2022-11-13 13:13:59 +00:00