| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Document CVE-2020-13882 and CVE-2019-13033 for security/lynis.
Notes:
svn path=/head/; revision=539544
|
|
|
|
|
|
|
|
|
|
| |
This is a major release but also fixes two security problems.
MFH: 2020Q2
Security: CVE-2019-13033 CVE-2020-13882
Notes:
svn path=/head/; revision=539543
|
|
|
|
|
|
|
|
| |
ISC published CVE-2020-8618 affecting dns/bind916 and CVE-2020-8619
affecting dns/bind911 and dns/bind916. Both ports were updated.
Notes:
svn path=/head/; revision=539533
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vigenere is an implementation of the Vigenere cipher algorithm extended
to the entire set of printable ASCII characters
https://www.olivermahmoudi.com/programming/vigenere-cipher/
PR: 247244
Submitted by: fbsd@olivermahmoudi.com
Notes:
svn path=/head/; revision=539531
|
|
|
|
|
|
|
|
|
|
| |
Changes: https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.53.1_release_notes
Changes: https://hg.mozilla.org/projects/nss/shortlog/NSS_3_53_1_RTM
ABI: https://abi-laboratory.pro/tracker/timeline/nss/
Security: CVE-2020-12402
Notes:
svn path=/head/; revision=539512
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Do not silence installation message
- Update dependent ports:
- Fix build with swig 4.0.1
- Update *_DEPENDS
- Remove BINARY_ALIAS
Changes: http://www.swig.org/news.php
PR: 246613
Exp-run by: antoine
Notes:
svn path=/head/; revision=539491
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
June 06, 2020. KDE today announces the release of KDE Frameworks 5.71.0.
KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Announcement:
https://kde.org/announcements/kde-frameworks-5.71.0
Exp-run by: antoine
PR: 247240
Notes:
svn path=/head/; revision=539415
|
|
|
|
|
|
|
| |
Reported by: upstream notification
Notes:
svn path=/head/; revision=539381
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tuesday, 16 June 2020. Today KDE releases a bugfix update to KDE Plasma 5,
versioned 5.19.1. Plasma 5.19 was released in June 2020 with many feature
refinements and new modules to complete the desktop experience.
This release adds a month's worth of new translations and fixes from KDE's
contributors. The bugfixes are typically small but important and include:
* Dr Konqi: Map neon in platform guessing.
* Battery applet not showing up in tray.
* Fix confirmLogout setting for SessionManagement.
Changelog:
https://kde.org/announcements/plasma-5.19.0-5.19.1-changelog
Notes:
svn path=/head/; revision=539370
|
|
|
|
|
|
|
| |
Add some new options, remove needless patching, move to Dropbear's system for non-default options.
Notes:
svn path=/head/; revision=539342
|
|
|
|
|
|
|
|
|
| |
net-mgmt/rubygem-oxidized.
PR: 247172
Notes:
svn path=/head/; revision=539331
|
|
|
|
| |
Notes:
svn path=/head/; revision=539329
|
|
|
|
| |
Notes:
svn path=/head/; revision=539280
|
|
|
|
|
|
|
| |
Changes: https://github.com/IdentityPython/pysaml2/releases
Notes:
svn path=/head/; revision=539008
|
|
|
|
|
|
|
|
| |
Changes: https://github.com/googleapis/google-auth-library-python/releases
https://github.com/googleapis/google-auth-library-python/blob/master/CHANGELOG.md
Notes:
svn path=/head/; revision=539007
|
|
|
|
|
|
|
| |
Changes: https://github.com/certifi/python-certifi/commits/master
Notes:
svn path=/head/; revision=539006
|
|
|
|
|
|
|
| |
- Bump PORTREVISION for package change
Notes:
svn path=/head/; revision=538941
|
|
|
|
|
|
|
|
|
|
| |
Build with 16 threads fails:
./makeshlib libcvm-sasl.la sasl_auth.lo sasl_authenticate.lo sasl_cram_md5.lo sasl_init.lo sasl_login.lo sasl_plain.lo sasl_start.lo
--- sql-query.lo ---
mv: rename sql-query.loT to sql-query.lo: No such file or directory
Notes:
svn path=/head/; revision=538879
|
|
|
|
|
|
|
| |
Approved by: portmgr blanket
Notes:
svn path=/head/; revision=538867
|
|
|
|
| |
Notes:
svn path=/head/; revision=538722
|
|
|
|
| |
Notes:
svn path=/head/; revision=538712
|
|
|
|
|
|
|
|
|
|
| |
Python 3.6 and 3.7 are not vulnerable in the ports tree anymore.
Change range for python35 to <le>, suggested by swills.
PR: 246984, 246738
Notes:
svn path=/head/; revision=538674
|
|
|
|
|
|
|
| |
Approved by: portmgr blanket
Notes:
svn path=/head/; revision=538658
|
|
|
|
|
|
|
|
| |
PR: 247196
Submitted by: rob2g2 <spam123@bitbert.com>
Notes:
svn path=/head/; revision=538650
|
|
|
|
| |
Notes:
svn path=/head/; revision=538649
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add LICENSE_FILE
- Make portclippy happy
PR: 247186
Submitted by: Oliver Mahmoudi <fbsd@olivermahmoudi.com> (maintainer)
Approved by: mentors (implicit)
Changelog: https://github.com/olimah/caesarcipher/blob/v1.1/Changelog
Notes:
svn path=/head/; revision=538645
|
|
|
|
|
|
|
|
|
| |
from 5.5 (medium) to 7.5 (high).
PR: 247149
Notes:
svn path=/head/; revision=538637
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(*) Easy to use. A one-command setup, one environment variable,
and it just runs in the background.
(*) Indestructible. Tolerates unplugging, sleep, and suspend.
Never needs restarting.
(*) Compatible. Provides a public key that works with all services
and servers.
(*) Secure. The key is generated on the YubiKey and can't be
extracted. Every session requires the PIN, every login requires a
touch. Setup takes care of PUK and management key.
WWW: https://filippo.io/yubikey-agent
Notes:
svn path=/head/; revision=538589
|
|
|
|
|
|
|
|
|
| |
https://nodejs.org/en/blog/vulnerability/june-2020-security-releases/
Sponsored by: Miles AS
Notes:
svn path=/head/; revision=538562
|
|
|
|
|
|
|
|
| |
PR: 245144
Approved by: portmgr (tier-2 blanket)
Notes:
svn path=/head/; revision=538527
|
|
|
|
|
|
|
| |
Approved by: portmgr (tier-2 blanket)
Notes:
svn path=/head/; revision=538525
|
|
|
|
|
|
|
|
|
| |
PR: 247156
Submitted by: driesm.michiels@gmail.com (maintainer)
Changelog: https://github.com/google/google-authenticator-libpam/releases/tag/1.09
Notes:
svn path=/head/; revision=538492
|
|
|
|
| |
Notes:
svn path=/head/; revision=538483
|
|
|
|
|
|
|
| |
Security: CVE-2020-13775
Notes:
svn path=/head/; revision=538447
|
|
|
|
| |
Notes:
svn path=/head/; revision=538436
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://raw.githubusercontent.com/zeek/zeek/v3.0.7/NEWS
- Fix potential stack overflow in NVT analyzer
- Fix NVT analyzer memory leak from multiple telnet authn name options
- Fix multiple content-transfer-encoding headers causing a memory leak
- Fix potential leak of Analyzers added to tree during Analyzer::Done
- Prevent IP fragment reassembly on packets without minimal IP header
Other fixes:
- Limit rate of logging MaxMind DB diagnostic messages
- Fix wrong return value type for `topk_get_top()` BIF
- Fix opaque Broker types lacking a Type after (de)serialization
- Fix lack of descriptive printing for intervals converted from
`double_to_interval()`
- Fix some cases of known-services not being logged
MFH: 2020Q3
Security: 9f7ae7ea-da93-4f86-b257-ba76707f6d5d
Notes:
svn path=/head/; revision=538431
|
|
|
|
| |
Notes:
svn path=/head/; revision=538392
|
|
|
|
|
|
|
|
| |
PR: 246438
Approved by: Michael Muenz <m.muenz@gmail.com> (new maintainer)
Notes:
svn path=/head/; revision=538389
|
|
|
|
|
|
|
| |
Approved by: portmgr blanket
Notes:
svn path=/head/; revision=538379
|
|
|
|
|
|
|
| |
https://github.com/adplug/adplug/releases/tag/adplug-2.3.3
Notes:
svn path=/head/; revision=538376
|
|
|
|
|
|
|
|
|
| |
https://raw.githubusercontent.com/zeek/zeek/v3.0.7/NEWS
Various issues including stack overflows and memory leaks.
Notes:
svn path=/head/; revision=538363
|
|
|
|
|
|
|
|
|
| |
package was built
-march=native caused SEGVs on incompatible systems
Notes:
svn path=/head/; revision=538354
|
|
|
|
|
|
|
| |
https://helpx.adobe.com/security/products/flash-player/apsb20-30.html
Notes:
svn path=/head/; revision=538349
|
|
|
|
|
|
|
| |
Approved by: so
Notes:
svn path=/head/; revision=538328
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tuesday, 9 June 2020.
Plasma 5.19 is out! If we gave alliterative names to Plasma releases, this one
could be "Polished Plasma". The effort developers have put into squashing bugs
and removing annoying papercuts has been immense.
In this release, we have prioritized making Plasma more consistent, correcting
and unifying designs of widgets and desktop elements; worked on giving you more
control over your desktop by adding configuration options to the System
Settings; and improved usability, making Plasma and its components easier to
use and an overall more pleasurable experience.
Read on to discover all the new features and improvements of Plasma 5.19…
Announcement:
https://kde.org/announcements/plasma-5.19.0
Notes:
svn path=/head/; revision=538320
|
|
|
|
|
|
|
| |
Approved by: portmgr blanket
Notes:
svn path=/head/; revision=538298
|
|
|
|
|
|
|
| |
Reported by: portscout
Notes:
svn path=/head/; revision=538283
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As published by our hostapd upstream
Vulnerability
General security vulnerability in the way the callback URLs in the UPnP
SUBSCRIBE command are used were reported (VU#339275, CVE-2020-12695).
Some of the described issues may be applicable to the use of UPnP in WPS
AP mode functionality for supporting external registrars.
Such issues could allow a device connected to the local network (i.e., a
device that has been authorized to transmit packets in the network in
which the AP is located) could trigger the AP to initiate a HTTP
(TCP/IP) connection to an arbitrary URL, including connections to
servers in external networks. This could have a security implication if
traffic from the local network to external destinations have different
rules (e.g., firewall and packet inspection) for different local hosts
and the AP having access to external hosts while the attacker controlled
local device not having such access. Such deployment cases may not be
common for networks where WPS would be enabled, but it is not possible
to completely rule out the applicability to cases where hostapd is used
to control a WPS enabled AP.
In addition to the more generic issues with the UPnP protocol, couple of
implementation specific issues in hostapd were discovered while
reviewing this area of the WPS implementation. These issues could allow
local devices (i.e., devices that have been authorized to transmit
packets in the network in which the AP is located) to trigger
misbehavior in hostapd and cause the process to either get terminated or
to start using more CPU resources by using a specially constructed
SUBSCRIBE command.
All these issues require the attacker to be able to discover the UPnP
service provided by hostapd and to open a TCP connection toward the IP
address of the AP. The former requires access to the local network to be
able to receive broadcast packets and the latter requires access to
initiate TCP/IP connection to the IP address used by the AP. In most
common AP deployment cases, both of these operations are available only
from the local network.
Vulnerable versions/configurations
All hostapd versions with WPS AP support with UPnP enabled in the build
parameters (CONFIG_WPS_UPNP=y) and in the runtime configuration
(upnp_iface).
Possible mitigation steps
- Disable WPS UPnP support in the hostapd runtime configuration by
removing the upnp_iface parameter.
- Merge the following commits to hostapd and rebuild:
For CVE-2020-12695:
WPS UPnP: Do not allow event subscriptions with URLs to other networks
For the other issues:
WPS UPnP: Fix event message generation using a long URL path
WPS UPnP: Handle HTTP initiation failures for events more properly
These patches are available from https://w1.fi/security/2020-1/
- Update to hostapd v2.10 or newer, once available
Obtained from: https://w1.fi/security/2020-1/
MFH: 2020Q2
Security: VU#339275 and CVE-2020-12695
Notes:
svn path=/head/; revision=538281
|
|
|
|
|
|
|
|
|
| |
PR: 245490
Submitted by: Mauro F Caseres <mauroeldritch@gmail.com>
Approved by: maintainer timeout
Notes:
svn path=/head/; revision=538257
|
|
|
|
|
|
|
|
|
|
|
| |
Parsing VuXML ...Application exception:
bad CVE name for vid 669f3fe8-a07a-11ea-b83e-f0def1f5c5a2: GHSL-2020-100 @ho:215
*** Error code 1
Sponsored by: Netzkommune GmbH
Notes:
svn path=/head/; revision=538232
|