cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
90,534 Commits 1 Branch 0 Tags 544 MiB
e99b9c3602
Commit Graph

3510 Commits

Author SHA1 Message Date
sthen
e99b9c3602 SECURITY update to py-bcrypt 0.4, from Francisco de Borja Lopez Rio 
- while there, fix WANTLIB and enable python 3 support; by me

Fix concurrency bug reported by Alan Fairless of spideroak.com:
Multiple threads may hash into the same memory area simultaneously.
This may manifest as occasional random authentication failures (as
user-a's password hash is compared to user-b's), but could potentially
be used to bypass password checking by an attacker (user-a attempts
login on user-b's account, while simultaneously flooding auth requests
against user-a's account to overwrite the hash).
 2014-03-19 11:15:56 +00:00
jasper
c29ba2e8b4 Crypt-Twofish-2.17 2014-03-19 07:23:57 +00:00
jasper
65f0c72501 update to Crypt-Blowfish-2.14 2014-03-19 07:23:45 +00:00
jasper
d48fc4e12f update to Crypt-DES-2.07 2014-03-18 23:13:33 +00:00
dcoppa
0c9ddb5974 Update to wpa_supplicant-2.1. 
Tested by pascal@ and Gregor Best

OK sthen@ (maintainer)
 2014-03-18 05:57:22 +00:00
sthen
4291ce340c SECURITY update to stunnel 5.00, fixes an issue similar to libssh and 
postgresql where a forked child process doesn't correctly reset RNG state.
See CVE-2014-0016, http://www.openwall.com/lists/oss-security/2014/03/05/1

ok gsoares@

Note from upstream release notes:

"stunnel 5.00 disables some features previously enabled by default.
Users should review whether the new defaults are appropriate for their
particular deployments."

These changes include: FIPS mode, pid file generation and
libwrap disabled by default, and the default cipher list has
been updated to "HIGH:MEDIUM:+3DES:+DH:!aNULL:!SSLv2".
 2014-03-17 13:03:11 +00:00
ajacoutot
00688c41d5 unbound is in base, tweak comment. 2014-03-16 15:53:25 +00:00
benoit
e9999b3ac8 Update to clusterssh 4.02.03. 
from Daniel Levai, maintainer timeout
 2014-03-16 08:54:34 +00:00
benoit
d3611ded33 +libscrypt 2014-03-15 14:01:46 +00:00
benoit
4818484737 Import libscrypt. 
Shared library that implements the scrypt key derivation function.

from maintainer Daniel Levai, ok sthen@
 2014-03-15 13:37:18 +00:00
ajacoutot
94f4ad8215 Be safe and explicitely set --with-default-trust-store-file. 2014-03-14 17:42:59 +00:00
rpointel
2b0f480bc9 update to 0.6.3 
security fix: http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0017
 2014-03-14 10:17:17 +00:00
benoit
361fe78037 Update to py-ecdsa 0.11. 2014-03-12 21:01:56 +00:00
dcoppa
e83874182f Use sthen's mirror due to problems with SPI's certificate 2014-03-12 13:43:09 +00:00
dcoppa
38b21609db Update to pcsc-lite-1.8.11 2014-03-12 08:37:49 +00:00
benoit
96725a0b54 Update to pdfcrack 0.13. 2014-03-11 17:28:47 +00:00
benoit
864f605fc2 Update to pdfcrack 0.12. 2014-03-10 21:15:36 +00:00
benoit
1d0c7965eb Update to py-paramiko 1.12.2. 2014-03-10 20:56:17 +00:00
rpe
691dc3214a add py-keyczar 2014-03-09 23:49:08 +00:00
rpe
5c8f797c2f add py-keyczar 0.71c which is a dependecy for ansible 1.5 
Keyczar is an open source cryptographic toolkit designed to make
it easier and safer for developers to use cryptography in their
applications. Keyczar supports authentication and encryption with
both symmetric and asymmetric keys.

with feedback and OK sthen@
 2014-03-09 23:44:51 +00:00
brad
accc4f1e17 Update to Botan 1.10.7. 
ok sthen@
 2014-03-09 22:47:50 +00:00
brad
b32a963827 Enable ASM bits. 
ok sthen@
 2014-03-09 22:32:48 +00:00
ajacoutot
6b8f98992b SECURITY update to gnutls-3.2.12.1. 2014-03-09 22:08:50 +00:00
rpointel
b7c8c3cb76 Update libssh to 0.6.0. 2014-03-09 20:41:14 +00:00
jasper
e4f387b9be add patch from gnupg to silence the "using insecure memory" warning 
when swap is encrypted.
 2014-03-09 20:02:37 +00:00
sthen
d9d2cb6132 Pull in an upstream commit to GnuTLS fixing a certificate validation 
issue: https://www.gitorious.org/gnutls/gnutls/commit/855127da290

ok naddy@ espie@ jasper@ jca@
 2014-03-04 15:09:36 +00:00
ajacoutot
4fea671524 SECURITY fix for CVE-2014-1959. 
ok sthen@ jasper@
 2014-02-14 09:07:30 +00:00
bluhm
6e74d6b1e7 update p5-IO-Socket-SSL to 1.967 2014-02-09 00:22:27 +00:00
ajacoutot
30cab56355 Update to gnutls-3.2.10. 2014-02-07 09:04:41 +00:00
ajacoutot
aee2aaef34 Update to libgcrypt-1.6.1. 2014-02-07 08:57:44 +00:00
brad
13eda42368 Add the missing Blowfish ARM assembly code which due to a mistake 
with the Makefile was left out of the release tarball.

Build issue with ARM and suggested patch by
Guenther Niess <niess at cs dot uni-potsdam dot de>

ok dcoppa@
 2014-01-28 00:23:11 +00:00
ajacoutot
41ecc33bea Update to p11-kit-0.20.2. 2014-01-27 17:57:32 +00:00
kirby
b468817ea1 - switch from MESSAGE to README 
- drop USE_GROFF=Yes
 - regen distinfo
 2014-01-27 15:49:15 +00:00
espie
80b8aa04a3 iick, passwd directly in binary file 2014-01-25 13:18:04 +00:00
ajacoutot
6e844e9985 Better comment; no pkg change. 2014-01-24 22:20:30 +00:00
landry
066c861585 I shipped you some documentation but i chmod'ed it 600 so that you cant 
read it :(
 2014-01-24 21:56:18 +00:00
ajacoutot
c4bfb7e5f7 Update to gnutls-3.2.9. 2014-01-24 21:21:47 +00:00
landry
74da5e8595 What's the point of installing binaries with mode 700.. really. 
While here add some free patches including prototypes for exit() &
memcpy(). Anyone really using this ?
 2014-01-24 21:00:43 +00:00
bluhm
428aac2246 update p5-IO-Socket-SSL to 1.966 2014-01-22 08:30:49 +00:00
syl
271ab4db1d encfs does not need all these patches anymore. 
OK ajacoutot@
 2014-01-21 15:41:27 +00:00
ajacoutot
d4efdbbb5c Set @mode explicitely. 2014-01-19 09:54:18 +00:00
bluhm
007c2522e7 update p5-IO-Socket-SSL to 1.965 2014-01-18 11:57:37 +00:00
bluhm
2bba9a5fb2 update p5-Net-SSLGlue to 1.052 2014-01-18 10:14:06 +00:00
jasper
1ba225c59d import ruby-akami 
Gem to build Secure Web Services.

ok aja@
 2014-01-18 09:29:13 +00:00
jasper
7deb7ed1a7 sync 2014-01-18 09:26:59 +00:00
bluhm
a39e00cc08 - update p5-Net-SSLeay to 1.58 
- remove patch, it has been commited upstream
 2014-01-18 02:29:05 +00:00
stsp
81bd87bb9b +encfs 2014-01-17 13:30:49 +00:00
ajacoutot
ef0ba3806f PERMIT_PACKAGE_CDROM is enough. 2014-01-17 10:16:07 +00:00
stsp
aa3120f1b6 Port of encfs, an encrypted filesystem based on FUSE and OpenSSL. 
With lots of help and patches from syl@.
 2014-01-17 10:10:58 +00:00
jasper
2198b4cff5 - update to clamav-0.98.1 
ok sthen@ (MAINTAINER)
 2014-01-15 13:06:47 +00:00