Navigation:
Browse pkgsrc
(this page)| 2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) |
Log message: security: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./security/cyrus-sasl/distinfo \ cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2 |
| 2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606) |
Log message: security: Remove SHA1 hashes for distfiles |
| 2017-09-04 20:01:05 by Thomas Klausner | Files touched by this commit (192) |
Log message: Comment out dead sites. |
| 2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434) |
Log message: Add SHA512 digests for distfiles for security category Problems found locating distfiles: Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz Package libidea: missing distfile libidea-0.8.2b.tar.gz Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2 Package uvscan: missing distfile vlp4510e.tar.Z Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail. |
| 2013-12-06 22:26:05 by Joerg Sonnenberger | Files touched by this commit (2) |
Log message: Don't use void * arithmetic. Fix some const issues. |
2013-11-15 06:11:51 by Alistair G. Crooks | Files touched by this commit (5) |  |
Log message: Initial import of smaSHeM, version 0.4, into the packages collection. System V shared memory segments created with shmget() are assigned an owner, a group and a set of permissions intended to limit access to the segment to designated processes only. The owner of a shared memory segment can change the ownership and permissions on a segment after its creation using shmctl(). Any subsequent processes that wish to attach to the segment can only do so if they have the appropriate permissions. Once attached, the process can read or write to the segment, as per the permissions that were set when the segment was created. smaSHeM takes advantage of applications that set weak permissions on such segments, allowing an attacker to dump or patch their contents. As discussed in the presentation at 44CON 2013 entitled 'I Miss LSD', in the case of many X11 applications it is possible to extract pixmaps of previously rendered GUI artifacts. When compiled with QtCore linking enabled, smaSHeM aids in that process by brute forcing potentially valid dimensions for the raw pixmap dump. |
New packages: